Changeset 2246 for trunk/server/doc


Ignore:
Timestamp:
Jun 27, 2012, 10:29:47 PM (12 years ago)
Author:
ezyang
Message:
Reintegrate Fedora 17 development branch into trunk.
Location:
trunk
Files:
4 edited

Legend:

Unmodified
Added
Removed

  • trunk

  • trunk/server/doc/install-howto.sh

    r2214 r2246  
    7777#   XXX We should make Kickstart work for test servers too
    7878
     79# Make sure selinux is disabled
     80    selinuxenabled || echo "selinux not enabled"
     81
    7982# Take updates, reboot if there's a kernel update.
    8083    yum update -y
     
    9699    \cp -a etc /
    97100    chmod 0440 /etc/sudoers
     101    grub2-mkconfig -o /boot/grub2/grub.cfg
    98102
    99103# [TEST] You'll need to fix some config now.  See bottom of document.
     104
     105# Stop /etc/resolv.conf from getting repeatedly overwritten by
     106# purging DNS servers from ifcfg-eth0 and ifcfg-eth1
     107    vim /etc/sysconfig/network-scripts/ifcfg-eth0
     108    vim /etc/sysconfig/network-scripts/ifcfg-eth1
    100109
    101110# Make sure network is working.  Kickstart should have
     
    246255    gem install $(gem list --no-version | grep -Fxvf - gem.txt)
    247256    # Also, we need to install the old rails version
    248     gem install -v=2.3.5 rails
     257    gem install -v=2.3.14 rails
    249258# These are in /usr
    250259
     
    340349    cat install-ldap
    341350
    342 # Enable lots of services
     351# Enable lots of services (currently in /etc checkout)
    343352    systemctl enable openafs-client.service
    344     systemctl enable dirsrv.service
     353    systemctl enable dirsrv.target
    345354    systemctl enable nslcd.service
    346355    systemctl enable nscd.service
    347356    systemctl enable postfix.service
    348     systemctl enable nrpe.service
     357    systemctl enable nrpe.service # chkconfig'd
    349358    systemctl enable httpd.service # not for [WIZARD]
    350359
    351360    systemctl start openafs-client.service
    352     systemctl start dirsrv.service
     361    systemctl start dirsrv.target
    353362    systemctl start nslcd.service
    354363    systemctl start nscd.service
     
    360369# among others, 'amd64_fedoraX_scripts' (vary X) and 'scripts'. If it's
    361370# not, you probably did a distro upgrade and should update
    362 # /etc/sysconfig/openafs (XXX this is wrong: figuring out new
    363 # systemd world order).
     371# tokensys (server/common/oursrc/tokensys/scripts-afsagent-startup.in)
    364372    fs sysname
    365373
     
    374382# (Note: this errors on XeTeX which is ok.)
    375383    fmtutil-sys --all
     384
     385# Check for unwanted setuid/setgid binaries
     386    find / -xdev -not -perm -o=x -prune -o -type f -perm /ug=s -print | grep -Fxvf /etc/scripts/allowed-setugid.list
    376387
    377388# Fix etc by making sure none of our config files got overwritten

  • trunk/server/doc/install-ldap

    r2068 r2246  
     1# b
    12# To set up a new LDAP server:
    23
     
    1415
    1516# Move the schema back
    16 cp -R /etc/dirsrv/slapd-scripts.bak/{.svn,*} /etc/dirsrv/slapd-scripts
     17cp -R /etc/dirsrv/slapd-scripts.bak/* /etc/dirsrv/slapd-scripts
    1718rm -Rf /etc/dirsrv/slapd-scripts.bak
    1819
     20# Check and make sure the sysconfig references the correct keytab
     21svn revert /etc/sysconfig/dirsrv-scripts
     22
    1923# Turn dirsrv off:
    20 systemctl stop dirsrv.service
     24systemctl stop dirsrv@scripts.service
    2125
    2226# Apply the following configuration changes.  If you're editing
     
    5256EOF;
    5357
    54 systemctl start dirsrv.service
     58systemctl start dirsrv@scripts.service
    5559
    5660ldapvi -b cn=config
     
    221225nsDS5ReplicaBindDN: uid=ldap/shining-armor.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
    222226nsDS5ReplicaBindDN: uid=ldap/golden-egg.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
     227nsDS5ReplicaBindDN: uid=ldap/miracle-cure.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
     228nsDS5ReplicaBindDN: uid=ldap/lucky-star.mit.edu,ou=People,dc=scripts,dc=mit,dc=edu
    223229nsds5ReplicaPurgeDelay: 604800
    224230nsds5ReplicaLegacyConsumer: off

  • trunk/server/doc/upgrade-tips

    r2066 r2246  
    172172--------------------
    173173
     174XXX out of date
    174175Update /etc/sysconfig/openafs with an extra amd64_fedoraX_scripts and
    175176amd64_fedoraX sysname.  The format should be evident from the existing
    176177entries.  [XXX There might be other things you want]
    177178
    178 6. Testing critical infrastructure
     1796. Bind to scripts-test
     180-----------------------
     181
     182First, make sure no other servers are bound to scripts-test (try ping).
     183Then, create /etc/sysconfig/network-scripts/ifcfg-eth0:0 based off of
     184/etc/sysconfig/network-scripts/ifcfg-eth0 but with the scripts-test
     185IP address 18.181.0.229.  Run `ifup eth0:0` to complete the change.
     186
     1877. Testing critical infrastructure
    179188----------------------------------
    180189
     
    188197    - http://pony.scripts.mit.edu
    189198
    190 7. Extra stuff
     1998. Extra stuff
    191200--------------
    192201
     
    202211emptying their .ini files in /etc/php.d.
    203212
    204 8. Sending announcements
     2139. Sending announcements
    205214------------------------
    206215
Note: See TracChangeset for help on using the changeset viewer.