1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
|
<!DOCTYPE html>
<html dir="ltr" lang="en">
<head>
<meta charset='utf-8'>
<title>1.2. Configure</title>
</head>
<body>
<a href="index.html">Core OS Index</a>
<h1 id="chroot">1.2. Configure</h1>
<p>If you don't mounted chroot follow this
steps from <a href="install.html">install</a>;</p>
<pre>
$ export CHROOT=/mnt
</pre>
<pre>
$ export BLK_EFI=/dev/sda2
$ export BLK_BOOT=/dev/sda3
$ export BLK_ROOT=/dev/vg_system/lv_root
$ export BLK_VAR=/dev/vg_system/lv_var
$ export BLK_HOME=/dev/vg_system/lv_home
$ sudo mount $BLK_BOOT $CHROOT/boot
$ sudo mount $BLK_EFI $CHROOT/boot/efi
$ sudo mount $BLK_VAR $CHROOT/var
$ sudo mount $BLK_HOME $CHROOT/home
</pre>
<p>If using separate /usr partition;</p>
<pre>
$ export BLK_USR=/dev/vg_system/lv_usr
$ sudo mount $BLK_USR $CHROOT/usr
</pre>
<p>Now you can chroot;</p>
<pre>
$ sudo chroot $CHROOT /usr/bin/env -i \
HOME=/root TERM="$TERM" PS1='\u:\w\$ ' \
PATH=/bin:/usr/bin:/sbin:/usr/sbin \
/bin/bash --login
</pre>
<h2 id="hostname">1.2.1. Set hostname and hosts</h2>
<p>Give it a name, this example we will call it machine;</p>
<pre>
# hostname machine
</pre>
<p>Edit /etc/hosts to contain your hostname and FQDN,
this example uses machine.example and machine.example.org sub-domain from
<a href="http://freedns.afraid.org">afraid.org</a> pointing
to 10.0.0.1 ip;</p>
<pre>
# IPv4
127.0.0.1 localhost.localdomain localhost
127.0.0.1 machine.example machine
#<ip-address> <hostname.domain.org> <aliases>
10.0.0.1 machine.example.org
# IPv6
#::1 ip6-localhost ip6-loopback
#fe00::0 ip6-localnet
#ff00::0 ip6-mcastprefix
#ff02::1 ip6-allnodes
#ff02::2 ip6-allrouters
#ff02::3 ip6-allhosts
# End of file
</pre>
<p>Checkup;</p>
<pre>
$ hostname
machine
$ hostname -f
machine.example
</pre>
<h2 id="time">1.2.2. Set timezone</h2>
<p>Setup timezone;</p>
<pre>
# tzselect
Please identify a location so that time zone rules can be set correctly.
Please select a continent, ocean, "coord", or "TZ".
1) Africa
2) Americas
3) Antarctica
4) Asia
5) Atlantic Ocean
6) Australia
7) Europe
8) Indian Ocean
9) Pacific Ocean
10) coord - I want to use geographical coordinates.
11) TZ - I want to specify the time zone using the Posix TZ format.
#? 7
Please select a country whose clocks agree with yours.
1) ?land Islands 18) Greece 35) Norway
2) Albania 19) Guernsey 36) Poland
3) Andorra 20) Hungary 37) Portugal
4) Austria 21) Ireland 38) Romania
5) Belarus 22) Isle of Man 39) Russia
6) Belgium 23) Italy 40) San Marino
7) Bosnia & Herzegovina 24) Jersey 41) Serbia
8) Britain (UK) 25) Latvia 42) Slovakia
9) Bulgaria 26) Liechtenstein 43) Slovenia
10) Croatia 27) Lithuania 44) Spain
11) Czech Republic 28) Luxembourg 45) Svalbard & Jan Mayen
12) Denmark 29) Macedonia 46) Sweden
13) Estonia 30) Malta 47) Switzerland
14) Finland 31) Moldova 48) Turkey
15) France 32) Monaco 49) Ukraine
16) Germany 33) Montenegro 50) Vatican City
17) Gibraltar 34) Netherlands
#? 37
Please select one of the following time zone regions.
1) mainland
2) Madeira Islands
3) Azores
#? 1
The following information has been given:
Portugal
mainland
Therefore TZ='Europe/Lisbon' will be used.
Local time is now: Sun Aug 9 17:36:05 WEST 2016.
Universal Time is now: Sun Aug 9 16:36:05 UTC 2016.
Is the above information OK?
1) Yes
2) No
#? 1
You can make this change permanent for yourself by appending the line
TZ='Europe/Lisbon'; export TZ
to the file '.profile' in your home directory; then log out and log in again.
Here is that TZ value again, this time on standard output so that you
can use the /usr/bin/tzselect command in shell scripts:
Europe/Lisbon
#
</pre>
<h2 id="locale">1.2.3. Set locale</h2>
<pre>
# localedef -i en_US -f UTF-8 en_US.UTF-8
</pre>
<h2 id="user">1.2.4. Users</h2>
<h3>1.2.4.1. Set root password</h3>
<pre>
# passwd
</pre>
<h3>1.2.4.2. Create Administrator User</h3>
<p>Description of most default pretinent groups;</p>
<dl>
<dt>adm</dt>
<dd>Administration group.</dd>
<dt>ftp</dt>
<dd>Access to files served by ftp.</dd>
<dt>users</dt>
<dd>Standard users group.</dd>
<dt>wheel</dt>
<dd>Administration group used to give access to sudo.</dd>
</dl>
<pre>
# useradd -U -m -k /etc/skel -s /bin/bash username
# usermod -G adm,wheel,audio,video,users username
# passwd username
</pre>
<pre>
# chmod 0700 /root
# chmod 0700 /home/username
</pre>
<h3>1.2.4.3 Add Administrator to Wheel group</h3>
<pre>
bash-4.3# sudoedit /etc/sudoers
</pre>
<pre>
## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL) ALL
</pre>
<h2 id="fstab">1.2.5. File system table</h2>
<p>First we will discover block id (UUID) of
<a href="install.html#step2">target partition</a>,
blkid list all while vol_id --uuid /dev/sdb1 returns
only uuid. Add all block ids to the end of file
/etc/fstab;
</p>
<pre>
# blkid >> /etc/fstab
</pre>
<p>Read <a href="http://linux-audit.com/securing-mount-points-on-linux/" title="Securing mount points">Securing mount points</a>,
and edit /etc/fstab according to your disk layout. Blocks with uuid will later be created at <a href="../tools/lvm.html">lvm</a>.</p>
<p>Pass option control in wich order fsck checks devices. If is
a multiple partition scheme; 1 for root, 2 for others or 0 to
disable fsck. In this example fsck in usr partition is disable,
initram file system mounted on boot making impossible to run fsck.</p>
<pre>
/dev/sda3 / ext4 defaults,noatime,ro 0 1
# usr is not checked because is already mounted by init ram (to be fixed).
UUID=20bd3948-0877-4192-af52-ad87d6f96db0 /usr ext4 defaults,ro,nodev,errors=remount-ro 0 0
devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0
none /sys/kernel/security securityfs defaults 0 0
devpts /dev/pts devpts noexec,nosuid,gid=tty,mode=0620 0 0
shm /dev/shm tmpfs defaults 0 0
tmp /tmp tmpfs defaults,noatime,nosuid,nodev,noexec,size=128M 0 0
UUID=3b408790-65e1-4638-9591-7ba61f266913 /boot ext4 defaults,ro,noatime 0 2
UUID=962D-0DE1 /boot/efi vfat ro,noauto,umask=0077 0 2
UUID=f2336a56-fbe6-444c-bdbf-f0e6c209c237 /var ext4 defaults,nodev,noexec,nosuid,errors=remount-ro 0 2
UUID=66c083d6-b8f2-4a98-ae55-9412f98cc089 /usr/ports ext4 defaults,ro,nodev,errors=remount-ro 0 2
pkgmk /usr/ports/work tmpfs size=30G,gid=101,uid=100,defaults 0 2
UUID=36e9e1d5-8356-451e-a301-81098b9a15ea /srv ext4 defaults,nodev,errors=remount-ro 0 2
UUID=cd15196a-69f1-4fb4-9730-a384c62add91 /home ext4 defaults,nodev,nosuid,errors=remount-ro 0 2
#UUID=04f07488ce7b36205acc6d404dcf924643660ac5 /usr/ports/distfiles ext4 defaults,ro,nodev,errors=remount-ro 0 2
# End of file
</pre>
<h2 id="rcconf">1.2.6. Initialization Scripts</h2>
<p>Edit /etc/rc.conf and define keyboard layout, hostname and timezone,
more information about
<a href="http://crux.nu/Main/Handbook3-3#ConfigurationVariables">configuration variables</a>.
</p>
<pre>
#
# /etc/rc.conf: system configuration
#
FONT=default
KEYMAP=dvorak
TIMEZONE="Europe/Lisbon"
HOSTNAME=machine
SYSLOG=sysklogd
SERVICES=(lo iptables wlan crond)
# End of file
</pre>
<a href="index.html">Core OS Index</a>
<p>This is part of the Hive System Documentation.
Copyright (C) 2019
Hive Team.
See the file <a href="../fdl-1.3-standalone.html">Gnu Free Documentation License</a>
for copying conditions.</p>
</body>
</html>
|