Skip to main content

"finish" script for RHEL 6.3 x86_64

Issue: As powerful and inclusive as RHEL is for a server, it still needs a few tweaks to make it functional as a desktop.  I end up rebuilding my primary machine often enough that I decided I needed a finish script.


#!/bin/sh
PWD=`pwd`
DATE=`date +%Y%m%d`
ARCH=`uname -p`

# ******************************
# Setup local user(s)
# Add the admin/redacted Groups and redacted User - if not already there.
# ******************************
if [ -d /home/redacted ]
then
  echo "mv /home/redacted /home/redacted.${DATE} "
  exit 9
  mv /home/redacted /home/redacted.${DATE}
fi

getent group admin >/dev/null || groupadd -g 6969 admin

getent group redacted >/dev/null || groupadd -g 2025 redacted
getent passwd redacted >/dev/null || useradd -g 2025 -u 2025 -G admin -s /bin/bash -c "Redacted" -d /home/redacted -p '$6$KumYpty4aMKx8Jp/$<ENCRYPTED PASSPHRASE HERE>.' redacted


# UPDATE THE SUDOERS FILE
cat << EOF >> /etc/sudoers

# Added for local admins
%admin  ALL=(ALL)       NOPASSWD: ALL
EOF

# Turn off the background that changes based on time-of-day
mv /usr/share/backgrounds/default.xml /usr/share/backgrounds/default.xml.orig
cat << EOF > /usr/share/backgrounds/default.xml
<background>
    <starttime>
            <year>2010</year>
            <month>03</month>
            <day>01</day>
            <hour>07</hour>
            <minute>00</minute>
            <second>00</second>
    </starttime>
    <static>
        <duration>86400.00</duration>
        <file>
            <size width="1600" height="900">/usr/share/backgrounds/default.png</size>
        </file>
    </static>
</background>
EOF
sed -i -e 's/hiddenmenu/\#hiddenmenu/g' /boot/grub/grub.conf
mv /usr/share/backgrounds/default.png /usr/share/backgrounds/default.png.orig
find /home -name Redhat-wave.png -exec cp {} /usr/share/backgrounds/default.png \;

# ******************************
# MANAGE UPDATES AND REPOS
# ******************************
yum -y install yum-plugin-fastestmirror
echo "NOTICE: registering with RHN"
rhnreg_ks --activationkey=<ACTIVATION KEY HERE> --profilename=neo.matrix.private
yum list > /var/tmp/yum_list.base
echo "        adding optional and supplementary REPO"
rhn-channel -v -u redacted@domain.com -a -c rhel-x86_64-workstation-optional-6 -a -c rhel-x86_64-workstation-supplementary-6

# EPEL REPO
echo "        adding EPEL REPO"
case $ARCH  in
  x86_64)
    rpm -ivh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
  ;;
  i386)
    rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm
  ;;
  *)
    echo "ERROR: EPEL REPO not added.  Unknown Architecture"
  ;;
esac
#yum list > /var/tmp/yum_list.epel

# # # # # # #
#  So - the verdict is still out whether I should use rpmfusion, or rpmforge.. or EPEL...
# 20120704 - Use RPMfusion and EPEL
# # # # # # #
# Do this so your machine does not end up COMPLETELY HOSED!
# I think priorities is more effective
yum -y install yum-plugin-priorities
# OR
#ALT: yum -y install yum-protectbase

# INSTALL ALL THE GOOD STUFF (RPMFUSION)
# http://rpmfusion.org/Configuration/
echo "        adding RPMFUSION REPO"
case $ARCH  in
  x86_64)
    rpm -Uvh http://download1.rpmfusion.org/free/el/updates/6/x86_64/rpmfusion-free-release-6-1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/6/x86_64/rpmfusion-nonfree-release-6-1.noarch.rpm

#http://download1.rpmfusion.org/free/el/updates/testing/6/x86_64/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm
  ;;
  i386)
    rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/6/i386/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm
  ;;
  *)
    echo "ERROR: Unsupported Architecture: $ARCH"
  ;;
esac
#yum list > /var/tmp/yum_list.rpmfusion

# RPMFORGE REPO
# http://wiki.centos.org/AdditionalResources/Repositories/RPMForge
#rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
#wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
#rpm -ihv rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
# SETUP REPO PRIORITIES
#sed -i -e '7ipriority=1' /etc/yum.repos.d/rhel-source.repo
#echo "priority=10" >> /etc/yum.repos.d/rhel-source.repo
#sed -i -e '9ipriority=2' /etc/yum.repos.d/epel.repo

# OTHER 3rd-PARTY REPOs
# Add Google stuff
wget https://dl-ssl.google.com/linux/linux_signing_key.pub
rpm --import linux_signing_key.pub

case $ARCH in
  i386)
# Google - i386
cat << EOF > /etc/yum.repos.d/google-i386.repo
[google]
name=Google - i386
baseurl=http://dl.google.com/linux/rpm/stable/i386
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
EOF
  ;;
  x86_64)
# Google - x86_64
cat << EOF > /etc/yum.repos.d/google-x86_64.repo
[google64]
name=Google - x86_64
baseurl=http://dl.google.com/linux/rpm/stable/x86_64
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
EOF
  ;;
esac

# ******************************
# PACKAGE MGMT
# ******************************
yum -y install sysfsutils sysstat git intltool nmap autofs policycoreutils-gui glib glib-devel glib2-devel gtk+-devel gconf-editor compizconfig-backend-gconf ntfs-3g PackageKit-gtk-module.i686 pptp NetworkManager-pptp spice-xpi spice-client icedtea-web

yum -y install compiz-fusion compiz-fusion-extras compiz-fusion-gnome gconf-editor compizconfig-backend-gconf ccsm

yum -y install gcc cmake kernel-headers kernel-devel gcc-c++ iotop policycoreutils-python
#KVM# yum -y install libvirt kvm qemu-kvm qemu-kvm-tools virt-manager virt-v2v virt-viewer virt-top

yum --disablerepo=epel -y install rdesktop virt-viewer virt-manager freerdp freerdp-devel tsclient sysfsutils iotop sysstat git intltool nmap autofs policycoreutils-gui rdesktop virt-viewer virt-manager openssh-askpass gimp

grep -E '(vmx|svm)' --color=always /proc/cpuinfo
if [ $? -eq 0 ]
then
  VIRTOK=1
  echo "64-bit Virtualization is possible on this machine."
  echo "Installing KVM Virtualization Engine"
  yum -y install libvirt libvirt-python python-virtinst libvirt-client kvm qemu-kvm virt-v2v virt-top
    touch /dev/shm/notbeenrebooted
  yum -y  install samba libsmbclient samba-client samba-common samba-winbind-clients
else
  echo "64-bit Virtualization is NOT possible on this machine."
fi

# Google Apps
yum -y install google-chrome-stable
#yum -y install google-desktop-linux
#yum -y install google-gadgets google-gadgets-gtk
# KDE- google-gadgets-qt

# INSTALL ADOBE
yum install http://linuxdownload.adobe.com/adobe-release/adobe-release-x86_64-1.0-1.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
yum -y install flash-plugin

# MISC (mostly audio-type stuff)
yum -y install id3lib mesa-demos mesa-libGL
yum -y install gstreamer-plugins-bad-free gstreamer-plugins-bad-free-extras gstreamer-plugins-base phonon-backend-gstreamer
yum -y install gstreamer*x86_64
yum -y install lame lame-devel lame-mp3x lame-libs
yum -y install esound-devel esound-libs esound-tools libvorbis-devel alsa-plugins-* alsamixer*

yum -y install gstreamer-plugins-ugly gstreamer-ffmpeg two-lame

yum clean all
yum -y update
#yum check-update

if [ -f /etc/init.d/libvirtd ]
then
  sed -i -e '141i\iptables --insert INPUT 5 -s 192.168.122.0/24 -j ACCEPT' /etc/init.d/libvirtd
fi

# CONFIGURE SAMBA
mv /etc/samba/smb.conf /etc/samba/smb.conf.orig
cat << EOF > /etc/samba/smb.conf
[global]
        workgroup = VM
        server string = Samba Server Version %v
        netbios name = NEO
;       interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
        hosts allow = 127. 192.168.122.
        log file = /var/log/samba/log.%m
        max log size = 50
        security = user
        passdb backend = tdbsam
        domain master = yes
        local master = yes
        os level = 33
        preferred master = yes
        wins support = yes
        wins proxy = yes
        dns proxy = yes
[homes]
        comment = Home Directories
        browseable = no
        writable = yes
        valid users = redacted
EOF
setsebool -P samba_enable_home_dirs on
setsebool -P samba_export_all_rw on

chkconfig smb on; chkconfig nmb on
service smb start; service nmb start

# For NixNote
yum -y install openssl098e openssl-devel perl-TermReadKey
# End of the "automated" stuff...
exit 0

# ******************************
#  Random stuff which will make life hell...
# Use XMMS if you can't get anything else working
# ******************************
# Enable MP3 playback
yum -y install esound-devel esound-libs esound-tools libvorbis-devel alsa-plugins-*
mkdir XMMS; cd XMMS
wget http://www.xmms.org/files/1.2.x/xmms-1.2.11.tar.gz
wget http://files.softicons.com/download/system-icons/human-o2-icons-by-oliver-scholtz/png/32x32/apps/xmms.png
cp xmms.png /usr/share/icons/hicolor/32x32/apps/
tar -xvzf xmms-1.2.11.tar.gz
cd  xmms-1.2.11
./configure && make && make install
cd $PWD

exit 0

Labels:

Comments

Post a Comment

Popular posts from this blog

RHN Satellite Server (spacewalk) repomd.xml not found

"repomd.xml not found" If you add a channel, or if your RHN cache gets corrupted, and one of your guests complains that it cannot find repomd.xml for jb-ews-2-x86_64-server-5-rpm (for example) - you need to rebuild your repodata cache. Normally this is an automated job - which is exemplified by the fact that you have obviously built out your entire Satellite environment and never had to do any of the steps you are about to do. So - some prep work: Open 3 terminals to your Satellite Server and run: # Term 1 cd /var/cache/rhn watch "ls -l | wc -l" # Term 2 pwd cd /var/log/rhn tail -f rhn_taskomatic_daemon.log # Term 3 satellite-sync --channel=jb-ews-2-x86_64-server-5-rpm Once the satellite-sync has completed, you >should< see the count increment by one.  If you are unlucky (like me) you will not. You then need to login to the Satellite WebUI as the satellite admin user. Click on the Admin tab (at the top) Task Schedules (on the left) fin
Post a Comment
Read more

Install RHEL 7 on old HP DL380 g5

Someone at work had been running RHEL on an HP DL380 G5 and blew it up.  After several attempts at doing an installation that made me conclude the hardware was actually bad... I kept digging for the answer. Attempt install and Anaconda could not find any disks - try a Drivers Disk (dd.img) both cciss and hpsa.   -- once we did that, when the system would reboot it would say it could not find a disk. hmmm. Boot from your installation media and interrupt the startup at grub. Add hpsa.hpsa_allow_any=1 hpsa.hpsa_simple_mode=1 to the line starting with linuxefi press CTRL-X to boot. Once the system restarts after the install, you need to once again interrupt the startup and add the line from above. After the system starts, edit /etc/default/grub and add those 2 parameters to the end of the line starting with GRUB_CMDLINE_LINUX (which likely has quiet at the end of the line currently). then run # cp /boot/grub2/grub.cfg /boot/grub2/grub.cfg.orig # grub2-mkconfig -o /boot/grub2
Post a Comment
Read more

MOTD with colors! (also applies to shell profiles)

I'm not sure why I had never looked into this before, but this evening I became obsessed with discovering how to present different colored text in the /etc/motd. A person had suggested creating a shell script (rather than using special editing modes in vi, or something) and I agree that is the simplest way of getting this accomplished quickly. This most noteworthy portion of this script is the following: RESET="\033[0m" that puts the users shell back to the original color. I typically like a green text on black background. Also - a great reference for the different colors and font-type (underscore, etc...) https://wiki.archlinux.org/index.php/Color_Bash_Prompt I found this example on the web and I wish I could recall where so that I could provide credit to that person. #!/bin/bash #define the filename to use as output motd="/etc/motd" # Collect useful information about your system # $USER is automatically defined HOSTNAME=`uname -n` KERNEL=`un
1 comment
Read more