Slackware Linux Post-installation

assuming network configuration is already done

those steps are otherwise partly automated by the linuxconf script

Daemons

Disable a few init scripts

cd /etc/rc.d/
#find . -executable -type f
ls -lF --color=auto

#REC or OPT
chmod -x rc.wireless rc.bluetooth rc.fuse rc.inetd

keeping rc.udev because without it, one gets this error when trying to SSH

PTY allocation request failed on channel 0

Are you clean?

netstat -lntup

Tune SSHD already.

Make sure there is a password in place, eventhough you might never use it (to prevent flawed services to authenticate root…)

passwd

Packages & patching

See Packages and Patching

Environment

Setup VIM

vi ~/.vimrc
#vi /usr/share/vim/vimrc

set nobackup
set noundofile
set paste
set mouse=

which vi
ls -lF /usr/bin/vi
ln -sf vim /usr/bin/vi

Define a system-wide path (remove the user-specific part)

cp -pi /etc/profile /etc/profile.dist
vi /etc/profile

#MANPATH=/usr/local/man:/usr/local/share/man:/usr/man
PATH=/usr/local/bin:/usr/bin:/bin:/usr/local/sbin:/usr/sbin:/sbin
PATH=$PATH:/etc/rc.d:$HOME/bin
#PATH=$PATH:/usr/lib64/bcc:$HOME/xen
PKG_CONFIG_PATH=$PKG_CONFIG_PATH:/usr/local/lib/pkgconfig

and at the end, enable the non-login shell parameters

#bash
source /etc/shrc

#ksh
#ENV=/etc/shrc

then rather create a system-wide shrc that will be forcibly linked against. This trick is required for non-login shells and so you X terminals also show up a nice prompt and aliases – think of GNU Screen.

vi /etc/shrc #newfile

MAKEFLAGS=-j$((`grep ^processor /proc/cpuinfo | tail -1 | awk '{print $3}'` + 1))

HOST=${HOSTNAME%%\.*}
(( `id -u` == 0 )) && PS1='$HOST# ' || PS1='$HOST> '

case "$-" in *i*)
    alias ls='ls -F --color=auto'
    alias ll='ls -alhF --color=auto'
    alias cp='cp -i'
    alias mv='mv -i'
    alias rm='rm -i'
    alias neta='netstat -antup'
    alias netl='netstat -lntup'
    #alias runq='postfix flush'
    #alias runq='sendmail -q'

    alias clean="grep -vE '^[[:space:]]*(;|#|$)'"
    alias findexec='find . -executable -type f'
    alias lynx='lynx -accept_all_cookies'
    alias lynxg='lynx -accept_all_cookies https://www.google.com/ncr'
    alias irssi='echo did you forget to start gnu/screen or tmux?'
    #alias vs='ovs-vsctl'

    alias push='git commit -a --allow-empty-message -m "" && git push'
    alias commit='git commit --allow-empty-message -m ""'
    alias stat='git diff --stat --cached origin/master'

    #alias diff='colordiff'
    #alias wget='wget --ca-certificate=/etc/ssl/cacert.pem'
    #alias curl='curl --cacert /etc/ssl/cacert.pem'

    warn="this is the host system - unalias if you are sure"
    alias shutdown="echo $warn"
    alias reboot="echo $warn"
    alias poweroff="echo $warn"
    alias halt="echo $warn"
    unset warn

    #export TERM=linux
    export TERM=xterm
    #export TERM=xterm-256color

    export EDITOR=/usr/bin/vi
    export PAGER="/usr/bin/less -r"
    ;;
esac

also load the non-login shell parameters

ln -s ../etc/shrc ~/.bashrc

you can now apply it all at once

source /etc/profile

make sure Perl won’t piss you off about locales, at some point

slackpkg install glibc-2
perl -e exit

get rid of skeletons (should only have .screenrc) but let non-login shell parms take place

mv /etc/skel/ /etc/skel.dist/
mkdir /etc/skel/

# this works fine if you have /home/
#ln -s ../../etc/shrc /etc/skel/.bashrc

# this is safer if you have /home/ as a symlink
ln -s /etc/shrc /etc/skel/.bashrc

cat > /etc/skel/.vimrc <<-EOF
set nobackup
set noundofile
set paste
set mouse=
EOF

further tune for a multi-user system

removepkg sudo

chmod 700 /root/

useradd -D -g users -s /bin/bash

mv /etc/login.defs /etc/login.defs.dist
grep -vE '^#|^$' /etc/login.defs.dist > /etc/login.defs
vi /etc/login.defs

HOME_MODE               0700
USERGROUPS_ENAB         no

vi /etc/default/useradd

CREATE_MAIL_SPOOL=no

you will probably need that one, some time in the future

ls -alF /usr/local/lib/
echo /usr/local/lib >> /etc/ld.so.conf
cat /etc/ld.so.conf
ldconfig

Miscellaneous

Indexing

updatedb

Sync the hardware clock once –or– eventually keep being in sync

#ntpdate ru.pool.ntp.org
ntpdate ntp.obspm.fr
#-u
hwclock --utc --systohc

Fixing defaults for git ($HOST short hostname is evaluated only if you have an FQDN, while $HOSTNAME always works)

git config --global core.pager "less -r"
#--replace-all

echo $USER@${HOSTNAME%%\.*}
git config --global user.name  "$USER@${HOSTNAME%%\.*}"
git config --global user.email "$USER@${HOSTNAME%%\.*}"

Can’t ask for /var/log/*/* because it would open too many files (/var/log/packages/*)

cd ~/
echo 'tail -n0 -F /var/log/*' > log
echo 'tail -n0 -F /var/log/* /var/log/xen/*.log' > log
chmod +x log
./log

Get rid of unnecessary log MARKs

slackware current

vi /etc/default/syslogd

SYSLOGD_OPTS="-m0 -s"

deprecated

#cp -pi /etc/rc.d/rc.syslog /etc/rc.d/rc.syslog.dist
#chmod -x /etc/rc.d/rc.syslog.dist
#vi /etc/rc.d/rc.syslog

#SYSLOGD_OPTIONS="-m0 "

apply and check

/etc/rc.d/rc.syslog restart
ps auxww | grep logd

LILO speedup (physical host only)

Eventually make linux fast again, whatever boot-loader you are using, and disable IPv6 at once

ls -lF /etc/lilo.conf_example
mv -i /etc/lilo.conf /etc/lilo.conf.dist
sed -r '/^[[:space:]]*(#|$)/d' /etc/lilo.conf.dist > /etc/lilo.conf
vi /etc/lilo.conf

lba32
append=" vt.default_utf8=0"
timeout = 30

#new kernels e.g. 5.5.10 don't accept it anymore?
#vga = 791

image = /vmlinuz
  root = /dev/sda1
  label = linux5510
  append = "mitigations=off"
  #ipv6.disable=1
  read-only

lilo
shutdown -r now

and check after reboot

uname -r
cat /proc/cmdline

Additional tuning

logs

vi log

tail -n0 -F /var/log/* /var/log/*/*

chmod +x log

Setup KSH93 / PDKSH to avoid Bash’s bind 'set disable-completion on/off dance, and enjoy happy-happy copy/pasting

git clone https://github.com/Orc/pdksh.git
cd pdksh/
./configure.sh
make
make install
echo /usr/local/bin/ksh >> /etc/shells

case "$-" in *i*)
    set -o emacs 2>/dev/null
    bind -m ^L='clear^M'
    bind ^I=complete-list

vi /etc/profile

ENV=/etc/shrc

vi /etc/shrc

keybd_trap () {
    case ${.sh.edchar} in
        $'\f')    .sh.edchar=$'\e\f';;  # clear-screen
        $'\e[1~') .sh.edchar=$'\001';;  # Home = beginning-of-line
        $'\e[4~') .sh.edchar=$'\005';;  # End = end-of-line
        $'\e[5~') .sh.edchar=$'\e>';;   # PgUp = history-previous
        $'\e[6~') .sh.edchar=$'\e<';;   # PgDn = history-next
        $'\e[3~') .sh.edchar=$'\004';;  # Delete = delete-char
    esac
}

case "$-" in *i*)
    set -o emacs 2>/dev/null

    #KSH93
    trap keybd_trap KEYBD

    #PDKSH
    bind -m ^L='clear^M'
    bind ^I=complete-list

chsh -s /bin/ksh root
useradd -D -s /bin/ksh

#chsh -s /usr/local/bin/ksh
#useradd -D -s /usr/local/bin/ksh

Virtual Terminals (for physical host, as those do not exist in a slackware guest. I find it convenient to see what happened lately on the console, and if you really want to hide it, just ^L before you ^D.

cd /etc/
mv -i inittab inittab.dist
sed 's/agetty 38/agetty --noclear 38/' inittab.dist > inittab
diff -bu inittab.dist inittab

Clean local daemons' shutdown

cat > /etc/rc.d/rc.local_shutdown <<-EOF
#!/bin/bash
#nothing here yet
EOF
chmod +x /etc/rc.d/rc.local_shutdown

The two rc.local scripts are executable by default

ln -s rc.d/rc.local /etc/rc.local
ln -s rc.d/rc.local_shutdown /etc/rc.local_shutdown
ls -lF /etc/rc.d/rc.local /etc/rc.d/rc.local_shutdown /etc/rc.local /etc/rc.local_shutdown

Eventually enable some daily cron job

slackpkg install nmap libnl
nmap -V

cd /root/
wget https://pub.nethence.com/bin/slack/DAILY.txt
mv DAILY.txt DAILY
chmod +x DAILY

which sendmail
crontab -e

#Postfix or DMA
00 4 * * * /root/DAILY 2>&1 | /usr/local/sbin/sendmail -t
00 5 * * 0 /root/WEEKLY 2>&1 | /usr/sbin/sendmail -t

#postfix from distribution
#00 4 * * * /root/DAILY 2>&1 | /usr/sbin/sendmail -t

and make sure your server is outbound ready.

note that you might want to keep kernel headers to be able to build, and eventually firmwares for the bare-metal

kernel-firmware
kernel-headers
#kernel-source
#kernel-huge
#kernel-modules

Troubleshooting

getting this from your daily cron job

error: stat of /var/log/spooler failed: No such file or directory

==> got no spooler coz this is a minimalistic system

vi /etc/logrotate.d/syslog

(remove /var/log/spooler from the list)

you are also getting this once in a while

Stopping NTP daemon...
Starting NTP daemon:  /usr/sbin/ntpd -g -x -u ntp:ntp

==> and this is not particularly interesting so eventually get rid of it

vi /etc/logrotate.d/ntp

    [ -x /etc/rc.d/rc.ntpd ] && /etc/rc.d/rc.ntpd restart >/dev/null

Trash

Loose the too-many shell features

#mkdir ~/.trash/
#mv /etc/profile.d/modules.* ~/.trash/

Some hardware checking

grep '^model name' /proc/cpuinfo | uniq
grep ^proc /proc/cpuinfo
free -m
hdparm -I /dev/sda | grep 'Sector size'
hdparm -Tt /dev/sda | tee -a /var/tmp/hdparm.sda
#hdparm -Tt /dev/xvda | tee -a /var/tmp/hdparm.xvda
#hdparm -Tt /dev/xvda1 | tee -a /var/tmp/hdparm.xvda1

One could further tune the cron job environment but that is unnecessary

SHELL=/bin/bash
PATH=/bin:/sbin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
MAILTO=root
HOME=/root

Resources

slackware » beginners_guide https://docs.slackware.com/slackware:beginners_guide

Shells https://docs.slackware.com/howtos:cli_manual:shells

Difference between Login Shell and Non-Login Shell? https://unix.stackexchange.com/questions/38175/difference-between-login-shell-and-non-login-shell

Current directory abbreviation rule in shell prompt https://unix.stackexchange.com/questions/245107/current-directory-abbreviation-rule-in-shell-prompt

Colour colour everywhere! 256 colour-mode for Linux consoles http://www.robmeerman.co.uk/unix/256colours

Localization: Adapt Slackware to your own Language https://docs.slackware.com/slackware:localization