Lenny-x64-nfs-0.9

From Grid5000
Jump to: navigation, search


Warning.png Warning

This environment has been marked as deprecated since 3 June 2013. Please consult the Environment_Management#Deletion_and_Deprecation to know what it means for this environment.

lenny-x64-nfs-0.9 is derived from Lenny-x64-base-0.9 to provide a minimal debian environment, which allows LDAP account connections and NFS homedir.

Contents

Identification sheet

Lenny-x64-nfs-0.9

Kernel version 2.6.24.3 from kernel.org for amd64/em64t

Authentication

  • Remote console: enabled on ttyS0 at 34800 bps
  • Services: ldap:yes, nfs:yes
  • Accounts: root:grid5000

Applications

Misc

Build

Here are explanations on how the system was installed and tuned starting from the content of the Lenny-x64-base-0.9 environment. A script available from the svn do the work for us. This script is available from : [grid5000]/admin/trunk/images/build/base2nfs.sh

Packages

The ldap packages are needed.

apt-get update
apt-get install libnss-ldap libpam-ldap nfs-common nscd libldap2 ldap-utils libsasl2-modules libsasl2-modules-ldap

Account

The g5k account is deleted.

userdel --remove g5k

Motd

The motd is updated to reflect the new image.

cat > /etc/motd.tail <<EOF
Lenny-x64-nfs-0.9 (image based on Debian version Lenny for AMD64/EM64T)
Maintained by Cyril Constantin <cyril.constantin@loria.fr>
Valid on Dell {PE1855, PE1950}, HP {DL140G3, DL145G2, DL385G2}, 
        IBM {e325, e326, e326m}, Sun {V20z, X2200 M2, X4100},
        Altix Xe 310
Applications
 * Text: Vim, XEmacs, JED, nano, JOE
 * Script: Perl, Python, Ruby
   (Type "dpkg -l" to see complete installed package list)
Misc
 * i386 shared libraries are available
 * SSH has X11 forwarding enabled
 * Max open files: 8192
 * TCP bandwidth: for 1Gbs
More details: https://www.grid5000.fr/index.php/Lenny-x64-nfs-0.9
EOF

LDAP configuration files

Some files need to be updated.

nsswitch.conf is needed for the Name Service Switch service.

cat > /etc/nsswitch.conf <<EOF
passwd:         files ldap
group:          files ldap
shadow:         files ldap
hosts:          files dns mdns
networks:       files
protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis
EOF

pam files contains the rights and the restrictions of new users.

cat > /etc/pam.d/common-account <<EOF 
account sufficient      pam_unix.so
account sufficient      pam_ldap.so
account required        pam_deny.so
EOF
cat > /etc/pam.d/common-auth <<EOF
auth    sufficient      pam_unix.so nullok
auth    sufficient      pam_ldap.so use_first_pass
auth    required        pam_deny.so
EOF
cat > /etc/pam.d/common-password <<EOF
password sufficient     pam_ldap.so
password sufficient     pam_unix.so nullok md5 obscure min=6 max=8
password required       pam_deny.so
EOF
cat > /etc/pam.d/common-session <<EOF
session required        pam_unix.so
EOF

nscd.conf is the name service cache daemon.

cat > /etc/nscd.conf <<EOF
enable-cache            passwd          yes
positive-time-to-live   passwd          600
negative-time-to-live   passwd          20
suggested-size          passwd          211
check-files             passwd          no
persistent              passwd          no
shared                  passwd          yes
enable-cache            group           yes
positive-time-to-live   group           3600
negative-time-to-live   group           60
suggested-size          group           211
check-files             passwd          no
persistent              passwd          no
shared                  passwd          yes
enable-cache            hosts           yes
positive-time-to-live   hosts           3600
negative-time-to-live   hosts           20
suggested-size          hosts           211
check-files             passwd          no
persistent              passwd          no
shared                  passwd          yescat pam
EOF

Some services use different files. One for all is sufficient.

ln -sf /etc/ldap/ldap.conf /etc/ldap.conf
ln -sf /etc/ldap/ldap.conf /etc/libnss-ldap.conf
ln -sf /etc/ldap/ldap.conf /etc/pam_ldap.conf

Ending

Image is ready. We can keep a trace of the last update.

date > /root/release

Environment

Creating image's archive

As for Etch-x64-base-1.0, system archive creation and retrieving is done with TGZ-G5K:

tgz-g5k cconstantin@frontale:images/lenny-x64-nfs-0.9.tgz

Creating postinstall's archive

The postinstall lenny-x64-nfs-0.9-post is based on etch-x64-nfs-1.0-post. It takes advantage from prepost mechanisms and so it is site-independent.

Orsay site particularities

The orsay site use for now a specific way to configure nfs. So you have to use the specific orsay postinstall available at orsay. This situation will be resolved. You can follow the bug on https://www.grid5000.fr/bugzilla/show_bug.cgi?id=1170 .

cd /home/
mkdir {bordeaux,grenoble,lille,lyon,orsay,nancy,rennes,sophia,toulouse}

Recording environment

Recording environment can be done from a description file. So we create lenny-x64-nfs-0.9.dsc:

name = lenny-x64-nfs-0.9
description = https://www.grid5000.fr/index.php/Lenny-x64-nfs-0.9
author = cyril.constantin@loria.fr
filebase = file:///grid5000/images/lenny-x64-nfs-0.9.tgz
filesite = file:///grid5000/postinstalls/lenny-x64-nfs-0.9-post.tgz
size = 1000
initrdpath = /boot/initrd.img-2.6.24.3
kernelpath = /boot/vmlinuz-2.6.24.3
fdisktype = 83
filesystem = ext2

With karecordenv, the new environment can be known by Kadeploy:

karecordenv -fe lenny-x64-nfs-0.9.dsc
Personal tools
Namespaces

Variants
Actions
Public Portal
Users Portal
Admin portal
Wiki special pages
Toolbox