Skip to content

GitLab

  • Projects
  • Groups
  • Snippets
  • Help
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
T
team
  • Project overview
    • Project overview
    • Details
    • Activity
  • Issues 133
    • Issues 133
    • List
    • Boards
    • Labels
    • Service Desk
    • Milestones
  • Operations
    • Operations
    • Incidents
  • Analytics
    • Analytics
    • Value Stream
  • Wiki
    • Wiki
  • Members
    • Members
  • Collapse sidebar
  • Activity
  • Create a new issue
  • Issue Boards

GitLab is used only for code review, issue tracking and project management. Canonical locations for source code are still https://gitweb.torproject.org/ https://git.torproject.org/ and git-rw.torproject.org.

  • The Tor Project
  • TPA
  • team
  • Wiki
    • Old
  • new machine nondebian

Last edited by Antoine Beaupré Jun 24, 2020
Page history

new machine nondebian

for fc14:

11-03-08 23:11:34 I cloned the git repo into usr/local/, added two symlinks to local/sbin, 11-03-08 23:11:41 copied the config file to /etc/userdir-ldap 11-03-08 23:11:47 modified nsswitch.conf, 11-03-08 23:11:53 modified the pam stuff (added mkhomedir) 11-03-08 23:12:12 created a symlink from /var/db/.... to ../lib/misc/foo 11-03-08 23:12:32 disabled selinux, so ssh can read the key files 11-03-08 23:12:38 update ssh config 11-03-08 23:12:40 fix timezone 11-03-08 23:12:52 and created the zsh symlink 11-03-08 23:13:03 I think that's it. maybe I forgot something

  • fix up hostname. It needs to have the fully qualified hostname in 'hostname -f'

cd /usr/local && git clone https://git.torproject.org/admin/userdir-ldap.git

cd /usr/local/sbin && ln -s ../ln -s ../userdir-ldap/ud-config ../userdir-ldap/ud-replicate .

mkdir /etc/userdir-ldap && cd /etc/userdir-ldap && cp /usr/local/userdir-ldap/userdir-ldap.conf .

echo alberti.torproject.org,alberti,db.torproject.org,db,38.229.70.7 ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAqFvZsXVYuzrgDO7IbBjeBO5WKk+sXmb0rRzPcSwIRTaMS4h3QdLDG1VjeNA5CUeAjTOYC0hAWZiXzfsl4u0KwNJUWRGZCclbIt6V7Tk74mM0405A+y0JP3NwUnTevcRcVxiDo8mrI85y5MXvipaWnPdGYayL09h9EeNDzBVKNZooCeKQBqkejhH69gyy4gdN9HgfMep3uOInyjr86W49pZ4n7CXoVt8QkTWtoBX/qPHK8igqX/dcYkOgCclVYRrQ1G4FbxEOGD+QzwPnCGDWCUgapFXoqh7HpG0Xfg5iDXGFcIu1JgDdr/SFJkr6hmYjW0gmkge0ihGj7GZ6onWhzQ== root@alberti > /etc/ssh/ssh_known_hosts && ud-replicate

maybe change chown in ud-replicate

cd /var/db && ln -s ../lib/misc/group.db ../lib/misc/passwd.db ../lib/misc/shadow.db .

edit /etc/nsswitch.conf to read: | passwd: files db | shadow: files db | group: db files

check if 'id weasel' works

disable selinux

include pam mkhomedir for ssh and su.

add to sshd_config: AuthorizedKeysFile /etc/ssh/userkeys/%u AuthorizedKeysFile2 /var/lib/misc/userkeys/%u

crontab: cat > /etc/cron.d/ud-replicate << EOF PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin 10,25,40,55 * * * * root ud-replicate EOF

sudoers

Clone repository

Quick links

  • How to get help!
  • User documentation
  • Sysadmin howtos
  • Services
  • Policies
  • Meetings
  • Roadmaps