Ubuntu Linux


![Ubuntu Logo](http://www.ubuntu.com/themes/ubuntu07/images/ubuntulogo.png)

Notes on Ubuntu

  • This is work in progress*

CD Images

Jigdo

Use this to create a fresh copy of the ISO (with updates and other changes). This assumes that you already have a CD image under ~/Shared/Software/Ubuntu.

 - mount previous images in /mnt `sudo mount -o loop ubuntu-8.04-alternate-amd64.iso /mnt`
 - cd ~/Shared/Software/Ubuntu/jigdo
 - jigdo-lite http://cdimage.ubuntu.com/hardy/daily/current/hardy-alternate-amd64.jigdo
 - When asked point the previous image on /mnt

OEM Intallation

Summary

Test the OEM (for manufacturers) install procedures.

Procedure

Alternate CD

 - Boot using the "Text mode install for manufacturers" option. 
 - You will not be asked for a username, although you will be asked for a password. 
 - You should see instructions shortly before rebooting; in case you miss them, they say:
   - When you boot into the new system, you will be able to log in as the 'oem' user with the password you selected earlier; this user also has administrative privileges using 'sudo'. You will then be able to make any additional modifications you require to the system.
   - Once the system is configured to your satisfaction, run **sudo oem-config-prepare**. This will cause the system to delete the temporary 'oem' user and ask the end user various configuration questions the next time it boots.
 - After rebooting you should see a normal Ubuntu desktop. 
 - Install one or two additional applications and click the **oem-config-prepare** icon on the desktop.
 - Reboot and confirm that the new user setup procedure appears.
 - Confirm that the applications you installed are now available.

Desktop CD

 - Boot the Live CD with the OEM option
 - At the desktop, click install; //You will not be asked for a username, although you will be asked for a password.// 
 - After rebooting you should see a normal Ubuntu desktop. 
 - Install one or two additional applications and click the **oem-config-prepare** icon on the desktop.
 - Reboot and confirm that the new user setup procedure appears.
 - Confirm that the applications you installed are now available.

Unattended Intallation

DHCP

   ...
   next-server 10.10.0.230;
   option tftp-server-name "tuxy";
   filename "pxelinux.0";
   ...

TFTP

   sudo apt-get install tftpd-hpa
   # /etc/default/tftpd-hpa
   TFTP_USERNAME="tftp"
   TFTP_DIRECTORY="/srv/tftp"
   TFTP_ADDRESS="0.0.0.0:69"
   TFTP_OPTIONS="-s"

Optionally:

   sudo mkdir /tftpboot
   sudo mount --bind /srv/tftp /tftpboot

Preseed

https://help.ubuntu.com/10.04/installation-guide/hppa/preseed-creating.html

To check if the format of your preconfiguration file is valid before performing an install, you can use the command //debconf-set-selections -c preseed.cfg//.

RAID1 (mirror) with LVM partition

   # Installs a new ubuntu desktop with the right partitions
   # see notes:
   # 2008-10-03 18:39 EDT - Luis Mondesi <lemsx1@gmail.com>
   # Always install the server kernel.
   d-i	base-installer/kernel/override-image	string linux-generic
   # Only install basic language packs. Let tasksel ask about tasks.
   d-i	pkgsel/language-pack-patterns	string
   # No language support packages.
   d-i	pkgsel/install-language-support	boolean false
   # Only ask the UTC question if there are other operating systems installed.
   d-i	clock-setup/utc-auto	boolean true
   d-i debian-installer/locale string en_US
   d-i console-setup/layoutcode string us
   d-i netcfg/choose_interface select auto
   # Any hostname and domain names assigned from dhcp take precedence over
   # values set here. However, setting the values still prevents the questions
   # from being shown, even if values come from dhcp.
   d-i netcfg/get_hostname string unassigned-hostname
   d-i netcfg/get_domain string unassigned-domain
   d-i netcfg/wireless_wep string
   ### Mirror settings
   # If you select ftp, the mirror/country string does not need to be set.
   d-i mirror/country string enter information manually
   d-i mirror/protocol string http
   # apt-cacher-ng on port 9999
   d-i mirror/http/hostname string apt:9999
   d-i mirror/http/directory string /archive.ubuntu.com/ubuntu
   d-i mirror/http/proxy string
   # Suite to install.
   #d-i mirror/suite string testing
   # Suite to use for loading installer components (optional).
   #d-i mirror/udeb/suite string testing
   d-i mirror/suite string lucid
   d-i unattended-upgrades/enable_auto_updates	boolean	false
   d-i user-setup/encrypt-home	                boolean	false
   ### Partitioning
   # 2009-10-20 14:30 EDT 
   # LM: do not use "lvm" here as it breaks newer d-i
   d-i partman-auto/method string raid
   # If one of the disks that are going to be automatically partitioned
   # contains an old LVM configuration, the user will normally receive a
   # warning. This can be preseeded away...
   # This makes partman automatically partition without confirmation.
   # Write the changes to disks?
   d-i     partman/confirm boolean true
   partman-base    partman/confirm boolean true
   # Write the changes to the storage devices and configure RAID?
   d-i     partman-md/confirm      boolean true
   partman-md      partman-md/confirm      boolean true
   # Remove existing software RAID partitions?
   d-i     partman-md/device_remove_md     boolean true
   partman-md      partman-md/device_remove_md     boolean true
   # Write the changes to disks and configure LVM?
   d-i     partman-lvm/confirm     boolean true
   partman-lvm     partman-lvm/confirm     boolean true
   d-i partman/confirm_write_new_label boolean true
   d-i partman/choose_partition        select finish
   d-i partman/confirm_nooverwrite     boolean true
   # Write a new empty partition table?
   d-i partman-partitioning/confirm_write_new_label boolean true
   partman-partitioning    partman-partitioning/confirm_write_new_label    boolean true
   d-i partman-auto/disk               string /dev/sda /dev/sdb
   d-i partman-lvm/device_remove_lvm   boolean true
   d-i partman-lvm/device_remove_lvm_span boolean true
   d-i partman-auto-lvm/new_vg_name    string bootdisk
   d-i partman-auto-lvm/guided_size    string max
   # customized by Luis Mondesi (2010-06-01 15:58 EDT)
   # Notes:
   #  - partitions are created in the order they are defined
   #  - higher priority takes precendence
   #  - highest priority number chosen is 5,000
   #  - very impotant!! do not leave spaces after \ or it won't work
   #  RAID:
   # /dev/md0 -> /boot         -> 100M - 256MB (high priority)
   # /dev/md1 -> LVM VG bootdisk  -> 500M  - 1T (high priority)
   # LVM:
   # /dev/mapper/bootdisk-root   -> /     -> 5G - 1T (high priority)
   # /dev/mapper/bootdisk-swap_1 -> swap  -> 3G - 3 times size of RAM (high priority)
   #
   # Last you need to specify how the previously defined partitions will be
   # used in the RAID setup. Remember to use the correct partition numbers
   # for logical partitions.
   # Parameters are:
   # <raidtype> <devcount> <sparecount> <fstype> <mountpoint> \
   #          <devices> <sparedevices>
   # RAID levels 0, 1, 5, 6 and 10 are supported; devices are separated using "#"
   d-i partman-auto-raid/recipe string \
     1 2 0 ext4 /boot /dev/sda1#/dev/sdb1 . 1 2 0 lvm / /dev/sda2#/dev/sdb2  .
   # RAID partitions are tagged as "lvmignore"
   # and LVM logical volumes as "defaultignore" and "lvmok"
   d-i partman-auto/expert_recipe string                      \
         multiraid ::                                         \
                 100 512 256 raid                             \
                         $lvmignore{ }                        \
                         $primary{ }                          \
                         method{ raid }                       \
                 .                                            \
                 900 5000 1000000000 raid                     \
                         $lvmignore{ }                        \
                         $primary{ }                          \
                         method{ raid }                       \
                 .                                            \
                 700 5000 1000000000 ext4                     \
                         $defaultignore{ }                    \
                         $lvmok{ }                            \
                         method{ format }                     \
                         format{ }                            \
                         use_filesystem{ }                    \
                         filesystem{ ext4 }                   \
                         options/relatime{ relatime }         \
                         mountpoint{ / }                      \
                 .                                            \
                 256 3000 300% linux-swap                     \
                         $defaultignore{ }                    \
                         $lvmok{ }                            \
                         method{ swap }                       \
                         format{ }                            \
                 .
   ### Clock and time zone setup
   # Controls whether or not the hardware clock is set to UTC.
   d-i clock-setup/utc boolean true
   # You may set this to any valid setting for $TZ; see the contents of
   # /usr/share/zoneinfo/ for valid values.
   d-i time/zone string America/New_York
   ### Apt setup
   # You can choose to install non-free and contrib software.
   d-i apt-setup/multiverse boolean true
   d-i apt-setup/universe boolean true
   # To create a normal user account.
   d-i passwd/user-fullname string System Administrator
   d-i passwd/username string admin
   # Normal user's password, either in clear text
   #d-i passwd/user-password password insecure
   #d-i passwd/user-password-again password insecure
   # or encrypted using an MD5 hash.
   # $> echo secret |mkpasswd -m md5 -s
   d-i passwd/user-password-crypted password $1$jJ2LMHxV$..QYZ1gInMXG/H1zzcOFS1
   # This is fairly safe to set, it makes grub install automatically to the MBR
   # if no other operating system is detected on the machine.
   d-i grub-installer/only_debian boolean true
   # This one makes grub-installer install to the MBR if it also finds some other
   # OS, which is less safe as it might not be able to boot that other OS.
   d-i grub-installer/with_other_os boolean true
   # install grub on all our disks (this is RAID)
   #d-i grub-installer/bootdev  string (hd0,0) (hd1,0)
   d-i grub-installer/bootdev  string  /dev/md0
   ### Package selection
   tasksel tasksel/first multiselect standard, lamp-server, ubuntu-desktop
   # Individual additional packages to install
   d-i pkgsel/include string openssh-server cfengine2 ubuntu-restricted-extras ssmtp libpam-ldap ldap-utils rsync m4 ruby nscd autofs-ldap nfs-kernel-server ntp snmpd nvidia-current dirvish lsb-core git-core nfs-common libpam-foreground debconf-utils rdoc ri traceroute sysstat dirvish openssl ca-certificates rubygems apache2 bison build-essential clusterssh eclipse flex gawk gnome-do gnome-do-plugins gstreamer0.10-ffmpeg gstreamer0.10-plugins-bad-multiverse gstreamer0.10-plugins-bad gstreamer0.10-plugins-ugly-multiverse  gstreamer0.10-plugins-ugly gstreamer0.10-pulseaudio ksh libapache2-mod-jk libasound2-plugins libpam-ck-connector manpages-dev mysql-admin mytop nvidia-settings padevchooser pavucontrol pidgin pulseaudio-esound-compat pulseaudio-module-gconf pulseaudio-module-x11 pulseaudio-utils recode ruby-gnome2 samba seahorse-plugins smbfs tshark vim-gnome virtualbox-ose xawtv xul-ext-firebug xul-ext-webdeveloper xul-ext-bindwood anacron
   # How do you want to manage upgrades on this system?
   # Choices: No automatic updates, Install security updates automatically, Manage system with Landscape
   pkgsel pkgsel/update-policy    select  none
   ### Finishing up the first stage install
   # Avoid that last message about the install being complete.
   d-i finish-install/reboot_in_progress note
   xserver-xorg xserver-xorg/autodetect_monitor boolean true
   xserver-xorg xserver-xorg/config/monitor/selection-method \
       select medium
   xserver-xorg xserver-xorg/config/monitor/mode-list \
       select 1024x768 @ 60 Hz
   ### debconf
   # LDAP configuration is managed by cfengine
   ldap-auth-config        ldap-auth-config/bindpw                 password
   ldap-auth-config        ldap-auth-config/rootbindpw             password
   ldap-auth-config        ldap-auth-config/binddn                 string  cn=proxyuser,dc=example,dc=net
   ldap-auth-config        ldap-auth-config/dbrootlogin            boolean true
   ldap-auth-config        ldap-auth-config/pam_password           select  md5
   ldap-auth-config        ldap-auth-config/move-to-debconf        boolean true
   ldap-auth-config        ldap-auth-config/ldapns/ldap-server     string  ldap://ldap
   ldap-auth-config        ldap-auth-config/ldapns/base-dn         string  dc=example,dc=com
   ldap-auth-config        ldap-auth-config/ldapns/ldap_version    select  3
   ldap-auth-config        ldap-auth-config/dblogin                boolean false
   ldap-auth-config        ldap-auth-config/rootbinddn             string  cn=manager,dc=example,dc=net
   ldap-auth-config        ldap-auth-config/override               boolean false
   ssmtp                   ssmtp/overwriteconfig                   boolean true
   ssmtp                   ssmtp/mailname                          string
   ssmtp                   ssmtp/mailhub                           string  mail
   ssmtp                   ssmtp/fromoverride                      boolean false
   ssmtp                   ssmtp/hostname                          string
   ssmtp                   ssmtp/root                              string  admin
   ssmtp                   ssmtp/rewritedomain                     string
   ssmtp                   ssmtp/port                              string  25
   sun-java6-bin           shared/accepted-sun-dlj-v1-1            boolean true
   sun-java6-jre           shared/accepted-sun-dlj-v1-1            boolean true
   dictionaries-common	dictionaries-common/default-ispell	select	american (American English)
   dictionaries-common	dictionaries-common/default-wordlist	select	american (American English)
   dictionaries-common	dictionaries-common/ispell-autobuildhash-message	note
   mdadm                   mdadm/boot_degraded                     boolean false
   mysql-server-5.1	mysql-server/root_password	        password
   mysql-server-5.1	mysql-server/root_password_again	password
   grub-pc                 grub-pc/hidden_timeout  boolean true
   grub-pc                 grub-pc/timeout string  10
   grub-pc                 grub-pc/kopt_extracted  boolean false
   grub-pc                 grub-pc/postrm_purge_boot_grub  boolean false
   grub-pc                 grub2/linux_cmdline_default string  quiet splash
   postfix	postfix/mailname	string  example.net
   postfix	postfix/main_mailer_type	select	Internet with smarthost
   postfix	postfix/relayhost	string	smtp.example.net
   ### Shell commands
   ## d-i preseeding is inherently not secure. Nothing in the installer checks
   ## for attempts at buffer overflows or other exploits of the values of a
   ## preconfiguration file like this one. Only use preconfiguration files from
   ## trusted locations! To drive that home, and because it's generally useful,
   ## here's a way to run any shell command you'd like inside the installer,
   ## automatically.
   #
   ## This first command is run as early as possible, just after
   ## preseeding is read.
   ##d-i preseed/early_command string /cdrom/early_command
   #
   ## This command is run just before the install finishes, but when there is
   ## still a usable /target directory. You can chroot to /target and use it
   ## directly, or use the apt-install and in-target commands to easily install
   ## packages and run commands in the target system.
   ## "in-target" means: chroot /target
   ##d-i preseed/late_command string [in-target] foo
   #d-i preseed/late_command string in-target touch /.first-boot; in-target rsync -a cfengine::cfengine/inputs-production/ /etc/cfengine || true; in-target rsync -a cfengine::cfengine/scripts/update-cfengine /etc/rc.local || true;

Mobile devices:

   # Installs a new ubuntu Lucid desktop for mobile devices with the right partitions
   # see notes:
   # 2009-04-23 12:52 EDT - Luis Mondesi <lemsx1@gmail.com>
   # Always install the server kernel.
   d-i	base-installer/kernel/override-image	string linux-generic
   # Only install basic language packs. Let tasksel ask about tasks.
   d-i	pkgsel/language-pack-patterns	string
   # No language support packages.
   d-i	pkgsel/install-language-support	boolean false
   # Only ask the UTC question if there are other operating systems installed.
   d-i	clock-setup/utc-auto	boolean true
   d-i debian-installer/locale string en_US
   d-i console-setup/layoutcode string us
   d-i netcfg/choose_interface select auto
   # Any hostname and domain names assigned from dhcp take precedence over
   # values set here. However, setting the values still prevents the questions
   # from being shown, even if values come from dhcp.
   d-i netcfg/get_hostname string unassigned-hostname
   d-i netcfg/get_domain string unassigned-domain
   d-i netcfg/wireless_wep string
   ### Mirror settings
   # If you select ftp, the mirror/country string does not need to be set.
   d-i mirror/country string enter information manually
   d-i mirror/protocol string http
   d-i mirror/http/hostname string apt:9999
   d-i mirror/http/directory string /archive.ubuntu.com/ubuntu
   d-i mirror/http/proxy string
   # Suite to install.
   #d-i mirror/suite string testing
   # Suite to use for loading installer components (optional).
   #d-i mirror/udeb/suite string testing
   d-i mirror/suite string lucid
   d-i unattended-upgrades/enable_auto_updates	boolean	false
   d-i user-setup/encrypt-home	                boolean	false
   ### Partitioning
   # If the system has free space you can choose to only partition that space.
   #d-i partman-auto/init_automatically_partition select biggest_free
   # Alternatively, you can specify a disk to partition. The device name must
   # be given in traditional non-devfs format.
   # Note: A disk must be specified, unless the system has only one disk.
   # For example, to use the first SCSI/SATA hard disk:
   #d-i partman-auto/disk string /dev/sda
   # In addition, you'll need to specify the method to use.
   # The presently available methods are: "regular"
   # 2009-10-20 14:30 EDT 
   # LM: do not use "lvm" here as it breaks newer d-i
   d-i partman-auto/method string regular
   # This makes partman automatically partition without confirmation.
   d-i partman/confirm_write_new_label boolean true
   d-i partman/choose_partition select finish
   d-i partman/confirm boolean true
   # If one of the disks that are going to be automatically partitioned
   # contains an old LVM configuration, the user will normally receive a
   # warning. This can be preseeded away...
   d-i partman-auto/purge_lvm_from_device boolean true
   # And the same goes for the confirmation to write the lvm partitions.
   d-i partman-lvm/confirm boolean true
   # this is the new version of the previous line:
   d-i partman-lvm/device_remove_lvm boolean true
   # You can choose from any of the predefined partitioning recipes.
   # Note: this must be preseeded with a localized (translated) value.
   #d-i partman-auto/choose_recipe \
   #    select Separate /home, /usr, /var, and /tmp partitions
   # customized by Luis Mondesi (2008-10-03 15:11 EDT)
   # Notes:
   #  - partitions are created in the order they are defined
   #  - higher priority takes precendence
   #  - highest priority number chosen is 10,000
   #  - very impotant!! do not leave spaces after \ or it won't work
   # /boot         -> 100M - 256MB (high priority)
   # /             -> 5G   - 1T (or whatever is left) (high priority)
   # /var/tmp      -> 500M - 1G
   # /tmp          -> 500M - 1G
   # swap          -> 1G   - 3 times size of RAM (high priority)
   d-i partman-auto/expert_recipe string                         \
         boot-root ::                                            \
                 100 10000 256 ext4                              \
                         $primary{ } $bootable{ }                \
                         method{ format } format{ }              \
                         use_filesystem{ } filesystem{ ext4 }    \
                         mountpoint{ /boot }                     \
                 .                                               \
                 5000 9999 1000000 ext4                          \
                         $lvmok{ }                               \
                         method{ format } format{ }              \
                         options/relatime{ relatime }            \
                         use_filesystem{ } filesystem{ ext4 }    \
                         mountpoint{ / }                         \
                 .                                               \
                 256 3000 300% linux-swap                        \
                         $lvmok{ }                               \
                         method{ swap } format{ }                \
                 .                                               \
                 500 1000 1024 ext4                              \
                         $lvmok{ }                               \
                         method{ format } format{ }              \
                         options/relatime{ relatime }            \
                         use_filesystem{ } filesystem{ ext4 }    \
                         mountpoint{ /tmp }                      \
                 .                                               \
                 500 1000 1024 ext4                              \
                         $lvmok{ }                               \
                         method{ format } format{ }              \
                         options/relatime{ relatime }            \
                         use_filesystem{ } filesystem{ ext4 }    \
                         mountpoint{ /var/tmp }                  \
                 .                                               \
   ### Clock and time zone setup
   # Controls whether or not the hardware clock is set to UTC.
   d-i clock-setup/utc boolean true
   # You may set this to any valid setting for $TZ; see the contents of
   # /usr/share/zoneinfo/ for valid values.
   d-i time/zone string America/New_York
   ### Apt setup
   # You can choose to install non-free and contrib software.
   d-i apt-setup/multiverse boolean true
   d-i apt-setup/universe boolean true
   # To create a normal user account.
   d-i passwd/user-fullname string System Administrator
   d-i passwd/username string admin
   # Normal user's password, either in clear text
   #d-i passwd/user-password password insecure
   #d-i passwd/user-password-again password insecure
   # or encrypted using an MD5 hash.
   # $> echo secret |mkpasswd -m md5 -s
   d-i passwd/user-password-crypted password $1$jJ2LMHxV$..QYZ1gInMXG/H1zzcOFS1
   # This is fairly safe to set, it makes grub install automatically to the MBR
   # if no other operating system is detected on the machine.
   d-i grub-installer/only_debian boolean true
   # This one makes grub-installer install to the MBR if it also finds some other
   # OS, which is less safe as it might not be able to boot that other OS.
   d-i grub-installer/with_other_os boolean true
   ### Package selection
   tasksel tasksel/first multiselect standard, ubuntu-desktop
   # Individual additional packages to install
   d-i pkgsel/include string ubuntu-netbook-remix openssh-server cfengine2 ssmtp ldap-utils mobile-broadband-provider-info foobillard frozen-bubble neverball stardict rsync m4 ruby nscd
   # How do you want to manage upgrades on this system?
   # Choices: No automatic updates, Install security updates automatically, Manage system with Landscape
   pkgsel pkgsel/update-policy    select  none
   ### Finishing up the first stage install
   # Avoid that last message about the install being complete.
   d-i finish-install/reboot_in_progress note
   xserver-xorg xserver-xorg/autodetect_monitor boolean true
   xserver-xorg xserver-xorg/config/monitor/selection-method \
       select medium
   xserver-xorg xserver-xorg/config/monitor/mode-list \
       select 1024x768 @ 60 Hz
   ### debconf
   # LDAP configuration is managed by cfengine
   ldap-auth-config        ldap-auth-config/bindpw                 password
   ldap-auth-config        ldap-auth-config/rootbindpw             password
   ldap-auth-config        ldap-auth-config/binddn                 string  cn=proxyuser,dc=example,dc=net
   ldap-auth-config        ldap-auth-config/dbrootlogin            boolean true
   ldap-auth-config        ldap-auth-config/pam_password           select  md5
   ldap-auth-config        ldap-auth-config/move-to-debconf        boolean true
   ldap-auth-config        ldap-auth-config/ldapns/ldap-server     string  ldap://ldap
   ldap-auth-config        ldap-auth-config/ldapns/base-dn         string  dc=example,dc=net
   ldap-auth-config        ldap-auth-config/ldapns/ldap_version    select  3
   ldap-auth-config        ldap-auth-config/dblogin                boolean false
   ldap-auth-config        ldap-auth-config/rootbinddn             string  cn=manager,dc=example,dc=net
   ldap-auth-config        ldap-auth-config/override               boolean false
   ssmtp                   ssmtp/overwriteconfig                   boolean true
   ssmtp                   ssmtp/mailname                          string
   ssmtp                   ssmtp/mailhub                           string  mail
   ssmtp                   ssmtp/fromoverride                      boolean false
   ssmtp                   ssmtp/hostname                          string
   ssmtp                   ssmtp/root                              string  admin
   ssmtp                   ssmtp/rewritedomain                     string
   ssmtp                   ssmtp/port                              string  25
   sun-java6-bin           shared/accepted-sun-dlj-v1-1            boolean true
   sun-java6-jre           shared/accepted-sun-dlj-v1-1            boolean true
   dictionaries-common	dictionaries-common/default-ispell	select	american (American English)
   dictionaries-common	dictionaries-common/default-wordlist	select	american (American English)
   dictionaries-common	dictionaries-common/ispell-autobuildhash-message	note
   mdadm                   mdadm/boot_degraded                     boolean false
   grub-pc                 grub-pc/hidden_timeout  boolean true
   grub-pc                 grub-pc/timeout string  10
   grub-pc                 grub-pc/kopt_extracted  boolean false
   grub-pc                 grub-pc/postrm_purge_boot_grub  boolean false
   grub-pc                 grub2/linux_cmdline_default string  quiet splash
   ### Shell commands
   ## d-i preseeding is inherently not secure. Nothing in the installer checks
   ## for attempts at buffer overflows or other exploits of the values of a
   ## preconfiguration file like this one. Only use preconfiguration files from
   ## trusted locations! To drive that home, and because it's generally useful,
   ## here's a way to run any shell command you'd like inside the installer,
   ## automatically.
   #
   ## This first command is run as early as possible, just after
   ## preseeding is read.
   ##d-i preseed/early_command string /cdrom/early_command
   #
   ## This command is run just before the install finishes, but when there is
   ## still a usable /target directory. You can chroot to /target and use it
   ## directly, or use the apt-install and in-target commands to easily install
   ## packages and run commands in the target system.
   ## "in-target" means: chroot /target
   ##d-i preseed/late_command string [in-target] foo

Manual Installation

Using Live CD for Gutsy (7.10)

Use these instructions to install a RAID1 (mirrored) system. This assumes that at least 2 disks of equal size are available.

 - insert disc and choose Desktop install
 - once on desktop, open terminal and set disks as you want
   - fdisk -l # // lists all disks//
   - cfdisk /dev/sda # // partition disk. /dev/sd{a,b}1 is /boot 256MB. /dev/sd{a,b}2 rest of the disk//
   - apt-get install mdadm lvm2
   - mdadm --create /dev/md0 --level=1 //[--force]// --raid-devices=2 /dev/sda1 /dev/sdb1 # ///boot partition//
   - mdadm --create /dev/md1 --level=1 //[--force]// --raid-devices=2 /dev/sda2 /dev/sdb2 # //LVM volumes//
   - pvcreate /dev/md1
   - vgcreate vg00 /dev/md1
   - lvcreate --name swap00 --size 8G vg00
   - lvcreate --name vartmp00 --size 1G vg00
   - lvcreate --name tmp00 --size 1G vg00
   - lvcreate --name root00 --extents //(see vgdisplay for the Free PE and put here)// vg00
 - double click on Install on desktop and follow prompts
 - choose manual partition, and mount devices accordingly
   /dev/md0 -> /boot
   /dev/vg00/root00 -> /
   /dev/vg00/swap00 -> swap
   /dev/vg00/vartmp00 -> /var/tmp
   /dev/vg00/tmp00 -> /tmp
 - when done do **not reboot**
   - mount /dev/vg00/root00 to /mnt
   - mount /dev/vg00/var00 to /mnt/var
   - mount /proc to /mnt/proc
 - chroot to /mnt. apt-get install mdadm lvm2
 - reboot

Troubleshooting

 * insert disc and go into Live Desktop
 * apt-get install mdadm lvm2
   mdadm --assemble --scan
   udevadm trigger
 * make sure that **dm-mod** (device-mapper /dev/mapper) is loaded in the kernel, as well as **md-mod** (software raid)

Hardening

[[http://wiki.debian.org/SELinux/Setup|SELinux]]

[[http://wiki.debian.org/Hardening|Hardening]]

[[http://www.debian.org/doc/manuals/securing-debian-howto|Securing Debian Howto]]

Network

 - create **/etc/hosts.deny** with
   ALL: PARANOID
   ALL: ALL EXCEPT 127.0.0.1
 - create **/etc/hosts.allow** with
   ALL: 127.0.0.1
   # if you want to allow your local services to your local (private) networks:
   #in.tftpd tftpd mountd rpc.mountd portmap nfsd statd apcupsd UTadmin nc ucc smbd sshd:  10. 192.168. 
   in.fingerd : ALL : DENY
   # but everything else is denied & reported with safe_finger
   ALL : ALL : spawn (/usr/sbin/safe_finger -l @%h | /usr/bin/mail -s "Port Denial noted %d-%h" root) & : DENY
 - close services that are not supposed to be running:
   - run **sudo netstat -nlp | egrep '(tcp|udp)'** to see services listening for connections (use **update-rc.d -f <basename> remove** to turn off the service)
   - make sure that **inetd** or **xinetd** are not installed: **apt-get remove inetd xinetd; rm -f /etc/inetd.conf**.
 - install shorewall and configure it:
   - **apt-get install shorewall**
   - **/etc/shorewall/interfaces**
   net     eth0            detect          dhcp,tcpflags,logmartians,nosmurfs
   - **/etc/shorewall/zones**
   fw      firewall
   net     ipv4
   - **/etc/shorewall/policy**
   $FW             net             ACCEPT
   net             $FW             DROP            info
   net             all             DROP            info
   # The FOLLOWING POLICY MUST BE LAST
   all             all             REJECT          info
   - **/etc/shorewall/rules**
   Ping/REJECT     net             $FW
   ACCEPT          $FW             net             icmp
   # change this to accept your services
   #ACCEPT          net:10.0.0.0/24,192.168.0.0/16         $FW     tcp     nfs,ssh,sunrpc,netbios-ssn,microsoft-ds
   #ACCEPT          net:10.0.0.0/24,192.168.0.0/16         $FW     udp     bootps,ntp,tftp,mdns,sunrpc,netbios-dgm,netbios-ns,nfs
   # allow us to connect to outside systems on high port numbers
   ACCEPT          $FW             net             tcp       -   1024:65535

Encrypted Home

This assumes that your users from the group staff will have encrypted HOMEs and their home path is /Users in /etc/passwd (or LDAP or any other PAM authentication mechanism you use)

 - apt-get install libpam-mount openssl
 - change /etc/pam.d/* files:
   - add **@include common-pammount** after **@include common-session** to /etc/pam.d/{gdm,gdm-autologin,login,ssh} and any other login-related service
 - create a password-proteced encryption key for your own USER:
   sudo mkdir /etc/ehd
   sudo chmod 2770 /etc/ehd
   sudo chown root:staff /etc/ehd
   dd if=/dev/urandom bs=1c count=32 | openssl enc -aes-256-ecb > /etc/ehd/$USER.key
   # type the same password as the USER uses to login. If you need to change this password later, then do:
   # * cp /etc/ehd/$USER.key /etc/ehd/$USER.key.old
   # * chmod 0600 /etc/ehd/$USER.key
   # * passwdehd
   chmod 0400 /etc/ehd/$USER.key
   # Do the same for each user you want to have encrypted HOME
 - create encrypted image:
   # 1024 * 5 of block-size 1M = 5 GB image 
   dd if=/dev/urandom of=$USER.img bs=1M count=5120
   openssl enc -d -aes-256-ecb -in /etc/ehd/$USER.key | losetup -e aes -k 256 -p0 /dev/loop0 /Users/$USER.img
   chown $USER /Users/$USER.img
   chmod 0600 /Users/$USER.img
   mkfs -t xfs /dev/loop0
   umount /dev/loop0
   losetup -d /dev/loop0
 - edit **/etc/fstab** and add:
   # encrypted hard drive
   /Users/&.img     /Users/&  xfs  defaults,exec,user,rw,loop,encryption=aes,keybits=256,noauto 0   0
 - edit **/etc/security/pam_mount.conf** and add: 
   volume  @staff auto -   /Users/&.img -   loop,user,exec,encryption=aes,keybits=256   aes-256-ecb /etc/ehd/&.key
 - (optional) edit **/etc/login.defs** and make sure that **CLOSE_SESSION** is set to "yes" (Does not apply to [http://ubuntu.com|Feisty]] and newer versions)

Notes:

  • if the user ever changes his/her password, use passwdehd to change the password for the /etc/ehd/$USER.key file
  • Make sure you read **/usr/share/doc/libpam-mount/README.Debian.gz** file

Enabling SELinux

 - edit /boot/grub/menu.lst  and append **selinux=1** and **enforcing=0** (for now):
   # defoptions=... selinux=1 enforcing=0
 - install the following packages
   - get the required tools
   apt-get -y install libselinux1 libselinux1-dev setools selinux-basics
   selinux-utils selinux-policy-refpolicy-targeted build-essential
   linux-headers-$(uname -r) m4
   - install your own **policy.21** file
   cd /usr/src ; apt-get -y install selinux-policy-refpolicy-src; tar -zxvf
   selinux-policy-refpolicy-src.tar.gz ; cd selinux-policy-refpolicy-src
 - Edit these values in the build.conf file:
   OUTPUT_POLICY = 21
   MONOLITHIC = y
 - make and copy the resulting policy file:
   make clean
   make
   sudo cp policy.21 /etc/selinux/refpolicy-targeted/policy/
 - create a file called **/etc/initramfs-tools/scripts/init-bottom/zselinux**
   #! /bin/sh
   # load selinux policy
   PREREQ=""
   prereqs () {
       echo "$PREREQ"
   }
   case $1 in
       prereqs)
           prereqs
           exit 0
       ;;
   esac
   . /scripts/functions
   . /root/etc/selinux/config
   # Check config variables here?
   log_begin_msg "Mounting selinuxfs"
   mount -t selinuxfs none /root/selinux
   log_end_msg
   log_begin_msg "Loading selinux policy"
   # load_policy should be moved to /sbin
   chroot /root /usr/sbin/load_policy
   log_end_msg
   exit 0
     - make sure that **/etc/selinux/config** has the following:
   # This file controls the state of SELinux on the system.
   # SELINUX= can take one of these three values:
   # enforcing - SELinux security policy is enforced.
   # permissive - SELinux prints warnings instead of enforcing.
   # disabled - No SELinux policy is loaded.
   SELINUX=permissive
   # SELINUXTYPE= can take one of these two values:
   # refpolicy-targeted - Only targeted network daemons are protected.
   # refpolicy-strict   - Full SELinux protection.
   # refpolicy-src      - Custom policy built from source
   SELINUXTYPE=refpolicy-targeted
   # SETLOCALDEFS= Check local definition changes
   SETLOCALDEFS=0
     - reboot your computer
     - fix labels
   /sbin/fixfiles -f -F relabel
     - reboot once more and make sure labels are correct:
   ls -Z /dev
   ls -Z /

At this point it might be wise to check **/var/log/syslog** for a while and take note on things that would be denied, should you change SELinux to **enforcing** mode.

Note: I'm building policies to support fully functional desktop with SELinux enabled. I'll post them later... Yes, I'll use Fedora's policies as inspiration, of course.

Testing SELinux

Ok, at this point SELinux is running and everything is working. Our **refpolicy-targeted** is being used, which means that all processes are running under the //unconfined_t// domain unless they are explicitly protected by a policy (targeted).

To show the domains for running processes do:

 ps -eaf -Z | grep unconfined | grep -v $USER | more

Extra modules

Modules are in the source directory **/usr/share/selinux/refpolicy-targeted/**. If you need to enable any of them by hand, then do it with:

 semodule -i /usr/share/selinux/refpolicy-targeted/ssh.pp -s refpolicy-targeted -n
 semodule -i /usr/share/selinux/refpolicy-targeted/automount.pp -s refpolicy-targeted -n

Some modules have dependencies. To see what they depend on, use this:

 semodule_deps -g /usr/share/selinux/refpolicy-targeted/base.pp /usr/share/selinux/refpolicy-targeted/postfix.pp 
 digraph mod_deps {
       overlap=false
 }

Local modules

To add new policies:

 - Get the denied entries since last reboot:
     cp /etc/selinux/local.te /etc/selinux/local.te-`date -I`
     # Fedora uses: /var/log/audit/audit.log
     audit2allow -m local -l -i /var/log/syslog > /etc/selinux/local.te
     # you might use /var/log/messages as well
 - edit **/etc/selinux/local.te**
 - **checkmodule -M -m -o local.mod local.te** # to compile the te file. Note that checkmodule is part of the checkpolicy rpm, so you need to have it installed.
 - **semodule_package -o local.pp -m local.mod** # to create a policy package.
 - **semodule -i local.pp** # to add it to the current machine's running policy. This installs a new module called local with these rules into the module store.

Power saving

 sudo apt-get install powertop cpufrequtils
 sudo powertop

Then follow the tips from powertop...

Mail Server

http://howtoforge.com/postfix_antispam_mailscanner_clamav_ubuntu

   apt-get install libc6-dev dpkg-dev db4.3-util libdb4.3-dev vim lynx bzip2 unzip perl-doc libwww-perl ntp-simple
   apt-get install zlib1g-dev zip libdbi-perl libconvert-binhex-perl gcc make autoconf automake libtool libmail-spf-query-perl rblcheck libnet-ident-perl
   apt-get install flex bison libcompress-zlib-perl pax libberkeleydb-perl ncftp unzoo arj lzop nomarch arc zoo
   apt-get install postfix postfix-pcre postfix-mysql postfix-ldap cabextract lha unrar razor pyzor spamassassin

Grub2 (grub-pc)

   root@ubuntu:/# cat /boot/grub/grub.cfg 
   #
   # DO NOT EDIT THIS FILE
   #
   # It is automaticaly generated by /usr/sbin/update-grub using templates from /etc/grub.d
   # and settings from /etc/default/grub
   #
   ### BEGIN /etc/grub.d/00_header ###
   set default=0
   set timeout=5
   set root=(zod-root)
   font (zod-root)/usr/share/grub/unifont.pff
   set gfxmode=640x480
   insmod gfxterm
   insmod vbe
   terminal gfxterm
   ### END /etc/grub.d/00_header ###
   ### BEGIN /etc/grub.d/10_hurd ###
   ### END /etc/grub.d/10_hurd ###
   ### BEGIN /etc/grub.d/10_linux ###
   menuentry "Debian GNU/Linux, linux 2.6.22-14-generic" {
           linux   (hd0,1)/vmlinuz-2.6.22-14-generic root=/dev/mapper/zod-root ro 
           initrd  (hd0,1)/initrd.img-2.6.22-14-generic
   }
   menuentry "Debian GNU/Linux, linux 2.6.22-14-generic (single-user mode)" {
           linux   (hd0,1)/vmlinuz-2.6.22-14-generic root=/dev/mapper/zod-root ro single 
           initrd  (hd0,1)/initrd.img-2.6.22-14-generic
   }
   ### END /etc/grub.d/10_linux ###
   ### BEGIN /etc/grub.d/20_memtest86+ ###
   menuentry "Memory test (memtest86+)" {
           linux   (hd0,1)/memtest86+.bin
   }
   ### END /etc/grub.d/20_memtest86+ ###

VirtualBox

https://help.ubuntu.com/community/VirtualBox#Open%20Source%20Edition%20on%20Ubuntu%208.04%20(Hardy)

https://help.ubuntu.com/community/VirtualBox#8.04%20Hardy

 - sudo apt-get install virtualbox-ose virtualbox-ose-modules-generic
 - sudo apt-get install bridge-utils uml-utilities
 - Setup your network bridge
   $ sudo gedit /etc/network/interfaces
   auto eth0
   iface eth0 inet manual
   auto br0
   iface br0 inet dhcp
      bridge_ports eth0
   # The loopback network interface
   auto lo
   iface lo inet loopback
 - Restart your network
   sudo /etc/init.d/networking restart
 - Assign names to the bridges for VirtualBox users
   sudo gedit /etc/vbox/interfaces
   # Each line should be of the format :
   # <interface name> <user name> [<bridge>]
   vbox0 <your user name> br0
   vbox1 <your user name> br0
 - Restart VirtualBox to load your network settings
   sudo /etc/init.d/virtualbox-ose restart

Sharing Files

Windows file share (Samba)

https://help.ubuntu.com/community/Samba/Kerberos

 * sudo apt-get install samba libpam-krb5 krb5-user
 * edit /etc/krb5.conf
   [logging]
       default = FILE10000:/var/log/krb5lib.log
   [libdefaults]
       ticket_lifetime = 24000
       default_realm = MYDOMAIN.INTERNAL
       default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc
       default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc
   [realms]
       MYDOMAIN.INTERNAL = {
           kdc = dc.mydomain.internal
           admin_server = dc.mydomain.internal
           default_domain = MYDOMAIN.INTERNAL
   }
   [domain_realm]
       .mydomain.internal = MYDOMAIN.INTERNAL
       mydomain.internal = MYDOMAIN.INTERNAL
 * edit /etc/samba/smb.conf
   [global]
           workgroup = MYDOMAIN
           realm = MYDOMAIN.INTERNAL
           security = ADS
           server string = %h server
           
           password server = dc.mydomain.internal
           socket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192
           local master = No
           domain master = No
           wins proxy = Yes
           wins server = 10.0.0.2
           
           invalid users = root
           guest account = nobody
           idmap uid = 4000-10000000
           idmap gid = 4000-10000000
           template shell = /bin/bash
           encrypt passwords = true
           passdb backend = tdbsam
           obey pam restrictions = yes
           dns proxy = no
           
           syslog = 0
           log file = /var/log/samba/log.%m
           max log size = 1000
           panic action = /usr/share/samba/panic-action %d
           winbind use default domain = Yes
 * edit /etc/hosts
   10.0.0.2	dc.mydomain.internal dc dc1
 * edit /etc/nsswitch.conf
   hosts:          files mdns4_minimal [NOTFOUND=return] dns wins mdns4
 * make sure that /etc/resolv.conf lists mydomain.internal correctly 
   domain mydomain.internal
   search mydomain.internal in.mydomain.internal
   nameserver 10.0.0.2
 * restart Samba
   sudo /etc/init.d/samba restart
 * join the Windows domain (need to be administrator on the Windows Active Domain server)
   sudo net -Uadministrator ads join
 * restart Samba
 * use **kinit administrator@MYDOMAIN.INTERNAL** and **klist** to test your kerberos5 settings

To share new directories you can just right click on them and choose **Sharing Options**

General Procedures

Anti-virus from Live CD

 - boot from Ubuntu Live CD
 - sudo apt-get install clamav nautilus-clamscan
 - sudo mount /dev/sda1 /mnt # mount your Windows disk
 - sudo clamscan --infected --move=/mnt/temp 

Kernel Modesetting

With intel video hardware:

 - edit **/etc/initramfs-tools/modules**
 - add the following modules 
   intel_agp
   drm
   i915 modeset=1
   fb
   fbcon
 - update-initramfs -u -k all
 - add a kernel parameter like **i915.modeset=1**

Package Selection

Copy the packages from another Ubuntu system and then load it using:

 # another system
 dpkg --get-selections \* > /tmp/selections.txt
 # send /tmp/selections.txt to new-system
 dpkg --set-selections < /tmp/selections.txt
 apt-get -y dselect-upgrade

Network Interface Bonding

1. apt-get install ifenslave-2.6

2. edit /etc/network/interfaces

   iface bond0 inet static
   address 192.168.1.x
   netmask 255.255.255.0
   network 192.168.1.0
   up /sbin/ifenslave bond0 eth0
   up /sbin/ifenslave bond0 eth1

3. add the following lines to your /etc/modprobe.d/bonding.conf

   alias bond0 bonding
   options bonding mode=1 miimon=100 downdelay=200 updelay=200

Multipath HBA

Setting up LVM volumes over multipath using Qlogic cards (qla2xxx driver)

Be sure to load your kernel module with:

   $> cat /etc/modules | grep qla2xxx
   qla2xxx qlport_down_retry=1 ql2xextended_error_logging=1
   $> sudo modprobe qla2xxx qlport_down_retry=1 ql2xextended_error_logging=1

1. Install tools

   $> sudo apt-get install multipath-tools qla-tools

//daemon start automatically with defaults//

2. rescan your HBA for new LUNs and show multipath information

   $> sudo ql-dynamic-tgt-lun-disc -s 
   $> sudo multipath -v3
   ...
   == paths list ==
   uuid              hcil      dev dev_t pri dm_st  chk_st  vend/prod/rev        
   350002ac0720907e3 3:0:0:407 sdb 8:16  1   [undef][undef] 3PARdata,VV          
   350002ac0720a07e3 3:0:0:408 sdc 8:32  1   [undef][undef] 3PARdata,VV          
   350002ac0720907e3 3:0:1:407 sdd 8:48  1   [undef][undef] 3PARdata,VV          
   350002ac0720a07e3 3:0:1:408 sde 8:64  1   [undef][undef] 3PARdata,VV          
   350002ac0720907e3 4:0:0:407 sdf 8:80  1   [undef][undef] 3PARdata,VV          
   350002ac0720a07e3 4:0:0:408 sdg 8:96  1   [undef][undef] 3PARdata,VV          
   350002ac0720907e3 4:0:1:407 sdh 8:112 1   [undef][undef] 3PARdata,VV          
   350002ac0720a07e3 4:0:1:408 sdi 8:128 1   [undef][undef] 3PARdata,VV 
   ...

3. create **/etc/multipath.conf** with:

   defaults {
           polling_interval 5
           path_grouping_policy	multibus
           #old version 117 getuid_callout	"/lib/udev/scsi_id -g -u -s /block/%n"
           getuid_callout	"/lib/udev/scsi_id -g -u /dev/%n"
           failback	immediate
           no_path_retry  1000
   }
           
   blacklist {
           devnode "^sda"
   }
   multipaths {
           multipath {
                   wwid            350002ac0720907e3
                   alias		    3pardataux05vol1
           }
           multipath {
                   wwid            350002ac0720a07e3
                   alias		    3pardataux05vol2
           }
   }
   devices {
           device {
                   vendor			"3PARdata"
                   product			"VV"
                   path_grouping_policy	multibus
                   path_selector		"round-robin 0"
           }
   }

//sda is my local SATA disk.//

4. list configuration

   $> sudo multipath -l
   ...
   3pardataux05vol2 (350002ac0720a07e3) dm-5 3PARdata,VV            
   [size=50G][features=1 queue_if_no_path][hwhandler=0]
   \_ round-robin 0 [prio=0][active]
    \_ 3:0:0:408 sdc 8:32  [active][undef]
    \_ 3:0:1:408 sde 8:64  [active][undef]
    \_ 4:0:0:408 sdg 8:96  [active][undef]
    \_ 4:0:1:408 sdi 8:128 [active][undef]
   3pardataux05vol1 (350002ac0720907e3) dm-4 3PARdata,VV            
   [size=50G][features=1 queue_if_no_path][hwhandler=0]
   \_ round-robin 0 [prio=0][active]
    \_ 3:0:0:407 sdb 8:16  [active][undef]
    \_ 3:0:1:407 sdd 8:48  [active][undef]
    \_ 4:0:0:407 sdf 8:80  [active][undef]
    \_ 4:0:1:407 sdh 8:112 [active][undef]

5. tell lvm to ignore all other disks and only scan for our explicit, multipath'd, volumes

   # By default we accept every block device:
   #filter = [ "a/.*/" ]
   filter = [ "a|^/dev/sda.$|","a|^/dev/mapper/3pardataux05vol1$|", "a|^/dev/mapper/3pardataux05vol2$|", "r/.*/" ]
   Only 1 filter line is allowed. Do not add multiple filter = []

6. run **sudo lvscan** 7. create your volumes

   sudo pvcreate /dev/mapper/3pardataux05vol1
   sudo pvcreate /dev/mapper/3pardataux05vol2
   sudo vgcreate xendata /dev/mapper/3pardataux05vol1 /dev/mapper/3pardataux05vol2
   sudo lvcreate --name api01 --size 20G xendata
   sudo lvcreate --name blog01 --size 20G xendata
   sudo mkfs -t xfs /dev/xendata/api01
   sudo mkfs -t xfs /dev/xendata/blog01

8. to test your configuration, populate your new volumes with data and pull the plug on one of your paths

Use **dmsetup help** to manually destroy bad mappings or create new ones

Network boot

First follow Linux Network boot

Then, use this script to get the netboot.tar.gz from latest Ubuntu release

   #!/bin/bash
   #
   # PXE boot updater
   #
   # Luis Mondesi <lemsx1@gmail.com> 
   # 2010-04-13 11:50 EDT 
   #
   # we use netboot for preseeding Ubuntu servers and workstations
   # License: GPL
   FLAVOR=lucid
   MIRROR=archive.ubuntu.com
   NETBOOTDIR=/tftpboot/ubuntu
   [ -d $NETBOOTDIR ] || mkdir -p $NETBOOTDIR
   cd $NETBOOTDIR || exit 1
   for arch in amd64 i386; do
       rsync --no-motd -auz --delete ${MIRROR}::ubuntu/dists/${FLAVOR}/main/installer-${arch}/current/images/netboot/ubuntu-installer/${arch}/ ${FLAVOR}/${arch}/
   done
   chown -R root:root *

Hardware Specific

oqotalk.com

OQO 02

 - install Ubuntu Hard 8.04 from alternate CD or using PXE boot ([[os:ubuntu#preseed|preseed]])
 - go to **Recovery Mode** and drop to a root shell
   - edit /etc/X11/xorg.conf ([[https://bugs.launchpad.net/ubuntu/+source/xorg/+bug/222873|Bug #222873]]) 
   Section "Device"
       Identifier "Configured Video Device"
       Driver "openchrome"
       Option "VBEModes" "true"
       BusID "PCI:1:0:0"
   EndSection
   - create file /etc/modprobe.d/blacklist-oqo 
   blacklist via_agp
   blacklist agpgart
 - (optional) apt-get install ubuntu-mid
 - copy http://www.oqo.com/unsupported/linux/wwan to **/etc/ppp/peers** (make sure you change **sprint-connect** to **wwan-connect**)
 - copy http://www.oqo.com/unsupported/linux/wwan-connect and http://www.oqo.com/unsupported/linux/wwan-disconnect to **/etc/chatscripts**
 - edit /etc/rc.local and add a line **/usr/bin/pon wwan** so it starts your network at boot time
 - reboot

Configuration

Turn off graphic acceleration on netbook-launcher

 $> gconftool-2 --set /apps/netbook-launcher/force_low_graphics --type bool true
 $> gconftool-2 --recursive-list /apps/netbook-launcher
 force_low_graphics = true
 disable_single_instance = false
 monitor = 0
 volume_exclude_list = []
 $> killall netbook-launcher
 $> netbook-launcher &
 $> get fences failed: -1
 ** (netbook-launcher:13113): DEBUG: CONFIG: Forcing low graphics mode from GConf

Advertisement