After installing Slackware: a checklist: Difference between revisions

From Notes to self
Jump to navigation Jump to search
← Older edit
Verbovet (talk | contribs)
Bureaucrats, Interface administrators, Administrators
2,627 edits
No edit summary
 
(40 intermediate revisions by the same user not shown)
Line 5: Line 5:
*Software series:
*Software series:
**server:
**server:
:::min: <code>a ap d l n</code>
:::min: <code>a ap d l n x</code>
:::max: <code>a ap d e f k l n t tcl x y</code> (i.e., all except for <code>kde xap xfce</code>)
:::max: <code>a ap d e f k l n t tcl x y</code> (i.e., all except for <code>kde xap xfce</code>)
:*desktop: server/max + <code>xap</code> (i.e., all except for <code>kde xfce</code>)
:*desktop: server/max + <code>xap</code> (i.e., all except for <code>kde xfce</code>)
Line 24: Line 24:
* Label partitions
* Label partitions
* Remove <code>kernel-huge</code> and fix the symlinks in <code>/boot</code>
* Remove <code>kernel-huge</code> and fix the symlinks in <code>/boot</code>
* Remove <code>lilo</code>
*<code>/etc/ssh/sshd_config</code>:
*<code>/etc/ssh/sshd_config</code>:
<pre>
<pre>
Line 33: Line 32:
PrintLastLog no
PrintLastLog no
</pre>
</pre>
* If <code>root</code> is the only user on the system:
:*<code>$ ssh-copy-id -i ~/.ssh/id_rsa.pub</code> (from a remote machine)
:*In <code>/etc/ssh/sshd_config</code> comment out <code>PermitRootLogin yes</code> and add
<pre>PasswordAuthentication no</pre>
*<code>/etc/fstab</code>
*<code>/etc/fstab</code>
*<code>/etc/mdadm.conf</code>
*<code>/etc/mdadm.conf</code>
Line 47: Line 42:


==Initial setup==
==Initial setup==
* If <code>root</code> is the only user on the system:
:*<code>$ ssh-copy-id -i ~/.ssh/id_rsa.pub</code> (from a remote machine)
:*In <code>/etc/ssh/sshd_config</code> comment out <code>PermitRootLogin yes</code> and add
<pre>PasswordAuthentication no
KbdInteractiveAuthentication no
UsePAM no</pre>
*<code># chmod -x /etc/profile.d/bsd-games-login-fortune.sh</code>
*<code># chmod -x /etc/profile.d/bsd-games-login-fortune.sh</code>
*Disable unneeded rc-files, e.g., <code># chmod -x rc.acpid rc.bluetooth rc.elogind rc.gpm-sample rc.haveged rc.wireless</code>
*Disable unneeded rc-files, e.g., <code># chmod -x rc.acpid rc.bluetooth rc.elogind rc.gpm-sample rc.haveged rc.wireless</code>
* Install [[Slackscan and Slackup settings|slackscan]]
* Install [[Slackscan and Slackup settings|slackscan]]
*Install all <code>patches</code> with <code>/root/bin/slup</code>
*Install all <code>patches</code> with <code>/root/bin/slup</code>
*<code># slup bash-completion</code>
*<code># /root/bin/slup bash-completion</code>
*<code># cp /usr/doc/git-*/contrib/completion/git-completion.bash /etc/bash_completion.d/</code>
*<code># cp /usr/doc/git-*/contrib/completion/git-completion.bash /etc/bash_completion.d/</code>
* <code>/root/.bash_completion</code>
* <code>/root/.bash_completion</code>
Line 62: Line 63:
}
}
complete -F _mkcd mkcd</pre>
complete -F _mkcd mkcd</pre>
*Upgrade kernel; <code>/etc/rc.d/rc.modules.local</code>, blacklist unneeded modules
*Upgrade kernel; <code>/etc/rc.d/rc.modules.local</code>
* [[Updating the Intel microcode with iucode tool|Upgrade the Intel microcode]]
* [[Updating the Intel microcode with iucode tool|Upgrade the Intel microcode]]
* Remove <code>vim</code> and <code>vim-gvim</code>  
* <code># removepkg vim vim-gvim</code>  
* Install <code>neovim</code> and its dependencies
* Install <code>neovim</code> and its dependencies
* Install <code>my-neovim-extras</code> and its dependencies
* Put <code>init.vim</code> and <code>ru_renard.vim</code> to <code>/root/.config/nvim/</code>
* Put <code>init.vim</code> and <code>ru_renard.vim</code> to <code>/root/.config/nvim/</code>
* <code>mkdir -p ~/.local/share/nvim/backup/</code>
* <code>mkdir -p ~/.local/share/nvim/{backup,site/spell}/</code>
*<code>/etc/ssh/ssh_config</code>
*<code>/etc/ssh/ssh_config</code>
<pre>Host *
<pre>Host *
AddressFamily inet</pre>
AddressFamily inet</pre>
*<code>/etc/profile.d/lang.sh</code>: comment out <code>export LANG=en_US</code> and add
*<code>/etc/profile.d/lang.sh</code>: comment out <code>export LANG=en_US.UTF-8</code> and add
<pre>LANG=ru_RU.UTF-8
<pre>LANG=ru_RU.UTF-8
LC_MESSAGES=en_US.UTF-8
LC_MESSAGES=en_US.UTF-8
Line 121: Line 121:
{
{
[[ $# -eq 1 ]] && mkdir -p "$1" && cd "$1" \
[[ $# -eq 1 ]] && mkdir -p "$1" && cd "$1" \
    || echo "mkcd expects exactly one argument"
  || echo "mkcd expects exactly one argument"
  [[ $(\ls -A) ]] && echo "Directory $1 is not empty"
}</pre>
}</pre>
*If the machine is not always on change the root crontab to
* <code>/root/.bash_aliases</code>
<pre>
alias ll='ls -lA'
alias pkg='ls /var/lib/pkgtools/packages/ | grep -i'
</pre>
* Change the root crontab to
<pre>
<pre>
# root crontab
# DO NOT EDIT THIS FILE MANUALLY! USE crontab -e INSTEAD
#
# If you don't want the output of a cron job mailed to you, you have to direct
# any output to /dev/null.  We'll do this here since these jobs should run
# properly on a newly installed system.  If a script fails, run-parts will
# mail a notice to root.
#
# man 1 crontab for acceptable formats:
#    <minute> <hour> <day> <month> <dow> <tags and command>
#    <@freq> <tags and command>
# SYSTEM DAILY/WEEKLY/... FOLDERS
#
@hourly  ID=sys-hourly  /usr/bin/run-parts /etc/cron.hourly 1> /dev/null
@hourly  ID=sys-hourly  /usr/bin/run-parts /etc/cron.hourly 1> /dev/null
@daily    ID=sys-daily  /usr/bin/run-parts /etc/cron.daily 1> /dev/null
@daily    ID=sys-daily  /usr/bin/run-parts /etc/cron.daily 1> /dev/null
Line 154: Line 146:
   rm -f /etc/machine-id
   rm -f /etc/machine-id
   /usr/bin/dbus-uuidgen --ensure
   /usr/bin/dbus-uuidgen --ensure
   ln -s /var/lib/dbus/machine-id /etc/machine-id                               fi
   ln -s /var/lib/dbus/machine-id /etc/machine-id
fi
</pre>
</pre>
*<code>/etc/rc.d/rc.local_shutdown</code>
*<code>/etc/rc.d/rc.local_shutdown</code>
Line 167: Line 160:
/usr/bin/find /tmp -mindepth 1 -delete
/usr/bin/find /tmp -mindepth 1 -delete
</pre>
</pre>
* Creat <code>/etc/rc.d/rc.firewall</code>
* Create<code>/etc/rc.d/rc.firewall</code>
<pre>
<pre>
#!/bin/bash
#!/bin/bash
Line 173: Line 166:
ipt="/usr/sbin/iptables"
ipt="/usr/sbin/iptables"


# Flush any existing rules or chains
# Flush any existing rules, chains, and counters
$ipt -F
$ipt -F
$ipt -X
$ipt -X
$ipt -t nat -F
$ipt -Z
$ipt -t nat -X
$ipt -t mangle -F
$ipt -t mangle -X
$ipt -t raw -F
$ipt -t raw -X
$ipt -t security -F
$ipt -t security -X


# Reset default policies
# Reset default policies
Line 189: Line 175:
$ipt -P FORWARD ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -P OUTPUT ACCEPT
$ipt -t nat -P PREROUTING ACCEPT
$ipt -t nat -P INPUT ACCEPT
$ipt -t nat -P OUTPUT ACCEPT
$ipt -t nat -P POSTROUTING ACCEPT
$ipt -t mangle -P PREROUTING ACCEPT
$ipt -t mangle -P INPUT ACCEPT
$ipt -t mangle -P FORWARD ACCEPT
$ipt -t mangle -P OUTPUT ACCEPT
$ipt -t mangle -P POSTROUTING ACCEPT
$ipt -t raw -P PREROUTING ACCEPT
$ipt -t raw -P OUTPUT ACCEPT
$ipt -t security -P INPUT ACCEPT
$ipt -t security -P FORWARD ACCEPT
$ipt -t security -P OUTPUT ACCEPT


if [ "$1" = "stop" ]; then
if [ "$1" = "stop" ]; then
Line 232: Line 204:
echo "Firewall has been enabled."
echo "Firewall has been enabled."
</pre>
</pre>
* Set ntp servers in <code>/etc/ntp.conf</code>
* Set chrony servers in <code>/etc/chrony.conf</code>
*<code>/etc/cron.daily/fstrim</code>:
*<code>/etc/cron.daily/fstrim</code>:
<pre>#!/bin/bash
<pre>#!/bin/bash
Line 242: Line 214:
   /usr/bin/sensors -s
   /usr/bin/sensors -s
fi</pre>
fi</pre>
* install <code>moreutils</code>
*<code># slup ipmitool</code>
*<code># slup ipmitool</code>
*<code>/etc/rc.d/rc.modules.local</code>
*<code>/etc/rc.d/rc.modules.local</code>
Line 251: Line 224:
<pre>/dev/disk/by-id/ata-...  -a -o on -S on -I 9 -I 190 -I 194 -m root -s (S/../.././04)</pre>
<pre>/dev/disk/by-id/ata-...  -a -o on -S on -I 9 -I 190 -I 194 -m root -s (S/../.././04)</pre>
For SSD, substitute "<code>S</code>" in parentheses with "<code>L</code>".
For SSD, substitute "<code>S</code>" in parentheses with "<code>L</code>".
 
:*<code># chmod +x /etc/rc.d/rc.smartd</code>
To start smartd uncomment the corresponding lines in <code>/etc/rc.d/rc.M</code>.  If the machine is not always on, add the option <code>--savestates=/var/tmp/smartd</code>.
:*<code># mkdir /var/lib/smartmontools</code>
*Creat <code>/etc/X11/xinit/xserverrc</code>
:*<code>/etc/default/smartd</code>
:<pre>SMARTD_OPTIONS="-s /var/lib/smartmontools/smartd."</pre>
*Create<code>/etc/X11/xinit/xserverrc</code>
<pre>#!/bin/bash
<pre>#!/bin/bash
exec /usr/bin/X -dpi 94</pre>
exec /usr/bin/X -nolisten tcp -nolisten local -dpi 109 vt7</pre>
*Creat <code>/etc/sysctl.conf</code>
* Install <code>qt5ct</code>
:*<code>/etc/profile.d/qt5ct.sh</code>
:<pre>export QT_QPA_PLATFORMTHEME=qt5ct</pre>
* Install <code>perl-file-mimeinfo</code>
*Create<code>/etc/sysctl.conf</code>
<pre># Change tcp congestion control to bbr
<pre># Change tcp congestion control to bbr
net.core.default_qdisc=fq
net.core.default_qdisc=fq
Line 263: Line 242:
# Increase the maximum number of inotify watches per user
# Increase the maximum number of inotify watches per user
fs.inotify.max_user_watches=1048576</pre>
fs.inotify.max_user_watches=1048576</pre>
* <code>/etc/default/cpufreq</code>
<pre>
SCALING_GOVERNOR=performance</pre>


* To disable mtp comment out the line
* To disable mtp comment out the line
Line 273: Line 256:
or
or
*<code># cp -a /usr/share/dbus-1 /root; rm -r /usr/share/dbus-1/*services; chattr +i /usr/share/dbus-1</code>
*<code># cp -a /usr/share/dbus-1 /root; rm -r /usr/share/dbus-1/*services; chattr +i /usr/share/dbus-1</code>
* Comment out in <code>/etc/pam.d/system-auth</code> 2 lines that contain <code>pam_gnome_keyring.so</code>:
<pre>
#-auth      optional      pam_gnome_keyring.so
...
#-session    optional      pam_gnome_keyring.so auto_start
</pre>
* <code>/etc/parallel/config</code>
<pre>
# Quiet the citation message
--will-cite
</pre>


==Setting up users accounts==
==Setting up users accounts==
Line 278: Line 272:
*<code># usermod -a -G wheel user</code>
*<code># usermod -a -G wheel user</code>
*<code>~/.bash_profile</code>:
*<code>~/.bash_profile</code>:
<pre># add user's private bin to PATH
<pre>[[ -d $HOME/bin ]] && PATH="$PATH:$HOME/bin"
[ -d "$HOME/bin" ] && PATH="$PATH:$HOME/bin"


EDITOR=/usr/bin/vi
EDITOR=vi
VISUAL=$EDITOR
VISUAL=$EDITOR
PAGER="view -"
MANPAGER="/bin/bash -c \"col -b | LANG=C view -c 'set filetype=man' -\""
BROWSER=qutebrowser


export PATH EDITOR VISUAL
export PATH EDITOR VISUAL PAGER MANPAGER BROWSER
 
# don't put duplicate lines or lines starting with space in the history.
HISTCONTROL=ignoreboth


# append to the history file, don't overwrite it
shopt -s histappend
shopt -s histappend
# for setting history length
HISTSIZE=1000
HISTSIZE=1000
HISTFILESIZE=2000
HISTFILESIZE=2000
HISTCONTROL=ignoreboth:erasedups


# check the window size after each command and, if necessary,
# update the values of LINES and COLUMNS.
shopt -s checkwinsize
shopt -s checkwinsize


PS1="\[\e]0;\w\a\]$PS1"  # set the xterm title to show the directory
# disable XON/XOFF flow control (C-s, C-q)
echo -e -n "\x1b[\x36 q"  # make the cursor a bar instead of a box
[[ $- = *i* ]] && stty -ixon


# Aliases and functions.
# set the xterm title and the prompt color (blue)
for f in .bash_aliases .bash_functions; do
[[ $TERM = xterm* ]] && \
  [ -f "$HOME/$f" ] && source "$HOME/$f"
  PS1="\[\e]2;\u@\h: \w\a$(tput setaf 4)\]${PS1}\[$(tput sgr0)\]"
done


# Stop if not invoked by login
# make the cursor a bar instead of a box
shopt -q login_shell || return
echo -e -n "\x1b[\x36 q"
 
[[ -f $HOME/.bash_aliases ]] && source $HOME/.bash_aliases
[[ -f $HOME/.bash_functions ]] && source $HOME/.bash_functions
 
# Stop if not invoked by non-root login on tty1
shopt -q login_shell && [[ $(tty) =~ ^/dev/tty1$ && $EUID -ge 1000 ]] || return


# start X
# start X
[[ -z "$DISPLAY" && $EUID -ge 1000 && $(tty) =~ ^/dev/tty[12]$ ]] && /usr/bin/startx</pre>
[ -z "$DISPLAY" ] && exec startx</pre>
*<code>.bash_logout</code>
*<code>~/.bashrc</code>
<pre>source /etc/profile
source ~/.bash_profile</pre>
*<code>~/.bash_logout</code>
<pre># Clear the screen.
<pre># Clear the screen.
# To clear the scroll-back buffer, we change the foreground virtual terminal
# To clear the scroll-back buffer, we change the foreground virtual terminal
Line 330: Line 327:
fi</pre>
fi</pre>
*<code>$ ssh-copy-id -i ~/.ssh/id_rsa.pub</code>
*<code>$ ssh-copy-id -i ~/.ssh/id_rsa.pub</code>
*<code>~/.bash_functions</code>
<pre>mkcd()
{
[[ $# -eq 1 ]] && mkdir -p "$1" && cd "$1" \
  || echo "mkcd expects exactly one argument"
  [[ $(\ls -A) ]] && echo "Directory $1 is not empty"
}
root()
{
if [[ $# -eq 0 ]]; then
  sudo -s
else
  sudo su -l -c "$*"
fi
}
</pre>
*<code>~/.bash_completion</code>
<pre>### mkcd ###
_mkcd()
{
    local cur prev words cword split
    _init_completion -s || return
    $split && return 0
    _filedir -d
}
complete -F _mkcd mkcd
### root ###
source /usr/share/bash-completion/completions/sudo
complete -F _sudo root</pre>
*<code>/etc/ssh/sshd_config</code>
*<code>/etc/ssh/sshd_config</code>
<pre>AddressFamily inet
<pre>PermitRootLogin no
PermitRootLogin no
PasswordAuthentication no
PasswordAuthentication no
PrintMotd no
KbdInteractiveAuthentication no
PrintLastLog no</pre>
UsePAM no</pre>


[[Category: Linux]]
[[Category: Linux]]

Latest revision as of 23:03, 8 January 2024

Should be done during installation:

  • partitions
  • Software series:
    • server:
min: a ap d l n x
max: a ap d e f k l n t tcl x y (i.e., all except for kde xap xfce)
  • desktop: server/max + xap (i.e., all except for kde xfce)
  • Comment out
if has("vms")
  set nobackup          " do not keep a backup file, use versions instead
else
  set backup            " keep a backup file (restore to previous version)
  if has('persistent_undo')
    set undofile        " keep an undo file (undo changes after closing)
  endif
endif

in /usr/share/vim/vimrc and run

# rm /usr/share/vim/vimrc~ /usr/share/vim/.vimrc.un~

  • Label partitions
  • Remove kernel-huge and fix the symlinks in /boot
  • /etc/ssh/sshd_config:
Port 26
AddressFamily inet
PermitRootLogin yes
PrintMotd no
PrintLastLog no
  • /etc/fstab
  • /etc/mdadm.conf
  • /etc/mkinitrd.conf
  • /boot/grub/grub.cfg
  • /etc/hosts
  • /etc/HOSTNAME
  • /etc/rc.d/rc.inet1.conf
  • /etc/resolv.conf

Initial setup

  • If root is the only user on the system:
  • $ ssh-copy-id -i ~/.ssh/id_rsa.pub (from a remote machine)
  • In /etc/ssh/sshd_config comment out PermitRootLogin yes and add
PasswordAuthentication no
KbdInteractiveAuthentication no
UsePAM no
  • # chmod -x /etc/profile.d/bsd-games-login-fortune.sh
  • Disable unneeded rc-files, e.g., # chmod -x rc.acpid rc.bluetooth rc.elogind rc.gpm-sample rc.haveged rc.wireless
  • Install slackscan
  • Install all patches with /root/bin/slup
  • # /root/bin/slup bash-completion
  • # cp /usr/doc/git-*/contrib/completion/git-completion.bash /etc/bash_completion.d/
  • /root/.bash_completion
_mkcd()
{
    local cur prev words cword split
    _init_completion -s || return
    $split && return 0
    _filedir -d
}
complete -F _mkcd mkcd
  • Upgrade kernel; /etc/rc.d/rc.modules.local
  • Upgrade the Intel microcode
  • # removepkg vim vim-gvim
  • Install neovim and its dependencies
  • Put init.vim and ru_renard.vim to /root/.config/nvim/
  • mkdir -p ~/.local/share/nvim/{backup,site/spell}/
  • /etc/ssh/ssh_config
Host *
AddressFamily inet
  • /etc/profile.d/lang.sh: comment out export LANG=en_US.UTF-8 and add
LANG=ru_RU.UTF-8
LC_MESSAGES=en_US.UTF-8
LC_TIME=en_GB.UTF-8
LC_NUMERIC=en_US.UTF-8
LC_MONETARY=en_US.UTF-8
export LANG LC_MESSAGES LC_TIME LC_NUMERIC LC_MONETARY

Preserve "export LC_COLLATE=C"

  • /etc/profile.d/man.sh
alias man='LANG=C /usr/bin/man'

Setting up the root account

  • /root/.bash_profile
[[ -d /root/bin ]] && PATH="$PATH:/root/bin"

EDITOR=vi
VISUAL=$EDITOR
PAGER="view -"
MANPAGER="/bin/bash -c \"col -b | LANG=C view -c 'set filetype=man' -\""

export PATH EDITOR VISUAL PAGER MANPAGER

shopt -s histappend
HISTSIZE=1000
HISTFILESIZE=2000
HISTCONTROL=ignoreboth:erasedups

shopt -s checkwinsize

# disable XON/XOFF flow control (C-s, C-q)
[[ $- = *i* ]] && stty -ixon

# set the xterm title and the prompt color (magenta)
[[ $TERM = xterm* ]] && \
  PS1="\[\e]2;\u@\h: \w\a$(tput setaf 5)\]${PS1}\[$(tput sgr0)\]"

# make the cursor a bar instead of a box
echo -e -n "\x1b[\x36 q"

[[ -f /root/.bash_aliases ]] && source /root/.bash_aliases
[[ -f /root/.bash_functions ]] && source /root/.bash_functions
  • /root/.bashrc:
source /etc/profile
source /root/.bash_profile
  • /root/.bash_functions
mkcd()
{
[[ $# -eq 1 ]] && mkdir -p "$1" && cd "$1" \
  || echo "mkcd expects exactly one argument"
  [[ $(\ls -A) ]] && echo "Directory $1 is not empty"
}
  • /root/.bash_aliases
alias ll='ls -lA'
alias pkg='ls /var/lib/pkgtools/packages/ | grep -i'
  • Change the root crontab to
@hourly   ID=sys-hourly  /usr/bin/run-parts /etc/cron.hourly 1> /dev/null
@daily    ID=sys-daily   /usr/bin/run-parts /etc/cron.daily 1> /dev/null
@weekly   ID=sys-weekly  /usr/bin/run-parts /etc/cron.weekly 1> /dev/null
@monthly  ID=sys-monthly /usr/bin/run-parts /etc/cron.monthly 1> /dev/null
  • # install -m 0644 -o root -g root /usr/doc/dcron-*/extra/prune-cronstamps /etc/cron.d/

Further configuration

  • /etc/rc.d/rc.local
# Ensure the existence of /var/lib/dbus/machine-id and /etc/machine-id
if [ -x /usr/bin/dbus-uuidgen -a ! -x /etc/rc.d/rc.messagebus ] ; then
  rm -f /var/lib/dbus/machine-id
  rm -f /etc/machine-id
  /usr/bin/dbus-uuidgen --ensure
  ln -s /var/lib/dbus/machine-id /etc/machine-id
fi
  • /etc/rc.d/rc.local_shutdown
#!/bin/bash
#
# /etc/rc.d/rc.local_shutdown:  Local system shutdown script.
#
# Put anything that needs to be run at shutdown time in here.

# Clean /tmp
/usr/bin/find /tmp -mindepth 1 -delete
  • Create/etc/rc.d/rc.firewall
#!/bin/bash

ipt="/usr/sbin/iptables"

# Flush any existing rules, chains, and counters
$ipt -F
$ipt -X
$ipt -Z

# Reset default policies
$ipt -P INPUT ACCEPT
$ipt -P FORWARD ACCEPT
$ipt -P OUTPUT ACCEPT

if [ "$1" = "stop" ]; then
  echo "Firewall completely flushed!  Now running with no firewall."
  exit 0
fi

# Set default policy to DROP
$ipt -P INPUT DROP
$ipt -P FORWARD DROP
$ipt -P OUTPUT ACCEPT

# Drop all invalid packets
$ipt -A INPUT -m conntrack --ctstate INVALID -j DROP
$ipt -A OUTPUT -m conntrack --ctstate INVALID -j DROP

# Allow loopback traffic
$ipt -A INPUT -i lo -j ACCEPT

# Accept established connections
$ipt -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT

# Allow icmp
$ipt -A INPUT -p icmp -j ACCEPT

# Allow ssh
$ipt -A INPUT -p tcp --dport 26 -j ACCEPT

echo "Firewall has been enabled."
  • Set chrony servers in /etc/chrony.conf
  • /etc/cron.daily/fstrim:
#!/bin/bash
/sbin/fstrim /
  • # sensors-detect. Add modules for lm_sensors to /etc/rc.d/rc.modules.local
  • /etc/rc.d/rc.local
# Set all sensors limits as specified in the configuration file
if [ -x /usr/bin/sensors ]; then
  /usr/bin/sensors -s
fi
  • install moreutils
  • # slup ipmitool
  • /etc/rc.d/rc.modules.local
# IPMI modules
/sbin/modprobe ipmi_msghandler
/sbin/modprobe ipmi_devintf
/sbin/modprobe ipmi_si
  • /etc/smartd.conf. For HDD:
/dev/disk/by-id/ata-...  -a -o on -S on -I 9 -I 190 -I 194 -m root -s (S/../.././04)

For SSD, substitute "S" in parentheses with "L".

  • # chmod +x /etc/rc.d/rc.smartd
  • # mkdir /var/lib/smartmontools
  • /etc/default/smartd
SMARTD_OPTIONS="-s /var/lib/smartmontools/smartd."
  • Create/etc/X11/xinit/xserverrc
#!/bin/bash
exec /usr/bin/X -nolisten tcp -nolisten local -dpi 109 vt7
  • Install qt5ct
  • /etc/profile.d/qt5ct.sh
export QT_QPA_PLATFORMTHEME=qt5ct
  • Install perl-file-mimeinfo
  • Create/etc/sysctl.conf
# Change tcp congestion control to bbr
net.core.default_qdisc=fq
net.ipv4.tcp_congestion_control=bbr

# Increase the maximum number of inotify watches per user
fs.inotify.max_user_watches=1048576
  • /etc/default/cpufreq
SCALING_GOVERNOR=performance
  • To disable mtp comment out the line
SUBSYSTEM=="usb", GOTO="libmtp_usb_rules"

in /lib/udev/rules.d/69-libmtp.rules

  • # chmod -x /usr/bin/dbus-launch; chattr +i /usr/bin/dbus-launch

or

  • # cp -a /usr/share/dbus-1 /root; rm -r /usr/share/dbus-1/*services; chattr +i /usr/share/dbus-1
  • Comment out in /etc/pam.d/system-auth 2 lines that contain pam_gnome_keyring.so:
#-auth       optional      pam_gnome_keyring.so
...
#-session     optional      pam_gnome_keyring.so auto_start
  • /etc/parallel/config
# Quiet the citation message
--will-cite

Setting up users accounts

  • Create users (using adduser script)
  • # usermod -a -G wheel user
  • ~/.bash_profile:
[[ -d $HOME/bin ]] && PATH="$PATH:$HOME/bin"

EDITOR=vi
VISUAL=$EDITOR
PAGER="view -"
MANPAGER="/bin/bash -c \"col -b | LANG=C view -c 'set filetype=man' -\""
BROWSER=qutebrowser

export PATH EDITOR VISUAL PAGER MANPAGER BROWSER

shopt -s histappend
HISTSIZE=1000
HISTFILESIZE=2000
HISTCONTROL=ignoreboth:erasedups

shopt -s checkwinsize

# disable XON/XOFF flow control (C-s, C-q)
[[ $- = *i* ]] && stty -ixon

# set the xterm title and the prompt color (blue)
[[ $TERM = xterm* ]] && \
  PS1="\[\e]2;\u@\h: \w\a$(tput setaf 4)\]${PS1}\[$(tput sgr0)\]"

# make the cursor a bar instead of a box
echo -e -n "\x1b[\x36 q"

[[ -f $HOME/.bash_aliases ]] && source $HOME/.bash_aliases
[[ -f $HOME/.bash_functions ]] && source $HOME/.bash_functions

# Stop if not invoked by non-root login on tty1
shopt -q login_shell && [[ $(tty) =~ ^/dev/tty1$ && $EUID -ge 1000 ]] || return

# start X
[ -z "$DISPLAY" ] && exec startx
  • ~/.bashrc
source /etc/profile
source ~/.bash_profile
  • ~/.bash_logout
# Clear the screen.
# To clear the scroll-back buffer, we change the foreground virtual terminal
# to another terminal and then back to the original terminal

if [[ -z "$DISPLAY" && $SHLVL = 1 && $(tty) =~ ^/dev/tty[0-9]+$ ]]; then
  clear
  tty_num=$(echo $(tty) | grep -oE '[0-9]+$')
  if [ $tty_num = 1 ]; then
    chvt 2;
    chvt 1;
  else
    chvt 1
    chvt $tty_num
  fi
fi
  • $ ssh-copy-id -i ~/.ssh/id_rsa.pub
  • ~/.bash_functions
mkcd()
{
[[ $# -eq 1 ]] && mkdir -p "$1" && cd "$1" \
  || echo "mkcd expects exactly one argument"
  [[ $(\ls -A) ]] && echo "Directory $1 is not empty"
}

root()
{
if [[ $# -eq 0 ]]; then
  sudo -s
else
  sudo su -l -c "$*"
fi
}
  • ~/.bash_completion
### mkcd ###
_mkcd()
{
    local cur prev words cword split
    _init_completion -s || return
    $split && return 0
    _filedir -d
}
complete -F _mkcd mkcd

### root ###
source /usr/share/bash-completion/completions/sudo
complete -F _sudo root
  • /etc/ssh/sshd_config
PermitRootLogin no
PasswordAuthentication no
KbdInteractiveAuthentication no
UsePAM no
Retrieved from "https://alik.ejik.org/index.php?title=After_installing_Slackware:_a_checklist&oldid=2481"