...
Package | Status | Date installed | Install Tool | Notes | ||
---|---|---|---|---|---|---|
1 | Linux | required | 7/13/2018 and 8/28/2018 | pxe boot | Basic CLI | |
2 | X11 | required | 7/17/2018 and 9/28/2018 | note 1 below | X11+gnome+gazillion dependencies | |
3 | window manager | required | 7/17/2018 and 9/28/2018 | " | gnome based - working on conf file | |
4 | desktop | required | 7/17/2018 and 9/28/2018 | " | (various convenience apps) | |
5 | chef-client | required | 11/13/2018 | (installed by KSA) | Needed for installing YFS | |
6 | Windows Active Directory | new authentication model (old=kerberos) | ||||
7 | printing | required | [10/4/2018] | sudo system-config-printer | Printing will be via Windows AD IP based printing. In the meantime, configure locally using built-in printing system. Configure B048F2COPIER as a generic postscript printer. | |
8 | YFS | required | 11/14/2018 | chef-client -o slac_yfs-client | Auristor's YFS (AFS) client. Use "kinit [<userID>]" followed by "aklog" to get a token | |
9 | emacs | required | 7/19/2018 and 9/28/2018 | gnome-software | ||
10 | chrome | required | 9/28/2018 | d/l + yum install | ||
11 | thunderbird | required | 7/19/2018 and 9/28/2018 | gnome-software | ||
12 | NX | required | 9/28/2018 | d/l + yum install | NoMachine client for use with NERSC | |
13 | citrix client | TESTING INC0211099 not sure if it will work | ||||
14 | fastx | 9/28/2018 | d/l + tar -xvf | https connection fails, but ssh connection works. KSA has opened ticket with vendor | ||
15 | slack | 9/28/2018 | d/l + yum install | |||
16 | zoom | 9/28/2018 | d/l + yum install | (implies support for microphone, camera and speakers) | ||
17 | LibreOffice | required | 7/19/2018 and 9/28/2018 | gnome-software | calc,writer,base,draw,impress,CAD | |
18 | python v3 | required | 9/28/2018 | yum install | ||
19 | sshfs | yum install fuse-sshfs | ||||
20 | dev tools (gcc) | required | 9/28/2018 | yum install | sudo yum group install 'Development Tools' | |
21 | filezilla | 10/1/2018 | gnome-software | GUI file transfer between comet2 and SLAC servers | ||
22 | Ksnapshot | required | 10/1/2018 | gnome-software | screen shot utility | |
23 | DbVis | needed by Fermi/LSST app developers | ||||
24 | NetBeans | needed by Fermi/LSST app developers | ||||
25 | LSF | 10/25/2018 | requires slac_yfs-client | requires desktop is in the lsf configuration file and allowed to run batch commands, if desktop name is not in LSF configuration, start a service now ticket to request addition Needs YFS to do run command a link for /etc/lsf.conf (likely a cookbook configured setting?) | ||
26 | VPN | required | 11/14/2018 | download | Must download from a current Cisco AnyConnect customer | |
27 | clamav | not needed | sudo yum install clamav | Anti-virus (needed to access SLAC VPN, but not necessary on machine connected to internal network) | ||
28 | media codecs | very strongly desired | 12/14/2018 | Many steps --> | Followed numerous "sudo yum install ..." commands from https://wiki.centos.org/TipsAndTricks/MultimediaOnCentOS7 | |
29 | htop | very strongly desired | 12/14/2018 | yum install htop | in EPEL | |
30 | gimp | elective | 12/17/2018 | desktop installer | Gnome installer accessed through the Window Manager menu: Applications -> System Tools -> Application Installer | |
31 | 31 | |||||
32 | ||||||
33 | ||||||
34 |
Notes:
X11 & GUI installed in this way:
Code Block title X11 and GUI curl http://yum/centos-gui > /tmp/centos-gui /bin/sh /tmp/centos-gui
(very large set of packages, takes a long time...)
Software installed via the GUI, e.g., Thunderbird, emacs, LibreOffice
Code Block sudo gnome-software
Attempt to install FastX downloaded from www.starnet.com. Code is unpacked from a tar.gz file and run without any special installation. Attempt to configure SLAC but code fails with a relocation error associated with /lib64/libssl.so.10. Karl to the rescue! Use the "ssh" connection rather than "https" while he queries the vendor for a proper fix.
TRS should not be used as it currently requires the use of DES enctypes that are insecure. WE have a todo to remove the ability for this weak-key to work. And are working to make TRS more secure so it can be used on Centos.
...
Expand | ||
---|---|---|
| ||
7/13/2018 - comet2 machine arrives in bldg 48 rm 248. Kerberos authentication (temporary). Initial pass at identifying and installing needed software packages (above table) 8/28/2018 - comet2 rebuilt, lose login ability 9/28/2018 - regain ability to login via local account. Re-install needed packages. Also move offending file which causes polkitd to consume too much CPU, "A workaround that I've been using is to remove /etc/xdg/autostart/org.gnome.SettingsDaemon.Account.desktop until the above mentioned bug is fixed." (but this does not clear up the issue - polkitd still consumes 7-6% of the CPU continuously) 11/13/2018 - chef client installed (by Karl). Unexpectedly (to TG), this also activated unix kerberos authentication 12/17/2018 - Karl adds 'dragon1' and 'dragon' accounts to /etc/group 'wheel' group. This allows a user to run, for example, the software installation tool launched from the Applications -> System Tools menu in the WM. |
References:
- SLAC minimum security requirements:
https://docs.slac.stanford.edu/sites/pub/Publications/701-I02-001-00_Min_Sec_Req_for_Comp.pdf Stanford minimum security requirements:
https://uit.stanford.edu/guide/securitystandards
...