Last active
November 3, 2017 15:42
-
-
Save cvrolf/a0581a91b2ad223175197d6392924351 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#@RunAs: Open a Terminal with user ubuntu @ VM***** | |
### | |
### Bash Shell behavior | |
# @doc -e Exit immediately if a command returns a non-zero status. | |
# @doc -u Treat unset variables and parameters other than the special parameters ‘@’ or ‘*’ as an error when performing parameter expansion. | |
# @doc -x Print a trace of commands after they are expanded and before they are executed. | |
set -u | |
set -x | |
### | |
### Global vars | |
MYDOMAIN="myvmtest" | |
MYIPADDRESS=192.168.122.102 | |
MYMACADDRESS=52:54:00:ff:ff:66 | |
### | |
### Check you are on the correct host: VM (not the Host Machine) | |
hostname | |
whoami | |
if [ "`hostname`" != "${MYDOMAIN}" ]; then | |
echo "ABORT. This is not a session on the VM ${MYDOMAIN}" | |
sleep 10 | |
exit 1 | |
else | |
echo "OK. This is a session on the VM ${MYDOMAIN}" | |
fi | |
## | |
## Ubuntu Hostname (a FQDN not needed for a local VM). | |
MYFILE=/etc/hostname | |
cat > ${MYFILE} <<ENDOFTEXTBLOCK | |
# | |
# /etc/hostname: local hostname config file | |
# | |
# Line Format: 1 line | |
##RHMOD Just declare the hostname. The FQDN name (hostname+domain) is not needed/possible for this VM | |
${MYDOMAIN} | |
ENDOFTEXTBLOCK | |
cat ${MYFILE} | |
## | |
## Ubuntu /etc/hosts | |
MYFILE=/etc/hosts | |
cat > ${MYFILE} <<ENDOFTEXTBLOCK | |
# | |
# /etc/hosts: static lookup table for host names | |
# | |
# Line Format: <unique-ip-address> <FQDN hostname.domain.org> <1..n aliases, typically hostnames> | |
##RHMOD REPLACE the whole file content | |
##RHMOD Loopback for localhost is always required. | |
127.0.0.1 localhost | |
##RHMOD Rules: | |
##RHMOD - Only one line per IP address! | |
##RHMOD - If you have several network interfaces (LAN, WLAN) then minimally mention the LAN IP. | |
##RHMOD - The default line is <192.168.0.95 s3black.infozine.be s3black> when you have a STATIC IP on a LOCAL NETWORK. Define explicitly the local IP address and the matching FQDN and hostname | |
##RHMOD - The default line is <127.0.0.1 s3black.infozine.be s3black> when you have a DYNAMIC IP on a LOCAL NETWORK. | |
##RHMOD - Optionally add other alias(es) for an IP address ON THE SAME LINE. | |
###RHMOD ***SPECIAL for VM myvmtest: OK no FQDN available*** | |
192.168.122.102 ${MYDOMAIN} | |
##RHMOD Comment out the DEFAULT line <127.0.0.1 s3...> It WILL cause Hadoop problems | |
#####127.0.0.1 ${MYDOMAIN} | |
##RHMOD Comment out the DEFAULT line <127.0.1.1 s3...> It WILL cause loopback problems and Hadoop problems | |
#####127.0.1.1 ${MYDOMAIN} | |
# The following lines are desirable for IPv6 capable hosts | |
::1 ip6-localhost ip6-loopback | |
fe00::0 ip6-localnet | |
ff00::0 ip6-mcastprefix | |
ff02::1 ip6-allnodes | |
ff02::2 ip6-allrouters | |
ENDOFTEXTBLOCK | |
cat ${MYFILE} | |
## | |
## SSH Server configuration | |
mkdir ~/tmp | |
cd ~/tmp | |
MYFILE=/etc/ssh/sshd_config | |
MYBACKUPFILE=~/--etc--ssh--sshd_config.backup | |
if [ ! -f ${MYBACKUPFILE} ]; then | |
echo "OK. Making backup..." | |
cp --verbose ${MYFILE} ${MYBACKUPFILE} | |
else | |
echo "OK. Backup file already exists ${MYBACKUPFILE} :)" | |
fi | |
if [ ! -f ${MYFILE} ]; then | |
echo "ERROR. Cannot find file ${MYFILE}" | |
else | |
sed --in-place --expression 's/^#LogLevel INFO/\n##RHMOD\nLogLevel VERBOSE\n/' ${MYFILE} | |
echo "###RHMOD Append @ end" >> ${MYFILE} | |
echo "UseDNS no" >> ${MYFILE} | |
echo "ClientAliveInterval 900" >> ${MYFILE} | |
grep "Port 22" ${MYFILE} && echo "OK" || echo "NOT OK" | |
grep "LogLevel VERBOSE" ${MYFILE} && echo "OK" || echo "NOT OK" | |
grep "UseDNS no" ${MYFILE} && echo "OK" || echo "NOT OK" | |
grep "ClientAliveInterval 900" ${MYFILE} && echo "OK" || echo "NOT OK" | |
# Remove deprecated configurations (they were dumped in syslog) | |
sed --in-place --expression '/^KeyRegenerationInterval/d' ${MYFILE} && echo "OK" || echo "NOT OK" | |
sed --in-place --expression '/^RSAAuthentication/d' ${MYFILE} && echo "OK" || echo "NOT OK" | |
sed --in-place --expression '/^RhostsRSAAuthentication/d' ${MYFILE} && echo "OK" || echo "NOT OK" | |
sed --in-place --expression '/^ServerKeyBits/d' ${MYFILE} && echo "OK" || echo "NOT OK" | |
service ssh restart; ss -lnp | grep sshd; | |
fi | |
## | |
## Make sudo more flexible | |
MYSNIPPET=~/visudo-snippet | |
cat > ${MYSNIPPET} <<ENDOFTEXTBLOCK | |
###RHMOD APPEND this. | |
###RHMOD Custom setup for this Ubuntu Desktop server! | |
## My old version: | |
## ubuntu ALL=(ALL:ALL) ALL | |
## New version whereby no password is asked when executing 'sudo' (asking=annoying when using a local VM!) | |
ubuntu ALL=(ALL:ALL) NOPASSWD: ALL | |
ENDOFTEXTBLOCK | |
cat ${MYSNIPPET} | EDITOR='tee -a' visudo | |
## FIX Grub2 boot loader: avoid the Plymouthd splash screen crashes at boot-time | |
## @bug If you set the display resolution higher than the default (1024x768) in the Ubuntu Desktop Settings, which I do later on, then the boot sequence hangs at the Ubuntu splash screen (cause: plymouthd daemon). | |
## @tip You can change the Grub2 settings temporarily at boot-time: Press the SHIFT key to interrupt whils the grub is loading. Then press 'e' for edit and remove "quiet splash". | |
cd ~/tmp | |
MYFILE=/etc/default/grub | |
MYBACKUPFILE=~/--etc--default--grub.backup | |
if [ ! -f ${MYBACKUPFILE} ]; then | |
echo "OK. Making backup..." | |
cp --verbose ${MYFILE} ${MYBACKUPFILE} | |
else | |
echo "OK. Backup file already exists :) ${MYBACKUPFILE}" | |
fi | |
if [ ! -f ${MYFILE} ]; then | |
echo "ERROR. Cannot find file ${MYFILE}" | |
else | |
sed --in-place \ | |
--expression 's/GRUB_CMDLINE_LINUX_DEFAULT="quiet splash"/\n##RHMOD Fix crash in ubuntu splash plymouthd\nGRUB_CMDLINE_LINUX_DEFAULT="vt.handoff=7"\n/' \ | |
${MYFILE} | |
cat ${MYFILE} | |
grep 'GRUB_CMDLINE_LINUX_DEFAULT="vt.handoff=7"' ${MYFILE} && echo "OK" || echo "NOT OK" | |
update-grub | |
fi | |
## | |
## ENABLE the motherboard speaker | |
# @doc https://wiki.archlinux.org/index.php/PC_speaker | |
MYFILE=/etc/modprobe.d/blacklist.conf | |
grep 'pcspk' ${MYFILE} | |
sed --in-place --expression "s/^blacklist pcspkr/##RHMOD Whitelist the PC speaker module so it can do beeps for me\n#####blacklist pcspkr/g" \ | |
${MYFILE} | |
grep '#####blacklist pcspkr' ${MYFILE} && echo "OK" || echo "NOT OK" | |
## | |
## Install SPICE VM Agent | |
#@doc SPICE = remote access to virtual machines. The recommended extra Spice agent works with the Spice protocol to offer a better guest console experience. | |
apt --yes install spice-vdagent | |
## | |
## Remove ufw (unnecessary in a NAT-based VM) | |
apt --yes remove ufw | |
## | |
## Remove AppArmor (more of a burden then a good thing) | |
/etc/init.d/apparmor stop | |
update-rc.d -f apparmor remove | |
apt --yes remove apparmor apparmor-utils | |
## | |
## Install GENERAL PURPOSE PACKAGES. | |
apt --yes install apt-show-versions curl dos2unix git htop landscape-common lm-sensors mc screen smem tree | |
## | |
## Install the Gnome Tweak tool | |
# @doc Not used yet but might become interesting in the future. | |
apt --yes install gnome-tweak-tool | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment