Please consider a donation to the Higher Intellect project. See https://preterhuman.net/donate.php or the Donate to Higher Intellect page for more info. |
Difference between revisions of "IRIX Installation and Customization"
Line 180: | Line 180: | ||
You can use "df -h" to get a more human readable output. | You can use "df -h" to get a more human readable output. | ||
− | If needed you can upgrade the OS to the latest IRIX version, which is 6.5.30 or 6.5.22 for older systems like [[SGI Indy]] and [[SGI Indigo2]], by downloading the overlay from your supportfolio | + | If needed you can upgrade the OS to the latest IRIX version, which is 6.5.30 or 6.5.22 for older systems like [[SGI Indy]] and [[SGI Indigo2]], by downloading the overlay from your supportfolio account. |
Keep in mind that you need to install [[Patch 5086]] first if you try to upgrade to >= 6.5.22 from < 6.5.21. Apply all the current patches available from supportfolio. If the ipfilter package is not installed yet, consider to install it now. | Keep in mind that you need to install [[Patch 5086]] first if you try to upgrade to >= 6.5.22 from < 6.5.21. Apply all the current patches available from supportfolio. If the ipfilter package is not installed yet, consider to install it now. | ||
Revision as of 15:50, 16 September 2018
This article describes the installation and customization of the IRIX 6.5.30 operating system on a SGI Fuel. None of the tasks are specific to the FUEL or this specific version of the OS, so most of the steps will work for IRIX 6.5.21 - 6.5.30 and different hardware too. The following steps where recorded during the re-install of my system after the hard disk died.
Well, since we already have an article about the core installation over a network and also a complete howto for the manual steps we will skip this part in this tutorial to reduce redundancy.
See also the wiki entry, creating Bootable EFS Images
Additional PROM settings
If they don't exist yet, add or verify the following variables
- AutoLoad yes
- nogfxkbd 1
- OSLoadPartition xxxx Variable set to root partition of the first SCSI disk.
- OSLoadFilename xxxx Variable set to /unix (the kernel)
The "nogfxkbd" option allows the machine to boot without a keyboard or mouse connected. Its not needed on a headless system like SGI Origin 2xx(x) or 3xx(x). The OSLoadFilename variable is only important if the volume header of your system disk doesn't contain the bootfile=/unix entry.
First tasks after installation
Log in as user "root" by clicking the User icon in the login window or by using telnet from a different machine.
Setup the network
Either do it graphically by choosing System Manager from the Toolchest and following along or use the instructions below.
By default IRIX uses DHCP after the installation finished and with some luck it works out of the box. But in most cases you will want to use a static IP address rather than a dynamic one, especially if you plan to provide services like WWW or Mail to other users or to yourself.
Hostname
Set the hostname for your machine:
IRIS # echo "fuel" > /etc/sys_id
Default IP Address
Edit the "/etc/hosts" file and enter your static IP followed by the FQDN(Full Qualified Domain Name) and an alias.
192.168.178.14 fuel.home.local fuel
Run the following commands:
IRIS # chkconfig autoconfig_ipaddress off IRIS # chkconfig verbose on
Note: Use tabs instead of simple whitespaces when editing the "/etc/hosts" file.
Additional IP Addresses
If more than one IP is needed you can set the additional addresses in the "/etc/config/ipaliases.options" file.
ef0 192.168.178.15 netmask 0xffffff00 broadcast 192.168.178.255 ef0 192.168.178.16 netmask 0xffffff00 broadcast 192.168.178.255 ef0 192.168.178.17 netmask 0xffffff00 broadcast 192.168.178.255
Set chkconfig ipaliases to on. These settings comes active when restarting the network or the complete machine.
IRIS # chkconfig ipaliases on IRIS # /etc/init.d/network stop IRIS # /etc/init.d/network start
DNS
Edit "/etc/resolv.conf" and add the following lines:
domain home.local nameserver 192.168.178.1
Perform "chmod 644 /etc/resolv.conf" after closing the file.
Resolve Order
Edit "/etc/nsswitch.conf" and change the line with "hosts:" to "hosts: files dns files".
Important note about DNS settings
If you use a domain that you own (or not) and your hosts don't actually resolve to real IP addresses (say you use abc.com for your website and iris.abz.com for the irix host which does not resolve to any IP address publicly) - IRIX may fallback to your domain's default IP address - in this case IP address for abz.com.
This may cause problems with certain applications using tooltalk (you would then see instances of "ttsession" in your ps output).
Examples may be cvd or rapidapp - those will show up in "ps" along with ttsessions instances but not display anything and look as if it were frozen.
Try running such app using "par", look for "gethostname" system calls and you should see dns resolution results. Inspect those in order, see if the lookup resolves to your local machine's hostname and IP address - if it doesn't, then fix your DNS to either use local server, correct your /etc/hosts and resolution order in /etc/nsswitch.conf, or add your machine to the real DNS server for your domain.
The explanation is simple:
Applications like cvd or rapidapp use tooltalk protocol which establishes some connection (possibly over IP) - so it launches hostname lookup for your machine, if this doesn't resolve back to your exact machine the app will keep waiting hoping the other side will respond and seem frozen.
Default Gateway
Add the default route to "/etc/config/static-route.options"
#$ROUTE $QUIET add net default 192.168.178.1
Use the new network settings
Don't restart the network at this point because the change of the hostname in "/etc/sys_id" normally requires a reboot. As a workaround you can add your current hostname, which would be "IRIS", as an alias to "/etc/hosts". If you do this you can run "/etc/init.d/network stop && /etc/init.d/network start" and reboot the system.
192.168.178.14 fuel.home.local fuel IRIS
Optional: Set up IPv6
See topic IPv6 Set up.
Timezone
Set up the timezone "TZ=:Europe/Berlin" in "/etc/TIMEZONE".
Setup Date and Time
Without a reboot the changes in "/etc/TIMEZONE" won't take effect so we set the new value for our current session.
fuel # setenv TZ ":Europe/Berlin" fuel # echo $TZ :Europe/Berlin
If you have an internet connection use the ntpdate command for setting up the clock.
fuel # ntpdate ptbtime1.ptb.de 1 May 16:33:16 ntpdate[5366]: adjust time server 192.53.103.108 offset 0.014294 sec fuel # date Thu May 1 16:33:18 MET DST 2008
Without internet access you have to use the "date" command for this step.
fuel # date mmddHHMMccyy
Move $HOME for user root and change the default shell
Create a new directory like "/admin" and adjust permissions.
fuel # mkdir /admin fuel # chmod go-rwx /admin
Open "/etc/passwd" and modify the first line.
root::0:0:Super-User:/admin:/bin/tcsh
and change the location of $HOME and your favorite shell.
Re-login again to see if the changes take effect. If you're using a remote login via telnet or ssh just run "su -". Open a unix shell or use the console to check your current location and the shell variable.
fuel # pwd /admin fuel # echo $SHELL /bin/tcsh
Note: It may take some time before the desktop icons re-appear.
Clean up the old stuff
fuel # cd / fuel # rm -rf dumpster fuel # rm -rf Desktop fuel # rm -rf .Sgiresources .cshrc .login .profile .varupdate .wshttymode .desktop-IRIS .desktophost
Install additional Software or Upgrades
In this case we install the software from a remote HOST which provides a share via NFS.
fuel # mkdir -p /mnt/indy fuel # mount 192.168.178.7:/usr2 /mnt/indy fuel # df Filesystem Type blocks use avail %use Mounted on /dev/root xfs 66924928 5106680 61818248 8 / 192.168.178.7:/usr2 nfs 156014080 96452928 59561152 62 /mnt/indy
Hint: You can use "df -h" to get a more human readable output.
If needed you can upgrade the OS to the latest IRIX version, which is 6.5.30 or 6.5.22 for older systems like SGI Indy and SGI Indigo2, by downloading the overlay from your supportfolio account. Keep in mind that you need to install Patch 5086 first if you try to upgrade to >= 6.5.22 from < 6.5.21. Apply all the current patches available from supportfolio. If the ipfilter package is not installed yet, consider to install it now.
Example for installing additional packages:
inst -f /mnt/indy/6.5/ipf -f /mnt/indy/6.5/ws_field_diags_irix-6515_6525.tardist -f /mnt/indy/6.5/ws_field_diags_stand-6521.tardist Inst> install all Inst> go Inst> exit
Password for user root
Set a password for your root user.
fuel # passwd root ******** ********
Reboot the machine
Run "shutdown -y -i6 -g0" or simply "reboot".
'Note:' If you log in for the first time after changing the hostname in "/etc/sys_id" the system will ask you to create a new desktop environment or to use the previous one. This is caused by the fact that the hostname is part of the name of the file containing your desktop settings.
Securing the installation
IRIX comes with a simple web-based GUI (Webface) for customizing some application, services together with a simple wizard named Ezsetup.
Webface
Webface is a weird mix of several independent modules like Webadmin, custom CGIs and other things used to configure some application. Note that some of these come from the Application CD or SGI's freeware collection.
Before using webface you need to start it first.
fuel # chkconfig webface on fuel # /etc/init.d/webface start
Use a browser and surf to http://machinename:2077 where 2077 is the port number. You need to setup the root password and creating an account for the webface user.
- Disable DHCP Server
- Turn of standard services in inetd.conf // Doesnt take effect until you reboot or run "/etc/killall -HUP inetd". There is an option to disable all services which makes your IRIX Desktop unhappy because some daemon like FAM won't work anymore. You also disable telnet and ftp this way, so if you're connecting from a different machine, make sure to have SSHD already up and running or you'll be locked out.
- Close all accounts
- Require password verification for all remote logins
- Disallow SNMP write privileges
Accept these changes and switch to the Applications if necessary.
fuel # /etc/init.d/webface stop fuel # /etc/init.d/sgi_apache stop
EZsetup
Logging in as the Ezsetup user will open a wizard of 4 steps to setup the network, customizing the login window and activating some security add-ons like the use of shadow passwords. You can start it by selecting the EZsetup user icons from the login window. All the following things can be done manually by using various command-line tools and editing config files.
Step 1: Make your system secures
- Run EZsetup, lock all accounts
- Add passwords
- Lock all the accounts
- Enable JS/Java for some accounts
- Remove NIS Accounts
- Use shadow passwords
- Require passwords at login
- Visual Login Screen allowed
- Privileged user allowed
- Protect new user files
- Enable remote display
- Disable IP Forwarding
- Disable Outbox Webserver
Press "OK" to complete the task.
Note: You may get an error when specifying the use of JavaScript/Java because the ".netscape" config directory wasn't created yet for those users. If this happens log in through telnet/ssh and just create it.
fuel # mkdir $user/.netscape fuel # touch $user/.netscape/preferences.js
Don't forget to adjust the ownership of the created files!
Hint: The use of the shadow password file can be done by running "pwconv" from the command line. All entries from "/etc/passwd" are converted into "/etc/shaddow". Consider to read the man page first before using the command.
This wizard can also be run by choosing "Improve System Security" from the SystemManager (sysmgr) in the "Security and Access Control" menu.
Step 2: Setup your network connection
Enter the root password when asked for it. You can skip this part if you already did it at the beginning in this article. Otherwise specify the Hostname, IP address and Gateway information as requested. Press "OK" to complete the task.
Step 3: Create a user account
Enter the root password when asked for it.
- Specify your user name
- Enter the full name
- Add Password
- confirm the user id
Note: If you have more than one unix machine around or when using NFS use the same user id as on your other machines!
- Select primary group: user
- Verify home directory and create as needed
- Select tcsh as your default shell
Note: You can change your default shell later to "bash" or "zsh" by editing "/etc/passwd". Make sure that the corresponding package is installed on the system.
Hint:
Don't specify a shell for the user root which is not on the partition of the system disk. A good choice would be to use tcsh and switch to your favorite one after you logged in.
Press "OK" to complete the task
Step 4: Customize your work environment
Click on "World Wide Web" and than "Next".
- Choose default page for your webbrowser
- Add Socks and Proxy setting if needed
- Enable Java an Javascript
Press "OK" to complete the task
Click on "Configure".
- Choose between "Personal Computer" or "Unix system".
Press "OK" to complete the task
Quit the system setup
If you have finished all the tasks press the "Quit System Setup" button and confirm with "yes". If the system asks for a reboot select "yes".
After rebooting the system don't forget to lock the EZsetup account! Run "passwd -l EZsetup" within a shell.
Install SSH Server
By default the openssh server isn't installed. If you would like to run a stock IRIX use inst or swmg and install "openssl.sw.server" from your recent overlay media (only available on >= IRIX 6.5.19). You may consider to use a more recent version of the software by using SGI's Freeware or Nekoware OpenSSH. The later one provides the most recent version of Openssh [1]. A separate howto setup ssh is available for this.
For Nekoware sshd you need at least the following packages:
fuel # cd /path/to/neko_tardists fuel # inst -f neko_openssh-4.7p1.tardist -f neko_openssl-0.9.7m-r1.tardist -f neko_zlib-1.2.3-r1.tardist
Install IPfilter
A comprehensive howto for the configuration of IPfilter is available.
fuel # chkconfig ipfilter on
Disable services through inetd
Open "/etc/inetd.conf" and comment out all services you don't want to use. By default it would be safe to comment out services like:
- ftp
- telnet
- shell
- login
- exec
- finger
- http
- wn-http
- sgi-dgl
- bootp
- tftp
- ntalk
- tftp
- tcpmux
After that run "/etc/killall -HUP inetd" for re-reading the configuration.
Insert "-s" into "/etc/inetd.conf" for checking the syntax of the file. You can also run "inetd -s" as a non root user for this task.
Note: Don't disable all of the sgi_* services until you know what you're doing. Most of these services are needed for a properly working desktop. If you would like to try it just comment out all sgi_* except the sgi_fam service! If you properly set up IPF malicious traffic from the outside will be blocked. If you're using 3rd party application or other commercial software which act in a Server and Client way you may need services like exec or login. Check the SYSLOG if problems occur during the use of those kind of applications.
Disable unwanted Services and Daemons with chkconfig
Run "chkconfig" to get a list of available flags. The number of entries depends on which software is installed and also depends on the hardware platform. For the description of the default flags see the manpage of chkconfig. If a description is missing try "man $flagname" to find further information. The chkconfig flags are used in various init scripts to determine if a service or daemon should automatically be started at boot time. A brief list of settings which can be changed compared to the default:
- chkconfig webface_apache off
- chkconfig webface off
- chkconfig sgi_apache off
- chkconfig verbose on
- chkconfig numastatd off
- chkconfig esp off
- chkconfig lp off
- chkconfig ipfilterd off
- chkconfig sesdaemon off
- chkconfig tfxd off
- chkconfig snmpd off
- chkconfig routed off
- chkconfig route6d off
- chkconfig sdpd off
- chkconfig proclaim_server off
- chkconfig ts off
- chkconfig mkpd off
Login requirements
Edit "/etc/default/login" and change the login requirement to match your needs.
- MANPASS=YES #This causes the system to lock out each account that does not have a password.
- PASSREQ=NO
- SLEEPTIME=1
- LOGFAILURES=3
- DISABLETIME=20
- MAXTRYS=3
- SUPATH=/usr/sbin:/usr/bsd:/sbin:/usr/bin:/etc:/usr/etc:/usr/bin/X11:/usr/gfx:/usr/sysadm/bin:/usr/sysadm/privbin
Verify that the "UMASK" value is also present in "/etc/profile" and "/etc/cshrc" and has the same value. For accounts (root) which need strict settings set umask 027 in $HOME/.cshrc and $HOME/.profile. All files created by users with umask 027 will now have "rw-r-----" and directories will have "rwxr-x---" permissions. Any special needs can be addressed on an individual basis.
fuel # touch /var/adm/loginlog
Warning: You have to change the UMASK back to 022 if you would like to install self-compiled software for your users.
Hide User accounts in the login window
Edit "/var/sysadm/config/clogin.conf" or use "Toolchest -> System -> System Manager -> Security and Access Control -> Configure Login Window" from the system manager which can be start from the toolchest or "/usr/sysadm/bin/swmgr".
Note: If your machine is a public one you may consider to set
fuel # chkconfig noiconlogin on fuel # chkconfig visuallogin off
This way the login screen will not display which accounts exist on the machine.
Grant Privileges
You may grant some additional privileges to your main user to allow him to perform some admin tasks, like shutting down the machine. To do so start sysmgr again and choose "Privilege Manager" from the "Security and Access Control" menu.
Verify user accounts
Issue "/usr/sbin/pwck" which checks the /etc/passwd file for inconsistencies. It should report that the sysadm, cmwlogin, nuucp, auditor, dbadmin, rfndd, demos, OutOfBox and 4Dgifts accounts do not have home directories.
Securing FAM
FAM is the File Alteration Monitor. This server tracks changes to the filesystem and relays them to applications such as the file manager and mailbox.
Edit "/etc/fam.conf" and change "local_only = false" to "local_only = true"
Additional logging and System Modifications
For extra logging of login, xdm, ssh, getty, ftpd and rshd attempts into a seperate file together with SYSLOG edit "/etc/syslog.conf" and add the line "auth.info<TAB>/var/adm/authlog"
fuel # touch /var/adm/authlog fuel # chown root:sys /var/adm/authlog fuel # chmod 600 /var/adm/authlog
Also log unsuccessful login attempts at the console.
fuel # touch /var/adm/loginlog fuel # chown root:sys /var/adm/loginlog fuel # chmod 600 /var/adm/loginlog
Restart the syslogd by running "/etc/killall -HUP syslogd" from a shell.
Rotating of logs and System Modifications
Add the following lines to the root users crontab:
1 1 * * 0 umask 077; cd /var/adm; if test -s authlog && test "`/sbin/stat -qs authlog`" -ge 10240; then mv -f authlog OLDauthlog; touch authlog; killall 1 syslogd; fi 21 1 * * 0 umask 077; cd /var/adm; if test -s loginlog && test "`/sbin/stat -qs loginlog`" -ge 10240; then mv -f loginlog OLDloginlog; touch loginlog; killall 1 syslogd; fi
Hint: If you choose "umask 077" instead of "umask 033" this increases system security by creating log files which aren't readable by group and others anymore.
Hint: If you are not familiar with the "vi"-like editor for "crontab -e" you can also use a GUI tool of your choice and change "/var/spool/cron/crontabs/root" instead.
not written yet
Some post installation steps
Installing licenses
Place your licences to "/var/flexlm/license.dat". Keep in mind that some 3rd. party products like SoftWindows place their license file under different locations. If your system has a XVM/XLV plexing license put a copy into /etc/flexlm/license.dat too, because "/var" may be a seperate mount point which is not yet available during XVM/XLV initialization.
Note: You always have support for plexing when booting the miniroot from a install media like CDrom or network.
Enabling 24bit Color for the root window
Instructions about this task can be found in the wiki as well.
Gamma settings
The default value of 1.7 is high compared to other systems (Windows). To change the setting permanently run the following command as user "root":
fuel # gamma 1.2
The value is stored in "/etc/config/system.glGammaVal". Without a new value the command returns the current setting.
Enable NTP (Network Time Procol)
Open "/etc/ntp.conf" and specify a timeserver like "server ptbtime1.ptb.de". A list of available servers can be found on the internet.
Run "chkconfig ntp on" and use the init-script to start ntp.
fuel # /etc/init.d/ntp start fuel # ps -edalf | grep ntp | grep -v grep 4 S root 1552 1 0 20 20 * 168:168 55a198b8 19:01:33 ? 0:00 /usr/sbin/ntpd -b -f /etc/ntp.drift 0 S root 1555 1552 0 20 20 * 168:168 55a1b0b8 19:01:33 ? 0:00 /usr/sbin/ntpd -b -f /etc/ntp.drift
If you use ntp on your system you don't have a need for the TIMESERVER anymore so run "chkconfig timed off".
Run ntpdate through a cronjob
Run "crontab -e" as user root and add:
# Run Ntpdate every 55min 55 * * * * ntpdate ptbtime1.ptb.de > /dev/null 2>&1
Run updatedb through a cronjob
The findutils package provides capabilities for searching.
Install the following packages:
fuel # inst -f neko_fileutils-4.1.tardist -f neko_findutils-4.2.20.tardist -f neko_gettext-0.14.1.tardist -f neko_libiconv-1.11.tardist -f neko_expat-2005-01-28.tardist
Run "crontab -e" as user root and add:
# Run Updatedb a 3:00am 0 3 * * * /usr/nekoware/bin/updatedb --prunepaths='/dev /hw /CDROM /mnt /tmp /usr2/MIPS /usr2/GCC /stand' > /dev/null 2>&1
Run the command within a shell for building the database now and you can use "locate foobar" for searching through all your files.
Serial devices
You can specify default values for your serial lines in "/etc/uucp/Devices".
Systune Kernel Parameters
systune is a tool that enables you to examine and configure your tunable kernel parameters. Systune can adjust some parameters in real time and informs you if you need to reboot your system after reconfiguration.
Core dumps are generally world readable. Hackers can cause them to be generated and then read data such as the "/etc/shadow" file from them. They can also be used in denial of service attacks. The rlimit_core_max kernel parameter specifies the maximum size of a core file and is set to a large value by default. Setting this value to 0 will restrict the generation of core files. This is only a small inconvenience to developers who can still use tools such as CaseVision Tools and Insure++ for debugging.
fuel # systune rlimit_core_max 0
By default the kernel parameter restricted_chown is set to 0, which allows users to giveaway file ownership in System V style. This is a security risk that has resulted in several recent exploits. Change this value to 1 to enforce the BSD style chown, which only allows root to give away files.
fuel # systune restricted_chown 1
Disable ipforwarding to prevent broadcasting of sensitive system information.
fuel # systune ipforwarding 0
Disable ipsendredirects
fuel # systune ipsendredirects 0
Disable ipdirected_broadcast
fuel # systune ipdirected_broadcast 0
Increase the size of arguments
fuel # systune ncargs 131072
Enable the use of ipv6
fuel # systune ip6_enable 1
Reconfigure the kernel and reboot the machine to make the changes take effect.
fuel # /etc/autoconfig fuel # /etc/reboot
Note: Some of these modifacation are already set if you used the EZsetup wizzard earlier.
Customizing the user environement
Most of the settings can be reached through the customization panels from the toolchest. The values are stored into $HOME/.Sgiresources.
Shell
Assuming that you have selected "bash" as your favorite shell you have to create $HOME/.profile for customizing.
# Users sh profile # # "$Revision: 1.17 $" # ORACLE environement if test -f /etc/oracle_env.sh; then . /etc/oracle_env.sh fi if [ -z "$ENVONLY" ] then # Set the interrupt character to Ctrl-c and do clean backspacing. if [ -t 0 ] then stty intr '^C' echoe fi # Set the TERM environment variable if [ -d /usr/lib/terminfo ] then eval `tset -s -Q` fi # save tty state in a file where wsh can find it if [ ! -f $HOME/.wshttymode -a -t 0 ] then stty -g > $HOME/.wshttymode fi fi # Set the default X server. if [ ${DISPLAY:-setdisplay} = setdisplay ] then if [ ${REMOTEHOST:-islocal} != islocal ] then DISPLAY=${REMOTEHOST}:0 else DISPLAY=${REMOTEHOST}:0 fi export DISPLAY fi # Aliase alias ll='ls -l' alias ps='ps -edalf' alias wg='wget --passive-ftp ' alias par='par -sSSi' alias whois='whois -T dn ' PS1=$WHT"[\h]:"$RED"\w "$WHT"\$ "$NONE PS2=$GREEN"> "$NONE export PS1 export PS2 export MANFMTCMD="groff -Tascii -man" export LC_ALL=de export LANG=de export COLORTERM=1 export MP_SET_NUMTHREAD=1 export KDEDIRS=/usr/nekoware/kde export GNOME2_DIR='/usr/nekoware' export GNUMAKE='/usr/nekoware/bin/gmake' export PATH=/usr/nekoware/bin:$PATH export PYTHONHOME=/usr/nekoware export PYTHONPATH=/usr/nekoware/lib/python2.4 export PERL=/usr/nekoware/bin/perl export QTDIR=/usr/nekoware/qt4 # Paths export PATH=/sbin:/usr/sbin:/usr/bsd:/usr/bin:/etc:/usr/sysadm/privbin:/usr/etc:/usr/bin/X11:/usr/gfx:/usr/nekoware/mysql5/bin:/usr/nekoware/bin:/usr/nekoware/sbin:/usr/nekoware/kde/bin: export MANPATH=/usr/share/catman:/usr/share/man:/usr/catman:/usr/man:/usr/nekoware/man:/usr/nekoware/mysql5/man:/usr/nekoware/php5/man # Library paths export LD_LIBRARYN32_PATH=/usr/lib32:/usr/nekoware/lib:/usr/nekoware/mysql5/lib/mysql:/usr/nekoware/kde/lib export LD_LIBRARY64_PATH=/usr/lib64 export PKG_CONFIG=/usr/nekoware/bin/pkg-config export PKG_CONFIG_PATH='/usr/nekoware/lib/pkgconfig' export PKG_CONFIG_LIBDIR='/usr/nekoware/lib' SGML_ROOT=/usr/nekoware/share/sgml SGML_CATALOG_FILES=${SGML_ROOT}/jade/catalog SGML_CATALOG_FILES=${SGML_ROOT}/iso8879/catalog:$SGML_CATALOG_FILES SGML_CATALOG_FILES=${SGML_ROOT}/docbook/3.0/catalog:$SGML_CATALOG_FILES SGML_CATALOG_FILES=${SGML_ROOT}/docbook/3.1/catalog:$SGML_CATALOG_FILES SGML_CATALOG_FILES=${SGML_ROOT}/docbook/4.0/catalog:$SGML_CATALOG_FILES SGML_CATALOG_FILES=${SGML_ROOT}/docbook/4.1/catalog:$SGML_CATALOG_FILES SGML_CATALOG_FILES=${SGML_ROOT}/docbook/dsssl/modular/catalog:$SGML_CATALOG_FILES export SGML_CATALOG_FILES # JAVA environment export PATH=$PATH:/usr/java2/bin export LD_LIBRARYN32_PATH=$LD_LIBRARYN32_PATH:/usr/java2/jre/lib32 export JAVA_HOME=/usr/java2 export CLASSPATH=.
Setup the user language and keyboard
Use "Desktop->Customize->Language" from the toolchest menu.
Warning: If you change the Country Settings for the system the "/etc/TIMEZONE" will be changed. You may need to check this. The personal TIMEZONE is stored in $HOME/.TIMEZONE.
Background
Use "Desktop->Customize->Background" from the toolchest menu to adjust the colors. A howto for Custom Background on Irix describes how to use an image as background wallpaper. As of IRIX 6.5.22 there is also native support for using common formats like PNG or JPEG as backgrounds.
Utilities
Use "Desktop->Customize->Utilities" from the toolchest menu to specify your default applications.
- Browser = /usr/nekoware/bin/firefox
- Mail = /usr/nekoware/bin/thunderbird
- Editor = /usr/nekoware/bin/nedit
Icons
Use "Desktop->Customize->Icons" from the toolchest menu to set the icon size and enable the global setting "Open in Place" which prevents the filemanger to open in a new window when clicking on a directory icon.
Desk Overview
Use "Desktop->Extra Desks" to create a desk overview. Create 2 new desks and hide the global one. Under "Desk->Scaling" you can reduze (choose 6%) the window size of the desks. At a last step hide the menubar of the desks overview window.
Look & Feel Windows and Apps
For changing key bindings and general behaviour of the desktop and the look of windows create $HOME/.Xdefaults and insert the following:
*clientDecoration: +resizeh +border +minimize +maximize +menu *DesksOverview*clientDecoration: none 4Dwm*clock*clientDecoration: none Overview.geometry: +10-10 Overview*viewWindowName: true Overview*Frame.marginHeight: 1 Overview*Frame.marginWidth: 1 *xclock*clientDecoration: none *Gleyes*clientDecoration: none *gr_top*clientDecoration: none 4Dwm*interactivePlacement: False 4DWm*clientAutoPlace: False 4Dwm*usePPosition: True 4Dwm*positionOnScreen: True 4Dwm*iconImageBackground black 4Dwm*iconImageForeground: white 4Dwm*iconPlacement: left top tight 4Dwm*iconPlacementMargin: 1 4Dwm*resizeBorderWidth: 1 4Dwm*frameBorderWidth: 1 4Dwm*SG_frameOutline: false 4Dwm*SG_titleOutline: false 4Dwm*SG_titlePadding: 0 4Dwm*SG_useDecals: false 4Dwm*iconDecoration: label image Aterm*transparent: True Aterm*shading: 30 Aterm*tinting: grey Aterm*font: -sgi-screen-*-r-*--12-*-*-*-*-*-iso8859-1 Aterm*saveLines: 2000 Aterm*termName: xterm Aterm*background: black Aterm*foreground: white Aterm*cursorColor: orange Aterm*geometry: 80x24 Aterm*tintingType: true Aterm*scrollBar: 0 Aterm*fading: 70
You have to study manpages like "4Dwm" and others to find out which resource names exist.
Hint: Press "ALT+F7" to move sticky windows around with the mouse. For information about installed fonts use the "xfontsel" programm.
SSH Keys
Place your private key into "$HOME/.ssh/id_dsa" and your public one into "$HOME/.ssh/id_dsa.pub". Be sure that you adjust the perms of your id_dsa file by running
fuel # chmod 600 id_dsa
If you would like to login through a ssh key from another machine or from local just copy "id_dsa.pub" to "authorized_keys2". You can add additional keys into "authorized_keys2".
Customizing the Desktop
Troubleshooting
CTRL+C does not work anymore when logging in through the network
Edit "/etc/profile" and change the last line "trap 2 3" to
trap 2 trap 3