From Notes

---

For further notes on SLES 9,0
see: SUSE Linux Enterprise Server , /Installation Notes , /Install Plan , /Qmail Notes

---

The following was developed with Novell SuSE Linux Pro 9.3, August 2005.

Base installation steps

(30 minutes from DVD to first reboot, 30 minutes more to finish)

1. Boot off CD 1 or DVD (32 -bit), or Dual-Layer DVD (64 bit) .
2. Select Installation of OS
   (wait for system to auto-detect hardware, and software)
3. Click on Next.
   (Sets up partition tables, and installs base system)
4. Click Next to reboot.</br>(after rebooting of system, with disk still in drive)
5. Select Boot off Hard Drive installation.
   (finishing loading the software and settings)
6. Root account information, enter password for root account.
7. Select Next to install Online Updates'
8. Select USA: Oregon State University (http) (fastest source available)
9. Select Next to continue Online updates
   (wait until all update information has been downloaded)
   (YaST - Online Patch software install application comes up)
10. Select Accept. Click on all Install Patch, if appears during installation.
    (Installs various releasedpatches for installed software)
11. Select ok
    (if need be, for any post-information)
12. Authenication Method, select Local (/etc/passwd)
13. Add a New Local User, Enter a new local username and password, Select Next.
14. Release Notes, Select Next.
15. Hardware configuration, (Auto configures hardware), Select Next.
16. Installation Completed, Select Finish to restart with complete system.
17. After system has started up logged as the user, then Start Menu/shutdown, reboot to make sure that all changes have taken effect.

Installation media copy (optional, only if have available disk space)

(copy media CD/DVD disks to local drive to make software installation faster).

• CD: Copy CD1, CD2, CD3, CD4, CD5 to /disks/SuSE_9.3
• DVD: Copy DVD to /disks/SuSE_9.3
• Update YaST / Software / Source Media.

Add local directory, /disks/SuSE_9.3

Make sure latest updates

(as root, 10 to 30 minutes depending on patches)

• YaST / Software / Online Updates

/sbin/yast2 online_update

• YaST / Software / System Updates

/sbin/yast2 update

• Do any kernal updates very last, by itself.
• Reboot when requested...
• Repeat until there are no updates to install.

Desired Packages, installed by base SuSE 9.3 installation

• curl 7.13.0-5

?????

1. gcc
2. flex
3. libxml2-dev
4. openssl-devel
5. openldap2-devel
6. mysql-devel
7. lbxslt-devel

Packages not part of base SuSE Linux Pro 9.3

Copy these 'un-official' updated packages to /disks/SuSE_9.3_downloads
(Note: Directories vary with Version and Architecture, common 9.3 & i386 example used)

• ftp://ftp.osuosl.org/pub/suse/projects/apache/apache2/9.3-i386/*
  • apache2 2.0.54-6.1
  • libapr0 2.0.54-6.1

• ftp://ftp.osuosl.org/pub/suse/projects/apache/neon/9.3-i386/*
  • neon 0.24.7-6.1

• ftp://ftp.osuosl.org/pub/suse/projects/apache/php5/9.3-i386/*
  • php 5 5.0.3-14.5
  • (includes most php5 modules and options)

• ftp://ftp.osuosl.org/pub/suse/projects/apache/subversion/9.3-i386/*
• Subverison 1.2.X
• ViewCVS 1.0-11.1

• mysql 4
• libapr0 ftp://ftp.osuosl.org/pub/suse/projects/apache/libapr0/9.3-i386/

TODO: Check out differences with:

• ftp://ftp.osuosl.org/pub/suse/people/poeml/
• http://packman.iu-bremen.de/suse/9.3
• http://ftp.gwdg.de/pub/linux/misc/suser-guru/rpm/9.3

Add a New source

• YaST / Package source
  • Add 'local directory', /disks/SuSE_9.3_downloads

Packages to YaST install

•  ? mysql

+ apache2_mod_mysql
+ phpMyAdmin

•  ? php5

+ apache2_mod_php5
+ php5-curl
+ php5-exif
+ php5-gd
+ php5-ldap
+ php5-mysql
+ php5-mysqli
+ php5-odbc
+ php5-pear
+ php5-snmp
+ php5-soap

• apache2 2.0.53-9

 + apache2-prefork 2.0.53-9
 + libapr0 2.0.53-9

• emacs 21.3-202

 + emacs-x11 21.3
 + ctags
 + emacs-info

• lynx 2.8.5-34
• mutt 1.5.9i-3
• ncftp 3.1.8-3
• pine 4.61-13
•  ? subversion (destro 1.1.3 old)

• Qmail
• qmailrocks.org

--later--

• arpwatch
• etherreal
• nmap 3.81-4

 +nmap-gtk

-- Maybe ? --

• db
• otrs
•  ? zope

+ zope-mysql

Packages to custom compile

• Zend

Packages to check for latest versions

• MozillaFireFox
•  ? Qmail

Packages to add after installation/update/reboot

• SpamAssasin -> Razor
• ClamAV -> drac
• Subversion 1.2.X
  • libarp0
  • neon

Other customized

• put alias -> /etc/profile.local
• update /etc/motd

Other notes

• iptables/firewall is now --> SuSeFirewall, Use YaST / Security (for basic setup).
• hostname --> Use YaST / DNS-Host Name

Personal Customizations (optional and varies)

• Firefox
  • bookmarks
    • http://google.com (Home Page)
    • http://
  • extensions
    • adblock
    • Web Developer
    • FoxyTunes
    • Download Manager Tweek
    • Google Preview
    • Mouse Gestures
    • Bookmark Synchronizer
    •  ? QuickNote
    •  ? HTML Validator
    •  ? View Formatted Source
    •  ? TV Bot
    •  ? Sage
  • themes
    • MiniFox
    • MicroFox
  • plugins

• • Bookmarks

External Links

• Use OSU's OSL, as best YaST package source,

 * FTP Installation Source

or

 * HTTP Installation Source

• Novell's list of Packages: Pro Pacakges

• Novell's Wiki page on Pro : SL Pro 9.3
• eDirectory Setup on Linux

• Windows Apps under Linux: http://www.novell.com/coolsolutions/feature/11224.html

• Porting: http://developer.novell.com/linux/migration.html

• Wine : http://www.winehq.com/

• Moving from Windows: http://www.novell.com/coolsolutions/feature/11222.html

Other notes

• Wiki - http://www.mono-project.com/Special:Specialpages

• Open Suse: submit bug : http://www.opensuse.org/index.php/Image:Bug.png

http://www.opensuse.org/index.php/Bug_Reporting_FAQ#YaST

• http://www.opensuse.org/index.php/Bugs:An_application_crashed
• http://www.opensuse.org/index.php/Frequently_Asked_Questions

Other notes, which should be listed above ?

Security Issues

• Install firewall, deny all, allow only the ports you want.
• Move sshd to different port #
• On SSHD port, watch after 5 fails, ban
• root not accesible from outside. (trigger/ban if attempt)
• (login: 5 failed attempts from same IP, 24 hr ban, if > x 2, then ban permantently)
• ftp / telnet, services are disabled
• (all other) services are disabled, unless otherwise documented/needed

Configuration options

• UID's consistant across both computers
• rsync possible (can do it over ssh port?)

• firewall setup (incoming block DEFAULT, OUTGOING ok) (ONLY THESE PORTS)
  • SSH-3456
    • allow only LOCAL 255.255.255.0 IP subnet
    • allow only PRODUCTION/DEVELOPMENT IP's
    • allow only Titan IP.
    • allow specific exceptions (DEV team) (Dev Only)
  • SMTP (25) - ALL (in and out)
  • HTTP/HTTPS (80)
  • mySQL
    • Allow only PRODUCTION/DEVELOPMENT's.
    • Allow only LOCAL 255.255.255.0 IP subnet

add to SuSE install packages

• JPGraph
  • http://www.aditus.nu/jpgraph/apache2suse.php
• Php5
  • http://www.aditus.nu/jpgraph/jpgraph-2.0beta.tar.gz

Other packages

• MANTIS
• DotProject
• WebAlyzer

Other packages to install/configure

• LogWatch
• LogSentry (or whatever program to ban attackers after 5 failed attempts)

Install 'Development' then 'Production'

• copy from one to the other
• setup sandbox with base.

---