FedoraCore2Desktop
From Rivalug Wiki
Notes for installing, tuning and enhancing Fedora Core 2 as a desktop system:
--Carlisle 06:56, 27 Dec 2004 (EST)
Contents |
History of this document
Orginially Developed here:
http://rivalug.org/forums/index.php?topic=8.0 http://rivalug.org/forums/index.php?topic=29.0
Features
Fedora Core 2 Final (Tettnag) was released on 18 May 2004. It is scheduled to be transfered to the Fedora Legacy Project on 21 Mar 2005.
Release Notes: http://download.fedora.redhat.com/pub/fedora/linux/core/2/i386/os/RELEASE-NOTES-en.html
Selected Features:
kernel 2.6.5 ( kernel 2.6.10 after updating ) gcc 3.3.3 glibc 2.3.3 Gnome 2.6 KDE 3.2.2 x.org x11 6.7.0 instead of XFree86 Gimp 2.0
Download
Official Site: http://download.fedora.redhat.com/pub/fedora/linux/core/2/i386/iso/ Local Mirror: ftp://mirror.vcu.edu/pub/linux/fedora/2/i386/iso/ Bittorrent: http://torrent.dulug.duke.edu/
Partitioning
For most desktop systems, just stick with making a /boot of about 100-150 Mb, a swap that is roughly one to two times the amount of RAM on your system, and a / for everything else
Turning off graphical login
By default graphical login is turned on. To turn this off edit /etc/inittab.
change the line: id:5:initdefault: to: id:3:initdefault:
If windows does boot
researching
Its a know problem that on some hardware with dual boot between windows and any kernel 2.6 based distribution, that windows will sometimes fail to boot after the linux distribution is installed.
Installing FC2 or any distribution with a 2.6 kernel has resulted in making Windows unbootable. Many say Widnows by default uses a technically invalid but usable partition data, installing a 2.6 kernel distribution changes the partition data to be technically valid data which windows doesn't like. I would recommend reading all the links below before installing any 2.6 kernel based distribution to dual boot with any windows distribution. see Bug Number 115980
Fedora test discussion. A potential fix is being discussed here.
Comment from Fedora News: Quote It turns out that the bug (#115980) is a result of a few subtle but key changes within the 2.6 kernel. A certain functionality with regards to hard disk geometry has been pulled out, as the kernel developers thought it would be better if userspace utilities took care of this instead. The Bugzilla bug is related to CHS geometry problems, which most likely stems from an error within the parted utility, addressing the BIOS incorrectly. It turns out that BIOS updates tend to fix problems for many users that have been bitten by this "bug". On newer machines, this is basically non-reproducible.
Here is the discussion of the recomended fix: http://www.redhat.com/archives/fedora-test-list/2004-May/msg02143.html
And the Slashdot discussion of this bug: http://slashdot.org/article.pl?sid=04/05/23/1448209&mode=thread&tid=110&ti
Tuning IDE Harddrive performance
edit /etc/sysconfig/harddrive read: http://support.pa.msu.edu/help/faqs/linux/harddisks.html
Turning off IP6
Why? see http://www.mozilla.org/releases/mozilla1.7/README.html#new-issues
edit /etc/modprobe.conf add: alias net-pf-10 off reboot
Security
Turning off unused services
researching
The /sbin/chkconfig command is used to control what services are used. The default chkconfig file looks like this:
irda 0:off 1:off 2:off 3:off 4:off 5:off 6:off mdmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off snmptrapd 0:off 1:off 2:off 3:off 4:off 5:off 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off apmd 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcidmapd 0:on 1:off 2:off 3:on 4:off 5:on 6:on vncserver 0:off 1:off 2:off 3:off 4:off 5:off 6:off rpcsvcgssd 0:on 1:off 2:off 3:on 4:off 5:on 6:on nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:off 2:on 3:on 4:on 5:on 6:off autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off psacct 0:off 1:off 2:off 3:off 4:off 5:off 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off saslauthd 0:off 1:off 2:off 3:off 4:off 5:off 6:off yum 0:off 1:off 2:off 3:off 4:off 5:off 6:off rhnsd 0:off 1:off 2:off 3:on 4:on 5:on 6:off cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off readahead 0:off 1:off 2:off 3:off 4:off 5:on 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:off 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off netplugd 0:off 1:off 2:off 3:off 4:off 5:off 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off isdn 0:off 1:off 2:on 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfs 0:off 1:off 2:off 3:off 4:off 5:off 6:off snmpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off acpid 0:off 1:off 2:off 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off xinetd 0:off 1:off 2:off 3:on 4:on 5:on 6:off pcmcia 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:on 1:off 2:off 3:on 4:off 5:on 6:on portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off hpoj 0:off 1:off 2:on 3:on 4:on 5:on 6:off lisa 0:off 1:off 2:off 3:off 4:off 5:off 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off atd 0:off 1:off 2:off 3:on 4:on 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off netdump 0:off 1:off 2:off 3:off 4:off 5:off 6:off readahead_early 0:off 1:off 2:off 3:off 4:off 5:on 6:off xinetd based services: daytime: off time: off ktalk: off sgi_fam: on echo: off chargen-udp: off rsync: off echo-udp: off chargen: off time-udp: off cups-lpd: off daytime-udp: off services: off
| Service | Description | Laptop | Workstation | Server |
|---|---|---|---|---|
| acpid | Listen and dispatch ACPI events from the kernel | |||
| anacron | Run cron jobs that were left out due to downtime | yes | yes | yes |
| apmd | Power Management: apmd is used for monitoring battery status and logging it via syslog(8). It can also be used for shutting down the machine when the battery is low. | yes | yes | no |
| atd | Runs commands scheduled by the at command at the time specified when at was run, and runs batch commands when the load average is low enough. | maybe | maybe | maybe |
| autofs | Automounts filesystems on demand | yes | yes | maybe |
| cpuspeed | Run dynamic CPU speed daemon | yes | maybe | no |
| crond | cron is a standard UNIX program that runs user-specified programs at periodic scheduled times. vixie cron adds a number of features to the basic UNIX cron, including better security and more powerful configuration options. | yes | yes | yes |
| cups | Common Unix Printer Service | maybe | maybe | maybe |
| gpm | Console Mouse Services | yes | yes | no |
| hpoj | init script and device setup utility for the HP OfficeJet Linux driver. | maybe | maybe | maybe |
| iptables | Firewall | yes | yes | yes |
| irda | Infrared communications | maybe | no | no |
| irqbalance | The irqbalance daemon will distribute interrupts across the cpus on a multiprocessor system with the purpose of spreading the load. | no | yes, if smp | yes, if smp |
| isdn | ISDN services | no if not isdn connection | no if not isdn connection | no if not isdn connection |
| kudzu | Hardware Detection | yes | yes | yes |
| lisa | LISa is a small daemon which is intended to run on end user systems. It provides something like a "network neighbourhood", but only relying on the TCP/IP protocol stack, no smb or whatever. The information about the hosts in your "neighbourhood" is provided via TCP port 7741. | |||
| mdmonitor | mdadm-based software RAID monitoring and management facility | |||
| mdmpd | mdmpd-based multipath device monitoring and management facility | |||
| messagebus | This is a daemon which broadcasts notifications of system events and other messages. See http://www.freedesktop.org/software/dbus/ | |||
| microcode_ctl | script to apply cpu microcode | |||
| netdump | Initialize console side of netconsole and netcrashdump facility | |||
| netfs | Mounts and unmounts all Network File System (NFS), SMB/CIFS (Lan Manager/Windows), and NCP (NetWare) mount points. | |||
| netplugd | netplugd is a daemon for managing non-static network interfaces. | |||
| network | Activates/Deactivates all network interfaces configured to start at boot time. | yes | yes | yes |
| nfs | NFS is a popular protocol for file sharing across TCP/IP networks. This service provides NFS server functionality, which is configured via the /etc/exports file. | no | maybe no | maybe yes |
| nfslock | NFS is a popular protocol for file sharing across TCP/IP networks. This service provides NFS file locking functionality. | no | maybe no | maybe yes |
| ntpd | Time Server and Client | yes | yes | yes |
| pcmcia | PCMCIA support is usually to support things like ethernet and modems in laptops. It won't get started unless configured so it is safe to have it installed on machines that don't need it. | yes | maybe no | no |
| portmap | The portmapper manages RPC connections, which are used by protocols such as NFS and NIS. The portmap server must be running on machines which act as servers for protocols which make use of the RPC mechanism. | no | maybe yes | maybe yes |
| psacct | Script to control kernel process accounting | |||
| random | Pseudo-Random Number Generator Saves and restores system entropy pool for higher quality random number generation. | yes | yes | yes |
| rawdevices | This scripts assignes raw devices to block devices (such as hard drive partitions). This is for the use of applications such as Oracle. You can set up the raw device to block device mapping by editing the file /etc/sysconfig/rawdevices. | |||
| readahead | This service causes the programs used during startup to be loaded into memory before they are needed, thus improving startup performance | |||
| readahead_early | This service causes the programs used during startup to be loaded into memory before they are needed, thus improving startup performance. | |||
| rhnsd | This is a daemon which handles the task of connecting periodically to the Red Hat Network servers to check for updates, notifications and perform system monitoring tasks according to the service level that this server is subscribed for. | maybe | maybe | maybe |
| rpcgssd | Starts user-level daemon that manages RPCSEC GSS contexts for the NFSv4 client. | no | maybe | maybe |
| rpcidmapd | Starts user-level daemon for NFSv4 that maps user names to UID and GID numbers. | |||
| rpcsvcgssd | Starts user-level daemon that manages RPCSEC GSS contexts for the NFSv4 server. | |||
| saslauthd | saslauthd is a server process which handles plaintext authentication requests on behalf of the cyrus-sasl library. | |||
| sendmail | Sendmail is a Mail Transport Agent, which is the program that moves mail from one machine to another. | maybe yes | maybe yes | yes |
| smartd | Self Monitoring and Reporting Technology (SMART) Daemon. Only useful on computers with compatible IDE drives. Not used by SCSI drives. | |||
| snmpd | Simple Network Management Protocol (SNMP) Daemon | |||
| snmptrapd | Simple Network Management Protocol (SNMP) Trap Daemon | |||
| sshd | OpenSSH Secure Shell Remote access | maybe | maybe | yes |
| syslog | The facility by which many daemons use to log messages to various system log files. | yes | yes | yes |
| vncserver | Provides remote X administration services. | |||
| winbind | Starts and stops the Samba winbind daemon | no | no | maybe yes |
| xfs | X Font Server | yes | yes | no |
| xinetd | xinetd is a powerful replacement for inetd. xinetd has access control mechanisms, extensive logging capabilities, the ability to make services available based on time, and can place limits on the number of servers that can be started, among other things. | |||
| xinetd: daytime | ||||
| xinetd: time | ||||
| xinetd: ktalk | ||||
| xinetd: sgi_fam | ||||
| xinetd: echo | ||||
| xinetd: chargen-udp | ||||
| xinetd: rsync | ||||
| xinetd: echo-udp | ||||
| xinetd: chargen | ||||
| xinetd: time-udp | ||||
| xinetd: cups-lpd | ||||
| xinetd: daytime-udp | ||||
| xinetd: services | ||||
| yum | Enable daily run of yum, a program updater. |
Services which are turned on after editing:
[root@localhost root]# chkconfig --list | grep on sshd 0:off 1:off 2:on 3:on 4:on 5:on 6:off irqbalance 0:off 1:off 2:off 3:on 4:on 5:on 6:off anacron 0:off 1:off 2:on 3:on 4:on 5:on 6:off portmap 0:off 1:off 2:off 3:on 4:on 5:on 6:off network 0:off 1:off 2:on 3:on 4:on 5:on 6:off usbaudiooff 0:off 1:off 2:on 3:on 4:on 5:on 6:off kudzu 0:off 1:off 2:off 3:on 4:on 5:on 6:off readahead 0:off 1:off 2:off 3:off 4:off 5:on 6:off iptables 0:off 1:off 2:on 3:on 4:on 5:on 6:off nfslock 0:off 1:off 2:off 3:on 4:on 5:on 6:off rawdevices 0:off 1:off 2:off 3:on 4:on 5:on 6:off mdmonitor 0:off 1:off 2:on 3:on 4:on 5:on 6:off xfs 0:off 1:off 2:on 3:on 4:on 5:on 6:off sendmail 0:off 1:off 2:on 3:on 4:on 5:on 6:off hpoj 0:off 1:off 2:on 3:on 4:on 5:on 6:off random 0:off 1:off 2:on 3:on 4:on 5:on 6:off messagebus 0:off 1:off 2:off 3:on 4:on 5:on 6:off microcode_ctl 0:off 1:off 2:off 3:on 4:on 5:on 6:off smartd 0:off 1:off 2:on 3:on 4:on 5:on 6:off syslog 0:off 1:off 2:on 3:on 4:on 5:on 6:off mdmpd 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcsvcgssd 0:on 1:off 2:off 3:on 4:off 5:on 6:on autofs 0:off 1:off 2:off 3:on 4:on 5:on 6:off gpm 0:off 1:off 2:on 3:on 4:on 5:on 6:off ntpd 0:off 1:off 2:off 3:on 4:off 5:on 6:off readahead_early 0:off 1:off 2:off 3:off 4:off 5:on 6:off rpcidmapd 0:on 1:off 2:off 3:on 4:off 5:on 6:on netfs 0:off 1:off 2:off 3:on 4:on 5:on 6:off cups 0:off 1:off 2:on 3:on 4:on 5:on 6:off rpcgssd 0:on 1:off 2:off 3:on 4:off 5:on 6:on cpuspeed 0:off 1:on 2:on 3:on 4:on 5:on 6:off crond 0:off 1:off 2:on 3:on 4:on 5:on 6:off
Reducing access
researching
/etc/hosts.allow
# # hosts.allow This file describes the names of the hosts which are # allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. #
ALL: 127.0.0.1 LOCAL sshd: ALL
/etc/hosts.deny
# # hosts.deny This file describes the names of the hosts which are # *not* allowed to use the local INET services, as decided # by the '/usr/sbin/tcpd' server. # # The portmap line is redundant, but it is left to remind you that # the new secure portmap uses hosts.deny and hosts.allow. In particular # you should know that NFS uses portmap!
ALL: ALL
/etc/ssh/sshd_config
PermitRootLogin without-password Banner /etc/issue
Banners
researching http://ciac.llnl.gov/ciac/bulletins/j-043.shtml
Banner recommended by Bastille Linux script. Replace $owner with your name if you wish. If you have a company that specifies a banner, use that banner instead:
***************************************************************************
NOTICE TO USERS
This computer system is the private property of $owner, whether individual, corporate or government. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy.
Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to your employer, to authorized site, government, and law enforcement personnel, as well as authorized officials of government agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of such personnel or officials. Unauthorized or improper use of this system may result in civil and criminal penalties and administrative or disciplinary action, as appropriate. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning.
****************************************************************************
rewrite /etc/rc.d/rc.local
#!/bin/sh # # This script will be executed *after* all the other init scripts. # You can put your own initialization stuff in here if you don't # want to do the full Sys V style init stuff. # Write issue and motd
if [ -f /etc/redhat-release ]; then
R=$(cat /etc/redhat-release)
arch=$(uname -m)
a="a"
case "_$arch" in
_a*) a="an";;
_i*) a="an";;
esac
NUMPROC=`egrep -c "^cpu[0-9]+" /proc/stat`
if [ "$NUMPROC" -gt "1" ]; then
SMP="$NUMPROC-processor "
if [ "$NUMPROC" = "8" -o "$NUMPROC" = "11" ]; then
a="an"
else
a="a"
fi
fi
fi
# This will overwrite /etc/issue at every boot. So, make any changes you # want to make to /etc/issue here or you will lose them when you reboot.
cat >/etc/issue <<ISSUE
***************************************************************************
NOTICE TO USERS
This computer system is the private property of its owner, whether individual, corporate or government. It is for authorized use only. Users (authorized or unauthorized) have no explicit or implicit expectation of privacy.
Any or all uses of this system and all files on this system may be intercepted, monitored, recorded, copied, audited, inspected, and disclosed to your employer, to authorized site, government, and law enforcement personnel, as well as authorized officials of government agencies, both domestic and foreign.
By using this system, the user consents to such interception, monitoring, recording, copying, auditing, inspection, and disclosure at the discretion of such personnel or officials. Unauthorized or improper use of this system may result in civil and criminal penalties and administrative or disciplinary action, as appropriate. By continuing to use this system you indicate your awareness of and consent to these terms and conditions of use. LOG OFF IMMEDIATELY if you do not agree to the conditions stated in this warning.
****************************************************************************
ISSUE # This will overwrite /etc/motd at every boot. So, make any changes you # want to make to /etc/motd here or you will lose them when you reboot.
cp -f /etc/issue /etc/motd
echo "$(hostname)" >> /etc/motd echo "$R" >> /etc/motd echo "Kernel $(uname -r) on $a $SMP$(uname -m)" >> /etc/motd echo " " >> /etc/motd echo " " >> /etc/motd
touch /var/lock/subsys/local
add banner to sshd edit /etc/ssh/sshd_config
modify: Banner /etc/issue
restart sshd
Logs
Configuring logwatch vi /etc/log.d/logwatch.conf change MailTo = to an address of your choice. You will be emailed nightly.
installing logcheck see http://sourceforge.net/projects/sentrytools/
Bastille Linux
It has not been determined if the Bastille Linux hardening script works under Fedora Core 2. see http://www.bastille-linux.org/
Other security references
researching
Updating with Yum
History
Previous versions of this are found here: http://vculug.sometimes.org/forum/viewtopic.php?p=242#242 http://rivalug.org/forums/index.php?topic=8.0 http://rivalug.org/forums/index.php?topic=14.0
Updating from Fedora Core 1
http://linux.duke.edu/~skvidal/misc/fc1-fc2-yum-hints.txt
Yum Repositories
| Label | Primary Repository Location | Description |
|---|---|---|
| base | http://download.fedora.redhat.com/pub/fedora/linux/core/2/ | These are the official packages that exist at release time. |
| updates-released | http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/ | These are the official updates that come out after release time. |
| updates-testing | http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/2/ | These are fedora updates that are in pre-release tested. Not recommended on production systems. |
| development | http://download.fedora.redhat.com/pub/fedora/linux/core/development/i386/ | These are the packages in development track for the next fedora core release. Also known as rawhide. Not recommended on production systems. |
| fedora-extras-stable | http://download.fedora.us/fedora/fedora/2/i386/RPMS.stable | 3rd party packages created by the Fedora Extras Project at University of Hawaii. There wiki is http://www.fedora.us/wiki/ |
| fedora-extras-testing | http://download.fedora.us/fedora/fedora/2/i386/RPMS.testing | These are fedora-us packages that are in pre-release tested. Not recommended on production systems. |
| fedora-extras-unstable | http://download.fedora.us/fedora/fedora/2/i386/RPMS.unstable | These are fedora-us packages that are under development. Not recommended on production systems. |
| livna-stable | http://rpm.livna.org/fedora/2/i386/yum/stable | Packages maintained by http://rpm.livna.org which are not included in the fedora or fedora-extras repositories due to licensing issues. |
| livna-testing | http://rpm.livna.org/fedora/2/i386/yum/testing | These are livna packages that are in pre-release tested. Not recommended on production systems. |
| livna-unstable | http://rpm.livna.org/fedora/2/i386/yum/unstable | These are livna packages that are under development. Not recommended on production systems. |
The above repositories are designed to work together. Other repositories are available, but they may not always work well together. Research will be needed to determine this.
http://www.fedoratracker.org/ is a site which indexes 3rd party yum repositories. Also try http://dag.wieers.com/home-made/apt/mega-merge.php and http://www.jpackage.org/
Installing GPG Keys
base and updates-released: rpm --import http://download.fedora.redhat.com/pub/fedora/linux/core/2/i386/os/RPM-GPG-KEY-fedora
updates-testing: rpm --import http://download.fedora.redhat.com/pub/fedora/linux/core/2/i386/os/RPM-GPG-KEY-fedora-test
development: not all development packages are signed! see http://www.redhat.com/archives/fedora-test-list/2004-October/msg02157.html
fedora-us-stable: rpm --import http://www.fedora.us/FEDORA-GPG-KEY
livna-stable: rpm --import http://rpm.livna.org/RPM-LIVNA-GPG-KEY
/etc/yum.conf
[main] cachedir=/var/cache/yum debuglevel=2 logfile=/var/log/yum.log pkgpolicy=newest distroverpkg=redhat-release tolerant=1 exactarch=1 retries=20
[base] name=Fedora Core $releasever - $basearch - Base baseurl=http://mirror.vcu.edu/pub/linux/fedora/$releasever/$basearch/os/ http://download.fedora.redhat.com/pub/fedora/linux/core/$releasever/$basearch/os/ failovermethod=priority gpgcheck=1
[updates-released]
name=Fedora Core $releasever - $basearch - Released Updates
baseurl=http://mirror.vcu.edu/pub/linux/fedora/updates/$releasever/$basearch/
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/$releasever/$basearch/
failovermethod=priority
gpgcheck=1
#[updates-testing] #name=Fedora Core $releasever - $basearch - Unreleased Updates #baseurl=http://download.fedora.redhat.com/pub/fedora/linux/core/updates/testing/$releasever/$basearch/
#[development] #name=Fedora Core $releasever - Development Tree #baseurl=http://download.fedora.redhat.com/pub/fedora/linux/core/development/$basearch/
[fedora-us-stable] name=Fedora Core Linux $releasever - $basearch - Fedora Extras baseurl=http://mirror.vcu.edu/pub/linux/fedora.us/fedora/$releasever/$basearch/RPMS.stable http://download.fedora.us/fedora/fedora/$releasever/$basearch/RPMS.stable failovermethod=priority gpgcheck=1
#[fedora-us-unstable] #name=Fedora Core Linux $releasever - $basearch - Unstable Fedora Extras #baseurl=http://mirror.vcu.edu/pub/linux/fedora.us/fedora/$releasever/$basearch/yum/unstable
#[fedora-us-testing] #name=Fedora Core Linux $releasever - $basearch - Testing Fedora Extras #baseurl=http://mirror.vcu.edu/pub/linux/fedora.us/fedora/$releasever/$basearch/yum/testing
[livna-stable]
name=Livna.org Fedora Compatible Packages (stable)
baseurl=http://livna.cat.pdx.edu/fedora/$releasever/$basearch/yum/stable
http://rpm.livna.org/fedora/$releasever/$basearch/yum/stable
failovermethod=priority
gpgcheck=1
#[livna-testing] #name=Livna.org Fedora Compatible Packages (testing) #baseurl=http://rpm.livna.org/fedora/$releasever/$basearch/yum/testing #gpgcheck=1
#[livna-unstable] #name=Livna.org Fedora Compatible Packages (unstable) #baseurl=http://rpm.livna.org/fedora/$releasever/$basearch/yum/unstable #gpgcheck=1
Using Yum Commands
| Action | Command | Example |
|---|---|---|
| apply all updates | yum update | |
| apply all updates with exclusions | yum --exclude <package> update | yum --exclude kernel* update |
| show all packages available | yum list | |
| install package | yum install <package name> | |
| remove package | yum remove <package name> | |
| get information on a package | yum info <package name> | |
| which package provides a feature or file | yum provide <feature> | |
| search packages contain this word | yum search <string> |
Fedora Core 2 updating quirks
In the initial release, the kernel source code was the kernel-source-2.6.5-1.358.i386.rpm package, with the first update, that was changed to a kernel-sourcecode-*.noarch.rpm package. Reasons are discussed here When doing your first update this can be handled with the following yum commands:
yum remove kernel-source yum install kernel-sourcecode
Driver Issues
Firewire
Firewire was disabled in the kernel for the initial release. An updated kernel will not have this problem.
see Bug Number 119262 and read this from Alexandre Oliva
3Com 3c905 network cards
On some older network cards ( I have a 3Com 3c905 that was affected by this ) networking does not come up properly. It's mentioned in the release notes. Bug Number 119965 Disabling kudzu in chkconfig is an effective workaround for this.
This bug now appears to be fixed with the most recent kernels.
Installing Nvdia drivers
read: http://www.nvidia.com/object/linux_display_ia32_1.0-6629.html download: http://download.nvidia.com/XFree86/Linux-x86/1.0-6629/NVIDIA-Linux-x86-1.0-6629-pkg1.run chmod the file to 700 to make in executable. Run it and install the kernel module. read: ftp://download.nvidia.com/XFree86/Linux-x86/1.0-6629/README.txt edit: /etc/X11/xorg.conf Replace Driver "nv" or "vesa" with "nvidia" In the Module section, make sure you have: Load "glx" Remove the following lines: Load "dri" Load "GLcore"
Sound
FC2 uses ALSA for sound. By default, all volume levels are set to zero.
Make sure that once you are in X, run /usr/bin/system-config-soundcard. Sometimes if you don't have sound, you have to do this again.
Then run /usr/bin/kmix (I usually configure it to but a volume icon in the task bar) then adjust your Output and Input settings. I had a problem playing audio CDs until I turned on the audio CD input and raised the input volume.
Burning CDs
There was an issue with burning CDs for one version of the fc2 kernel. That appears to be fixed in the latest kernel, however if you use XcdRoast the graphic bars appear to be screwed up. It will burn ok, but you get no progress bars.
Possible bug numbers:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=132180 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=131414 https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=132180 http://kernel.org/pub/linux/kernel/people/akpm/patches/2.6/2.6.8.1/2.6.8.1-mm3/broken-out/bio_uncopy_user-mem-leak.patch
Installing Applications
Mozilla
If you wish to install a version of mozilla not included by the distribution get packages from here: ftp://mirror.vcu.edu/pub/mozilla.org/mozilla/yum/SeaMonkey/releases/current/redhat/2/i386/
(this could also be configured with yum) Note: Mozilla 1.7.3 is now included in FC2 updates, so the above is not be necessary until Mozilla 1.8 is released.
[mozilla 1.6] name=Mozilla 1.6 for Fedora Core $releasever baseurl=http://mirror.vcu.edu/pub/mozilla.org/mozilla/yum/SeaMonkey/releases/1.6/redhat/$releasever/
Installing Java
version 1.4.2_05 http://java.sun.com/j2se/1.4.2/download.html ln -s /usr/java/j2sdk1.4.2_05/jre/plugin/i386/ns610-gcc32/libjavaplugin_oji.so /usr/lib/mozilla/plugins
If you want to be on the cutting edge, Java 5 ( the new name for Java 2 version 1.5 ) can be downloaded here: http://java.sun.com/j2se/1.5.0/download.jsp
Installing Flash
http://www.macromedia.com/shockwave/download/alternates/#linux cp flashplayer.xpt libflashplayer.so /usr/lib/mozilla/plugins OR http://ruslug.rutgers.edu/macromedia/site_ru.html
Installing an MP3 and DVD Players
If the livna.org repsitory is correctly configured in yum, use:
yum install xmms-mp3
To add the ability to play mp3s to xmms
yum install xine yum install libdvdcss
To add DVD playback capability
Installing RealPlayer
http://fedoranews.org/tchung/realplayer/
go to http://www.real.com/linux/ look for Advanced Installation, download rpm you should get a file called RealPlayer10GOLD.bin chmod 700 running this file will lauch the install script. It will ask for your install directory, I recommend /usr/local/real/RealPlayer mozilla plugins will get symlinked to /usr/lcoal/mozilla/plugins/ as part of install.
VMware
VMware Workstation 4.5.2-8848 will work under Fedora Core 2. see http://www.vmware.com/products/desktop/ws_features.html
VMware Console 3.1.0-9089 (for use with VMware-GSX) will work under FC2 see http://www.vmware.com/products/server/gsx_features.html
Crossover Office
Crossover Office Standard will work under Fedora Core 2. see http://www.codeweavers.com/site/products/cxoffice/
So far, I've installed the Quicktime and Widows Media Player and they run flawlessly. iTunes for Windows would not install.
Cedega
formerly known as WineX It has not been determined yet if Cedega will run under Fedora Core 2 see http://www.transgaming.com/products_linux.php
Neverwinter Nights
Neverwinter Nights 1.65 will work under Fedora Core 2. see http://nwn.bioware.com/downloads/linuxclient.html
More suggestions
http://www.linux.com/article.pl?sid=04/06/24/1638255
Installing Adobe Acrobat
including getting an Adobe Acrobat Reader rpm that works with Fedora, they suggest using the Suse rpm found here: http://mirror.vcu.edu/pub/linux/suse/i386/9.0/suse/i586/acroread-5.08-52.i586.rpm http://mirror.vcu.edu/pub/linux/suse/i386/9.1/suse/i586/acroread-5.08-202.i586.rpm
Other References
http://www.fedorafaq.org/ http://www.fedoraforum.org/ http://www.mjmwired.net/resources/mjm-fedora-fc2.shtml http://www.stud.uni-karlsruhe.de/~usge/fc2_install_notes.html http://fedoranews.org/colin/fnu/issue12.shtml http://fedoranews.org/colin/fnu/issue13.shtml http://fedoranews.org/colin/fnu/issue14.shtml http://users.netwit.net.au/~pursang/game.html
This page has been accessed 6715 times. This page was last modified 08:02, 14 Feb 2005.
