SLAC CPE Software Engineering Group
Stanford Linear Accelerator Center
System Admin

RHEL7 Setup
SLAC Detailed
SLAC Computing
Software Home
Software Detailed
 

 

 

 

 

 

This page is for updating our servers to RHEL7

 

 

Create Production server

edit /etc/sysconfig/network-scripts/ifcfg-em1   (Or the 10GB interface)

make sure all parameters are correct

Rename host: 

hostnamectl set-hostname  hostname

If necessary switch network port to proper vlan and perform systemctl restart network -From console

-reboot may be necessary

 

Update /etc/passwd, /etc/group, and /etc/shadow with our users -Append to file -do not copy from another host

update /etc/fstab

Check special config file Special-Configs

Setup cloning

Create a link in /etc/cron.monthly   

ln -s /usr/local/admin/scripts/linux-mirror-parted-SA

 

Setup access control

/etc/security/access.conf

Check if sever needs:

Xvfb

yum install xorg-x11-server-Xvfb

tmux

Verify uwd can connect

Verify root can connect from mccfs7

Verify:

ls -l /usr/lib64/libpcre.so.0

libpcre.so.0 -> libpcre.so.1.2.0

 

So our startup scripts work:

 

For any new RHEL7 machines to be deployed, the followings need to be configured after your standard installation and configuration:

-        Create a symbolic in such

cd /usr/lib64

ln -s libpcre.so.1.2.0 libpcre.so.0

-        In order to manage st_xxx.services via systemctl by a specific user (e.g. laci), create a polkit rule (51-service_start.rules) in /etc/polkit-1/rules.d.

On prod:

cp /usr/local/admin/rhel7/51-service_start.rules    /etc/polkit-1/rules.d/     -Should be done via kickstart

(/usr/local/admin/scripts/service_access called in 51-service_start.rules is in NFS, so need to do anything.)

On AFS:

cp /nfs/slac/g/lcls/sys/rhel7/51-service_start.rules       /etc/polkit-1/rul-Should be done via kickstart

------Needs to be done manually on our AFS servers

  mkdir -p /usr/local/admin/scripts

cp /nfs/slac/g/lcls/sys/rhel7/service_access      /usr/local/admin/scripts/

UWD info:  -For AFS servers

For AFS servers:     mkdir /u1

Copy over uwd2.tar:  scp root@mccfs7:/usr/local/admin/rhel7/uwd2.tar /u1/

untar file:  while in /u1:  tar xvf uwd2.tar

-Add uwd to passwd file and shadow file  (Use mccsyslog as template)

 

uwd:x:9726:1006:UWD Account:/u1/uwd:/bin/bash       -This tells uwd to use /u1 area

Test

from mcclogin:  ssh -l uwd mccsyslog

 

ssh NEWhost

 

 


 

Programmers' Guides, Users' Guides, Requirements, Design, Papers, Administration, How-To, Hardware, IOC, Database

 

[SLAC CPE Software Engineering Group][ SLAC Home Page]

 


Created by: Ken Brobeck  2/8/2023

Modified:  31-Aug-2023