THL 6

PREPARATION

In TarHeel Linux 6.4 installation, we treat all machines, laptop, desktop, server equally.  For portable device, we need to configure it to be able to function with and without internet access.  For TarHeel Linux running off campus, we need to configure it to be able to access the UNC campus network.  Any installation needs to be on campus with the wired network connection.

If the machine is going to use DHCP to connect to the network for the installation.  Register the MAC address for the wired network through the http://onyen.unc.edu web site.  Have the machine connected to the wired network on campus.  If there is a problem obtaining IP address from DHCP, we can do the installation with static IP address.  In this care, make sure that you have the IP Address, Netmask, Gateway, Hostname, and 2 Nameservers readily available.  And the hostname has already registered to DNS.

Download the latest TarHeel Linux Boot 6.4 iso image from the “Installation” page.  Burn a disc with the iso image to become the Tarheel Linux Boot 6.4 disc.  If CD/DVD drive is not available, you can copy the iso image to a USB key by following the instruction published in the “Creating TarHeel Linux Boot 6 on USB Key Drive” page.

Running TarHeel Linux 6.4 Installer

Insert the TarHeel Linux Boot 6.4 disc into the CD/DVD drive.  If using USB key, insert it to the machine.

Power cycle the machine.

As soon as you see the BIOS splash screen, tap the F12 key. Once is good, multiple hit is often better. This will cause the BIOS boot menu to be displayed. Use the arrow keys to choose the CDROM drive (look for CD or CDROM or CD/DVD – this will vary), and hit the “Enter” key.  If using USB key, look for the USB key entry.  Sometimes, booting from USB key needs to be enabled in the BIOS in advance.

There will be a pause at a “Welcome to TarHeel Linux 6.4!” splash screen. Use the up and down arrow keys to select either x86_64 or i386 installation.

TarHeel Linux installation is network based.  When you are ready to install TarHeel Linux, it will pull all the files from TarHeel Linux management servers to do the installation.  Therefore, your machine needs to be on the network for the installation to succeed.

For installation using DHCP, hit enter to proceed.  The installer will proceed automatically after 60 seconds idling.  For installation using static IP, hit tab within 60 seconds and you will see the following line for x86_64 architecture.  For i386 architecture, the word “x86_64” becomes “i386”, and “thl64.cfg” is then “thl32.cfg”.

initrd=initrd.img ks=http://linux.unc.edu/scientific/6.4/x86_64/ks/thl64.cfg

Edit this line to become the following.  Replace x.x.x.x with the real values you have for IP Address, Netmask, Gateway, and Nameserver (DNS).  The “ksdevice=link” tells installer to bring up the first network interface with link up.  They are all in one line.

initrd=initrd.img ks=http://linux.unc.edu/scientific/6.4/x86_64/ks/thl64.cfg 
   ksdevice=link ip=x.x.x.x netmask=x.x.x.x gateway=x.x.x.x dns=x.x.x.x

Hit enter to continue.  This will configure the network to pick up the customized Kickstart file together with all the necessary files for the TarHeel Linux installation.   Once the installer receives the Kickstart file, it will perform all tasks programmed in that file.

Configuring TarHeel Linux Installation

First of all, the installer will ask if the TarHeel Linux will be running off DHCP or using static IP address once it is up.

**********************************************************'
*                                                        *'
*   How can this machine get IP address? [d/s]           *'
*                                                        *'
*   Answer d for getting IP address with DHCP            *'
*                and MAC address has been registered     *'
*                                                        *'
*   Answer s for static IP address                       *'
*                and Gateway and Netmask are known       *'
*                and 2 Nameservers are available         *'
*                and Hostname is in DNS                  *'
*                                                        *'
**********************************************************'

Getting IP address? [d/s]:

Enter “d” for DHCP. Enter “s” for static IP. For laptop, we use DHCP exclusively.  For server, we use static IP most of the time.  If static IP is used, you will be prompted to enter IP Address, Hostname, Gateway, Netmask, and 2 Nameserver.  These values will be used to configure the TarHeel Linux build.

Next, the installer will ask you about hard drive partition.

**********************************************************
*                                                        *
*   Do you want to partition the hard drive? [y/n]       *
*                                                        *
*   Answer y for partitioning the WHOLE hard drive       *
*   Answer y for erasing the WHOLE hard drive            *
*   Answer y for partitioning a VIRTUAL drive            *
*                                                        *
*   Answer n for setting your own drive partition        *
*   Answer n for installing dual boot system             *
*   Answer n for installing in non-default drive         *
*                                                        *
**********************************************************

Partition the hard drive? [y/n]:

Enter “y” if you want the installer to do the hard drive partition.  The installer will look in the size of the drive and partition it accordingly.  Enter “n” if you want to partition the hard drive manually.

The following warning message will show.  Enter “yes” if you understand that the hard drive will be erased.

**********************************************************
*                    W A R N I N G                       *
*                                                        *
*   This process will completely erase a hard drive      *
*          connected and install TarHeel Linux.          *
*                                                        *
*               Do you wish to continue?                 *
*        (Type the entire word "yes" to proceed.)        *
*                                                        *
**********************************************************

Proceed with installation?

At this point, the installer will check the size of the physical memory on the machine.  Then, set the swap size equals to twice of the size of the memory.

The next part of configuration is about users.  The TarHeel Linux installer asks for the ONYEN of the root user.  Root user is the user who owns the root password, i.e., the system administration password.  The following will show.

**********************************************************
*                                                        *
*   Enter ONYEN of Root User for this machine?           *
*                                                        *
*   Root User is the ADMINSTRATOR of the machine         *
*      and the one who owns the SUPERUSER password       *
*                                                        *
**********************************************************

ONYEN of Root User: 

You entered: ONYEN
Is this correct? [y/n]:

Enter the ONYEN of the root user and hit enter.  Enter “y” if you enter the correct ONYEN.

For TarHeel Linux 6 installation, the root password needs to be established after installation.  This is a very important step of the installation.  The installer pops up the following message to remind you on that.

***********************************************************
*                     IMPORTANT NOTE                      *
*                                                         *
*  This installation requires setting up root password    *
*                    by the root user.                    *
*                                                         *
*        After installation, log in as root user          *
*   and run "root_passwd_unc" to set up root password.    *
*                                                         *
*  It is absolutely essential that a strong password be   *
*  used.  Root password is set to use the same rules as   *
*  the ONYEN password, with one exception.  The password  *
*  may NOT contain ANY dictionary word of 4 characters or *
*  greater.  Consider using the 1st character of every    *
*  word in a memorable passphrase.  The length can be     *
*  between 8 and 12 characters  and must include upper    *
*  and lower case letters, and at least one number, and   *
*                 one special characters.                 *
*                                                         *
*                Do you wish to continue?                 *
*        (Type the entire word "yes" to proceed.)         *
*                                                         *
***********************************************************

Proceed with installation?

Answer “yes” and hit enter if you understand and proceed.

Next, the following note will show to ask you if you would like to install extra packages for scientific computing.

***********************************************************
*                        N O T E                          *
*                                                         *
*         For Scientific Computing installation,          *
*            EXTRA packages will be installed,            *
*      including OpenMPI, compilers, libraries, etc.      *
*                                                         *
***********************************************************

Is it a SciComp installation? [y/n]:

Enter “y” if you would like to install extra packages including OpenMPI, compilers, libraries, etc.  If not, enter “n” to proceed.  You can always install those packages afterward.

Next, the installer is asking if you would like to install some commercial applications.  There applications include matlab, Mathematica, and TotalView.  These packages are big and require longer time for the installation.’

***********************************************************'
*                         N O T E                         *'
*                                                         *'
*          Do you want to install extra commercial        *'
*     applications, Matlab, Mathematica, and TotalView?   *'
*                                                         *'
*          Note: this will take longer to install         *'
*                                                         *'
***********************************************************'

Do you want to install extra commercial applications? [y/n]:

Enter “y” if you want to install Matlab, Mathematica, and TotalView.  Otherwise, type “n” to continue.

Next, the installer will ask you if you want to install NVIDIA driver and CUDA toolkit.

***********************************************************
*                    W A R N I N G                        *
*                                                         *
*  Make sure that NVIDIA card is present in the system.   *
*                                                         *
*   Install NVIDIA driver and CUDA without NVIDIA card    *
*                will HANG the system.                    *
*                                                         *
***********************************************************

Should NVIDIA driver and CUDA be installed? [y/n]:

Enter :y” if you have a NVIDIA video card and/or a NVIDIA GPU card for computation.

The installer has got all the necessary information to proceed.  TarHeel Linux installation will start.  If you configure it to partition the hard drive manually, it will proceed to another window for you to do that.  Once that is done, the installation will proceed.

TarHeel Linux Installation

Now, let the TarHeel Linux Kickstart server do the rest of the work. You can go get a cup of coffee. If you are really interested in what software is being loaded, all the packages are listed with short descriptions as they are loaded.

Once the load is complete, the boot disk will be ejected, grab it.  If you are using USB key for the installation, the CD/DVD tray will eject too, you just ignore it.

The system will be rebooted all by itself. When this boot is complete, you will have your very own TarHeel Linux host.  The whole setup takes about 15 minutes.

Congratulations!

Terminal Window

A right-click of your mouse anywhere on the wallpaper will display a menu which will enable you to open a terminal window. In that window, choose Edit/Profiles…/Default/[Edit]. The General menu allows you to choose a font size – which is probably the easiest way to control the actual size of your window. Check out the Color menu to choose background and font colors you like. Under the Effects menu, you can add transparency to the terminal background.

Root Password and Root User Password for Laptop

The first time you log in to the machine, you may want to change the root password.  Log in to the system as the root user, then, run the following command in a terminal.  Make sure that the wired network cable is still connected at this point.

[onyen@tarheellinux ~]$ root_passwd_unc

It will prompt you for root user’s ONYEN password, enter that.  Then, enter your new root password.

To become root, one can use the following command.

[onyen@tarheellinux ~]$ su -

The “minus” will create a shell with root’s complete environment – including having the various sbin directories in the PATH. This action gets properly logged – in the case that you would ever want to know if anyone else tried to do something as root. The person who holds the root password can also use the sudo command to easily run single commands as root without needing to invoke a root shell. This means that you must protect your own password every bit as carefully as you protect the root password!

For portable device such as laptop, once you log in as root, you may want to change the root user password.  You want to have root user password being local and not using the network based ONYEN authentication.  Change <ONYEN> to the ONYEN of the root user.

[root@tarheellinux ~]# passwd <ONYEN>

The password rule again is very strict.  Having a strong password will protect your system better.  Type “exit” to quit the root account.

[root@tarheellinux ~]# exit

Adding New Users

We have an adduser program which will take an ONYEN as an argument, or the name of a file with a list of ONYENS, and will create accounts for those people on your machine using the correct NumericUID, NumericGID, and shell information from the UNC LDAP server for complete compatibility across systems. By default, home directories are created in /home. However, you can also specify the location of the home directories – even if they will reside on a remote server. You will need to be root to run this program. It is called “adduser_unc” and lives in /usr/local/sbin:

# adduser_unc chen

or

# adduser_unc -f /path/to/onyenfile

The format of this file is as follows:

# cat /path/to/onyenfile
chen
aarnold
bpack1
dwatson

For home directories exported from remote hosts:

# adduser_unc -h /mnt/remote/home  onyen

The administrator of the remote machine will have to create the actual home directories and make sure that the NumericUID and NumericGIDs match. If you have skel files you want each user to start with, you must give copies to this administrator. The default is to use the “dot” files in /etc/skel on your TarHeel Linux machine. You will have to put the proper entry in /etc/fstab and create a mount point to make sure this remote volume is properly mounted.

Wireless Network Access for Laptop

At this point, the wired network cable can be disconnected and we are going to set up wireless network.

Click on the NetworkManager icon on the top right corner of the screen.  Then, select “UNC-Secure”.  In the “Wireless Network Authentication Required” window, enter the following parameters.

Wireless security:    WPA & WPA2 Enterprise
Authentication:       Tunneled TLS
Anonymous identity:
CA certificate:       (None)
Inner authentication: PAP
Username:             <ONYEN>
Password:             <ONYEN Password>

When NetworkManager is complaining about “No Certificate Authority certificate chosen”, click “Ignore” to continue.

Then, to avoid TarHeel Linux 6 from asking keyring password for every login, we do the following.

Select System -> Preferences -> Network Connections menu.  In the “Network Connections” window, click on the “Wireless” tab, select “Auto UNC-Secure” and click “Edit…”.  Enter root password to continue.  At the bottom of the “Editing Auto UNC-Secure” window, check the box labelled as “Available to all users”, click “Apply…” to continue.  Click “Close” to close the “Network Connections” window.

VPN for Off Campus Access

When off campus, it is recommended (or for some resources, required) to use VPN to access computing resources on campus.  To log on to VPN, run the following command on a terminal window.

vpnc

Enter your ONYEN and ONYEN password.  To disconnect, run this command.

vpnc-disconnect

Daily Update and Security Report

When the laptop is on campus, daily update will be done around 4am everyday and security reports will be sent around the same time.  However, when the laptop is off campus, daily routine update will fail unless VPN is on.  If the laptop is to be turned off around 4am in the morning, it is recommended that you turn on VPN and do a manual update regularly.  Depending on your ISP, the daily security reports may or may be able to send depending on whether your ISP is being trusted by UNC mail server.

To do a manual update of the TarHeel Linux 6 when off campus, invoke the following commands.

vpnc

Enter your ONYEN and ONYEN password.  Then, run the update command to update the OS.

yum update