How to configure a new server for CONTROL.

Installing the OS

Please follow the ["Installing Fedora5"] instructions for Fedora installations.

Additional Operating System configuration

SELinux

SELinux has been known to cause problems with Control's directory model. To turn it off, change  /etc/selinux/config  to read

SELINUX=disabled

N.B. The changes will not take effect until the machine reboots.

Samba and PAM

New ccpass scripts for updating user passwords work around the problems of password synchronisation. As such, the SambaPasswordSync hack is considered depreciated.

To try and ensure locking works reliably between Windows and Linux, edit /etc/samba/smb.conf and add the following lines after the "global" section header:

#get record locking working between Windows and Linux
        strict locking = yes
        oplocks = False

Serial Ports

In /etc/rc.d/rc.local,

chmod 666 /dev/ttyS0
chmod 666 /dev/ttyS1

yum

In /etc/yum.repos.d/fedora-repo, /etc/yum.repos.d/fedroa-extras.repo and /etc/yum.repos.d/fedora-updates.repo, set the enable flag to 1

enable=1

Do NOT do this for any of the development files. Doing so can cause libraries to be updated and, as a result, CONTROL may not run.

Update the packages with

yum update

Note: be careful of glibc updates for older releases of CONTROL

If yum insists on gpg keys then, in /etc/yum.conf and /etc/yum.repos.d/*,

gpgcheck=0

VPN

Copy vpn.tgz from /u and extract it using the following commands:

# scp <user>@sam:/u/vpn.tgz /etc/ppp/
# cd /etc/ppp
# tar -xvzf vpn.tgz

Then as root accept the fingerprint:

# ssh 220.233.135.250
The authenticity of host '220.233.135.250 (220.233.135.250)' can't be established.
RSA key fingerprint is f6:f0:5c:21:74:0e:03:db:fc:71:e6:21:63:b5:c0:43.
Are you sure you want to continue connecting (yes/no)?

Type yes and cancel the connection.

Add the hostname (uname -n) into  /etc/hosts  on muppets. Assign the machine the next IP in the sequence.

Also update the ["DNS"].

To test the VPN connection, use the following:

# pppd call crecom nodetach debug

Once the VPN can connect correctly, add to the following to /etc/inittab:

vpn:2345:respawn:/etc/ppp/connect-crecom >> /var/log/connect-crecom.error

Additional Packages Needed by Control

The following packages need to be installed to enable some features:

• mkisofs - building backup CD images
• sharutils - E-Mailing PDF's
• dvd+rw-tools - Burning DVD's
• postgresql-odbc - New Rel9 and 10 installations require DB support.
• cdrecord - Burning CD/DVD backups
• rxvt - For running scripts in X11 mode

Configuring the OS for CONTROL

Creating the control group

Create the following group

# groupadd -g 3232 control

Create and configure the ccc user

Create user ccc

# adduser -g control ccc
# passwd ccc

Edit the ~ccc/.bash_profile to the following:

CUST=`uname -n`
export CUST
export PS1='${PWD}!>'
. /u/cc/usr/common.sh
ccusers

Setup the VNC password

# mkdir ~ccc/.vnc
# vncpasswd ~ccc/.vnc/passwd

Create the ~ccc/.vnc/xstartup file used by Xvnc. It should read:

export NODEID="vnc$DISPLAY"
sleep 5
exec fvwm

Make ~ccc/.vnc/xstartup executable.

chmod +x ~ccc/.vnc/xstartup

Transfer ownership of files to ccc

# chown -R ccc:control ~ccc/.vnc

Setup user defaults

Edit /etc/default/useradd such that the following variables are set and that rest can remain the same.

GROUP=3232
HOME=/u/cc/usr

Replace the contents of /etc/skel/.bash_profile with the following

logname=`logname`
. /u/cc/usr/common.sh
if [ "$logname" != "" ]; then
  if [ "$DISPLAY" = "" ]; then
    exec start
  fi
fi

Copy the ~ccc/.vnc/ folder to /etc/skel/

# cp -r ~ccc/.vnc /etc/skel/
# chown root:root /etc/skel/.vnc

Copy CONTROL

Package control programs on sam

export CONTROL_FILES="
std/binl
std/utbinl
std/binx11
std/utbinx11
adm
blank
standard
standard.adm
pixmap
lib
binl
binx11
DEMO
usr/common.linux
"
cd /u/ccdev/
tar cvzf control.tgz --exclude=.sccs $CONTROL_FILES

Setup /u/cc/ directory

touch /dev/lp8
chmod 666 /dev/lp8
umask 0
mkdir /u/cc/
chmod 777 /u/cc/
ln -s /u/cc /cc
mkdir /u/cc/usr
chmod 777 /u/cc/usr
ln -s ~ccc /u/cc/usr/ccc
mkdir /u/cc/LOG
chmod 777 /u/cc/LOG
chown ccc:control /u/cc/LOG /u/cc/usr
chown ccc:control /u/cc/usr/ccc /u/cc/usr/ccc/.*
cd /u/cc
tar xvzf PATH_TO_CONTROL_TAR_FILE/control.tgz
chown ccc:control std/* std/*/*
chown ccc:control binl/*
chown ccc:control binx11/*
binl/link_cntrl
chown ccc:control standard/*
chmod 666 standard/*
cp /u/cc/standard.adm/* /u/cc/adm
mv /u/cc/usr/common.linux /u/cc/usr/common.shLibraries

For Fedora versions prior to Fedora Core 5, update /etc/ld.so.conf to included the following line

/u/cc/lib

For Fedora Core 5 and later, execute:

cd /usr/lib
ln -s /u/cc/lib/libcqt3.* .

You will also need to edit /u/cc/usr/common.sh

LD_LIBRARY_PATH=/lib:/usr/lib:$CCDIR/lib

Then for all versions to rebuild the library cache execute:

ldconfig

X related configuration

Install necessary fonts

As a minimum, the system should have the 75-dpi, 100-dpi and truetype fonts appropriate for the installed X Font Server To search for the fonts:

yum search fonts

The packages are usually of the form fonts-xorg-75dpi

Once you have found the correct fonts packages

yum install <font package>

Make console (DISPLAY=0) a VNC server

Edit /etc/X11/xorg.conf

Section "Module"
        Load "vnc"      # Add this line
End Section
Section "Screen"
        Option "PasswordFile" "/u/cc/usr/ccc/.vnc/passwd"       # Add this line
End Section

Installing FVWM

We use FVWM as a slimline window manager where users don't need or expect a full remote desktop. You'll need to locate files fvwm-2.4.19-1.i386.rpm and libstroke-0.5.1-4.fc4.i386.rpm which are available on sam.

# yum install compat-readline43 gtk+ imlib
# rpm -Uvh fvwm-2.4.19-1.i386.rpm fvwm-themes-0.6.2-1.noarch.rpm libstroke-0.5.1-4.fc4.i386.rpm

Need to update Xclients such that FVWM is started when local user logs in.

# cd /etc/X11/xinit
# mv Xclients Xclients.bak
# vi Xclients

Update Xclients to initialise the control environment and execute FVWM as below:

rm -f $HOME/Xrootenv.0
rm -f /tmp/fvwmrc* 2>/dev/null
. /u/cc/usr/common.sh
exec /usr/bin/fvwm

Finally give Xclients execute permissions

chmod +x Xclients

Configuring FVWM

mkdir /etc/X11/fvwm2

Copy from system.fvwm2rc from /u or from a recent client's system and place it in the newly created directory. Also place a symbolic link to system.fvwm2rc in /etc/

ln -s /etc/X11/fvwm2/system.fvwm2rc /etc/

Post Control Installation Options

Backups

• cocont option Days before display system warning mesg should be set to 30. This allows the client to have at least one system backup to restore various configuration system configuration files in the event of a failure.

• Enter the Linux device into cocont's Backup device field.

Scheduled processes

crontabsetup auto_postal, eom_job, initda/backups and other scripts that need to run automatically. For ccc:

* * * * * /u/cc/binl/auto_postal 2>&1 > /u/cc/LOG/auto_postal.out
1 0 1 * * /u/cc/binl/auto_eom >/u/cc/LOG/auto_eom 2>&1
59 23 * * * /u/cc/binl/auto_signoff > /u/cc/LOG/auto_signoff 2>&1
10 0 * * * /u/cc/binl/post_sum > /u/cc/LOG/post_sum 2>&1

For root:

30 2 * * * /u/cc/binl/netchecktime > /u/cc/LOG/netchecktime.out 2>&1
0 3 * * * /u/cc/binl/bacint -s > /u/cc/LOG/bacint.out 2>&1

Background tasks

You will need to edit /etc/inittab:

id:5:initdefault:  # Need to change run level from 3 to 5
vpn:2345:/etc/ppp/connect-crecom 2>&1 >>/var/log/connect-crecom.log
v5:345:su - ccc -c /usr/local/bin/inittab_vnc 2>&1 >> /var/log/vnc.ccc

Customer Company

• coaad Setup the company record(s) for the customer.

• Ensure that the /u/cc/<CUSTOMER> directory exists and is a copy of standard. Also make sure that the correct amount of users and locations have been set.

• Enter the customer's company name into cocont's Company codes to be backed up field.

Data Imports

• Run any data imports necessary.

• CategoryInstallation