assuming network configuration is already done
those steps are otherwise partly automated by the linuxconf script
Define a system-wide path (remove the user-specific part)
cp -pi /etc/profile /etc/profile.dist vi /etc/profile #MANPATH=/usr/local/man:/usr/local/share/man:/usr/man PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin PATH=$PATH:/etc/rc.d:$HOME/bin #PATH=$PATH:/usr/lib64/bcc:$HOME/xen
and at the end, enable the non-login shell parameters
#bash source /etc/shrc #ksh #ENV=/etc/shrc
then rather create a system-wide shrc that will be forcibly linked against. This trick is required for non-login shells and so you X terminals also show up a nice prompt and aliases – think of GNU Screen.
vi /etc/shrc # new file
export MAKEFLAGS=-j$((`grep ^processor /proc/cpuinfo | tail -1 | awk '{print $3}'` + 1))
case "$-" in *i*)
alias ll='ls --color=auto --group-directories-first -alh'
alias ls='ls --color=auto --group-directories-first'
alias psu='ps --pid 2 --ppid 2 --deselect ufw'
alias cp='cp -i'
alias mv='mv -i'
alias rm='rm -i'
alias runq='sendmail -q'
alias diff='colordiff'
alias clean="grep -vE '^[[:space:]]*(;|#|$)'"
alias findexec='find . -executable -type f'
alias lynx='lynx -accept_all_cookies'
alias lynxg='lynx -accept_all_cookies https://www.google.com/ncr'
alias irssi='echo did you forget to start gnu/screen or tmux?'
alias ovs='ovs-vsctl'
alias commit='git commit --allow-empty-message -m ""'
alias commita='git commit -a --allow-empty-message -m ""'
alias push='git commit --allow-empty-message -m "" && git push'
alias pusha='git commit -a --allow-empty-message -m "" && git push'
alias stat='git diff --stat --cached origin/master'
alias pwgen='pwgen --capitalize --numerals --symbols --ambiguous 1$(( $RANDOM % 10 ))'
warn="this is the host system - unalias if you are sure"
alias shutdown="echo $warn"
alias reboot="echo $warn"
alias poweroff="echo $warn"
alias halt="echo $warn"
unset warn
export TERM=xterm
export EDITOR=/usr/bin/vi
export MAIL=/var/mail/$USER
export MAILCHECK=1
/usr/bin/biff y
w
;;
esac
some unused and unnecessary alternatives
#export TERM=linux
#export TERM=xterm-256color
#alias wget='wget --ca-certificate=/etc/ssl/cacert.pem'
#alias curl='curl --cacert /etc/ssl/cacert.pem'
# Debian/Ubuntu fixup
#export LC_ALL=en_US.UTF-8
#export LANG=en_US.UTF-8
#export LANGUAGE=en_US:en
also load the non-login shell parameters
ln -s ../etc/shrc ~/.bashrc
you can now apply it all at once
source /etc/profile
choose an editor
ls -lF /usr/bin/vi /usr/bin/elvis /usr/bin/vim which vi
either keep the default NVI
–or– VIM
ln -sf vim /usr/bin/vi
–or– ELVIS
ln -sf elvis /usr/bin/vi
make sure Perl won’t piss you off about locales, at some point
slackpkg install glibc-2 perl -e exit
further tune for a multi-user system
removepkg sudo chmod 700 /root/
prevent new users to get their own dedicated group
useradd -D -g users -s /bin/bash cat /etc/default/useradd mv -i /etc/login.defs /etc/login.defs.dist grep -vE '^#|^$' /etc/login.defs.dist > /etc/login.defs.dist.clean grep -vE '^#|^$' /etc/login.defs.dist > /etc/login.defs cat >> /etc/login.defs <<-EOF #USERGROUPS_ENAB yes USERGROUPS_ENAB no HOME_MODE 0700 EOF
the new default is +t for mail spool, hence no need to create anything there
vi /etc/default/useradd #CREATE_MAIL_SPOOL=yes CREATE_MAIL_SPOOL=no
you will probably need that one, some time in the future
ls -alF /usr/local/lib/ echo /usr/local/lib >> /etc/ld.so.conf cat /etc/ld.so.conf ldconfig
Disable a few init scripts
cd /etc/rc.d/ #find . -executable -type f ls -lF --color=auto # REC or OPT chmod -x rc.atd rc.bluetooth rc.fuse3 rc.inetd rc.wireless
you need to keep UDEV for PTY allocation
Are you clean?
netstat -lntup
Tune SSHD already.
Make sure there is a password in place, eventhough you might never use it (to prevent flawed services to authenticate as root without a password)
passwd
enable indexing
updatedb
fix defaults for git ($HOST short hostname is evaluated only if you have an FQDN, while $HOSTNAME always works)
echo $USER@${HOSTNAME%%\.*}
git config --global user.name "$USER@${HOSTNAME%%\.*}"
git config --global user.email "$USER@${HOSTNAME%%\.*}"
can’t ask for /var/log/*/* because it would open too many files (/var/log/packages/*)
cat > /root/log <<-EOF tail -n0 -F /var/log/* /var/log/xen/*.log' EOF chmod +x /root/log
get rid of unnecessary log MARKs
slackware 15+
vi /etc/default/syslogd SYSLOGD_OPTS="-s -m0"
some issue that got fixed
# ls -lF /var/log/spooler # grep missingok /etc/logrotate.d/syslog
apply and check
/etc/rc.d/rc.syslog restart pgrep -a logd
eventually harden your SSL certificates trust-store
zone=Europe/Moscow ls -lF /etc/localtime* rm -f /etc/localtime* ln -s /usr/share/zoneinfo/$zone /etc/localtime
see daemons/ntp
tune LILO or switch to whatever boot-loader you cherish.
unless you’re running an FTP server across user account, you can keep those and also let non-login shell parms take place
# this works fine if you have /home/ #ln -s ../../etc/shrc /etc/skel/.bashrc # this is safer if you have /home/ as a symlink ln -s /etc/shrc /etc/skel/.bashrc
Setup KSH93 / PDKSH to avoid Bash’s bind 'set disable-completion on/off dance, and enjoy happy-happy copy/pasting
git clone https://github.com/Orc/pdksh.git
cd pdksh/
./configure.sh
make
make install
echo /usr/local/bin/ksh >> /etc/shells
case "$-" in *i*)
set -o emacs 2>/dev/null
bind -m ^L='clear^M'
bind ^I=complete-list
vi /etc/profile
ENV=/etc/shrc
vi /etc/shrc
keybd_trap () {
case ${.sh.edchar} in
$'\f') .sh.edchar=$'\e\f';; # clear-screen
$'\e[1~') .sh.edchar=$'\001';; # Home = beginning-of-line
$'\e[4~') .sh.edchar=$'\005';; # End = end-of-line
$'\e[5~') .sh.edchar=$'\e>';; # PgUp = history-previous
$'\e[6~') .sh.edchar=$'\e<';; # PgDn = history-next
$'\e[3~') .sh.edchar=$'\004';; # Delete = delete-char
esac
}
case "$-" in *i*)
set -o emacs 2>/dev/null
#KSH93
trap keybd_trap KEYBD
#PDKSH
bind -m ^L='clear^M'
bind ^I=complete-list
chsh -s /bin/ksh root
useradd -D -s /bin/ksh
#chsh -s /usr/local/bin/ksh
#useradd -D -s /usr/local/bin/ksh
Virtual Terminals (for physical host, as those do not exist in a slackware guest. I find it convenient to see what happened lately on the console, and if you really want to hide it, just ^L before you ^D.
cd /etc/ mv -i inittab inittab.dist sed 's/agetty 38/agetty --noclear 38/' inittab.dist > inittab diff -bu inittab.dist inittab
Clean local daemons' shutdown
cat > /etc/rc.d/rc.local_shutdown <<-EOF
#!/bin/bash
PATH=$PATH:/usr/local/bin:/usr/local/sbin
EOF
chmod +x /etc/rc.d/rc.local_shutdown
The two rc.local scripts are executable by default
ln -s rc.d/rc.local /etc/rc.local ln -s rc.d/rc.local_shutdown /etc/rc.local_shutdown ls -lF /etc/rc.d/rc.local /etc/rc.d/rc.local_shutdown /etc/rc.local /etc/rc.local_shutdown
Eventually enable custom daily and weekly cron jobs
slackpkg install nmap libnl nmap -V cd /root/ wget https://pub.nethence.com/bin/system/DAILY.txt mv DAILY.txt DAILY chmod +x DAILY wget https://pub.nethence.com/bin/system/WEEKLY.txt mv WEEKLY.txt WEEKLY chmod +x WEEKLY vi /root/targets.conf IP-ADDRESS ANOTHER-CIDR
PATH cannot be defined in a dcron environment and its default is
/sbin:/usr/sbin:/bin:/usr/bin
therefore, in case your tools appear elsewhere, you need to provide the absolute full path accordingly
which sendmail
assuming your host is outbound email-ready
crontab -e 00 4 * * * /root/DAILY 2>&1 00 5 * * 0 /root/WEEKLY 2>&1
PATH can and should be defined within the cron-powered scripts, though
PATH=/usr/local/bin:/usr/local/sbin:/bin:/sbin:/usr/bin:/usr/sbin
getting this from your daily cron job
error: stat of /var/log/spooler failed: No such file or directory
==> got no spooler coz this is a minimalistic system
vi /etc/logrotate.d/syslog (remove /var/log/spooler from the list)
you are also getting this once in a while
Stopping NTP daemon... Starting NTP daemon: /usr/sbin/ntpd -g -x -u ntp:ntp
==> and this is not particularly interesting so eventually get rid of it
vi /etc/logrotate.d/ntp
[ -x /etc/rc.d/rc.ntpd ] && /etc/rc.d/rc.ntpd restart >/dev/null
when trying to SSH
PTY allocation request failed on channel 0
==> keep rc.udev
Loose the too-many shell features
#mkdir ~/.trash/ #mv /etc/profile.d/modules.* ~/.trash/
Some hardware checking
grep '^model name' /proc/cpuinfo | uniq grep ^proc /proc/cpuinfo free -m hdparm -I /dev/sda | grep 'Sector size' hdparm -Tt /dev/sda | tee -a /var/tmp/hdparm.sda #hdparm -Tt /dev/xvda | tee -a /var/tmp/hdparm.xvda #hdparm -Tt /dev/xvda1 | tee -a /var/tmp/hdparm.xvda1
One could further tune the cron job environment but that is unnecessary
SHELL=/bin/bash PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin MAILTO=root HOME=/root
moar for /etc/profile
PKG_CONFIG_PATH=/usr/lib64/pkgconfig\ :/usr/local/lib/pkgconfig\ :/usr/local/lib64/pkgconfig\ :/usr/local/share/pkgconfig
slackware » beginners_guide https://docs.slackware.com/slackware:beginners_guide
Shells https://docs.slackware.com/howtos:cli_manual:shells
Difference between Login Shell and Non-Login Shell? https://unix.stackexchange.com/questions/38175/difference-between-login-shell-and-non-login-shell
Current directory abbreviation rule in shell prompt https://unix.stackexchange.com/questions/245107/current-directory-abbreviation-rule-in-shell-prompt
Colour colour everywhere! 256 colour-mode for Linux consoles http://www.robmeerman.co.uk/unix/256colours
http://thedumbterminal.co.uk/posts/2007/02/setting_locale_failed_with_slackware.html
https://unix.stackexchange.com/questions/78583/can-ps-display-only-non-kernel-processes-on-linux
https://unix.stackexchange.com/questions/22121/what-do-the-brackets-around-processes-mean
retrieve patches in a cron job https://docs.slackware.com/slackware:beginners_guide
https://linuxconfig.org/logrotate
https://stackoverflow.com/questions/8683110/ksh-autocomplete-and-previous-commands-together
https://superuser.com/questions/1359959/how-to-reverse-i-search-in-ksh-through-ssh
https://unix.stackexchange.com/questions/277789/why-cant-korn-shell-do-ctrl-r
Slackware Installation Notes https://www.liuchuan.org/files/slackware/install.html#sec-5
Utf-8 linux console https://slackwiki.com/Utf-8_linux_console
Slackware and UTF-8 encoding https://www.linuxquestions.org/questions/slackware-14/slackware-and-utf-8-encoding-4175658227/
Localization: Adapt Slackware to your own Language https://docs.slackware.com/slackware:localization
“ntpq -p” output http://nlug.ml1.co.uk/2012/01/ntpq-p-output/831
3.3. Clock Quality http://www.ntp.org/ntpfaq/NTP-s-sw-clocks-quality.htm
Xen domU VM time drifts out of sync with dom0 and other domU - IBM System x https://www.ibm.com/support/pages/xen-domu-vm-time-drifts-out-sync-dom0-and-other-domu-ibm-system-x
how do you set up a linux client to use ntp information provided through dhcp? https://unix.stackexchange.com/questions/327954/how-do-you-set-up-a-linux-client-to-use-ntp-information-provided-through-dhcp