Scientific Linux Fermi LTS 303 September 29, 2004
Please send bug reports to dawson@fnal.gov,csieh@fnal.gov
----------------------------------------------------------------------------
*
* Please read the Release Notes for Scientific Linux. It is located at
* SL.releasenote
* All of the info in the SL.releasenote is valid unless this document
* states otherwise. This document only contains info that is specific
* to the Fermi site.
*
----------------------------------------------------------------------------
Lines that start with "*" are changed compared to "lts301".
This is based on the rebuilding of RPMS out of SRPMS's from Enterprise 3 AS
* including Update 3 with the following changes. There has not been any FUE
certification done yet. Please read this entire document before installing.
Table of contents
HARDWARE REQUIREMENTS
INSTALLATION INFO
ADDED compared to Enterprise 3
UPDATED compared to Enterprise 3
Installer modifications
/contrib
/docs
/notsupported
MISC Notes
HARDWARE SPECIFIC ISSUES
SOFTWARE ISSUES/BUGS
SUPPORT INFO
vendor ERRATA
Each has a "---" line above and below it.
_____________________________________________________________________________
HARDWARE REQUIREMENTS
_____________________________________________________________________________
The following information represents the minimum hardware requirements
necessary to successfully install Scientific Linux Fermi LTS 3.0.3 :
- Minimum: Pentium-pro class, but in reality at least a Pentium II
- Recommended for text-mode:
- Minimum of 400 MHz Pentium-II
- Minimum of 128MB Memory
- Recommended for graphical:
- Minimum of 400 MHz Pentium II
- Minimum of 128MB
- Recommended: 192MB
Hard Disk Space (NOTE: Additional space will be required for user data):
- Common "Fermi Generic Desktop" Installation : 2.5GB
_____________________________________________________________________________
INSTALLATION INFO
_____________________________________________________________________________
Installation Locations
Via NFS
linux.fnal.gov:/export/linux/lts303/i386/
with floppy
The floppy install situation is the same as Fermi Linux 9.0.1 .
There was not enough space on 1 floppy so the vendor redesigned the install
to have a "generic" boot floppy. With all of the device drivers on driver
floppies. There is a net , pcmcia, and a block driver floppy. With a Fermi
Linux install you will need the "generic" bootdisk.img floppy. And either
the "net" drvnet.img or the "pcmcia" pcmcia.img floppy for your network
drivers. I have modified the boot.img install floppy image to automatically
put in the nfs server and nfs install directory. To override this you can
select the original redhat choice with
linux
at the install floppy prompt.
You will have to make your own floppies from
* ftp://linux.fnal.gov/linux/lts303/i386/images/Fermi/bootdisk.img
and one of these
* ftp://linux.fnal.gov/linux/lts303/i386/images/Fermi/drvnet.img
* ftp://linux.fnal.gov/linux/lts303/i386/images/Fermi/pcmcia.img
To make the install floppies. Put a scratch floppy in "/dev/fd0" for
each image.
dd if=bootdisk.img of=/dev/fd0
dd if=drvnet.img of=/dev/fd0 If you are making the drvnet
with cdrom
There is also a boot.iso which is small iso image which includes all the
drivers on the driver floppies and the generic boot info. This can be used
instead of the above floppies. After download you can use cdrecord to
create a cdr with this image on it.
* ftp://linux.fnal.gov/linux/lts303/i386/images/Fermi/boot.iso
Via CDROM
Download and then burn cdrom iso images from
* ftp://linux.fnal.gov/linux/lts303/i386/sites/Fermi/iso/
-----------------------------------------------------------------------------
ADDED compared to 3
-----------------------------------------------------------------------------
Kerberos -- Fermi version
* krb5-fermi-config-1.9-3.LTS.noarch.rpm
* krb5-fermi-krb5.conf-1.9-3.LTS.noarch.rpm
* krb5-libs-fermi-1.8a-LTS30x.1.i386.rpm
* krb5-workstation-fermi-1.8a-LTS30x.1.i386.rpm
*
* release 1.8a-LTS30x.1 fixes a security problem.
* kx509 and kxlist were fixed. RPM had stripped them and they broke.
* Correct permissions were put on all files
* your old krb5.conf is now checked to see if it needs to be
* completely fresh or not. If it does not need a fesh krb5.conf
* then only the top half is changed.
kx509 and kxlist were added.
krb5-fermi-krb5.conf will ONLY put on a /etc/krb5.conf that points
to the fermi domain. If you have krb5-fermi-config you DO NOT
need this. This is intended for use with the Redhat provided
kerberos. Many offsite users will find this of use.
zz_a2ps_stdout-1.0-2.i386.rpm
Change the output of a2ps to go to stdout vs the printer.
zz_cups_nobrowse-1.0-4.i386.rpm
By default the cups deamon constantly searches the network to find
and check on other cups printers. This rpm turns that feature off.
It also turns off the cupd server as it is not really needed.
*SL_desktop_tweeks-1.1-1.i386.rpm <-- zz_desktop_tweeks-1.1-1.i386.rpm
* Renamed to SL naming convention. See SL.releasenote for more info.
zz_dhcp_resolv-2.2-1.i386.rpm
This rpm fixes that so that when your network starts, as it checks
your resolv.conf, if you have dhcp.fnal.gov, but not fnal.gov it will
put it in, so that you will have "search fnal.gov dhcp.fnal.gov" in
your /etc/resolv.conf file.
zz_emacs_link-1.1-3.i386.rpm
Make a symbolic link from "emacs" to "xemacs" when xemacs is installed
and emacs is not installed. This version uses triggers to make or
remove the link when emacs, or xemacs is added or removed.
zz_fermi-logos
zz_fermi-logos-3.0.2-1.i386.rpm
redhat-artwork-0.73.2-1.LTS.i386.rpm
redhat-logos-1.1.14.3-5.LTS.noarch.rpm
Because we were required to change redhat-logos, we didn't have
to do all the little tweeks that we were doing in zz_fermi-logos
This version has most of those tweeks taken out.
Since it is related, and the license permits us, we have also
taken out the most glaring redhat logo's from redhat-artwork.
Fixed a bug with the gdm greeeter theme.
Put in gnome-foot for menu icon so you can tell it is gnome.
*Fermi-release <-- zz_fermi-release
* Made change so that /etc/issue and /etc/issue.net showed Fermi
* Linux instead of RedHat.
zz_firstboot_fix-1.0-1.i386.rpm
Make changes to firstboot.
1.0 - removes the question about adding users
*SL_inittab_change-1.0-4.i386.rpm <-- zz_inittab_change-1.0-4.i386.rpm
* Renamed to SL naming convention. See SL.releasenote for more info.
zz_lang_collate-1.0-2.noarch.rpm
Changes LANG so that sorting is done the same as 6.1 and
earlier. (ABCabc instead of AaBbCc). This is not installed by
default except for a few workgroups. Can be added later with
a "yum install zz_lang_collate" .
*SL_libg2c.a_change-3.2.3-1.i386.rpm <-- zz_libg2c.a_change-3.2.3-1.i386.rpm
* Renamed to SL naming convention. See SL.releasenote for more info.
zz_logwatch_df-1.0-2.i386.rpm
By default logwatch does a df -h when looking at disk usage. This
can be unwanted if you have alot of NFS mounted disks. This rpm
change the command to be df -h -l, which looks at local disks only.
*SL_no_colorls-1.0-1.noarch.rpm <-- zz_no_colorls-1.0-1.noarch.rpm
* Renamed to SL naming convention. See SL.releasenote for more info.
zz_ntp_configure-4.0-1.i386.rpm
Configure ntp for Fermi site network.
zz_pine_user_domain-1.0-1.i386.rpm
By default when a user sends mail from pine their email address
is myname@mycomputer.fnal.gov. This rpm changes it so that the
default is myname@fnal.gov by modifying the /etc/pine.conf config file.
*SL_sendmail_accept-1.0-2.i386.rpm <-- zz_sendmail_accept-1.0-2.i386.rpm
* Renamed to SL naming convention. See SL.releasenote for more info.
zz_rhnsd_off-1.0-1.i386.rpm
This rpm turns off rhnsd, which is on by default.
zz_sshd_aklog-1.1-6.i386.rpm
This rpm contains a script that will ensure that you have the
correct path to aklog in your sshd_config script. It you do not
have AFS installed it comments out the aklog line. This script is
'trigger'able, so that when you update your openssh-server or your
afs client, it will re-run to keep the sshd_config file up to date.
*zz_sshd_nonkerberized-1.0-0.7.i386.rpm
Fermi's openssh is normally kerberized out of the box. This rpm
will make it non-kerberized. Should only be used offsite.
* version 1.0-0.7 fixes the prividlege seperation user - server start
* problem.
zz_tcp_wrappers_change-3.0-1.noarch.rpm
Disable all offsite access to common network services. Also
puts in the "DOE required login banners". If it determines that
you have already modified /etc/hosts.allow or host.deny it leaves
them alone.
zz_tex_tweaks-1.0-1.i386.rpm
Changes the default paper size to 8.5 x 11 vs A3
flpr
I am installing the flpr rpm by default. I got the latest version
from Randy. This does NOT require ups/upd. The flpr binary will
reside in /usr/local/bin/ . This should just make using flpr
easier for all.
flpr-2.4-4f.9x.i386.rpm
Yum -- From Duke University
See SL.releasenote for more info
* yum-conf-303-4.LTS.noarch.rpm
*apt-get
*
* Scientific Linux Fermi is aptable. We do NOT provide any
* config files for this. If you want to use apt YOU will need
* to add /etc/apt.d/ entries to point to Scientific Linux Fermi.
*
* We expect yum to handle the daily "auto update" function.
* Note that yum can handle the "auto update" function with
* apt still able to do "installs".
*
* Only YUM is installed by default and ONLY YUM is SUPPORTED at Fermi.
*OpenAFS
* See SL.releasenote
Workgroup tag files
These are used to specify which workgroup you belong to.
Astro-tag-3.0-4.noarch.rpm
BooNE-tag-3.0-4.noarch.rpm
BooNEDataServer-tag-3.0-5.noarch.rpm
BTeV-tag-3.0-5.noarch.rpm
BTeVTrigger-tag-3.0-5.noarch.rpm
BTeVSimulation-tag-3.0-7.noarch.rpm
BTeVWorker-tag-3.0-7.noarch.rpm
CDFCAFworker-tag-3.0-4.noarch.rpm
CDFlevel3-tag-3.0-4.noarch.rpm
CDFoffsite-tag-3.0-4.noarch.rpm
CDFonline-tag-3.0-4.noarch.rpm
CDF-tag-3.0-4.noarch.rpm
ClueD0Workstation-tag-3.0-4.noarch.rpm
CMSdesktop-tag-3.0-4.noarch.rpm
CMSfarm-tag-3.0-4.noarch.rpm
CMSserver-tag-3.0-4.noarch.rpm
ConsoleServer-tag-3.0-4.noarch.rpm
CPD-tag-3.0-4.noarch.rpm
CPDserver-tag-3.0-5.noarch.rpm
CSS-tag-3.0-4.noarch.rpm
FarmsConsole-tag-3.0-4.noarch.rpm
Farms-tag-3.0-4.noarch.rpm
FermiStandAlone-tag-3.0-4.noarch.rpm
FermiVeryGeneric-tag-3.0-4.noarch.rpm
FnaluBatch-tag-3.0-4.noarch.rpm
FnaluInteractive-tag-3.0-4.noarch.rpm
FOCUS-tag-3.0-4.noarch.rpm
GenericFarm-tag-3.0-4.noarch.rpm
Minos-tag-3.0-4.noarch.rpm
OAA-tag-3.0-4.noarch.rpm
RIP-tag-3.0-4.noarch.rpm
SDSS-tag-3.0-4.noarch.rpm
Sidet-tag-3.0-4.noarch.rpm
Theory-tag-3.0-4.noarch.rpm
FermiGenericDesktopOffsite-tag-3.0-6.noarch.rpm
Performance Co-Pilot (PCP) config
Config file specific for Fermi site.
pcp-config-2.3.0-LTS3x.1.i386.rpm
Acrobat
acroread-5.08-2.i386.rpm
acroread-plugin-5.08-2.i386.rpm
Java
Sun currently allows us to distribute their java rpms.
j2re is just the runtime enviroment
j2sdk is the runtime enviroment, plus compilors. So you do
not need both of these. Renamed these rpms so as to fit the
the vendor rpm naming convention.
j2re-1.4.2_02-fcs.i586.rpm
j2sdk-1.4.2_02-fcs.i586.rpm
* j2re-blackdown-1.4.1-gcc32.1.i386.rpm
*
* The j2re-blackdown has the java plugin that works with our
* version of mozilla and the CD helpdesk. It will automatically
* install it's plugin in your mozilla plugin's area so you do
* not have to.
MISC vendor changes
* See SL.releasenote
*SerialConsole
* SL_enable_serialconsole <-- serialconsole-2.0-0.5.noarch.rpm
* Renamed to SL naming convention. See SL.releasenote for more info.
*upsupdbootstrap
* upsupdbootstrap-3.0-7.i386.rpm
upsupdbootstrap-generic-3.0-5.i386.rpm
upsupdbootstrap-local-3.0-5.i386.rpm
---------------------------------------------------------------------------
UPDATED compared to 3
----------------------------------------------------------------------------
authconfig
Authconfig needed to be tweeked because it was putting a line into
the /etc/pam.d/system-auth that would not allow you to log into
root or a group account if there was a .k5login file in the accounts
home area. This is the same change that was done in Fermi Linux 9.0.x
We also changed it so that it quit putting the kerberos realm, as a
line by itself in the top of krb.conf. This was causing some
authentications to never return.
authconfig-4.3.7-1f1.i386.rpm
authconfig-gtk-4.3.7-1f1.i386.rpm
*Mozilla
*
* With the latest security release of mozilla it was decided to
* upgrade to the latest mozilla rather than try to backport the patch.
*
* mozilla-1.7.3-LTS3x.1.i386.rpm
* mozilla-chat-1.7.3-LTS3x.1.i386.rpm
* mozilla-devel-1.7.3-LTS3x.1.i386.rpm
* mozilla-dom-inspector-1.7.3-LTS3x.1.i386.rpm
* mozilla-js-debugger-1.7.3-LTS3x.1.i386.rpm
* mozilla-mail-1.7.3-LTS3x.1.i386.rpm
* mozilla-nspr-1.7.3-LTS3x.1.i386.rpm
* mozilla-nspr-devel-1.7.3-LTS3x.1.i386.rpm
* mozilla-nss-1.7.3-LTS3x.1.i386.rpm
* mozilla-nss-devel-1.7.3-LTS3x.1.i386.rpm
openSSH
Fermi version of openssh with kerberos cryptocard changes.
If a workgroup wants to install openssh-server then they just need
to add the entry from their "comps" file as it is NOT installed by
default.
openssh-3.5p1f11-1rh7x.i386.rpm
openssh-askpass-3.5p1f11-1rh7x.i386.rpm
openssh-askpass-gnome-3.5p1f11-1rh7x.i386.rpm
openssh-clients-3.5p1f11-1rh7x.i386.rpm
openssh-server-3.5p1f11-1rh7x.i386.rpm
----------------------------------------------------------------------------
Installer modifications
---------------------------------------------------------------------------
Kerberos is enabled by default on the normal authentication
screen. The installer does NOT know if what you put in here is
accurate so if you change something make sure it is right because
that is what you are going to get.
Changes to "defaults" from vendor installer.
Firewall is off by default. vendor default was Medium.
US/Central is default timezone. vendor default was New York.
Kerberos is on by default with a realm of FNAL.GOV . vendor default
was off.
flpr
Now installed by default. No need for ups/upd as this is
a rpm.
---------------------------------------------------------------------------
*/contrib/
---------------------------------------------------------------------------
The packges in this section have been contributed by various people. They
are presented AS IS and there is no guarantee of them working. These packages
are NOT supported by us. They will only get security updates if the
contributor provides them. If you have questions about them then ask the
contributor.
There are really 2 contrib trees. One for the base Scientific Linux and one
for this site. To use with yum you will need to uncomment out either/both of
the "contrib" lines in /etc/yum.conf
See README's in the RPMS/ directorys for specific info.
/sites/Fermi/contrib/RPMS/
/contrib/RPMS/
---------------------------------------------------------------------------
MISC NOTES
---------------------------------------------------------------------------
Upgrades from prior versions.
UPDATES are NOT supported for all versions of Fermi Linux.
UPDATES will NOT work from anything except RedHat AS 2.1. Vendor
seems to really want users to start from scratch. We will support
yum upgrades from Fermi Linux 9.0.1 to LTS 3.0.3 . Note that the
workgroup maintainers will have to enable the after.rpms.yum.sh
with the same contents as after.rpms.sh for their workgroups to
work via a yum upgrade.
---------------------------------------------------------------------------
SUPPORT INFO
---------------------------------------------------------------------------
Fermi site users should start with the "Fermi" specific support areas and
use the Scientific Linux next.
Fermi Linux web pages
http://www.fnal.gov/cd/unix/linux
Fermi Linux Community support mailing list
linux-users@fnal.gov
Which is archived at
http://listserv.fnal.gov/archives/linux-users.html
Scientific Linux web page
http://www.scientificlinux.org
ERRATA
See SL.releasenote