Nxl67002 - Ubuntu: Difference between revisions

From miki
Jump to navigation Jump to search
(→‎VirtualBox: move VM configuration to main log page)
(→‎To Do: moved issues to common page)
 
(83 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== Introduction ==
== Introduction ==
This is the configuration page for the '''Ubuntu Lucid Lynx 10.04 LTS (amd64)''' partition on '''[[Configuration NXP Dell Latitude E6500|NXL67002]]'''.
This is the configuration page for the '''[[Ubuntu|Ubuntu Lucid Lynx 10.04 LTS (amd64)]]''' partition on '''[[Configuration NXP Dell Latitude E6500|NXL67002]]'''.


== Configuration Files ==
== Configuration Files ==
Line 11: Line 11:
* Added [[Ubuntu#Medibuntu|Medibuntu]]
* Added [[Ubuntu#Medibuntu|Medibuntu]]
* Added [[Git#Install|gitg]]
* Added [[Git#Install|gitg]]
* Added [[Ubuntu#Repositories|Natty]] (main, restricted, universe, see pinning below)
* Added [[Libre office#Repositories|Libre Office PPA]]
* Enabled [[Ubuntu#Repositories|Lucid backports]] (+pinning)


Content of <tt>/etc/apt/preferences</tt>:
Content of <tt>/etc/apt/preferences</tt>:
Line 22: Line 25:
Pin-Priority: 200
Pin-Priority: 200


Package: etckeeper git git-core git-doc git-gui git-man git-svn gitk gitweb dpkg dpkg-dev build-essential
Package: etckeeper
Pin: release a=natty-updates
Pin: release a=natty-updates
Pin-Priority: 990
Pin-Priority: 990


Package: etckeeper git git-core git-doc git-gui git-man git-svn gitk gitweb dpkg dpkg-dev build-essential
Package: etckeeper
Pin: release a=natty
Pin: release a=natty
Pin-Priority: 900
Pin-Priority: 900

Package: *
Pin: release a=lucid-backports
Pin-Priority: 400
</source>

We have a lot of repositories. So we must add to <tt>/etc/apt/apt.conf</tt>:
<source lang="cpp">
// We added Natty repos, so APT need a bigger memory cache to work...
APT::Cache-Limit 37748736;
</source>
</source>


Line 42: Line 55:
|[2010-05-10]||'''Opera''' (<tt>opera</tt>)||<small>[2010-12-21]</small> {{red|v 11.00.1156}} Use .pac file at <tt>http://localhost/proxy.pac</tt> to circumvent .pac file bug
|[2010-05-10]||'''Opera''' (<tt>opera</tt>)||<small>[2010-12-21]</small> {{red|v 11.00.1156}} Use .pac file at <tt>http://localhost/proxy.pac</tt> to circumvent .pac file bug
|-
|-
|[2010-05-10]||'''VirtualBox 3.2.4''' (<tt>virtualbox-3.2</tt>)||<small>[2010-05-26]</small> [[#VirtualBox|Local settings]]. <font color="red">Updated to 3.2.4!</font> &mdash; See [[VirtualBox]]
|[2010-05-10]||'''VirtualBox''' (<tt>virtualbox-4.1</tt>)||<small>[2012-11-12]</small> <font color="red">Updated to 4.1.22!</font><br/><small>[2012-01-11]</small> Updated to 4.0.16! &mdash; <font color="green">'''VERY STABLE'''</font><br/><small>[2010-05-26]</small> Updated to 3.2.4!<br/>[[#VirtualBox|Local settings]]. See also [[VirtualBox]]
|-
|-
|[2010-05-10]||'''Samba''' (<tt>smbclient smbfs</tt>)||
|[2010-05-10]||'''Samba''' (<tt>smbclient smbfs</tt>)||
Line 72: Line 85:
|[2010-05-28]||'''Thunderbird''' (<tt>thunderbird</tt>)||
|[2010-05-28]||'''Thunderbird''' (<tt>thunderbird</tt>)||
|-
|-
|[2010-05-28]||'''[[X#Synergy|Synergy]]''' (<tt>synergy</tt>)||<small>[2011-03-03]</small> <font color="red">Updated to v1.4.2beta!</font><br/>Added <tt>/usr/bin/synergyc</tt> to <tt>/etc/suoders</tt> + alias in <tt>~/.bashrc</tt>
|[2010-05-28]||'''Synergy''' (<tt>synergy</tt>)||<small>[2011-07-07]</small> <font color="red">Updated to <s>1.4.2beta</s>1.3.7!</font><br/>See [[X#Synergy|global config]] &mdash; Added <tt>/usr/bin/synergyc</tt> to <tt>/etc/suoders</tt> + alias in <tt>~/.bashrc</tt> &mdash; Server
|-
|-
|[2010-05-31]||'''Courier-POP3''' (<tt>courier-pop courier-pop-ssl</tt>)||
|[2010-05-31]||'''Courier-POP3''' (<tt>courier-pop courier-pop-ssl</tt>)||
Line 122: Line 135:
|[2010-08-09]||'''Wine''' (<tt>wine</tt>)||See [[Configuration NXP Dell Latitude_E6500 - Wine|Wine page]]
|[2010-08-09]||'''Wine''' (<tt>wine</tt>)||See [[Configuration NXP Dell Latitude_E6500 - Wine|Wine page]]
|-
|-
|[2010-08-09]||'''Nautilus Audio Converter''' (<tt>wavpack mppenc libmpcdec3 faac flac vorbis-tools faad lame nautilus-script-audio-convert</tt>)||Enable script <tt>ConvertAudioFile</tt> (Menu ''Preference'' &rarr; ''Nautilus Script<u>s</u> Manager''). See [http://www.ubuntugeek.com/simplest-way-to-convert-audio-files-on-ubuntu-linux-2.html Ubuntu Geek - Simplest way to convert audio file(s) on Ubuntu Linux]
|[2010-08-09]||'''Nautilus Audio Converter''' (<tt>wavpack mppenc libmpcdec3 faac flac vorbis-tools faad lame libid3-3.8.3-dev nautilus-script-audio-convert</tt>)||Enable script <tt>ConvertAudioFile</tt> (Menu ''Preference'' &rarr; ''Nautilus Script<u>s</u> Manager''). See [[Linux audio]].
|-
|-
|[2010-08-11]||'''HTTrack''' (<tt>httrack</tt>)||
|[2010-08-11]||'''HTTrack''' (<tt>httrack</tt>)||
Line 204: Line 217:
|[2011-01-16]||'''NFS Server''' (<tt>nfs-kernel-server nfs-common portmap</tt>)||See [[NFS]] for more details; Created entries in <tt>/etc/exports</tt>.
|[2011-01-16]||'''NFS Server''' (<tt>nfs-kernel-server nfs-common portmap</tt>)||See [[NFS]] for more details; Created entries in <tt>/etc/exports</tt>.
|-
|-
|[2011-01-26]||'''GIT''' (<tt>git-gui gitk git-doc gitweb</tt>)||
|[2011-01-26]||'''GIT''' (<tt>git-gui gitk git-doc gitweb</tt>)||<small>[2011-12-15]</small> &mdash; {{red|Updated to 1.7.10.5}} compiled from source.<br/>
<source lang=bash>
sudo apt-get install zlib1g-dev libcurl4-openssl-dev expat asciidoc # More packages might be needed
git clone git://github.com/gitster/git.git # Use proxygit if behind a proxy
cd git
make configure # See also INSTALL
./configure --prefix=/usr/local # In // of existing package installation. /usr/local has precedence
make all doc
sudo make install install-doc install-html
</source>
<small>[2012-11-08]</small> &mdash; Installed '''tileqt''' tcl/tk widget theme for ''gitk'' (see [[Git#Configuration|here]]).
|-
|-
|[2011-02-02]||'''WireShark''' (<tt>wireshark tshark</tt>)||
|[2011-02-02]||'''WireShark''' (<tt>wireshark tshark</tt>)||
Line 224: Line 247:
|[2011-03-01]||'''etckeeper''' (<tt>etckeeper</tt>)||{{red|v 0.52 from ''Natty''}}
|[2011-03-01]||'''etckeeper''' (<tt>etckeeper</tt>)||{{red|v 0.52 from ''Natty''}}
|-
|-
|[2011-03-01]||'''Amarok''' (<tt>amarok kubuntu-restricted-extras</tt>)||
|[2011-03-01]||'''Amarok''' (<tt>amarok kubuntu-restricted-extras</tt>)||{{red|v 2.4 from ''lucid-backports''}} &mdash; See [[#Amarok|Local settings]]
|-
|-
|[2011-03-01]||'''VLC''' (<tt>vlc</tt>)||
|[2011-03-01]||'''VLC''' (<tt>vlc</tt>)||
Line 235: Line 258:
|-
|-
|[2011-03-02]||'''Gufw''' (<tt>gufw</tt>)||graphical front-end to ''ufw''
|[2011-03-02]||'''Gufw''' (<tt>gufw</tt>)||graphical front-end to ''ufw''
|-
|[2011-03-17]||'''pipe viewer''' (<tt>pv</tt>)||
|-
|[2011-03-17]||'''Perl-doc html''' (<tt>perl-doc-html</tt>)||Available from ''dwww'', section ''Programming/perl''
|-
|[2011-04-06]||'''WiFi backport 2.6.37'''<br/>(<tt>linux-backports-modules-wireless-2.6.37-lucid-generic-pae</tt>)||Try to solve frequent WiFi disconnect
|-
|[2011-05-12]||'''Perl Audio Converter''' (<tt>pacpl</tt>)||
|-
|[2011-06-07]||'''PowerTop''' (<tt>powertop</tt>)||
|-
|[2011-06-29]||'''NTP''' (<tt>ntp</tt>)||Set system to synchronize with NTP server automatically (servers: ntp0.nl.net, ntp1.nl.net, ntp2.nl.net, ntp.univ-lyon1.fr)
|-
|[2011-07-04]||'''SVN plugin for Nautilus''' (<tt>nautilus-script-collection-svn</tt>)||<source lang="bash">nautilus-script-manager enable Subversion</source>
|-
|[2011-07-05]||'''Samba Server''' (<tt>samba smbfs</tt>)||See [[#Samba|local config]]
|-
|[2011-07-07]||'''Acrobat Reader''' (<tt>acroread</tt>)||Edit mime type in <tt>~/.local/share/applications/mimeapps.list</tt>:<source lang="bash">
[Added Associations]
application/pdf=acroread.desktop;evince.desktop;gimp.desktop
</source>
Add to <tt>~/.mailcap</tt>:
<source lang="bash">
application/pdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf
application/x-pdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf
application/x-bzpdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf.bz2
application/x-gzpdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf.gz
</source>
|-
|[2011-07-13]||'''KDiff3-QT''' (<tt>kdiff3-qt</tt>)||(QT version has no dep on KDE) Settings &rarr; Integration &rarr; add <tt>;--</tt> to command line opts to ignore, and check ''Quit also via Escape key''
|-
|[2011-07-14]||'''eID Belgium''' (<tt>libxerces-c28, libacr38u, pcscd</tt>)||Downloaded from taxonweb.be, also install stuff not in packages (like /usr/local/bin/beidgui). '''Note''': there is also an ubuntu package beidgui!!! (+belpic, beid...)
|-
|[2011-07-20]||'''Hexedit''' (<tt>hexedit</tt>)||Hex editor
|-
|[2011-07-20]||'''Hexer''' (<tt>hexer</tt>)||Hex editor with vi-like interface
|-
|[2011-07-26]||'''[[Linux Commands#ack|Ack]]''' (<tt>ack-grep</tt>)||A better grep... <source lang=bash>sudo ln -s /usr/bin/ack-grep /usr/local/bin/ack</source>
|-
|[2011-08-03]||'''Diffstat''' (<tt>diffstat</tt>)||A better grep...
|-
|[2011-09-30]||'''Libunwind''' (<tt>libunwind7</tt>, <tt>libunwind7-dev</tt>)||
|-
|[2011-10-13]||'''indent''' (<tt>indent</tt>, <tt>indent-doc</tt>)||
|-
|[2011-10-13]||'''Universal Indent GUI''' (<tt>universalindentgui</tt>)||
|-
|[2011-10-13]||'''Uncrustify''' (<tt>uncrustify</tt>)||v0.59, simply compiled from source (<code>./configure; make; sudo make install</code>)
|-
|[2012-05-07]||'''ACL''' (<tt>acl</tt>)||
|-
|[2012-05-11]||'''mDNS''' (<tt>libnss-mdns avahi-daemon mdns-scan</tt>)||After install, do:
<source lang=bash>
mdns-scan
</source>
Machine should broadcast its ip address on ''nxl67002ux.local'' to all avahi clients. For some strange reason, avahi may append a <tt>-2</tt> suffix to broadcast name. To avoid that, edit <tt>/etc/avahi/avahi-daemon.conf</tt> and set '''host-name''' variable:
<source lang=text>
host-name=nxl67002ux
</source>
|-
|[2012-01-10]||'''youtube-dl''' (<tt>youtube-dl</tt>)||Installed from git repository:
<source lang=bash>
git clone https://github.com/rg3/youtube-dl.git
cd youtube-dl
./youtube-dl <link>
</source>
|}
|}


Line 259: Line 348:
</source>
</source>
* '''SUDO''' - keep environment variable '''GREP_OPTIONS'''
* '''SUDO''' - keep environment variable '''GREP_OPTIONS'''
* Add user '''www''' for synchronization of <tt>/data/www</tt> folder (''localhost'' page):
<source lang="bash">
sudo useradd -g www-data -G users -u 999 -s /bin/bash -m www
sudo passwd www
su - www
ssh-keygen # Or copy .ssh/ copy from other www users
scp .ssh/id_rsa.pub .ssh/authorized_keys
</source>


== Detailed System Settings ==
== Detailed System Settings ==
Line 281: Line 378:
=== File System ===
=== File System ===
* For details, see [[{{PAGENAME}} - Files|/etc/fstab]].
* For details, see [[{{PAGENAME}} - Files|/etc/fstab]].
* Windows partition:
* '''NTFS''' partition:
** '''C:''' &rarr; do '''not''' mount automatically. <font color="red">'''Risk of corruption''' if mounted while VirtualBox is running!</font>
** '''C:''' &rarr; do '''not''' mount automatically. <font color="red">'''Risk of corruption''' if mounted while VirtualBox is running!</font>
** '''D:''' &rarr; mount as <tt>/win/d</tt>.
** '''D:''' &rarr; mount as <tt>/win/d</tt>.
* '''NTFS''' partition must be mounted without <tt>umask=007,gid=46</tt>, or will get ''operation not permitted'' when modifying timestamps:
<source lang="text">
/dev/sda2 /win/c ntfs ro,users,nls=utf8,exec 0 2
/dev/sda7 /win/d ntfs users,nls=utf8,exec 0 2
</source>
* File system structure:
* File system structure:
<div style="padding-left:2em">
<div style="padding-left:2em">
Line 309: Line 411:
lrwxrwxrwx root root <font color="blue">d</font>/ <font color="gray"># /dev/sda7</font>
lrwxrwxrwx root root <font color="blue">d</font>/ <font color="gray"># /dev/sda7</font>
</div>
</div>
* Configure '''acl''' on <tt>/data/d</tt>:
<source lang=bash>
# VirtualBox uses /data/d as Windows D: drive. Since VirtualBox runs as 'root', all files gets root/root ownership.
# We use acl so that files gets group access beqO6659/rwx by default
cd /data
sudo chgrp -R beq06659 d
sudo chmod -R g+w d
find d -type d -print0|sudo xargs -0 chmod g+s
find d -type d -print0|sudo xargs -0 setfacl -m d:group:beq06659:rwx
</source>
* Configure '''acl''' on <tt>/data/www</tt>:
<source lang=bash>
# Set default access condition to rwxr-xr-x / www / www-data
cd /data
sudo chgrp -R www-data www
find www -type d -print0|sudo xargs -0 chmod g+s
find www -type d -print0|sudo xargs -0 setfacl -m d:group:www-data:r-x
find www -type d -print0|sudo xargs -0 setfacl -m d:user:www:r-x # TODO: this one does not work with root...
</source>


=== Network ===
=== Network ===
Line 327: Line 448:
** privoxy: <tt>file:///home/beq06659/etc/proxylocal-privoxy.pac</tt> (or <tt>http://localhost/proxy.pac</tt> to circumvent Opera bug)
** privoxy: <tt>file:///home/beq06659/etc/proxylocal-privoxy.pac</tt> (or <tt>http://localhost/proxy.pac</tt> to circumvent Opera bug)
** nxp: <tt>http://nww.nics.nxp.com:8080/proxy.pac</tt>
** nxp: <tt>http://nww.nics.nxp.com:8080/proxy.pac</tt>
* '''/etc/sudoers''' &mdash; keep variables '''http_proxy''' and '''https_proxy'''
* '''Proxy''' configurations
* '''Proxy''' configurations
<div style="padding-left:2em;">
<div style="padding-left:2em;">
Line 381: Line 503:
/smb/mnemosyne /etc/auto.smb.mnemosyne
/smb/mnemosyne /etc/auto.smb.mnemosyne
</source>
</source>
<li>Created configuration file '''<tt>/etc/auto.smb.mnemosyne</tt>'''
<li>Created configuration file '''<tt>/etc/auto.smb.mnemosyne</tt>''' (mount options: <tt>noperm,'''iocharset=utf8''',credentials=/etc/auto.smb.mnemosyne.*</tt>)
<li>Created SMB credential files '''<tt>/etc/auto.smb.mnemosyne.*</tt>''' (see <code>man mount.cifs</code>)</li>
<li>Created SMB credential files '''<tt>/etc/auto.smb.mnemosyne.*</tt>''' (see <code>man mount.cifs</code>)</li>
<li>Created path for mount points:</li>
<li>Created path for mount points:</li>
Line 400: Line 522:
* Identity: '''michael.peeters@nxp.com'''
* Identity: '''michael.peeters@nxp.com'''
* User certificate / CA certificate / Private key: imported from Windows ('''NXP Enterprise CA 1''' for '''Client Authentication, Secure Email''', serial '''2F DF 1F D4 00 00 00 00 5E 1C''')
* User certificate / CA certificate / Private key: imported from Windows ('''NXP Enterprise CA 1''' for '''Client Authentication, Secure Email''', serial '''2F DF 1F D4 00 00 00 00 5E 1C''')
<li>'''Privoxy''' settings:
* Added to <tt>/etc/privoxy/user.action</tt>:
<source lang=bash>
{ -filter }
tennislibre.com
</source>
</ul>
</ul>


Line 500: Line 628:


== Detailed Application Settings ==
== Detailed Application Settings ==
=== Amarok ===
* Select ''PulseAudio'' as [[Amarok|preferred device]] (instead of sound output ''HDA Intel (STAC92xx Analog)''
* Set proxy settings in <tt>[[{{PAGENAME}} - Files|~/.kde/share/config/kioslaverc]]</tt>.

=== [[IMAP#Courier_IMAP|Courier IMAP]] ===
=== [[IMAP#Courier_IMAP|Courier IMAP]] ===
* Install (reference [[IMAP#Courier IMAP on Ubuntu|here]]):
* Install (reference [[IMAP#Courier IMAP on Ubuntu|here]]):
Line 510: Line 642:


=== Firefox ===
=== Firefox ===
* Theme: '''macfox3 1.1.4'''
* Theme: '''macfox3 1.1.7'''
* Extensions (some disabled because Firefox hangs on launch/exit):
* Extensions:
** '''AutoPager 0.6.1.12'''
** {{gray|'''AutoPager 0.7.0.0''' &mdash; disabled}}
** '''Cycle Input Focus 1.0.0'''
** {{gray|'''Belgium eID 1.0.11''' &mdash; disabled}}
** '''Delicious Bookmarks 2.1.072'''
** '''CHM Reader 0.2.3'''
** '''Fast Dial 2.23b1'''
** {{gray|'''Cycle Input Focus 1.0.0''' &mdash; disabled}}
** '''FireGestures 1.5.7'''
** '''Delicious Bookmarks 2.3.1'''
** '''Live HTTP headers 0.16'''
** '''Fast Dial 3.4'''
** {{gray|'''FireGestures 1.5.7''' &mdash; disabled}}
** '''User Agent Switcher 0.7.2'''
** '''FoxyProxy Standard 3.3'''
** '''Live HTTP headers 0.17'''
** '''Ubuntu Firefox Modifications 0.9rc2'''
** {{gray|'''User Agent Switcher 0.7.3''' &mdash; disabled}}


=== [[Gnome#Gnome DO|Gnome DO]] ===
=== [[Gnome#Gnome DO|Gnome DO]] ===
Line 541: Line 677:


</source>
</source>
Apache:
Apache configuration file is at '''/etc/apache2/apache2.conf'''
* configuration file is at '''/etc/apache2/apache2.conf'''
* Apache root http directory is '''/var/www'''
* Enable ''mod-rewrite'' module.<br/> In <tt>/etc/apache2/sites-available/default</tt>, change as: <code>AllowOverride <s>{{red|None}}</s>{{green|FileInfo}}</code> (twice).


By default, Apache root http directory is '''/var/www'''


Create databases that will store local copies of ''cryptokiwi'' and ''mikiwiki'' wiki, and of ''mikido'':
Create databases that will store local copies of ''cryptokiwi'' and ''mikiwiki'' wiki, and of ''mikido'':
Line 556: Line 694:
mysql> CREATE DATABASE mikido;
mysql> CREATE DATABASE mikido;
mysql> GRANT ALL PRIVILEGES ON mikido.* TO miki@localhost IDENTIFIED BY '********';
mysql> GRANT ALL PRIVILEGES ON mikido.* TO miki@localhost IDENTIFIED BY '********';
mysql> CREATE DATABASE nxpwiki;
mysql> GRANT ALL PRIVILEGES ON nxpwiki.* TO nxp@localhost IDENTIFIED BY '********';
mysql> quit
mysql> quit
</source>
</source>

* Enabled [[Apache#HTTPS|HTTPS]] (requires valid-user)
* Firewall blocks port 80 but allow port 443 (so that localhost can connect w/o password but other guest needs password)


=== Nautilus ===
=== Nautilus ===
Line 573: Line 716:
* '''Modify Account...''' &rarr; '''Automatically reconnect if disconnected'''
* '''Modify Account...''' &rarr; '''Automatically reconnect if disconnected'''
* '''Modify Account...''' &rarr; '''Proxy''' &rarr; '''localhost:8118'''
* '''Modify Account...''' &rarr; '''Proxy''' &rarr; '''localhost:8118'''

=== Samba ===
* See [[Samba#Samba Server|Samba server page on this wiki]].
* File <tt>/etc/samba/smb.conf</tt>:
<source lang="bash">
security = user
username map = /etc/samba/smbusers

# [...]

[homes]
comment = Home Directories
browseable = no
# [...]
[c]
comment = Windows Drive C
browseable = yes
path = /win/c
printable = no
guest ok = no
read only = yes
create mask = 0700

[d]
comment = Windows Drive D
browseable = yes
path = /win/d
printable = no
guest ok = no
read only = yes
create mask = 0700
</source>
* Added user '''beq06659'''
* Opened firewall ports ([[Samba#Samba Server|137/udp, 138/udp, 139/tcp, 445/tcp]])


=== SSH ===
=== SSH ===
Line 585: Line 764:
** <tt>id_rsa</tt> || <tt>id_rsa.pub</tt> || <tt>authorized_keys</tt> || <tt>config*</tt> || <tt>proxy.conf*</tt> || <tt>clbanner.txt</tt>
** <tt>id_rsa</tt> || <tt>id_rsa.pub</tt> || <tt>authorized_keys</tt> || <tt>config*</tt> || <tt>proxy.conf*</tt> || <tt>clbanner.txt</tt>
* Disabled '''SSH Key Agent''' from ''Gnome Startup Applications''
* Disabled '''SSH Key Agent''' from ''Gnome Startup Applications''
* Added startup application:
**Name: <tt>startup.sh</tt>
**Command: <tt>/home/beq06659/bin/startup.sh</tt>
**Comment: <tt>Custom startup script</tt>
* Do not accept locale env var. <tt>LC_*</tt> from the client (see [[SSH#Missing Locale in Perl]])


=== [[Gnome#Gnome_Terminal|Terminal]] ===
=== [[Gnome#Gnome_Terminal|Terminal]] ===
Line 593: Line 777:


=== [[VirtualBox|VirtualBox]] ===
=== [[VirtualBox|VirtualBox]] ===
* See '''[[Configuration NXP Dell Latitude E6500#Log|virtual machine configuration log]]'''.
See '''[[Configuration NXP Dell Latitude E6500#Log|virtual machine configuration log]]'''.
* Installed with apt, version '''3.2.0'''
* Installed with apt (original version 3.2.0)
* VirtualBox is launched as user '''root''' (because it seems that only the current user and '''root''' can access '''PulseAudio''' in a same X session &mdash; see [https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/433654])
* VirtualBox is launched as user '''root''' (because it seems that only the current user and '''root''' can access '''PulseAudio''' in a same X session &mdash; see [https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/433654])
* Allow user '''beq06659''' to launch VirtualBox through user ''root''. Add to <tt>/etc/sudoers</tt>:
* Allow user '''beq06659''' to launch VirtualBox through user ''root''. Add to <tt>/etc/sudoers</tt>:
Line 606: Line 790:
#New config - run VirtualBox as root to allow sound
#New config - run VirtualBox as root to allow sound
sudo /usr/bin/VirtualBox&
sudo /usr/bin/VirtualBox&
</source>}}
* Create a launcher in <tt>~/.local/share/applications/virtualbox-root.desktop</tt>
{{pl2|<source lang=bash>
#!/usr/bin/env xdg-open

[Desktop Entry]
Version=1.0
Type=Application
Terminal=false
Icon[en_US]=VBox
Name[en_US]=Oracle VM VirtualBox (root)
Exec=/home/beq06659/bin/vbox.sh
Comment[en_US]=Run several virtual systems on a single host computer
Name=Oracle VM VirtualBox (root)
Comment=Run several virtual systems on a single host computer
Icon=VBox
</source>}}
</source>}}


Line 612: Line 812:


== To Do ==
== To Do ==
=== Issues ===

See [[Common Issues]].
=== Hardware ===
<ul>
<li>'''{{red|Issue}}''' &mdash; '''2.6.32''' kernel &mdash; <tt>udevd</tt> eats CPU resource! Launchpad bug [https://bugs.launchpad.net/ubuntu/+source/linux/+bug/440411 440411], talked on forum [http://ubuntuforums.org/archive/index.php/t-1356215.html 1356215]. There was a partial workaround, but it does not work anymore on ''2.6.32.28'':</li>
<source lang="bash">
sudo service udevd stop
sudo service udevd start # After this unfortunately there is no battery state icon anymore (unless reboot, or maybe suspend)
udevadm monitor # Check that there is no events triggered
</source>
<li> '''{{red|Issue}}''' &mdash; '''2.6.35''' kernel (Maverick) &mdash; Install a newer version of the kernel, like '''2.6.35'''. But then we have issues with the processes '''[kslowd001]''' ... '''[kslowd004]''' that hog the cpu even more, and make mouse movements jerky. Launchpad bug [https://bugs.launchpad.net/ubuntu/+source/linux/+bug/662946 662946], [https://bugs.launchpad.net/ubuntu/+source/linux/+bug/661012 661012 (dup)]. See fix in forum [http://ubuntuforums.org/showthread.php?t=1594239&page=2 1594239] (Install latest kernel 2.6.37 with partial fix with module drm_kms_helper / i915..., or install kernel 2.6.34). Other links [https://bbs.archlinux.org/viewtopic.php?id=105113]. Workaround:
<source lang="bash">
echo N > /sys/module/drm_kms_helper/parameters/poll
# OR...
echo "options drm_kms_helper poll=N">/etc/modprobe.d/local.conf # As root.
</source>
<li> Other information</li>
* Hardware issue is related to intel graphic card, power saving (sleep), use of DVI/HDMI interface (module ''i915'', ''drm'', ''drm_kms_helper'')
* Wireless issue related to intel 5300 chipset (module ''iwlagn'')
* Some issues seem to be fixed in the latest kernel 2.6.33 for Lucid. Ssee [http://kernel.ubuntu.com/~kernel-ppa/mainline/v2.6.33.5-lucid/CHANGES] (drm/i915: Disable FBC on 915GM and 945GM...)
<li>Workarounds to investigate</li>
* Install kernel 2.6.34 as suggested at [http://ubuntuforums.org/showthread.php?t=1594239#6]
* Install latest kernel 2.6.33 for Lucid from Ubuntu Kernel ([http://kernel.ubuntu.com/~kernel-ppa/mainline/])
</ul>

=== VirtualBox ===
<ul>
<li>'''{{red|Issue}}''' &mdash; '''VirtualBox''' - UE slower gui refresh since update to VirtualBox 3.2.4 (previous version was 3.2.0)</li>
<li>'''{{red|Issue}}''' &mdash; '''VirtualBox''' - ksoftirqd/0 taking 10-20% CPU. Possible work-around is to add <tt>nohz=off</tt> to kernel command line, i.e. in <tt>/boot/grub/menu.list</tt>) (see [http://forums.virtualbox.org/viewtopic.php?t=1189] and [http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=440904])</li>
<li>'''{{red|Issue}}''' &mdash; '''VirtualBox''' - BT dongle not reconnecting after suspend. It used to work correctly in the past. Is it due to an update?</li>
</ul>


=== Other issues ===
<ul>
<li>'''{{red|Issue}}''' &mdash; '''ssh''' disconnects after some time, '''autossh''' can't reconnect. Even doing a simple '''ssh''' does not work anymore. Might be due to broken '''ssh-agent'''</li>
* Disable auto-run of '''Gnome ssh-agent''', enabled back my '''ssh-agent''' script
<li>'''{{red|Issue}}''' &mdash; '''synergy''' unstable. Sometimes CTRL key does not work anymore in the client...</li>
* Look for alternatives: '''Synergy+''' (SynergyPlus), or '''x2x''' (see Synergy page on wikipedia).
<li>'''{{red|Issue}}''' &mdash; Wireless continuously connect / disconnect. It seems I'm [http://ubuntuforums.org/showthread.php?t=1507732 not the only one].</li>
<li>'''Issue''' &mdash; ''Midnight Commander'' does not colorize different file types. Check [https://bugs.launchpad.net/ubuntu/+source/mc/+bug/541988 here].</li>
* '''{{green|SOLVED}}''' &mdash; Use mc official repository instead. See [[mc|MC page]]
<li>'''{{red|Issues}}''' &mdash; Serious interferences from '''Privoxy''':</li>
* Reject URL like <tt>.../advies/...</tt> and <tt>.../ADV_AUTH.CAB</tt> (work-around: disable Privoxy AdBlocking via http://p.p).
* Interference with Altran Timesheet. ActiveX / ASP.NET controls do not work in (Wine) Internet Explorer 6.
<li>'''{{red|Issue}}''' &mdash; '''Opera 11''' - v11 does not support my autoproxy <tt>.pac</tt> file anymore.</li>
* <strike>Temporarily downgraded to v10.63.6450.</strike>
* It seems that it accepts .pac file on <tt>http://localhost/proxy.pac</tt>. Temporarily using that.
<li>'''Issue''' &mdash; '''Evince''', error in console <tt>EggSMClient-WARNING **: Failed to connect to the session manager...</tt>. It seems related to ''apparmor''.</li>
* '''{{green|SOLVED}}''' &mdash; To solve it [http://ubuntuforums.org/showthread.php?t=1312025]:
<source lang="bash">
cd /etc/apparmor.d/disable
sudo ln -s /etc/apparmor.d/usr.bin.evince usr.bin.evince
sudo /etc/init.d/apparmor restart
</source>
<li>'''{{red|Issue}}''' &mdash; '''ufw''' <tt>user[6].rules</tt> files should be stored in <tt>/etc/ufw</tt> instead of <tt>/lib/ufw</tt> so that they can be tracked by ''etckeeper'' (filed a bug in launchpad, [https://bugs.launchpad.net/ufw/+bug/728128 728128])</li>
<li>'''{{red|Issue}}''' &mdash; Kernel panic when updating to kernel 2.6.32-29, due to trailing dots in <tt>/boot/initrd</tt> file (bug submitted on launchpad [https://bugs.launchpad.net/ubuntu/+source/linux/+bug/728430 728430])</li>
</ul>


=== Other To Do's ===
=== Other To Do's ===
Line 695: Line 840:
<li>'''{{blue|ToDo}}'''&mdash; Try [http://www.dovecot.org/ Dovecot] instead of Courier IMAP? (Dovecot is apparently faster thanks to its index caching feature)</li>
<li>'''{{blue|ToDo}}'''&mdash; Try [http://www.dovecot.org/ Dovecot] instead of Courier IMAP? (Dovecot is apparently faster thanks to its index caching feature)</li>
<li>'''{{blue|ToDo}}'''&mdash; Setup correct UFW rules for NFS (see [http://www.lowth.com/LinWiz/nfs_help.html])</li>
<li>'''{{blue|ToDo}}'''&mdash; Setup correct UFW rules for NFS (see [http://www.lowth.com/LinWiz/nfs_help.html])</li>
<li>'''{{blue|ToDo}}'''&mdash; Look at [[http://www.linuxpowertop.org/powertop.php|PowerTop]] utility for ways to optimize PC power consumption. See also [[http://www.lesswatts.org/projects/powertop/known.php|Tips on LessWatts.org]].
</ul>
</ul>

Latest revision as of 09:58, 24 July 2014

Introduction

This is the configuration page for the Ubuntu Lucid Lynx 10.04 LTS (amd64) partition on NXL67002.

Configuration Files

All configuration files can be found here.

Repositories

Content of /etc/apt/preferences:

Package: *
Pin: release a=natty-updates
Pin-Priority: 250

Package: *
Pin: release a=natty
Pin-Priority: 200

Package: etckeeper git git-core git-doc git-gui git-man git-svn gitk gitweb dpkg dpkg-dev build-essential
Pin: release a=natty-updates
Pin-Priority: 990

Package: etckeeper git git-core git-doc git-gui git-man git-svn gitk gitweb dpkg dpkg-dev build-essential
Pin: release a=natty
Pin-Priority: 900

Package: *
Pin: release a=lucid-backports
Pin-Priority: 400

We have a lot of repositories. So we must add to /etc/apt/apt.conf:

// We added Natty repos, so APT need a bigger memory cache to work...
APT::Cache-Limit 37748736;

Installed Applications

[2010-05-03] Gnome DO (gnome-do)
[2010-05-10] Midnight Commander (mc) [2010-05-31] see reference page. Use vi as standard viewer/editor. Installed version from mc official repository to fix file highlighting issue.
[2010-05-10] Vim (vim, exuberant-ctags)
[2010-05-10] Opera (opera) [2010-12-21] v 11.00.1156 Use .pac file at http://localhost/proxy.pac to circumvent .pac file bug
[2010-05-10] VirtualBox (virtualbox-4.1) [2012-11-12] Updated to 4.1.22!
[2012-01-11] Updated to 4.0.16! — VERY STABLE
[2010-05-26] Updated to 3.2.4!
Local settings. See also VirtualBox
[2010-05-10] Samba (smbclient smbfs)
[2010-05-10] KeePassX (keepassx)
[2010-05-11] Privoxy (privoxy)
[2010-05-11] AutoSSH (autossh)
[2010-05-11] apt-file (apt-file)
[2010-05-11] SSH Tunnel script (sshtunnel.pl, libssl-dev) Thierry Walrant's Perl script sshtunnel.pl
[2010-05-11] GNU C/C++ compiler (g++)
[2010-05-26] UltraEdit 1.2.0.7 (uex)
[2010-05-27] MBR (mbr) To create VirtualBox rawdisk
[2010-05-27] Courier IMAP (courier-imap courier-doc courier-imap-ssl) Install instructions and local settings
[2010-05-28] SSH (ssh) Local settings
[2010-05-28] p7zip (p7zip-full p7zip-rar)
[2010-05-28] dlocate (dlocate)
[2010-05-28] Thunderbird (thunderbird)
[2010-05-28] Synergy (synergy) [2011-07-07] Updated to 1.4.2beta1.3.7!
See global config — Added /usr/bin/synergyc to /etc/suoders + alias in ~/.bashrc — Server
[2010-05-31] Courier-POP3 (courier-pop courier-pop-ssl)
[2010-05-31] AutoFS (autofs) See local config
[2010-05-31] XSel (xsel)
[2010-05-31] LAMP (apache2 php5 mysql-server mysql-client php5-mysql) See local config
[2010-05-31] PHPMyAdmin (phpmyadmin) Install for apache2 + configure phpmyadmin database + see local config
[2010-06-01] Psi (psi) See local config
[2010-06-01] MS Truetype core fonts (ttf-msttcorefonts-installer)
[2010-06-01] Compiz config settings manager (compizconfig-settings-manager)
[2010-06-01] Ubuntu restricted extras (ubuntu-restricted-extras) shall install automatically libdvdread4
[2010-06-01] libdvdcss2 Installed via sudo /usr/share/doc/libdvdread4/install-css.sh (see also [1])
[2010-06-03] GVim (vim-gnome) To enable support of X clipboard
[2010-06-07] CUPS PDF (cups-pdf) Allow CUPS to access ~/PDF:
sudo aa-complain cupsd
[2010-06-08] Qiv (qiv)
[2010-06-09] Grub2 Splash Image (ubuntu-splash-image) (from lucid-splash-image.deb) installed with sudo dpkg -i --force-architecture lucid-splash-image.deb
[2010-06-11] Racoon (racoon) For RSA key generation, see Crypto
[2010-06-14] GPG Agent (gnupg-agent) Added use-agent at end of ~/.gnupg/gpg.conf
[2010-06-14] Rename utils (renameutils)
[2010-06-30] Ruby (ruby) ... for Vim plug-in snipMate.vim
[2010-07-07] LaTeX (texlive texlive-xetex latex2hml) Including XeTeX package
[2010-07-07] TeX Extra packages (texlive-plain-extra texlive-science) Soul package requires CTAN color package - see [2]
[2011-01-14] Added texlive-science.
[2010-07-14] gThumb (gthumb)
[2010-07-14] QIV (qiv)
[2010-07-30] Vim/Cscope (cscope)
[2010-08-09] Wine (wine) See Wine page
[2010-08-09] Nautilus Audio Converter (wavpack mppenc libmpcdec3 faac flac vorbis-tools faad lame libid3-3.8.3-dev nautilus-script-audio-convert) Enable script ConvertAudioFile (Menu PreferenceNautilus Scripts Manager). See Linux audio.
[2010-08-11] HTTrack (httrack)
[2010-08-11] C/C++ documentation (manpages-posix-dev stl-manual) Make SGI doc available at http://localhost/sgi :
ln -s /usr/share/doc/stl-manual/html /var/www/sgi
[2010-08-13] Meld (meld) Diff tool
[2010-08-31] Gnome Terminator (terminator) See Gnome Terminator
[2010-09-01] Google Earth (googleearth googleearth-data) Requires Medibuntu repository
[2010-09-03] Sage 4.2.1 Recovered from AndLinux. Restored old workspaces from ~beq06659/.sage and /root/.sage. See Sage
[2010-09-03] NTL (libntl-dev, libntl-5.4.2)
[2010-09-03] GMP (libgmp3-dev,libgmp3c2,gmp-ecm)
[2010-09-06] Flash Plugin 10 (flashplugin-installer) First need to enable Ubuntu partner repository (deb http://archive.canonical.com/ubuntu lucid partner). Next
sudo aptitude autoremove "flashplugin-*"
sudo aptitude install flashplugin-installer
[2010-09-13] tnef (tnef,ytnef) Parsing winmail.dat attachment
[2010-09-14] Evolution plugins (evolution-plugins-experimental) For opening Winmail.dat attachment in Evolution
[2010-09-14] Evolution RSS (evolution-rss)
[2010-09-14] Quicktime plugin (gnome-mplayer,gecko-mediaplayer) To play Quicktime content in Opera, Firefox
[2010-09-16] Recoll desktop search (recoll) See also Recoll page.
[2010-09-17] Macbuntu 10.04 theme [2011-02-20] Updated v2.3! — See Macbuntu page. Check log + uninstall script in ~/.macbuntu. no wobbly windows, no hot corners.
[2010-09-17] pdftk (pdftk)
[2010-09-20] GNU Go (gnugo)
[2010-09-20] Various Go games (qgo uligo)
[2010-09-20] Panda glGo 1.4.1 See local page
[2010-09-20] Quarry (quarry) Board games Go, Amazons, and Reversi
[2010-09-21] MDF to ISO Converter (mdf2iso) CD image conversion utility
[2010-09-21] MountManager (mountmanager) ...to mount mdf CD images
[2010-09-22] X File Explorer (xfe)
[2010-09-27] Oracle/Sun Java JDK 1.6 (sun-java6-jdk)
[2010-09-27] Eclipse 3.5.2 Galileo (eclipse)
[2010-09-27] Eclipse 3.6 Helios local install in ~/eclipse
[2010-09-28] Javadoc Installed on http://nxl67002ux/. JDK 1.4.2 in /data/www/javase/1.4.2/docs; JDK 6u21 in /data/www/javase/6/docs
[2010-09-30] Gimp (gimp)
[2010-10-26] Graphical Disk Map (gdmap)
[2010-10-26] KDirStat (kdirstat)
[2010-10-26] Google Chrome (chromium-browser)
[2010-11-16] PuddleTag (puddletag python-qt4 python-pyparsing python-mutagen python-configobj python-musicbrainz2) [2010-12-23] v 0.9.11 See local page
[2010-11-26] PCSC Tools (pcsc-tools) For ATR_analysis.
[2010-11-26] Color Diff (colordiff)
[2010-12-09] ——— Ubuntu Lucid Lynx 10.04 LTS (i386) ———
[2010-12-12] gparted (gparted)
[2010-12-23] Diffuse (diffuse)
[2011-01-10] 4Pane (4pane) See Linux Software#4Pane
[2011-01-16] NFS Server (nfs-kernel-server nfs-common portmap) See NFS for more details; Created entries in /etc/exports.
[2011-01-26] GIT (git-gui gitk git-doc gitweb) [2011-12-15]Updated to 1.7.10.5 compiled from source.
sudo apt-get install zlib1g-dev libcurl4-openssl-dev expat asciidoc     # More packages might be needed
git clone git://github.com/gitster/git.git          # Use proxygit if behind a proxy
cd git
make configure                                      # See also INSTALL
./configure --prefix=/usr/local                     # In // of existing package installation. /usr/local has precedence
make all doc
sudo make install install-doc install-html

[2012-11-08] — Installed tileqt tcl/tk widget theme for gitk (see here).

[2011-02-02] WireShark (wireshark tshark)
[2011-02-02] bsdiff (bsdiff)
[2011-02-14] Some git browsers (qgit gitg source-highlight) [2011-02-21] gitg updated to 0.0.7!
[2011-02-14] qmail (ucspi-tcp qmail) See qmail page
[2011-02-22] socat (socat)
[2011-02-22] multitee (multitee)
[2011-02-23] colortail (colortail)
[2011-02-28] Word Diff (wdiff)
[2011-03-01] etckeeper (etckeeper) v 0.52 from Natty
[2011-03-01] Amarok (amarok kubuntu-restricted-extras) v 2.4 from lucid-backports — See Local settings
[2011-03-01] VLC (vlc)
[2011-03-02] dwww (dwww)
[2011-03-02] apt-rdepends (apt-rdepends)
[2011-03-02] GraphViz (graphviz) To plot package dependencies with apt-cache dotty and apt-rdepends -d
[2011-03-02] Gufw (gufw) graphical front-end to ufw
[2011-03-17] pipe viewer (pv)
[2011-03-17] Perl-doc html (perl-doc-html) Available from dwww, section Programming/perl
[2011-04-06] WiFi backport 2.6.37
(linux-backports-modules-wireless-2.6.37-lucid-generic-pae)
Try to solve frequent WiFi disconnect
[2011-05-12] Perl Audio Converter (pacpl)
[2011-06-07] PowerTop (powertop)
[2011-06-29] NTP (ntp) Set system to synchronize with NTP server automatically (servers: ntp0.nl.net, ntp1.nl.net, ntp2.nl.net, ntp.univ-lyon1.fr)
[2011-07-04] SVN plugin for Nautilus (nautilus-script-collection-svn)
nautilus-script-manager enable Subversion
[2011-07-05] Samba Server (samba smbfs) See local config
[2011-07-07] Acrobat Reader (acroread) Edit mime type in ~/.local/share/applications/mimeapps.list:
[Added Associations]
application/pdf=acroread.desktop;evince.desktop;gimp.desktop

Add to ~/.mailcap:

application/pdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf
application/x-pdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf
application/x-bzpdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf.bz2
application/x-gzpdf; acroread '%s'; test=test -n "$DISPLAY"; nametemplate=%s.pdf.gz
[2011-07-13] KDiff3-QT (kdiff3-qt) (QT version has no dep on KDE) Settings → Integration → add ;-- to command line opts to ignore, and check Quit also via Escape key
[2011-07-14] eID Belgium (libxerces-c28, libacr38u, pcscd) Downloaded from taxonweb.be, also install stuff not in packages (like /usr/local/bin/beidgui). Note: there is also an ubuntu package beidgui!!! (+belpic, beid...)
[2011-07-20] Hexedit (hexedit) Hex editor
[2011-07-20] Hexer (hexer) Hex editor with vi-like interface
[2011-07-26] Ack (ack-grep) A better grep...
sudo ln -s /usr/bin/ack-grep /usr/local/bin/ack
[2011-08-03] Diffstat (diffstat) A better grep...
[2011-09-30] Libunwind (libunwind7, libunwind7-dev)
[2011-10-13] indent (indent, indent-doc)
[2011-10-13] Universal Indent GUI (universalindentgui)
[2011-10-13] Uncrustify (uncrustify) v0.59, simply compiled from source (./configure; make; sudo make install)
[2012-05-07] ACL (acl)
[2012-05-11] mDNS (libnss-mdns avahi-daemon mdns-scan) After install, do:
mdns-scan

Machine should broadcast its ip address on nxl67002ux.local to all avahi clients. For some strange reason, avahi may append a -2 suffix to broadcast name. To avoid that, edit /etc/avahi/avahi-daemon.conf and set host-name variable:

host-name=nxl67002ux
[2012-01-10] youtube-dl (youtube-dl) Installed from git repository:
git clone https://github.com/rg3/youtube-dl.git
cd youtube-dl
./youtube-dl <link>

Un-installed applications:

[2010-09-17] [2010-09-16] Mac4Lin Gnome theme See Mac4Line page. Installed in ~/mac4lin. Used MakeTechEasier version + Opera user stylesheet fix.
Uninstalled (theme too dark, Macbuntu theme is much better + Opera much better).
[2010-12-09] [2010-06-09] Foxit Reader bin in /usr/local/bin, icon in /usr/share/pixmaps/foxitreader.png, .desktop in /usr/share/applications/.
Edit mime type in ~/.local/share/applications/mimeapps.list to associate with application/pdffiles
Not as good as windows version
[2011-01-20] [2011-01-13] NoMachine NX Server (nxclient, nxnode, nxserver) See NoMachine. Enabled CUPS printing.Not needed anymore
[2011-02-17] [2010-09-16] Courier-MTA (courier-mta courier-mta-ssl) so that mails are sent to Courier mailboxesReplaced by qmail

Simple Settings

  • GRUB — Added to file /etc/grub.d/40_custom: (Not needed anymore since VirtualBox boots Windows directly, so no risk of booting host again)
    set default="Microsoft Windows XP Professional (on /dev/sda2)"
    
  • CRON - cron script for automatic backup of wikis on Noekeon's (see config files).
  • SUDO - keep environment variable http_proxy
  • PROXY - script for automatic setup of network environment (proxy, ssh...) (see config files).
  • Security — Disabled control-alt-del in console as recommended in Ubuntu Server Guide. Comment out the following line in the file /etc/init/control-alt-delete.conf:
#exec shutdown -r now "Control-Alt-Delete pressed"
  • SUDO - keep environment variable GREP_OPTIONS
  • Add user www for synchronization of /data/www folder (localhost page):
sudo useradd -g www-data -G users -u 999 -s /bin/bash -m www
sudo passwd www
su - www
ssh-keygen                                         # Or copy .ssh/ copy from other www users
scp .ssh/id_rsa.pub .ssh/authorized_keys

Detailed System Settings

1st install

  • 1st install on [2010-05-03]
  • Distribution: Ubuntu 10.04 LTS amd64
  • Installation method: Net boot install from Internet using GRUB
  • Language: English
  • Location: Europe, Belgium Time
  • Computer name: NXL67002UX
  • Keyboard layout: USA, USA
  • Name: beq06659
  • Login name: beq06659
  • Update: Install security updates automatically
  • Software to install: Ubuntu Desktop
  • Partition: see main page

Kernel

  • [2010-02-02] — Install the Maverick backport kernel 2.6.35 (see Ubuntu page).
  • [2010-02-03] — Reverted to Lucid default kernel 2.6.32 (2.6.35 not any better).

File System

  • For details, see /etc/fstab.
  • NTFS partition:
    • C: → do not mount automatically. Risk of corruption if mounted while VirtualBox is running!
    • D: → mount as /win/d.
  • NTFS partition must be mounted without umask=007,gid=46, or will get operation not permitted when modifying timestamps:
/dev/sda2               /win/c          ntfs        ro,users,nls=utf8,exec   0       2
/dev/sda7               /win/d          ntfs        users,nls=utf8,exec      0       2
  • File system structure:
/:                                        
  drwxr-xr-x root      root      boot/       # /dev/sda3
  drwxr-xr-x root      root      data/       # /dev/sda8
  drwxr-xr-x root      root      net/
  lrwxrwxrwx root      root      sage -> /data/sage-4.2.1/
  drwxr-xr-x root      root      smb/
  drwxr-xr-x root      root      win/
/data:
  drwxr-xr-x root      root      home/
  drwxr-xr-x beq06659  beq06659  sage-4.2.1/
  drwxr-xr-x www-data  root      www/
/home/beq06659:
  lrwxrwxrwx beq06659  beq06659  Documents -> /windows/d/Profiles/beq06659/My Documents/
/net:
  # NFS autofs
/smb:
  drwxr-xr-x root      root      mnemosyne/   # SMB autofs
/var:
  lrwxrwxrwx root      root      www -> /data/www/
/win:
  drwxr-xr-x root      root      c/           # /dev/sda2
  lrwxrwxrwx root      root      d/           # /dev/sda7
  • Configure acl on /data/d:
# VirtualBox uses /data/d as Windows D: drive. Since VirtualBox runs as 'root', all files gets root/root ownership.
# We use acl so that files gets group access beqO6659/rwx by default
cd /data
sudo chgrp -R beq06659 d
sudo chmod -R g+w d
find d -type d -print0|sudo xargs -0 chmod g+s
find d -type d -print0|sudo xargs -0 setfacl -m d:group:beq06659:rwx
  • Configure acl on /data/www:
# Set default access condition to rwxr-xr-x / www / www-data
cd /data
sudo chgrp -R www-data www
find www -type d -print0|sudo xargs -0 chmod g+s
find www -type d -print0|sudo xargs -0 setfacl -m d:group:www-data:r-x
find www -type d -print0|sudo xargs -0 setfacl -m d:user:www:r-x           # TODO: this one does not work with root...

Network

  • Edited /etc/hosts (added names for intranet)
  • Added to /etc/apt/apt.conf:
Acquire::http::proxy "http://localhost:8118/";
Acquire::ftp::proxy "ftp://localhost:8118/";
Acquire::https::proxy "https://localhost:8118/";
  • Added to /etc/environment:
http_proxy="http://localhost:8118/"
ftp_proxy="ftp://localhost:8118/"
https_proxy="https://localhost:8118/"
NXP network
sshproxy
  • Connect to NXP proxy with sshtunnel (with NTLM auth. if needed)
  • Forward IMAP/SMTP ports
  • Opens a SOCKS5 proxy
privoxy
  • Forward to ssh SOCKS5 proxy.
  • Provide http proxy server.
apt-get, wget, browsers
  • through privoxy (through environment variables or .pac file)
ftp
  • Direct connection (no solution...)
HOME network
sshproxy
  • Direct connection
  • Forward IMAP/SMTP ports
  • Opens a SOCKS5 proxy (not used)
privoxy
  • Direct connection
  • Provide http proxy server.
apt-get, wget, browsers
  • through privoxy (through environment variables or .pac file)
ftp
  • SAMBA/NFS CLIENT - Mount mnemosyne shares as NFS autofs (see [3]) and as SMB autofs
    • Enabled/created the following automounters in /etc/auto.master:
    • /net           /etc/auto.net
      /smb/mnemosyne /etc/auto.smb.mnemosyne
      
    • Created configuration file /etc/auto.smb.mnemosyne (mount options: noperm,iocharset=utf8,credentials=/etc/auto.smb.mnemosyne.*)
    • Created SMB credential files /etc/auto.smb.mnemosyne.* (see man mount.cifs)
    • Created path for mount points:
    • sudo mkdir /net
      sudo mkdir -p /smb/mnemosyne
      #ls /net/mnemosyne
      #sudo mkdir -p /mnt/mnemosyne
      #for i in /net/mnemosyne/volume1/*; do sudo ln -s $i /mnt/mnemosyne/$(basename $i); done
      
  • NXP Wired (see Linux Admin#Network Manager - Search Path)
    • Added local domain name be-leu01.nxp.com to /etc/resolv.conf
  • NXP Wireless (see Linux Admin#Wireless Network)
    • Network name (SSID): WLAN-WBI
    • Wireless security: Dynamic WEP (802.1x)
    • Authentication: TLS
    • Identity: michael.peeters@nxp.com
    • User certificate / CA certificate / Private key: imported from Windows (NXP Enterprise CA 1 for Client Authentication, Secure Email, serial 2F DF 1F D4 00 00 00 00 5E 1C)
  • Privoxy settings:
    • Added to /etc/privoxy/user.action:
    { -filter }
    tennislibre.com
    

Firewall

  • Moved user rules to /etc/ufw so that they can be tracked by etckeeper
  • cd /lib/ufw
    sudo mv user* /etc/ufw
    sudo ln -s /etc/ufw/user.rules
    sudo ln -s /etc/ufw/user6.rules
    
  • Enabled ufw
  • sudo ufw enable
    
  • Policy:
  • sudo ufw allow from 192.168.11.2                   # Enable full access from local virtualbox
    sudo ufw allow from 172.19.0.0/16 to any port 22   # Enable - from home local network - SSH
    

Preferences

  • Theme
  • The mighty Macbuntu 10.04 theme! Reverted changes:
    • Fonts — see below.
    • TerminalColors select Use colors from system theme (was set to Gray on black built-in schemes). Keep transparent background 95%.
    • Panel — add back System Monitor. We don't add back the bottom task panel.
    • In Configuration Editor, /apps/metacity/general/button_layout: menu:minimize,maximize,close
  • Appearance
    • (before Macbuntu) Fonts — ApplicationTahoma 9; DocumentSans 8; DesktopSans 8; Title → Sans Bold 9; Fixed widthMonospace 8
    • (after Macbuntu) Fonts — ApplicationLucida Grande 9; DocumentLucida Grande 9; DesktopLucida Grande 9; Title → Lucida Grande 10; Fixed widthLucida Console 9 (originally Lucida Console 10)
    • Fonts — rename ~/.fonts.conf to ~/.fonts.conf.macbuntu to disable macbuntu hinting settings override.
  • Appearance
    • Isabelle Hires Noir&Blanc crop-despeckle 936x1200.png, in ~/etc.
  • Keyboard Layout (System-Wide)
    • Layout: Belgium (default) + USA, no separate layout
      Custlayout Belgium (file /usr/share/X11/xkb/symbols/be) to allow AltGr-; → '<' and AltGr-: → '>', and support Greek letters with AltGr-Shift.
    • Options: Capslock affects all keys, Alt+CapsLock or Right Ctrl+Right Shift switch layout, right alt chooses 3rd level.
      (because Alt+Shift,Left Ctrl+Left Shift prevents ctrl-alt-shift shortcuts to work, Right Ctrl conflicts with VirtualBox)
  • Keyboard Shortcuts
  • Shortcut Action Remark
    Super-E Home Folder Hack Super is mapped to Win keys not needed anymore it seems
  • Window List Panel (see here)
    • Window List Content → Show windows from all workspaces
    • Restoring Minimized Windows → Restore to native workspace
  • Fonts
    • System fonts (/usr/local/share/fonts):
    Added BitStream Vera 1.10
    Added jsMath fonts (Linux variant, darkness 20 file, see here)
    Added all jsMath extra fonts (dark version from this page)
    • User fonts (~/.fonts):
    Added Tahoma
  • Compiz
    • General Option - Move Window: SuButton2
      because AButton3 is used in OpenOffice to move columns / rows
    • Static Application Switcher: Use AAlt for Next Window (current workspace)
    • Scale: Multi-Output ModeOn all output devices, darken background, Emblem for overlay icon
    • Ring Switcher: Enabled + Use SuTab for Next Windows (All Workspaces) + Allow Mouse Selection
    • Enhanced Zoom Desktop: Disabled
    • Negative: Disabled
    • Desktop Wall: enabled Edge Flip Move.
    • Put : disabled Put Pointer, enabled Put To Next Output (Superz) selected Avoid Offscreen.
    Frequently used Compiz shortcuts (bold are custom ones)
    Shortcut Action Remark
    SASpace
    SuButton3
    General Options - Window Menu
    CALeft
    CARight
    Desktop Wall - Move
    SCALeft
    SCARight
    Desktop Wall - Move with window
    SSue Expo Key
    AF7 Move Window
    Suz Windows Put To Next Output
    AF8
    SuButton2
    Resize Window
    SuTab
    SSuTab
    Ring Switcher (All Workspaces)
    Suw
    Sua / TopLeft / TopRight
    Scale windows Current viewport
    All windows
    ATab
    SATab
    Static application switcher Current viewport

Detailed Application Settings

Amarok

Courier IMAP

  • Install (reference here):
    • Create directories for web-based administration
    • SSL Certificate: /etc/courier/pop3d.pem, /etc/courier/imapd.pem
    • Postfix configuration: local only
    • System mail name: nxl67002ux.wbi.nxp.com
    • Created /etc/courier/userdb, and kept entries for root, localuser and beq06659
    • Use password from /etc/courier/userdb (method authuserdb).

Firefox

  • Theme: macfox3 1.1.7
  • Extensions (some disabled because Firefox hangs on launch/exit):
    • AutoPager 0.7.0.0 — disabled
    • Belgium eID 1.0.11 — disabled
    • CHM Reader 0.2.3
    • Cycle Input Focus 1.0.0 — disabled
    • Delicious Bookmarks 2.3.1
    • Fast Dial 3.4
    • FireGestures 1.5.7 — disabled
    • FoxyProxy Standard 3.3
    • Live HTTP headers 0.17
    • Ubuntu Firefox Modifications 0.9rc2
    • User Agent Switcher 0.7.3 — disabled

Gnome DO

  • Autostart, Quiet mode, notification icon, Glass theme
  • Launch key: <alt>+space (! disable first Gnome global shortcut for Activate the window menu)

LAMP

Install the servers:

sudo apt-get install apache2 php5 mysql-server mysql-client php5-mysql
# --> Defined password for MySQL root user
sudo vi /etc/apache2/apache2.conf
# --> Added lines at line 32:
#     #MIP CUSTOM
#     ServerName "nxl67002ux"
# Restart apache server to activate php module...
sudo /etc/init.d/apache restart

# Move www root dir to /data disk
sudo mv /var/www /data
sudo ln -s /f /data/www /var/www

Apache:

  • configuration file is at /etc/apache2/apache2.conf
  • Apache root http directory is /var/www
  • Enable mod-rewrite module.
    In /etc/apache2/sites-available/default, change as: AllowOverride NoneFileInfo (twice).


Create databases that will store local copies of cryptokiwi and mikiwiki wiki, and of mikido:

MYSQL_HISTFILE=/dev/null mysql --user=root -p mysql
mysql> CREATE DATABASE cryptokiwi;
mysql> GRANT ALL PRIVILEGES ON cryptokiwi.* TO kiwi@localhost IDENTIFIED BY '********';
mysql> CREATE DATABASE mikiwiki;
mysql> GRANT ALL PRIVILEGES ON mikiwiki.* TO miki@localhost IDENTIFIED BY '********';
mysql> CREATE DATABASE mikido;
mysql> GRANT ALL PRIVILEGES ON mikido.* TO miki@localhost IDENTIFIED BY '********';
mysql> CREATE DATABASE nxpwiki;
mysql> GRANT ALL PRIVILEGES ON nxpwiki.* TO nxp@localhost IDENTIFIED BY '********';
mysql> quit
  • Enabled HTTPS (requires valid-user)
  • Firewall blocks port 80 but allow port 443 (so that localhost can connect w/o password but other guest needs password)

Nautilus

  • Default view: List View
  • Display, date format: YYYY-MM-DD hh:mm:ss
  • List View: zoom 33%
  • Icon View, Compact View: zoorm 66%
  • Preview: all set to Never, and only for files smaller than 500kB (to prevent thumbnailing PDFs...)

Psi

(recovered from previous settings on Gryphon at ~/.psi)

  • Gnome: Added Psi as startup program (Psi, /usr/bin/psi, Communicate over the jabber network).
  • OptionsEventsEnable popup notifications (all notifications)
  • Modify Account... → Changed resource to work-ux
  • Modify Account...Automatically reconnect if disconnected
  • Modify Account...Proxylocalhost:8118

Samba

   security = user
   username map = /etc/samba/smbusers

# [...]

[homes]
   comment = Home Directories
   browseable = no
 
# [...]
 
[c]
   comment = Windows Drive C
   browseable = yes
   path = /win/c
   printable = no
   guest ok = no
   read only = yes
   create mask = 0700

[d]
   comment = Windows Drive D
   browseable = yes
   path = /win/d
   printable = no
   guest ok = no
   read only = yes
   create mask = 0700

SSH

  • Installed SSH-Tunnel
  • Files recovered from other installation (ssh-tunnel v2.26 + patch):
/usr/local/bin
-rwxr-xr-x 1 root root ssh-agent-refresh_andlinux.sh
-rwxr-xr-x 1 root root ssh-agent-refresh.sh
-rwxr-xr-x 1 root root ssh.pl
-rwxr-xr-x 1 root root ssh-tunnel.pl
  • User beq06659 - configuration file in directory ~/.ssh:
    • id_rsa || id_rsa.pub || authorized_keys || config* || proxy.conf* || clbanner.txt
  • Disabled SSH Key Agent from Gnome Startup Applications
  • Added startup application:
    • Name: startup.sh
    • Command: /home/beq06659/bin/startup.sh
    • Comment: Custom startup script
  • Do not accept locale env var. LC_* from the client (see SSH#Missing Locale in Perl)

Terminal

Vim

  • Added ~/.bash_completion from [4] (modified to also take alias v=gvim)

VirtualBox

See virtual machine configuration log.

  • Installed with apt (original version 3.2.0)
  • VirtualBox is launched as user root (because it seems that only the current user and root can access PulseAudio in a same X session — see [5])
  • Allow user beq06659 to launch VirtualBox through user root. Add to /etc/sudoers:
beq06659	ALL=NOPASSWD: /usr/bin/VirtualBox
  • Helper script to add to e.g. ~/bin :
#First allow user vbox to connect to X11
#xhost +SI:localuser:vbox
#sudo su vbox -c /usr/bin/VirtualBox&

#New config - run VirtualBox as root to allow sound
sudo /usr/bin/VirtualBox&
  • Create a launcher in ~/.local/share/applications/virtualbox-root.desktop
#!/usr/bin/env xdg-open

[Desktop Entry]
Version=1.0
Type=Application
Terminal=false
Icon[en_US]=VBox
Name[en_US]=Oracle VM VirtualBox (root)
Exec=/home/beq06659/bin/vbox.sh
Comment[en_US]=Run several virtual systems on a single host computer
Name=Oracle VM VirtualBox (root)
Comment=Run several virtual systems on a single host computer
Icon=VBox

Wine

See Configuration NXP Dell Latitude E6500 - Wine.

To Do

Issues

See Common Issues.

Other To Do's

  • ToDo — Try avahi for ZeroConf name resolution and get rid of /etc/hosts.
  • ToDo — look at Compact Human Theme (see Delicious)
  • ToDo — look at Legacy font hinting engine (see Delicious)
  • ToDo — Try to make Nautilus more space efficient. Look at Idea #23573. Try Thunar or PCManFM, or Xfe (the latter does not use gtk theme)
  • ToDo — Also for Eclipse:
  • ToDo — Adapt the search path in /etc/resolv.conf depending on the current network (for now, we statically append be-leu01.nxp.com, when actually this should be done only when on NXP network).
  • ToDo — Pieces of software to try:
  • ToDo — Have a look at Brain Fuck Scheduler, a new kernel scheduler with much better latency for desktops (see [7])
  • ToDo — Install openvpn (+CA Cert authentication?), instead of relying on ssh-tunnel
  • ToDo — Install remote secure storage using encfs over sshf (so that only encrypted data is seen from the server).
  • ToDo— Try Dovecot instead of Courier IMAP? (Dovecot is apparently faster thanks to its index caching feature)
  • ToDo— Setup correct UFW rules for NFS (see [8])
  • ToDo— Look at [[9]] utility for ways to optimize PC power consumption. See also [on LessWatts.org].