Up ] [ Link Farm ]
Reload ] [ Top ]
  E-PC setup guideline and checklist  
Post - local
  1. Log in as: root
  2. Set the control userid, sudo, and maintenance accounts
  3. Set time synchronization in /etc/ntp.conf:
  4. Set remote syslog monitoring in /etc/syslog.conf:
  5. Set secure root console with /etc/securetty and /etc/inittab:
  6. Set secure boot menus in /boot/grub/grub.conf:
  7. Set wrappers:
  8. Set secure bios menus, bootable devices (no: LAN, USB, CD FDD):
  9. Address physical security:
  10. Set the mail forwarding in /etc/aliases and run: newaliases
  11. Address boot and reboot notifications:
  12. Address automated updates policy:
  13. Configure X, with system-config-display:
  14. Address automated updates policy:
  15. Set an account default with password default
  16. Set up X thus:
  17. Run: startx to get to further graphical setup options
  18. Open a root terminal window by: Right-click | Run command | konsole
  19. Optionally, configure sound, in X, with system-config-soundcard:
  20. Optionally, special tools install?:
  21. Re-Entry for end user setup
    Mouse: Start | Control Center | System Administration | Login Manager
      • Left tab: (Appearance)
      • Change: "Welcome to " to Greeting: "Customer Sitename "
      • GUI Style: MS Windows 9x
      • Apply
      • Center tab: (Background)
      • Click: (top) "Slide show"
      • Click: (setup) Slideshow || Random || Add | Listing: take the default || OK
      • Color: Horizontal
      • Use a pair of high brightness colors to accomodate the ageing of monitors
      • Apply

      • Right tab: (Convenience)
      • Click: (top left) "Enable auto-login"
      • Click: (top right) "Enable password-less login"
      • Click: (just below) "user: default"
      • Click: (bottom) "Miscellaneous: Automatically log in ... "
      • Apply


    Done with the Control Center
  22. Start Web browser (world icon)
  23. Inside mozilla, enter: http://www.customerdomain.com/ - and make it the Default in conventional Edit | Preferences | Use Current fashion
  24. Optionally use cups to set the printer to, e.g.: lpd://hplj5.domain.lan/lp as a HP LJ 4
  25. Meanwhile ...

    Back in that root terminal window, edit : /etc/inittab to start in Run Level 5
  26. Finally in that terminal window: reboot

  27. Unit should come up, passwordless - verify that it did
  28. Re-do the desktop appearance items and Mozilla, etc settings for the end user desktop -- the background settings (the rest inherit), and the end user Mozilla hardening
  29. When starting Mozilla, also tick the left terminal button to konsole
  30. BUG: there is a silent script dependency on: Firefox, and xmessage -- RPH to file:
    yum -y install firefox xorg-x11-utils needed
  31. putty instance, and set up parameters for VT-100 / Wyse 60 emulation
  32. Consider SELINUX
  33. Consider services: chkconfig --list | grep ':on':
  34. Consider running services: netstat -ant:
  35. RFE: reboot phone home
  36. RFE: Mozilla/Firefox hardening master
  37. RFE: Evolution rollout tool
  38. RFE: LDAP auth rollout tool
  39. RFE: site CUPS rollout tool
  40. Poss Bug: keying is not being inserted by build script
  41. Query: centos-4 -- poweroff is not working -- seems to be an ACPI hang - why is it even running? - TBD: test with boot arg: acpi=off
  42. RFE: ORC startup background initscript member
  43. BUG: non-conformance in OO calc on highlight - sigma vs MS Excel 2003 SP1 behaviour

Post - remote


http://localhost/~herrold/build/ - also outside
rev: 8 Nov 2005 (pre ISSA presentation takeaway)


 
Valid HTML 4.0!
  Site search:  
    
    
 
 Modified: Mon, 07 Nov 2005 14:15:08 -0500
Copyright © 2019 R P Herrold
http://www.herrold.com/build/