For user simonh, X would not start (could not login as simonh in runlevel 5, in runlevel 3 would not start) --- running startx >& SXLOG and looking we see that .Xclients tries to start kde which is not installed at this time...
This is very helpful:
After installation got the backups of /home/* and others from cosmos and put them "back".
Having selected "no firewall" during the installation, time to setup TCP Wrappers/xinetd and ipchains/iptables, Tripwire, etc.
First ensure all services (e.g. FTP) except telnet are disabled, so edit the files in /etc/xinetd.d to have disable = yes and within /etc/xinetd.d/telnet:
disable = no
only_from = 130.88.100.77 # talby
only_from += 130.88.100.87 # pinback
only_from += 130.88.100.155 # boiler
only_from += 130.88.99.10 # cosmos
|
For now, since I know ipchains, use the same ipchains script as on talby with RedHat 6.2 --- this script is given in my Unix Security document (its based on the Ipchains Firewall Script by Ian Hall-Beyer). Stick this in /usr/sbin/ and run.
Put /usr/sbin/ipchains-firewall.sh into /etc/init.d...
To ensure this script is run on each reboot, hack /etc/init.d/ipchains:
case "$1" in start) # don't do squat if we don't have the config file # if [ -f $IPCHAINS_CONFIG ]; then # # If we don't clear these first, we might be adding to # # pre-existing rules. # action $"Flushing all current rules and user defined chains:" ipchains -F # action $"Clearing all current rules and user defined chains:" ipchains -X # ipchains -Z # echo -n $"Applying ipchains firewall rules: " # grep -v "^[[:space:]]*#" $IPCHAINS_CONFIG | grep -v '^[[:space:]]*$' | /sbin/ipchains-restore -p -f && \ # success $"Applying ipchains firewall rules" || \ # failure $"Applying ipchains firewall rules" # echo # touch /var/lock/subsys/ipchains # fi /usr/sbin/ipchains-firewall.sh ;;
Obtained Tripwire RPM, version 2.3.0-58, from www.mirror.ac.uk, installed, and, as instructed by rpm -q --info tripwire. The RPM sets up a cron job which runs /usr/sbin/tripwire --check each day (the results are printed to stdout by Tripwire and so emailed as cron-job results).
Obtained portsentry 1.0.1 from web; installed (rpm -ivh). The installation sets up an init.d file and puts in suitable links to rc?.d but does not start portsentry, so, this first time, /etc/init.d/portsentry start.
Obtained logcheck 1.1.1 rpm and installed. The installation sets up a cron job to (hourly) check and email results.
Since port 25 is blocked between campus and the outside world, set the smart-relay-host within /etc/sendmail.cf:
# smart relay host: DSmailrouter.umist.ac.uk |
But why can't I receive email? Can't even get a connection if I manually telnet to port 25 on talby, even though sendmail is running and listening and ipchains is "off" and xinetd is doing nothing. The sendmail FAQ and some notes from coker.com.au say that as of 7.1 RedHat the default configuration of sendmail is to send out mail only. To sort this out, comment out the line indicated (DAEMON_OPTIONS) in /etc/mail/sendmail.mc and then
m4 /etc/mail/sendmail.mc > /etc/sendmail.cf |
N.B. Having regenerated sendmail.cf, need to add mailrouter.umist.ac.uk back in as "smart host".
Create a file /etc/xinetd.d/smtp with
service smtp
{
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/lib/sendmail
server_args = -bs
#NO!# server_args = -bd -q15m
disable = no
instances = 10
nice = 10
log_on_failure += HOST
only_from = 130.88.100.77
only_from = 130.88.99.10
only_from += 130.88.119.66
only_from += 130.88.120.66
no_access = 0.0.0.0
}
and restart xinetd.
And remove S80sendmail from rc3.d, 4, 5 and 2.
Often problems are experienced attmpting to get access (telnet or http) to myhost.mydomain from the outside world. After talking to Pete Smith we concluded: the routers "forget" about machines that don't chatter away on the network as Windows boxes do (i.e., in a sense, the routers are "optimised" for Windows boxes...) therefore we make to some "artificial" chatter by setting up a ping in /etc/crontab to the router every few minutes:
0,2,5,7,10,12,15,17,20,22,25,27,30,\
32,35,37,40,42,45,47,50,52,55,57 * * * * \
ping -c 1 gw-umill.umist.ac.uk > /dev/null
|
Having spent about one hour trying to figure out what was wrong with the sound configuration (/sbin/lsmod, /sbin/sndconfig, etc) one finds that on ones RM machine you have to unplug the black lead which comes out of the back of the machine and into the green socket of the green/blue/pink threesome and plug the speakers into that green one...then all is wonderful.
Change this as it gives away the exact OS and Kernel level --- but change /etc/rc.d/rc.local too since this overwrites issue[.net] on each reboot.
Commented out the third line here...
% How to print, maybe with lp instead lpr, etc. If commented-out, output % will go into a file by default. %o |lpr |
pdftex would not include graphics as the User Manual said it would --- it did not recognise pdfximage. A trawl of The Web suggested that my version of PDFTeX was old...so got the src from http://www.tex.ac.uk/tex-archive/systems/pdftex/ and followed the instructions in the README to compile pdftexbin. It omitted to tell that one needed to make pdftex.fmt also. Did that. Copied pdftex and pdftex.fmt to /usr/bin and /usr/share/texmf/web2c (moved originals to <file>.rh_7.1). Worked.
Downloaded and installed acrobat reader 4.05 from www.adobe.com: worked fine (contrast RedHat 6.2 on which it installed ok but crashed repeatedly).
Got rpm mozilla-0.9.3-1.i386.rpm from www.mozilla.org and installed. Weird: setting preferences (e.g., home page) for one user affected other users; quiting mozilla for one user quit other users too! (Seen this before with netsape?) Looking at the process list (ps auxw | grep moz) one sees that all mozilla processes are owned by whomever started mozilla first!
Got mozilla-0.9.4-2.i386.rpm and that simply seg-faulted.
Got mozilla-i686-pc-linux-gnu-0.9.4-installer.tar.gz and used this script as a "smart" installed: result: all ok!
Problems with the 256Mb RAM stick: crashed, segfaults...even with kernel parameter "mem=255M" which should be ok on this motherboard. Try memory tests (recall Running Linux with broken memory in Linux Journal March 2001). Google came up with a simple test script at
http://people.redhat.com/dledford/memtest.html |
Plan: use memtest86 to find the badram parameters to use with the badram kernel patch. But can I be bothered running memtest86 for hours and patching the kernel? No. Tried to 128M sticks and all is fine.
Jim tried the 256M stick on a W2000 box and found problems too, so we conclude the 256M stick is definitely not ok!
Kept getting errors such as
Date: Wed, 19 Sep 2001 06:01:00 +0100 From: root@talby.csu.umist.ac.uk (Cron Daemon) To: root@talby.csu.umist.ac.uk Subject: Cron <root@talby> root run-parts /etc/cron.hourly X-Cron-Env: <SHELL=/bin/bash> X-Cron-Env: <PATH=/sbin:/bin:/usr/sbin:/usr/bin> X-Cron-Env: <MAILTO=root> X-Cron-Env: <HOME=/> X-Cron-Env: <LOGNAME=root> /bin/bash: root: command not found |
01 * * * * root run-parts /etc/cron.hourly |
man 5 crontab |
01 * * * * run-parts /etc/cron.hourly |
| ...previous | cont's... |