Windows LiveWindows Live
 
 
Hongxuan's profileMSN Space ~ A Style of V...PhotosBlogListsMore Tools Help

Blog
    August 09

    Fedora Core 5 linux box installation note

     
     
    I'm writing down useful things I've learned during setuping up my own linux box at home. This blog serves as an installation note for future reference.
     
     
    1、安装reiserFS
    reiserFS比ext3的速度要快,效率要高。FC5缺省配置是ext3,如果要enable reiserFS支持,需要:
    linux selinux=0 reiserfs
    linux内核目前还不支持reiser4,其中颇有些故事。然后安装FC5,选择除了Games外的尽可能多的packages,我总共用去了大概6G空间。有些颇有用, 比如:
    gsl, R,apache,mysql,vnc 。。。
    不要选择
    snort(需要自己编译)
     
    2、NTFS支持
    FC5缺省不支持ntfs系统,因此需要自己安装支持ntfs的软件包,或者干脆编译内核。
     
    3、内核编译
    a)clean kernel source
    make mrproper
    b)configure kernel
    make xconfig
    * Processor type and features (IMPORTANT)
    (choose proper processor family)

    * Power management options (ACPI, APM)
    - Enable: Software Suspend
    - Disable: CPU Frequency scaling (if CPU doesn't support this, for instance, my old PIII 866)

    * Hardware I DO NOT have or I cannot add. I disable ALL of these:
    - PCCARD (PCMCIA/CardBus) support
    - PCI Hotplug Support
    - Memory Technology Devices (MTD)
    - Fusion MPT device support
    - IEEE 1394 (FireWire) support
    - Amateur Radio Support
    - Bluetooth subsystem support
    - Token Ring devices
    - ATM drivers
    - ISDN subsystem
    - Watchdog Cards
    - Digital Video Broadcasting Devices
    - InfiniBand support

    * Some things I stronly recommend:
    - "File systems > DOS/FAT/NT Filesytems > NTFS file system support (NTFS_FS)"
    (I enabled NTFS read/write)
    - Things like "NFS", "SMB" and "CIFS" are needed to allow for things like network file access (Samba, etc.)

    * Kernel Hacking and Kernel Debugging
    -Disable Kernel debugging (DEBUG_KERNEL)
    This should NOT be set, but I found it set, make sure to disable.
    The kernel will be VERY LARGE if you leave this.
    d)compiling and installing
    make all
    make modules_instal
    make install
     
    e)edit /etc/grub.conf, then reboot to new kernel
    reboot
     
    4、mount ntfs
    mount /dev/hda1 /media/c_drive/ -t ntfs -r -o umask=0222
    或者编辑 /etc/fstab
    /dev/hda1   /media/c_drive     ntfs    ro,defaults,umask=0222 0 0
    5、install amule for linux
     
     
    6、configure vncserver
    a) edit /etc/sysconfig/vncservers
     
    VNCSERVERS="n:userID"
    VNCSERVERARGS[3]="-geometry 1024x768 -depth 16 -nolisten tcp -nohttpd -localhost"
     
    then userID's vnc server will listen on port 5901 (5900+n)
    b) Under shell of "userID", set vnc password:
    vncpasswd
    c) start the VNC server
    service vncserver restart
    d) to make VNC server start on boot
    chkconfig vncserver on
    e) edit userID's configuration file
    vi ~userID/.vnc/xstartup
     
    my own setting looks like:
     
    unset SESSION_MANAGER
     exec /etc/X11/xinit/xinitrc
    ...
    f) Hide the port of vncserver behind the firewall, but only use ssh to tunnel the vnc connection.
    ssh -f -L 5901:localhost:5901 userID@xxx.com sleep 20; vncviewer
     
    7、Security. Open Firewall, and enable the services you want.
    a) for ssh, edit /etc/ssh/sshd_config
    Protocal 2
    PermitRootLogin no
    MaxAuthTries 6
    PermitEmptyPasswords no
    PasswordAuthentication yes
    X11Forwarding yes
    b) install tripwire, but currently it's NOT available for FC5
    c) install snort. Follow setup guides on http://www.snort.org/docs/.
    d) to install ntop, cvs check out the latest version. If having problems, see http://www.gossamer-threads.com/lists/ntop/users/.
    e) to start ntop or snort on boot,  put a script under /etc/init.d/, for instance,
    snort:
     
    . /etc/rc.d/init.d/functions
    BASE=snort
    DAEMON="-D"
    INTERFACE="-i eth0"
    CONF="/etc/snort/snort.conf"
    # Check that $BASE exists.
    [ -f /usr/local/bin/$BASE ] || exit 0
    # Source networking configuration.
    . /etc/sysconfig/network
    # Check that networking is up.
    [ ${NETWORKING} = "no" ] && exit 0
    RETVAL=0
    # See how we were called.
    case "$1" in
      start)
            if [ -n "`/sbin/pidof $BASE`" ]; then
                    echo -n $"$BASE: already running"
                    echo ""
                    exit $RETVAL
            fi
            echo -n "Starting snort service: "
            /usr/local/bin/$BASE $INTERFACE -c $CONF $DAEMON
            sleep 1
            action "" /sbin/pidof $BASE
            RETVAL=$?
            [ $RETVAL -eq 0 ] && touch /var/lock/subsys/snort
            ;;
      stop)
            echo -n "Shutting down snort service: "
            killproc $BASE
            RETVAL=$?
            echo
            [ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/snort
            ;;
      restart|reload)
            $0 stop
            $0 start
            RETVAL=$?
            ;;
      status)
            status $BASE
            RETVAL=$?
            ;;
      *)
            echo "Usage: snort {start|stop|restart|reload|status}"
            exit 1
    esac
    exit $RETVAL
     
    8、to install ROOT, see http://root.cern.ch/root/Install.html
    enable Mathcore, Mathmore and Roofit.
     
    That's it.
     
     
    10:09 PM | Add a comment | Permalink | Blog it | Computers and Internet