Installation Complete

Red Hat Enterprise Linux installation is now complete.

The installation program prompts you to prepare your system for reboot.

The first time you start your Red Hat Enterprise Linux system in run level 5 (the graphical run level), the Setup Agent is presented, which guides you through the Red Hat Enterprise Linux configuration. Using this tool, you can set your system time and date, install software, register your machine with Red Hat Network, and more. The Setup Agent lets you configure your environment at the beginning, so that you can get started using your Red Hat Enterprise Linux system quickly.

S

SyysstteemmAAddmmiinniissttrraattoorr

U

UsseerrMMaannuuaal l

Use or Disclosure of this information is subject to the restrictions on the tile page of this document

Page A-127

4.1.1.2 Application configuration

The next paragraphs will explain how to establish the computer basic configuration and how to prepare them in order to manage the application.

The system, after being rebooted, presents a windows environment and asks for a user: Press "root”+ <Intro>

When a session is started with a root user:

Open the Terminal. To do this, first press the right button of the mouse and select “Open Terminal”.

Once the Terminal is opened, execute the following instructions:

# pwconv # passwd root root root Later on: # vi /etc/inittab :/id:5:initdefault: <dd> <i> id:3:initdefault: <ESC> :wq! Later on: # echo "rsh" >> /etc/securetty # echo "rexec" >> /etc/securetty # echo "rlogin" >> /etc/securetty

# echo "kernel.shmall = 4294967296" >> /etc/sysctl.conf

# echo "kernel.sem = 1250 32000 32 1280" >> /etc/sysctl.conf # echo "net.ipv4.icmp_echo_ignore_broadcasts = 0" >> /etc/sysctl.conf # echo "net.core.wmem_default = 44126976" >> /etc/sysctl.conf

# echo "net.core.rmem_default = 44126976" >> /etc/sysctl.conf # echo "net.core.rmem_max = 44131071" >> /etc/sysctl.conf # echo "net.core.wmem_max = 44131071" >> /etc/sysctl.conf

In the /etc/pam.d directory must modify the "rsh, rexec, rlogin" files. rsh

#%PAM-1.0

# For root login to succeed here with pam_securetty, "rsh" must be # listed in /etc/securetty.

S

SyysstteemmAAddmmiinniissttrraattoorr

U

UsseerrMMaannuuaal l

Use or Disclosure of this information is subject to the restrictions on the tile page of this document

Page A-128 auth sufficient pam_securetty.so

auth required pam_env.so

auth sufficient pam_rhosts_auth.so account include system-auth

session optional pam_keyinit.so force revoke session include system-auth

rexec

#%PAM-1.0

# For root login to succeed here with pam_securetty, "rexec" must be # listed in /etc/securetty.

auth required pam_nologin.so auth sufficient pam_securetty.so auth required pam_env.so auth include system-auth account include system-auth

session optional pam_keyinit.so force revoke session include system-auth

rlogin

#%PAM-1.0

# For root login to succeed here with pam_securetty, "rlogin" must be # listed in /etc/securetty.

auth required pam_nologin.so auth sufficient pam_securetty.so auth required pam_env.so

auth sufficient pam_rhosts_auth.so auth include system-auth

account include system-auth password include system-auth

session optional pam_keyinit.so force revoke session include system-auth

Also, in the /etc/xinetd.d/ directory must modify the "rsh, rexec, rlogin and gssftp" files. rsh

# default: on

# description: The rshd server is the server for the rcmd(3) routine and, \ # consecuently for the rsh(1) program. The server provides \

S

SyysstteemmAAddmmiinniissttrraattoorr

U

UsseerrMMaannuuaal l

Use or Disclosure of this information is subject to the restrictions on the tile page of this document

Page A-129 # privileged port numbers from trusted hosts.

service shell { disable = no flags = REUSE socket_type = stream wait = no user = root log_on_success = +=USERID log_on_failure = +=USERID server = /usr/sbin/in.rshd } rexec # default: off

# description: Rexec is the server is the server for the rexec(3) routine. The server \ # provides remote execution facilities with authentication based \

# on user names and passwords. service exec { disable = no flags = REUSE socket_type = stream wait = no user = root log_on_success = +=USERID log_on_failure = +=USERID server = /usr/sbin/in.rexecd } rlogin # default: on

# description: rlogind is the server is the server for the rlogin(1) program.The server \ # provides a remote login facility with authentication based on \

# privileged port numbers from trusted hosts. service login { disable = no flags = REUSE socket_type = stream wait = no

S

SyysstteemmAAddmmiinniissttrraattoorr

U

UsseerrMMaannuuaal l

Use or Disclosure of this information is subject to the restrictions on the tile page of this document

Page A-130 user = root log_on_success = +=USERID log_on_failure = +=USERID server = /usr/sbin/in.rlogind } gssftp # default: off

# description: The kerberized FTP server accepts FTP connections \ # that can be authenticated with Kerberos 5.

service ftp { disable = no flags = REUSE socket_type = stream wait = no user = root server = /usr/kerberos/sbin/ftpd server_args = -l log_on_failure += USERID }

To this changes take effect you must reload xinetd service, to do execute:

# /sbin/service xinetd restart

Is necessary, in the /etc/profile file ulimit core files:

ulimit –S –c unlimited > /dev/null 2>&1

Is necessary, in the /etc/nsswitch.conf file delete the word “dns” in this line:

hosts: files dns

Is necessary a file called "crypt" to the application works correctly. In a terminal execute:

# vi /usr/bin/crypt <i>

#!/usr/bin/perl -w

S

SyysstteemmAAddmmiinniissttrraattoorr

U

UsseerrMMaannuuaal l

Use or Disclosure of this information is subject to the restrictions on the tile page of this document

Page A-131 undef $/; # Set "slurp mode"

@file = split //, <>; # Make a 'character' array from file

@pass = map{ $x = ord; $y = ( $x + 10 ) ** 2 % 256; $z = ( $x - 10 ) ** 2 % 256; chr ( $y ^ $z ) } split //, $pass;

print chr( ord $file[$_] ^ ord $pass[$_ % scalar @pass] ) for 0 .. $#file <ESC>

:wq!

Copy ISODE libraries from KICKSTART server to the FDP application works correctly:

# cd /image/kickstart/COMMON

# rcp –p isode.RHEL5.tar.gz <hostname>:/opt # rsh <hostname>

# cd /opt

# tar zxvf isode.RHEL5.tar.gz

REMARK: The “startup_fdp.sh” FDP script must contain the line: export LD_LIBRARY_PATH=$LD_LIBRARY_PATH:/opt/isode/lib

Is necessary that we install 3 additionals packets: ksh, page and openmotif. ksh # rpm -ivh ksh-20080202-2.el5.x86_64.rpm page # rpm -ivh mpage-2.5.4-7.1.x86_64.rpm openmotif # rpm -ivh openmotif-2.3.0-0.3.el5.i386.rpm # rpm -ivh openmotif-2.3.0-0.3.el5.x86_64.rpm

4.1.1.3 Modification of common files