assuming network configuration is already done
those steps are otherwise partly automated by the linuxconf script
Disable a few init scripts
cd /etc/rc.d/ #find . -executable -type f ls -lF --color=auto #REC or OPT chmod -x rc.wireless rc.bluetooth rc.fuse rc.inetd
keeping rc.udev because without it, one gets this error when trying to SSH
PTY allocation request failed on channel 0
Are you clean?
netstat -lntup
Tune SSHD already.
Make sure there is a password in place, eventhough you might never use it (to prevent flawed services to authenticate root…)
passwd
Setup VIM
vi ~/.vimrc #vi /usr/share/vim/vimrc set nobackup set noundofile set paste set mouse=
which vi ls -lF /usr/bin/vi ln -sf vim /usr/bin/vi
Define a system-wide path (remove the user-specific part)
cp -pi /etc/profile /etc/profile.dist vi /etc/profile #MANPATH=/usr/local/man:/usr/local/share/man:/usr/man PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin PATH=$PATH:/etc/rc.d:$HOME/bin #PATH=$PATH:/usr/lib64/bcc:$HOME/xen PKG_CONFIG_PATH=/usr/lib64/pkgconfig\ :/usr/local/lib/pkgconfig\ :/usr/local/lib64/pkgconfig\ :/usr/local/share/pkgconfig
and at the end, enable the non-login shell parameters
#bash source /etc/shrc #ksh #ENV=/etc/shrc
then rather create a system-wide shrc that will be forcibly linked against. This trick is required for non-login shells and so you X terminals also show up a nice prompt and aliases – think of GNU Screen.
vi /etc/shrc #newfile
MAKEFLAGS=-j$((`grep ^processor /proc/cpuinfo | tail -1 | awk '{print $3}'` + 1))
# slackware
#HOST=${HOSTNAME%%\.*}
#(( `id -u` == 0 )) && PS1='$HOST# ' || PS1='$HOST> '
case "$-" in *i*)
alias ls='ls --group-directories-first -F --color=auto'
alias ll='ls --group-directories-first -alhF --color=auto'
alias cp='cp -i'
alias mv='mv -i'
alias rm='rm -i'
alias diff='/usr/bin/colordiff'
alias psu='ps --pid 2 --ppid 2 --deselect ufww'
alias neta='netstat -antup'
alias netl='netstat -lntup'
# null-mailer
alias runq='sendmail -q'
# mail server
#alias runq='postfix flush'
alias clean="grep -vE '^[[:space:]]*(;|#|$)'"
alias findexec='find . -executable -type f'
alias lynx='lynx -accept_all_cookies'
alias lynxg='lynx -accept_all_cookies https://www.google.com/ncr'
alias irssi='echo did you forget to start gnu/screen or tmux?'
alias ovs='ovs-vsctl'
alias commit='git commit --allow-empty-message -m ""'
alias commita='git commit -a --allow-empty-message -m ""'
alias push='git commit --allow-empty-message -m "" && git push'
alias pusha='git commit -a --allow-empty-message -m "" && git push'
alias stat='git diff --stat --cached origin/master'
alias pwgen='pwgen --capitalize --numerals --symbols --ambiguous 1$(( $RANDOM % 10 ))'
warn="this is the host system - unalias if you are sure"
alias shutdown="echo $warn"
alias reboot="echo $warn"
alias poweroff="echo $warn"
alias halt="echo $warn"
unset warn
export TERM=xterm
export EDITOR=/usr/bin/vi
export MAIL=/var/mail/$USER
export MAILCHECK=1
/usr/bin/biff y
w
;;
esac
some unused and unnecessary alternatives
#export TERM=linux
#export TERM=xterm-256color
#alias wget='wget --ca-certificate=/etc/ssl/cacert.pem'
#alias curl='curl --cacert /etc/ssl/cacert.pem'
# Debian/Ubuntu fixup
#export LC_ALL=en_US.UTF-8
#export LANG=en_US.UTF-8
#export LANGUAGE=en_US:en
also load the non-login shell parameters
ln -s ../etc/shrc ~/.bashrc
you can now apply it all at once
source /etc/profile
make sure Perl won’t piss you off about locales, at some point
slackpkg install glibc-2 perl -e exit
get rid of skeletons (should only have .screenrc) but let non-login shell parms take place
mv /etc/skel/ /etc/skel.dist/ mkdir /etc/skel/ # this works fine if you have /home/ #ln -s ../../etc/shrc /etc/skel/.bashrc # this is safer if you have /home/ as a symlink ln -s /etc/shrc /etc/skel/.bashrc cat > /etc/skel/.vimrc <<-EOF set nobackup set noundofile set paste set mouse= EOF
further tune for a multi-user system
removepkg sudo chmod 700 /root/ useradd -D -g users -s /bin/bash mv /etc/login.defs /etc/login.defs.dist grep -vE '^#|^$' /etc/login.defs.dist > /etc/login.defs vi /etc/login.defs HOME_MODE 0700 USERGROUPS_ENAB no vi /etc/default/useradd CREATE_MAIL_SPOOL=no
you will probably need that one, some time in the future
ls -alF /usr/local/lib/ echo /usr/local/lib >> /etc/ld.so.conf cat /etc/ld.so.conf ldconfig
Indexing
updatedb
Fixing defaults for git ($HOST short hostname is evaluated only if you have an FQDN, while $HOSTNAME always works)
git config --global core.pager "less -r"
#--replace-all
echo $USER@${HOSTNAME%%\.*}
git config --global user.name "$USER@${HOSTNAME%%\.*}"
git config --global user.email "$USER@${HOSTNAME%%\.*}"
Can’t ask for /var/log/*/* because it would open too many files (/var/log/packages/*)
cd ~/ echo 'tail -n0 -F /var/log/*' > log echo 'tail -n0 -F /var/log/* /var/log/xen/*.log' > log chmod +x log ./log
Get rid of unnecessary log MARKs
slackware 15+
vi /etc/default/syslogd SYSLOGD_OPTS="-m0 -s"
some issue that got fixed
# ls -lF /var/log/spooler # grep missingok /etc/logrotate.d/syslog
apply and check
/etc/rc.d/rc.syslog restart ps auxww | grep logd
Eventually harden your SSL certificates trust-store
Sync the hardware clock once, weekly –or– eventually enable the daemon to keep it in sync
#ntpdate ru.pool.ntp.org ntpdate ntp.obspm.fr #-u hwclock --utc --systohc
And tune LILO or switch to whatever boot-loader you prefer.
logs
vi log tail -n0 -F /var/log/* /var/log/*/* chmod +x log
Setup KSH93 / PDKSH to avoid Bash’s bind 'set disable-completion on/off dance, and enjoy happy-happy copy/pasting
git clone https://github.com/Orc/pdksh.git
cd pdksh/
./configure.sh
make
make install
echo /usr/local/bin/ksh >> /etc/shells
case "$-" in *i*)
set -o emacs 2>/dev/null
bind -m ^L='clear^M'
bind ^I=complete-list
vi /etc/profile
ENV=/etc/shrc
vi /etc/shrc
keybd_trap () {
case ${.sh.edchar} in
$'\f') .sh.edchar=$'\e\f';; # clear-screen
$'\e[1~') .sh.edchar=$'\001';; # Home = beginning-of-line
$'\e[4~') .sh.edchar=$'\005';; # End = end-of-line
$'\e[5~') .sh.edchar=$'\e>';; # PgUp = history-previous
$'\e[6~') .sh.edchar=$'\e<';; # PgDn = history-next
$'\e[3~') .sh.edchar=$'\004';; # Delete = delete-char
esac
}
case "$-" in *i*)
set -o emacs 2>/dev/null
#KSH93
trap keybd_trap KEYBD
#PDKSH
bind -m ^L='clear^M'
bind ^I=complete-list
chsh -s /bin/ksh root
useradd -D -s /bin/ksh
#chsh -s /usr/local/bin/ksh
#useradd -D -s /usr/local/bin/ksh
Virtual Terminals (for physical host, as those do not exist in a slackware guest. I find it convenient to see what happened lately on the console, and if you really want to hide it, just ^L before you ^D.
cd /etc/ mv -i inittab inittab.dist sed 's/agetty 38/agetty --noclear 38/' inittab.dist > inittab diff -bu inittab.dist inittab
Clean local daemons' shutdown
cat > /etc/rc.d/rc.local_shutdown <<-EOF #!/bin/bash #nothing here yet EOF chmod +x /etc/rc.d/rc.local_shutdown
The two rc.local scripts are executable by default
ln -s rc.d/rc.local /etc/rc.local ln -s rc.d/rc.local_shutdown /etc/rc.local_shutdown ls -lF /etc/rc.d/rc.local /etc/rc.d/rc.local_shutdown /etc/rc.local /etc/rc.local_shutdown
Eventually enable custom daily and weekly cron jobs
slackpkg install nmap libnl nmap -V cd /root/ wget https://pub.nethence.com/bin/slack/DAILY.txt mv DAILY.txt DAILY chmod +x DAILY wget https://pub.nethence.com/bin/slack/WEEKLY.txt mv WEEKLY.txt WEEKLY chmod +x WEEKLY vi /root/targets.conf IP-ADDRESS ANOTHER-CIDR
PATH cannot be defined in a dcron environment and its default is
/sbin:/usr/sbin:/bin:/usr/bin
therefore, in case your tools appear elsewhere, you need to provide the absolute full path accordingly
which sendmail
assuming your host is outbound email-ready
crontab -e 00 4 * * * /root/DAILY 2>&1 | sendmail -t 00 5 * * 0 /root/WEEKLY 2>&1 | sendmail -t
PATH can and should be defined within the cron-powered scripts, though
PATH=/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin
getting this from your daily cron job
error: stat of /var/log/spooler failed: No such file or directory
==> got no spooler coz this is a minimalistic system
vi /etc/logrotate.d/syslog (remove /var/log/spooler from the list)
you are also getting this once in a while
Stopping NTP daemon... Starting NTP daemon: /usr/sbin/ntpd -g -x -u ntp:ntp
==> and this is not particularly interesting so eventually get rid of it
vi /etc/logrotate.d/ntp
[ -x /etc/rc.d/rc.ntpd ] && /etc/rc.d/rc.ntpd restart >/dev/null
Loose the too-many shell features
#mkdir ~/.trash/ #mv /etc/profile.d/modules.* ~/.trash/
Some hardware checking
grep '^model name' /proc/cpuinfo | uniq grep ^proc /proc/cpuinfo free -m hdparm -I /dev/sda | grep 'Sector size' hdparm -Tt /dev/sda | tee -a /var/tmp/hdparm.sda #hdparm -Tt /dev/xvda | tee -a /var/tmp/hdparm.xvda #hdparm -Tt /dev/xvda1 | tee -a /var/tmp/hdparm.xvda1
One could further tune the cron job environment but that is unnecessary
SHELL=/bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin MAILTO=root HOME=/root
slackware ยป beginners_guide https://docs.slackware.com/slackware:beginners_guide
Shells https://docs.slackware.com/howtos:cli_manual:shells
Difference between Login Shell and Non-Login Shell? https://unix.stackexchange.com/questions/38175/difference-between-login-shell-and-non-login-shell
Current directory abbreviation rule in shell prompt https://unix.stackexchange.com/questions/245107/current-directory-abbreviation-rule-in-shell-prompt
Colour colour everywhere! 256 colour-mode for Linux consoles http://www.robmeerman.co.uk/unix/256colours
http://thedumbterminal.co.uk/posts/2007/02/setting_locale_failed_with_slackware.html
https://unix.stackexchange.com/questions/78583/can-ps-display-only-non-kernel-processes-on-linux
https://unix.stackexchange.com/questions/22121/what-do-the-brackets-around-processes-mean
retrieve patches in a cron job https://docs.slackware.com/slackware:beginners_guide
https://linuxconfig.org/logrotate
https://stackoverflow.com/questions/8683110/ksh-autocomplete-and-previous-commands-together
https://superuser.com/questions/1359959/how-to-reverse-i-search-in-ksh-through-ssh
https://unix.stackexchange.com/questions/277789/why-cant-korn-shell-do-ctrl-r
Slackware Installation Notes https://www.liuchuan.org/files/slackware/install.html#sec-5
Utf-8 linux console https://slackwiki.com/Utf-8_linux_console
Slackware and UTF-8 encoding https://www.linuxquestions.org/questions/slackware-14/slackware-and-utf-8-encoding-4175658227/
Localization: Adapt Slackware to your own Language https://docs.slackware.com/slackware:localization