Inhalt
How to setup a desktop PC on RHEL 6.x
These are personal notes for myself to remember things, but they might serve others as well. This document is licensed under Creative Commons Licence 3.0 BY-SA.
The following document covers installation and post-install configuration of a Redhat Enterprise Linux Desktop for family desktop use. I will aim to be as friendly as possible to novice linux users. If you are nonetheless stuck at some point using this tutorial google should help answer your questions, just copy-paste your error message into google.
CentOS will be used as a free clone of RHEL. I switched over from Ubuntu to CentOs due to the plague that is Unity and overall better stability. However the Ubuntu way of doing this has somewhat influenced me, experienced linux users will probably notice.
How to read this document:
Text in a box
like the one above is meant to be typed into the terminal. You can start the terminal as „gnome-terminal“ in gnome or as „konsole“ in KDE.
You will often need to edit text config files. This document uses the texteditor nano and the command sudo to gain admin rights in the terminal. If you prefer to use something else, thats fine. You could for example use „gksudo gedit“ in a gnome / unity environment or „kdesu kate“ in KDE.
Installation
Basic Installation from CD / USB stick:
- Download a live-CD or live-DVD, boot from it and start Installation. Use the 64bit Version, if your hardware is 64bit. (If your not running Intel Atom or Intel Pentium 4 CPUs, it most likely is)
- There is a screenshot slideshow available here
- Partitioning: I selected basic storage. Unsure wether LVM supports TRIM (turns out it probably does), I just created 3 partitions on a 64GB SSD (Samsung 830). 64 GB is plenty for an Office PC with all multimedia content stored on the family server. Considering the price drop it might now be wiser to grab a 128GB version, as those are faster, not much more expensive and you never know what good the extra space might do.
/dev/sda1 15 GB ext4 for /
/dev/sda2 4,5 GB for swap
/dev/sda3 leftover space for /home
- Everything else left at defaults, but disabled Kdump
First Post-Install steps:
- Open a terminal
- Become Administartor = root user in Linux speed by:
- type: su
- press Enter
- give your root passwort you defined during Installation
- press Enter again
- notice the last sign of the path text changes from $ to #, to indicate you are root now
- Install nano (Texteditor for console) (The default texteditor is vi. Though I manage doing work with vi, it is too geeky and complicated for me)
yum install nano
- Install Gnome Menu Editor so you can easily create new menu entries
yum install alacarte
SSD Optimizations (Only useful in case u have a SSD, else skip)
- Reduce disk writes for read disk accesses.
- Set „noatime“ or „relatime“ mount option in /etc/fstab.
- Enable the TRIM command.
- Set „discard“ mount option in /etc/fstab for the ext4 filesystem, swap partition, Btrfs, etc.
- Set „discard“ option in /etc/lvm/lvm.conf for LVM.
- Set „discard“ option in /etc/crypttab for dm-crypt.
- Make system flush data to the disk every 10 minutes for laptop PCs. Default is 5 Seconds. This can save power on laptops, but increases the risk for data loss. Consider this point carefully:Set „commit=600“ mount option in /etc/fstab.
- Reduce swap usage:If you have enough RAM (4GB or even 8GB) you probably don’t need to use swap during office work. You can thus reduce the amount of swap usage to reduce writes to the ssd.
swappiness is the setting controlling how linux uses swap. A value of 100 means to use swap very aggressively, a value of 0 means to avoid using sawp as much as possible and only use RAM. I suggest a value of 5 for Desktop usage on a SSD.- Read your current setting in the terminal with:
cat /proc/sys/vm/swappiness
- Change the value to your needs:
sudo nano /etc/sysctl.conf #Append the line, adjust value to your needs: vm.swappiness=5
- Read your current setting in the terminal with:
Add and enable repositories
- Using Linux, programms are installed (and updated) from central software repositories. The following repositories contain useful or even necessary software not included by default. Would you like to know more?
- You need to be root or use sudo. First step is usually to import a signing key, to be able to check packages for validity. Next is installing a package containing repository info.
- You can become root by opening a terminal, typing su – root, pressing Enter, typing in the root password you gave during Installation and pressing Enter again.
Repositories:
-
ELrepo (needed e.g. for NVIDIA binary driver)
sudo rpm --import http://elrepo.org/RPM-GPG-KEY-elrepo.org sudo rpm -Uvh http://elrepo.org/elrepo-release-6-4.el6.elrepo.noarch.rpm
sudo rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-7.noarch.rpm
sudo rpm --import http://packages.atrpms.net/RPM-GPG-KEY.atrpms
Open an editor
sudo nano /etc/yum.repos.d/atrpms-stable.repo
Paste this into the atrpms-stable.repo file
[atrpms-stable]
name=RHEL 6 - atrpms-stable - $releasever - $basearch
baseurl=http://dl.atrpms.net/el6-$basearch/atrpms/stable/
gpgcheck=1
enabled=1
priority=20
exclude=*release
-
Naulinux School (tesseract, gscan2pdf: scan to searchable PDF)
-
wget http://downloads.naulinux.ru/pub/NauLinux/6.2/i386/sites/School/RPMS/nau-yum-conf-6.2-1.Nau6x.noarch.rpm
- Create the repository config file /etc/yum.repos.d/naulinux-school.repo:
[naulinux-school] name=NauLinux School baseurl=http://downloads.naulinux.ru/pub/NauLinux/6.2/$basearch/sites/School/RPMS/ enabled=0 gpgcheck=1 gpgkey=http://downloads.naulinux.ru/pub/NauLinux/RPM-GPG-KEY-linux-ink
-
sudo yum --enablerepo=naulinux-school install nau-yum-conf-6.2-1.Nau6x.noarch.rpm
Repository Priorities:
sudo yum install yum-priorites
copy priority settings inside /etc/yum.repos.d files from MythTV client or christiane’s PC, witchever works best in future
For automatic updates:
install package yum-autoupdate from sientific linux and configure /etc/sysconfig/yum-autoupdate for your needs, i add the exclusion of *orc* for problems with the oil runtime compiler and a propper email adress to get notified in case of a problem.
Limit number of installed kernels
Clean Installed Kernels
## Install yum utils ##
yum install yum-utils
## Package-cleanup set count as how many old kernels you want left ##
package-cleanup –oldkernels –count=2
Make Amount of Installed Kernels Permanent
Edit /etc/yum.conf and set installonly_limit:
installonly_limit=2
Driver Installation
Install NVIDIA drivers and blacklist nouveau
- you need to have the ELrepo repository enabled, see above
- Open a terminal and become root by typing: su – root (press Enter)
- echo „blacklist nouveau options nouveau modeset=0“ > /etc/modprobe.d/blacklist-nouveau.conf
- yum install kmod-nvidia
- Edit /etc/grub.conf and add nomodeset rdblacklist=nouveau at the end of the kernel line:
- sudo nano /etc/grub.conf
- Add nomodeset rdblacklist=nouveau at the end of the kernel line
- Restart your machine
HP Printers
- HP OfficeJet 6500A and 8500A Plus work with driver from hplipopensource.com
- For the graphical user interface, one needs pyqt4 and dependencies installed, textmode works without pyqt4 from commandline with:
hpsetup -i - Add Users to group “sys” so they can manage the printer via hp GUI via: sudo usermod -a -G sys username
Amazon Kindle Fire HD (USB Connection)
Does not really work well..
- wget http://li.nux.ro/download/nux/dextop-testing/el6/x86_64/libmtp-1.1.5-1.el6.nux.x86_64.rpm
- wget http://li.nux.ro/download/nux/dextop-testing/el6/x86_64/mtpfs-1.1-0.2.svn20120510.el6.nux.x86_64.rpm
- sudo yum install *.rpm
- mkdir /media/Kindle
- chown -Rv username:family /media/Kindle
- sudo gedit /lib/udev/rules.d/69-libmtp.rules and add the lines:
# UDEV-style hotplug map for libmtp # Put this file in /etc/udev/rules.d ACTION!="add", GOTO="libmtp_rules_end" ENV{MAJOR}!="?*", GOTO="libmtp_rules_end" SUBSYSTEM=="usb", GOTO="libmtp_usb_rules" GOTO="libmtp_rules_end" LABEL="libmtp_usb_rules" # Kindle devices - UDEV Rule #http://lvogdt.wordpress.com/2012/12/25/kindle-fire-hd-and-opensuse-linux/ # For Kindle Fire HD by s3pp ATTRS{idVendor}=="1949", ATTRS{idProduct}=="0007", SYMLINK+="libmtp-%k", GROUP="family" RUN+="/usr/bin/mtpfs -o allow_other -o uid=2000 -o gid=1500 /media/Kindle" # Some sensitive devices we surely don't wanna probe # Color instruments …
(ATTRS and RUN are only one line)
Basic System Configuration:
Change language:
- The default CentOs Installation is US-English. If you speak another language, you can change CentOs language setting by editing /etc/sysconfig/i18n.
- sudo nano /etc/sysconfig/i18n
- change the line starting LANG= to your needs
- LANG=“de_DE.UTF-8″ # This is for German
- Editing /etc/environment (you can have the same entries there) as well seems to be redundant, but does not harm.
change CentOS Hostname
- Edit the file /etc/sysconfig/network
sudo nano /etc/sysconfig/network NETWORKING=yes HOSTNAME=urhostname.yourdomainname.tld
e.g.
NETWORKING=yes
HOSTNAME=gamepc.local
- Also change here:
sudo nano /etc/hosts
- NFS Settings:
Centos6 uses NFS v4 by default, instead of v3 as in in Centos5. The new v4 includes a security check module, besides matching UID / GID you also need matching domain name in /etc/idmapd.conf
Editable Adressbar in Nautlis (Gnome2 only)
In Terminal:
gconftool-2 --type=Boolean --set /apps/nautilus/preferences/always_use_location_entry true
Security:
Firewall
default is: Firewall is enabled, SSH port is open, all other ports are closed
change acording to your needs with sudo system-config-firewall
Antivirus
Running Linux having an Antivirus is not essential. It is however helpful to scan e.g. USB Sticks, as spreading viruses – even if these don’t affect your linux box – might harm other people. Some options are:
ClamAV is free, opensource and comes in the repositories. As it is not backed by a large corporation, but a community effect, it might sometimes be slower in detecting new malware.
Avast is free, has a GUI and daily updates:
- Download from: http://www.avast.com/linux-home-edition
- open a terminal, cd to your download folder and yum install avast4workstation*
- as root in a terminal (needs to be root, not sudo:) echo ‚echo 128000000 >/proc/sys/kernel/shmmax‘ >> /etc/rc.local
(or sudo nano /etc/rc.local and add the line minus the first echo) - sudo echo 128000000 >/proc/sys/kernel/shmmax
- now you can start Avast from the Gnome Start menu or via avastgui from Terminal
User Accounts
Too large font size at KDM login screen:
edit /etc/X11/xorg.conf to contain the following:
Section "Monitor"
Identifier "Monitor0"
[ … ]
Option "DPI" "96 x 96"
EndSection
Remote Administration
Static IP and Wake on LAN (WOL)
Remove package NetworkManager, e.g. with yumex or via yum remove…
ifconfig -a
shows your network cards
choose the appropriate one and edit the corresponding config file in /etc/sysconfig/network-scripts.
The default is eth0, here is my config for an cable connected eth0:
cat /etc/sysconfig/network-scripts/ifconfig-eth0
DEVICE=eth0
HWADDR=xx:xx:xx:xx:xx:xx
BOOTPROTO=static
ONBOOT=no
NETWORK=192.168.0.0
NETMASK='255.255.255.0'
IPADDR=192.168.0.122
GATEWAY=192.168.0.254
DNS=192.168.0.254
USERCTL=no
ETHTOOL_OPTS="-s eth0 wol g"
TYPE=Ethernet
DNS1=192.168.0.254
IPV6INIT=no
NM_CONTROLLED=no
The ETHTOOL_OPTS is responsible for WOL, can be specified in /etc/rc.local as well with the line:
ethtool -s eth0 wol g
SSH-Server:
sudo chkconfig sshd on
sudo /etc/init.d/sshd start
SSH1 RSA Host-Schlüssel erzeugen: [ OK ]
SSH2 RSA Host-Schlüssel erzeugen: [ OK ]
SSH2 DSA Host-Schlüssel erzeugen: [ OK ]
sshd starten: [ OK ]
NX-Server
Port Forwading in DSL Router
Connect the PC to my Backup System
- become root on BackupPC Server (Hostname Perquod)
- drop in as backuppc user via: su -s /bin/bash backupc
- cd /var/lib/backuppc/.ssh
- remove lines refering old, depreceated pc from known_hosts
- copy SSH keys to new PC: ssh-copy-id -i id_dsa.pub root@hostname-new-pc
- start restore of data via web interface of BackupPC
- check (and modify) backup settings in webinterface
Install Programms
TV-Browser
TV-Browser is a digital TV-Newspaper, showing upcoming TV programms.
- download zip and unpack to /opt/TvBrowser (you may use another dir, eg /home/username/programms/TvBrowser, I use opt for multiuser purpose
- create startscipt, containing 3 lines:
#!/bin/bash
cd /opt/TvBrowser # adapt to your directory
java -jar /opt/TvBrowser/tvbrowser.jar
- make it executable, eg via: chmod +x startscript
- create startmenu entries using alacarte (gnome2) or kde menu editor, pointing to startscript, you can use the icon from the TvBrowser/images folder
Mediathekview
Mediathekview is a java-programm for downloading TV from the “Öffentlich-Rechlichen Sendern” (meaning government-funded channels) in Germany.
- Needs Java 1.7: sudo yum install java-1.7.0-openjdk
- Download Zip from link above
- extract to /opt/mediathekview
- create shotcut to Laucher.sh
Google Earth on 64bit Systems
- sudo yum install redhat-lsb.i686 mesa-libGL.i686 mesa-libGLU.i686 fontconfig.i686 libXrender.i686 libSM.i686 nvidia-x11-drv-32bit.x86_64
- donwload rpm from google website and install
Gscan2PDF with Tesseract
Gscan2PDF is a scan program, designed for archiving documents as searchable PDF instead of paper. Tesseract is used as OCR engine. Language Packs e.g. for German Language are available.
- Enable Naulinux-School repo (see above)
- sudo yum install tesseract tesseract-deu gscan2pdf
Install Adobe FLASH plugin
- Download the rpm from http://get.adobe.com/flashplayer/otherversions/ and select Linux 64bit and flashplayer 11 for other linux (YUM)
- Go to download folder (for the user that downloaded the files)
su - root cd /home/yourusername/Downloads rpm -ivh adobe-release-x86_64-1.0-1.noarch.rpm yum install flash-plugin
- Restart your browser
If you are using a Nvidia card capable of vdpau and have libvdpau installed, flash videos have a blue tint. To resolve:
1. Created the file /etc/adobe/mms.cfg and added the following contents :
#Hardware video decoding
EnableLinuxHWVideoDecode=1
OverrideGPUValidation=true
2. Added the following line at the beginning of /etc/X11/xinit/xinitrc-common
export VDPAU_NVIDIA_NO_OVERLAY=1
Krename
Krename is a batch-rename tool with nice graphic user interface. Can use exif-Data e.g. for renaming jpeg photo files.
downloadn and install from http://rpms.plnet.rs/plnet-centos6-x86_64/RPMS.plnet-downloaded/
Wine
Installation:
Nothing special about it
Opening a file via Wine program:
directly enter in nautilus (open with dialogue):
env WINEPREFIX="/home/*username*/.wine" wine C:\\windows\\command\\start.exe /Unix /home/*username*/.wine/drive_c/Program\ Files/Microsoft\ Office/Office12/pptview.exe '"Z:%f"'
alternatively via shell script (shows name of shell script instead of ENV)
#!/bin/bash env WINEPREFIX="/home/*username*/.wine" wine C:\\windows\\command\\start.exe /Unix /home/*username*/.wine/drive_c/Program\ Files/Microsoft\ Office/Office12/pptview.exe Z:$1
Install the Microsoft Core fonts
Microsoft Fonts, e.g Tahoma, Claigra, etc
(needs Epel and ATRPMs repositories enabled)
These steps will download build and install an rpm with the mscorefonts.
Open a terminal
su - root
cd ~
yum install chkfontpath rpm-build cabextract
mkdir rpmbuild
cd rpmbuild
wget http://corefonts.sourceforge.net/msttcorefonts-2.0-1.spec
rpmbuild -bb msttcorefonts-2.0-1.spec
rpm -ivh RPMS/noarch/msttcorefonts-2.0-1.noarch.rpm
Note to self: I have already created an RPM. Just install that.
Darktable (RAW Image Tool)
- install the linuxtech.repo config file if you don’t have it already:
su - root cd /etc/yum.repos.d/ wget http://pkgrepo.linuxtech.net/el6/release/linuxtech.repo
- install darktable:
yum --enablerepo=linuxtech-testing install darktable
Mediaplayers (SMplayer and VLC)
yum --enablerepo=linuxtech install smplayer vlc
k3b und file-roller aus base