Skip to main content

"finish" script for RHEL 6.3 x86_64

Issue: As powerful and inclusive as RHEL is for a server, it still needs a few tweaks to make it functional as a desktop.  I end up rebuilding my primary machine often enough that I decided I needed a finish script.


#!/bin/sh
PWD=`pwd`
DATE=`date +%Y%m%d`
ARCH=`uname -p`

# ******************************
# Setup local user(s)
# Add the admin/redacted Groups and redacted User - if not already there.
# ******************************
if [ -d /home/redacted ]
then
  echo "mv /home/redacted /home/redacted.${DATE} "
  exit 9
  mv /home/redacted /home/redacted.${DATE}
fi

getent group admin >/dev/null || groupadd -g 6969 admin

getent group redacted >/dev/null || groupadd -g 2025 redacted
getent passwd redacted >/dev/null || useradd -g 2025 -u 2025 -G admin -s /bin/bash -c "Redacted" -d /home/redacted -p '$6$KumYpty4aMKx8Jp/$<ENCRYPTED PASSPHRASE HERE>.' redacted


# UPDATE THE SUDOERS FILE
cat << EOF >> /etc/sudoers

# Added for local admins
%admin  ALL=(ALL)       NOPASSWD: ALL
EOF

# Turn off the background that changes based on time-of-day
mv /usr/share/backgrounds/default.xml /usr/share/backgrounds/default.xml.orig
cat << EOF > /usr/share/backgrounds/default.xml
<background>
    <starttime>
            <year>2010</year>
            <month>03</month>
            <day>01</day>
            <hour>07</hour>
            <minute>00</minute>
            <second>00</second>
    </starttime>
    <static>
        <duration>86400.00</duration>
        <file>
            <size width="1600" height="900">/usr/share/backgrounds/default.png</size>
        </file>
    </static>
</background>
EOF
sed -i -e 's/hiddenmenu/\#hiddenmenu/g' /boot/grub/grub.conf
mv /usr/share/backgrounds/default.png /usr/share/backgrounds/default.png.orig
find /home -name Redhat-wave.png -exec cp {} /usr/share/backgrounds/default.png \;

# ******************************
# MANAGE UPDATES AND REPOS
# ******************************
yum -y install yum-plugin-fastestmirror
echo "NOTICE: registering with RHN"
rhnreg_ks --activationkey=<ACTIVATION KEY HERE> --profilename=neo.matrix.private
yum list > /var/tmp/yum_list.base
echo "        adding optional and supplementary REPO"
rhn-channel -v -u redacted@domain.com -a -c rhel-x86_64-workstation-optional-6 -a -c rhel-x86_64-workstation-supplementary-6

# EPEL REPO
echo "        adding EPEL REPO"
case $ARCH  in
  x86_64)
    rpm -ivh http://download.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
  ;;
  i386)
    rpm -Uvh http://download.fedora.redhat.com/pub/epel/6/i386/epel-release-6-5.noarch.rpm
  ;;
  *)
    echo "ERROR: EPEL REPO not added.  Unknown Architecture"
  ;;
esac
#yum list > /var/tmp/yum_list.epel

# # # # # # #
#  So - the verdict is still out whether I should use rpmfusion, or rpmforge.. or EPEL...
# 20120704 - Use RPMfusion and EPEL
# # # # # # #
# Do this so your machine does not end up COMPLETELY HOSED!
# I think priorities is more effective
yum -y install yum-plugin-priorities
# OR
#ALT: yum -y install yum-protectbase

# INSTALL ALL THE GOOD STUFF (RPMFUSION)
# http://rpmfusion.org/Configuration/
echo "        adding RPMFUSION REPO"
case $ARCH  in
  x86_64)
    rpm -Uvh http://download1.rpmfusion.org/free/el/updates/6/x86_64/rpmfusion-free-release-6-1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/6/x86_64/rpmfusion-nonfree-release-6-1.noarch.rpm

#http://download1.rpmfusion.org/free/el/updates/testing/6/x86_64/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm
  ;;
  i386)
    rpm -Uvh http://download1.rpmfusion.org/free/el/updates/testing/6/i386/rpmfusion-free-release-6-0.1.noarch.rpm http://download1.rpmfusion.org/nonfree/el/updates/testing/6/i386/rpmfusion-nonfree-release-6-0.1.noarch.rpm
  ;;
  *)
    echo "ERROR: Unsupported Architecture: $ARCH"
  ;;
esac
#yum list > /var/tmp/yum_list.rpmfusion

# RPMFORGE REPO
# http://wiki.centos.org/AdditionalResources/Repositories/RPMForge
#rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
#wget http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
#rpm -ihv rpmforge-release-0.5.2-2.el6.rf.x86_64.rpm
# SETUP REPO PRIORITIES
#sed -i -e '7ipriority=1' /etc/yum.repos.d/rhel-source.repo
#echo "priority=10" >> /etc/yum.repos.d/rhel-source.repo
#sed -i -e '9ipriority=2' /etc/yum.repos.d/epel.repo

# OTHER 3rd-PARTY REPOs
# Add Google stuff
wget https://dl-ssl.google.com/linux/linux_signing_key.pub
rpm --import linux_signing_key.pub

case $ARCH in
  i386)
# Google - i386
cat << EOF > /etc/yum.repos.d/google-i386.repo
[google]
name=Google - i386
baseurl=http://dl.google.com/linux/rpm/stable/i386
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
EOF
  ;;
  x86_64)
# Google - x86_64
cat << EOF > /etc/yum.repos.d/google-x86_64.repo
[google64]
name=Google - x86_64
baseurl=http://dl.google.com/linux/rpm/stable/x86_64
enabled=1
gpgcheck=1
gpgkey=https://dl-ssl.google.com/linux/linux_signing_key.pub
EOF
  ;;
esac

# ******************************
# PACKAGE MGMT
# ******************************
yum -y install sysfsutils sysstat git intltool nmap autofs policycoreutils-gui glib glib-devel glib2-devel gtk+-devel gconf-editor compizconfig-backend-gconf ntfs-3g PackageKit-gtk-module.i686 pptp NetworkManager-pptp spice-xpi spice-client icedtea-web

yum -y install compiz-fusion compiz-fusion-extras compiz-fusion-gnome gconf-editor compizconfig-backend-gconf ccsm

yum -y install gcc cmake kernel-headers kernel-devel gcc-c++ iotop policycoreutils-python
#KVM# yum -y install libvirt kvm qemu-kvm qemu-kvm-tools virt-manager virt-v2v virt-viewer virt-top

yum --disablerepo=epel -y install rdesktop virt-viewer virt-manager freerdp freerdp-devel tsclient sysfsutils iotop sysstat git intltool nmap autofs policycoreutils-gui rdesktop virt-viewer virt-manager openssh-askpass gimp

grep -E '(vmx|svm)' --color=always /proc/cpuinfo
if [ $? -eq 0 ]
then
  VIRTOK=1
  echo "64-bit Virtualization is possible on this machine."
  echo "Installing KVM Virtualization Engine"
  yum -y install libvirt libvirt-python python-virtinst libvirt-client kvm qemu-kvm virt-v2v virt-top
    touch /dev/shm/notbeenrebooted
  yum -y  install samba libsmbclient samba-client samba-common samba-winbind-clients
else
  echo "64-bit Virtualization is NOT possible on this machine."
fi

# Google Apps
yum -y install google-chrome-stable
#yum -y install google-desktop-linux
#yum -y install google-gadgets google-gadgets-gtk
# KDE- google-gadgets-qt

# INSTALL ADOBE
yum install http://linuxdownload.adobe.com/adobe-release/adobe-release-x86_64-1.0-1.noarch.rpm
rpm --import /etc/pki/rpm-gpg/RPM-GPG-KEY-adobe-linux
yum -y install flash-plugin

# MISC (mostly audio-type stuff)
yum -y install id3lib mesa-demos mesa-libGL
yum -y install gstreamer-plugins-bad-free gstreamer-plugins-bad-free-extras gstreamer-plugins-base phonon-backend-gstreamer
yum -y install gstreamer*x86_64
yum -y install lame lame-devel lame-mp3x lame-libs
yum -y install esound-devel esound-libs esound-tools libvorbis-devel alsa-plugins-* alsamixer*

yum -y install gstreamer-plugins-ugly gstreamer-ffmpeg two-lame

yum clean all
yum -y update
#yum check-update

if [ -f /etc/init.d/libvirtd ]
then
  sed -i -e '141i\iptables --insert INPUT 5 -s 192.168.122.0/24 -j ACCEPT' /etc/init.d/libvirtd
fi

# CONFIGURE SAMBA
mv /etc/samba/smb.conf /etc/samba/smb.conf.orig
cat << EOF > /etc/samba/smb.conf
[global]
        workgroup = VM
        server string = Samba Server Version %v
        netbios name = NEO
;       interfaces = lo eth0 192.168.12.2/24 192.168.13.2/24
        hosts allow = 127. 192.168.122.
        log file = /var/log/samba/log.%m
        max log size = 50
        security = user
        passdb backend = tdbsam
        domain master = yes
        local master = yes
        os level = 33
        preferred master = yes
        wins support = yes
        wins proxy = yes
        dns proxy = yes
[homes]
        comment = Home Directories
        browseable = no
        writable = yes
        valid users = redacted
EOF
setsebool -P samba_enable_home_dirs on
setsebool -P samba_export_all_rw on

chkconfig smb on; chkconfig nmb on
service smb start; service nmb start

# For NixNote
yum -y install openssl098e openssl-devel perl-TermReadKey
# End of the "automated" stuff...
exit 0

# ******************************
#  Random stuff which will make life hell...
# Use XMMS if you can't get anything else working
# ******************************
# Enable MP3 playback
yum -y install esound-devel esound-libs esound-tools libvorbis-devel alsa-plugins-*
mkdir XMMS; cd XMMS
wget http://www.xmms.org/files/1.2.x/xmms-1.2.11.tar.gz
wget http://files.softicons.com/download/system-icons/human-o2-icons-by-oliver-scholtz/png/32x32/apps/xmms.png
cp xmms.png /usr/share/icons/hicolor/32x32/apps/
tar -xvzf xmms-1.2.11.tar.gz
cd  xmms-1.2.11
./configure && make && make install
cd $PWD

exit 0

Comments

Popular posts from this blog

P2V using dd for KVM-QEMU guest

Preface: I have certainly not exhaustively tested this process.  I had a specific need and found a specific solution that worked. Situation:  I was issued a shiny new laptop running Red Hat Enterprise Linux 7 (with Corp VPN, certs, Authentication configuration, etc...)  The image was great, but I needed more flexibility on my bare metal.  So, my goal was to P2V the corporate image so I could just run it as a VM. * Remove corporate drive and install new SSD * install corp drive in external USB-3 case * Install RHEL 7 on new SSD * dd old drive to a disk-image file in a temp location which will be an image which is the same size as your actual drive (unless you have enough space in your destination to contain a temp and converted image) * convert the raw disk-image to a qcow file while pushing it to the final location - this step should reduce the disk size - however, I believe it will only reduce/collapse zero-byte blocks (not just free space - i.e. if you de...

Sun USS 7100 foo

TIP: put ALL of your LUNs into a designated TARGET and INITIATOR group when you create them.  If you leave them in the "default" group, then everything that does an discovery against the array will find them :-( I'm struggling to recognize a reason that a default should even be present on the array. Also - who, exactly, is Sun trying to kid.  The USS is simply a box.. running Solaris .. with IPMP and ZFS.  Great.  If you have ever attempted to "break-in" or "p0wn" your IBM HMC, you know that there are people out there that can harden a box - then.. there's Sun.  After a recent meltdown at the office I had to get quite intimate with my USS 7110 and learned quite a bit.  Namely: there's a shell ;-) My current irritation is how they attempt to "warn you" away from using the shell (my coverage expired a long time ago to worry about that) and then how they try to hide things, poorly. I was curious as to what version of SunOS it ...

"Error getting authority: Error initializing authority: Could not connect: No such file or directory (g-io-error-quark, 1)"

"Error getting authority: Error initializing authority: Could not connect: No such file or directory (g-io-error-quark, 1)" One issue that may cause this to arise is if you managed to break your /etc/fstab We had an engineer add a line with the intended options of "nfsvers=3" but instead added "-onfsvers=3" and it broke the system fairly catastrophically.