herrold - E-PC setup guideline and checklist

[ Up ] [ Link Farm ]
[ Reload ] [ Top ]

E-PC setup guideline and checklist

Post - local

Log in as: root
Set the control userid, sudo, and maintenance accounts
Set time synchronization in /etc/ntp.conf:
Set remote syslog monitoring in /etc/syslog.conf:
Set secure root console with /etc/securetty and /etc/inittab:
Set secure boot menus in /boot/grub/grub.conf:
Set wrappers:
Set secure bios menus, bootable devices (no: LAN, USB, CD FDD):
Address physical security:
Set the mail forwarding in /etc/aliases and run: newaliases
Address boot and reboot notifications:
Address automated updates policy:
Configure X, with system-config-display:
Address automated updates policy:
Set an account default with password default
Set up X thus:
- Run: system-config-display as root
- Center tab: change monitor to: SGI || 17 inch GDM-17E21
- Left tab: change resolution dropbox to: 1024 x 768
- And click OK to apply the changes
Run: startx to get to further graphical setup options
Open a root terminal window by: Right-click | Run command | konsole
- The GPG keys may be missing -- add them:
  
  rpm --import `file /usr/share/doc/ '*GPG*' | \ grep -i centos`
- and then run: yum -y update in the background, as we do the other setup
Optionally, configure sound, in X, with system-config-soundcard:
Optionally, special tools install?:
Re-Entry for end user setup
Mouse: Start | Control Center | System Administration | Login Manager
1. - Left tab: (Appearance)
  - Change: "Welcome to " to Greeting: "Customer Sitename "
  - GUI Style: MS Windows 9x
  - Apply
2. - Center tab: (Background)
  - Click: (top) "Slide show"
  - Click: (setup) Slideshow || Random || Add | Listing: take the default || OK
  - Color: Horizontal
  - Use a pair of high brightness colors to accomodate the ageing of monitors
  - Apply
3. - Right tab: (Convenience)
  - Click: (top left) "Enable auto-login"
  - Click: (top right) "Enable password-less login"
  - Click: (just below) "user: default"
  - Click: (bottom) "Miscellaneous: Automatically log in ... "
  - Apply
Done with the Control Center
Start Web browser (world icon)
- Web browser - take top pick of Mozilla
- Terminal - take the top pick of konsole
Inside mozilla, enter: http://www.customerdomain.com/ - and make it the Default in conventional Edit | Preferences | Use Current fashion
Optionally use cups to set the printer to, e.g.: lpd://hplj5.domain.lan/lp as a HP LJ 4
Meanwhile ...

Back in that root terminal window, edit : /etc/inittab to start in Run Level 5
Finally in that terminal window: reboot
Unit should come up, passwordless - verify that it did
Re-do the desktop appearance items and Mozilla, etc settings for the end user desktop -- the background settings (the rest inherit), and the end user Mozilla hardening
When starting Mozilla, also tick the left terminal button to konsole
BUG: there is a silent script dependency on: Firefox, and xmessage -- RPH to file:
yum -y install firefox xorg-x11-utils needed
putty instance, and set up parameters for VT-100 / Wyse 60 emulation
Consider SELINUX
Consider services: chkconfig --list | grep ':on':
Consider running services: netstat -ant:
RFE: reboot phone home
RFE: Mozilla/Firefox hardening master
RFE: Evolution rollout tool
RFE: LDAP auth rollout tool
RFE: site CUPS rollout tool
Poss Bug: keying is not being inserted by build script
Query: centos-4 -- poweroff is not working -- seems to be an ACPI hang - why is it even running? - TBD: test with boot arg: acpi=off
RFE: ORC startup background initscript member
BUG: non-conformance in OO calc on highlight - sigma vs MS Excel 2003 SP1 behaviour

Post - remote

http://localhost/~herrold/build/ - also outside
rev: 8 Nov 2005 (pre ISSA presentation takeaway)