User:Misterhaan/Linux Client Setup

From auWiki
Jump to navigation Jump to search

i use ubuntu as my workstation gnu/linux distribution along with windows vista. this guide is what i did to set up tesla and galileo with ubuntu 12.10 precise pangolin.

partition hard drive

i have a bootable linux-based rescue disc that lets me run qtparted, which is a partition editing tool. the first thing i do when setting up a new system is boot that disc and set up an ntfs partition at the end of the hard disk for windows to use. i put it at the end of the disk because sometimes in order to boot a partition it has to start within a certain number of bytes of the beginning of the disk, and my linux partitions are smaller.

at minimum, one could probably get by with 5 gigabytes for linux and 20 gigabytes for windows. i use an 128-gigabyte drive (which works out to almost 120 gigabytes in binary), so i quadruple both of those to end up with 40 for linux and 80 for vista. this leaves the first 40 gigabytes unpartitioned and the last 80 as a primary ntfs partition.

install windows

since windows assumes it's the only thing you're going to run, it’s easier to install it first and let ubuntu fix things afterward.

install ubuntu

this is pretty straighforward — simply boot the cd (or usb drive) and it will load up ubuntu for you. click the install ubuntu button to actually install ubuntu to your hard drive. for the installation type chose [i]something else[/i] because then you can tell it to automatically mount your windows partition. if you haven’t already set up linux partitions, create swap at the beginning of the disk at about double your ram size, then put the rest of your linux space in an ext4 partition mounted at / (root). set your windows partition to use as ntfs and give it a mount point like /windows (make sure it’s something linux wouldn’t use). make sure your windows partition isn’t set to format! you do want to format / especially if you’re installing over a previous linux install.

now set your keyboard layout (i use dvorak), time zone, and user and computer name while ubuntu installs.

after the system reboots, it will probably have some updates it wants to install but before that i want to create my users and group(s) to match my server. this is done largely the same way as described in the linux server setup, except admin users here should also be part of some additional groups (use with -G in either useradd or usermod). when logged in as your user, run the groups command in terminal to get the list of groups (ignore the group named the same as your user). be sure to rune passwd to set passwords for the other users, then log in as one of them. use usermod to change your user's id, move the home directory, and set the default group. now you can install all the updates, but that’ll probably take a while.

if you use something other than /home/ as your home directory (i do because i mount my server’s home directory there) you need to fix apparmor so evince (pdf viewer) will run. edit [code]/etc/apparmor.d/tunables/home[/code] as root and change [code]@{HOMEDIRS}=/home/[/code] to use whatever directory you’re using as a home directory. to apply the change, restart apparmor (or reboot):

[code]sudo /etc/init.d/apparmor restart[/code]

ubuntu 12.10 inexplicably added amazon product search to the dash which is expected to search programs and maybe files. go to system settings > privacy and set [i]include online search results[/i] to off under the search results tab.


prevent the update window from popping up (you'll get an icon in the notification area instead) with this command:

[code]gconftool -s --type bool /apps/update-notifier/auto_launch false[/code]

skip the confirmation dialog when shutting down / restarting with this command:

[code]gconftool -s --type bool /apps/indicator-session/suppress_logout_restart_shutdown true[/code]

laptop considerations

a couple other steps make using ubuntu on a laptop nicer. you can probably skip this entire section for desktops, unless you happen to have a fingerprint reader or use wireless internet.

enable fingerprint reader

ubuntu 11.10 dropped fingerprint reader support from the official repositories, so now the best bet is to install fingerprint-gui from a ppa:

[code]sudo add-apt-repository ppa:fingerprint/fingerprint-gui sudo apt-get update sudo apt-get install libbsapi policykit-1-fingerprint-gui fingerprint-gui[/code]

find fingerprint gui in the menu and enroll at least one fingerprint. after logging out and back in (or restarting), whenever prompted to type a password you will also see an option to swipe your finger instead.

remove default keyring password


the only thing in my default keyring is my wireless password. since i also have a fingerprint reader and can log in with that, the default keyring won’t be unlocked from fingerprint login so you have to enter your password anyway unless you remove the default keyring password. before connecting to my wireless i bring up a command prompt and enter this:

[code]rm ~/.gnome2/keyrings/*[/code]

then connect to wireless and it will ask for a keyring password. leave it blank and choose unsafe storage ― your wireless password will now be stored unencrypted for the extra convenience of not having to enter your password to decrypt it if you use fingerprint login.

mount drives when connecting to home wifi

after connecting to home wifi at least once, go to a terminal and use this command to find the uuid of your home wifi:

[code]nmcli con list[/code]

now create a new file as root in [code]/etc/NetworkManager/dispatcher.d/[/code] and enter the following code (make sure to put in your uuid and your actual mount points):

[code]#!/bin/bash if [ "$CONNECTION_UUID" = "<YOUR UUID HERE>" ]; then

 mount /mount/point/one
 mount /mount/point/two


now set the permissions on the file so only root has access and can read, write, or execute it:

[code]sudo chmod 755 /etc/NetworkManager/dispatcher.d/[/code]

enable nfs network shares

for some reason my workstations never see my server, so i have to add it to the hosts file. in linux this file is at /etc/hosts — add a line to the end that contains the server’s ip address, a tab, and the name of the server.

ubuntu doesn’t support nfs by default, so install it with [code]sudo apt-get install nfs-common[/code]. edit /etc/fstab as root and add one line for each nfs share in this format:

[code]server:/nfs_share /local/mount/point nfs noexec 0 0[/code]

on my laptop the server can’t be accessed until the wireless is connected, which after fstab mounts happen, so the best i know to do is mount them manually. where it says [code]noexec[/code] instead put [code]user,noauto,noexec[/code] to not mount at startup and to allow any user to mount.

make sure your local mount point directories exist (create them with sudo mkdir /local/mount/point), then reboot and your nfs shares should be accessible. if you don’t want to reboot, you can manually mount everything with sudo mount /local/mount/point.

set preferences

there are a couple settings in system settings i’ll point out:

under [i]appearance[/i] i set my background image, and on my laptop and netbook i turn down the launcher icon size to 40 and 32. under [i]brightness and lock[/i] for my desktop i turn off lock so i don’t need to enter my password after the screen turns off.

the other settings i mess with are under user accounts (under system). select a user and then you can click the placeholder picture and set a better one. also any users created with useradd probably won’t show a name unless you click next to the picture and enter one.

auto-login is a security risk — i only use it on my desktop because i’m reasonably sure nobody is going to have physical access to that computer that shouldn’t. i don’t use it on my laptop at all. to enable auto-login, select the user you want to log in from user accounts and change automatic login to on.

many of the settings from before, including font sizes and window themes are missing. we’ll get into those after installing some extra software which adds some of the changes back.

enable vnc server

i skip this on my laptop, but in [i]desktop sharing[/i] i can enable a vnc server. i allow other users to view and control my desktop, uncheck you must confirm each access to this machine, and require the user to enter this password (the same one i use for windows vnc server). i have multiple workstations behind my router running vnc servers, so they can’t all use the default port. unfortunately the configuration (which is hard to find after 8.04) doesn’t even allow the ports i have been using, so i have to use iptables to redirect requests on the port i want to use to port 5900 (the default vnc server port). the following commands set this up for me (replace #### with your port):

[code]sudo iptables -A INPUT -i lo -j ACCEPT sudo iptables -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT sudo iptables -t nat -A PREROUTING -i eth0 -p tcp --dport #### -j REDIRECT --to-port 5900 sudo iptables -A INPUT -i eth0 -p tcp --syn --dport 5900 -j ACCEPT[/code]

of course that’s going to get reset the next time the system comes up, so we need to set up a “service” to save and restore rules. to do that, create [code]/etc/init.d/iptables[/code] as root and paste the following into it:


  1. This is a ubuntu adapted iptables script from gentoo
  2. ( which was originally distributed
  3. under the terms of the GNU General Public License v2
  4. and was Copyrighted 1999-2004 by the Gentoo Foundation
  5. This adapted version was intended for and ad-hoc personal
  6. situation and as such no warranty is provided.

IPTABLES_SAVE="/etc/iptables.rules" SAVE_RESTORE_OPTIONS="-c" SAVE_ON_STOP="yes"

checkrules() {

       if [ ! -f ${IPTABLES_SAVE} ]
               echo "Not starting iptables. First create some rules then run"
               echo "\"/etc/init.d/iptables save\""
               return 1


save() {

 echo "Saving iptables state"
 /sbin/iptables-save ${SAVE_RESTORE_OPTIONS} > ${IPTABLES_SAVE}



       checkrules || return 1
         echo  "Loading iptables state and starting firewall"
         echo -n "Restoring iptables ruleset"
         start-stop-daemon --start --quiet --exec /sbin/iptables-restore -- ${SAVE_RESTORE_OPTIONS} < ${IPTABLES_SAVE}


case "$1" in

       echo "."
       echo "."
         if [ "${SAVE_ON_STOP}" = "yes" ]; then
                 save || exit 1
         echo -n "Stopping firewall"
               for a in `cat /proc/net/ip_tables_names`; do
                       /sbin/iptables -F -t $a
                       /sbin/iptables -X -t $a
                       if [ $a == nat ]; then
                               /sbin/iptables -t nat -P PREROUTING ACCEPT
                               /sbin/iptables -t nat -P POSTROUTING ACCEPT
                               /sbin/iptables -t nat -P OUTPUT ACCEPT
                       elif [ $a == mangle ]; then
                               /sbin/iptables -t mangle -P PREROUTING ACCEPT
                               /sbin/iptables -t mangle -P INPUT ACCEPT
                               /sbin/iptables -t mangle -P FORWARD ACCEPT
                               /sbin/iptables -t mangle -P OUTPUT ACCEPT
                               /sbin/iptables -t mangle -P POSTROUTING ACCEPT
                       elif [ $a == filter ]; then
                               /sbin/iptables -t filter -P INPUT ACCEPT
                               /sbin/iptables -t filter -P FORWARD ACCEPT
                               /sbin/iptables -t filter -P OUTPUT ACCEPT
   start-stop-daemon --stop --quiet --pidfile /var/run/ --exec /sbin/iptables
   echo "."
         echo -n "Flushing firewall"
                 for a in `cat /proc/net/ip_tables_names`; do
                         /sbin/iptables -F -t $a
                         /sbin/iptables -X -t $a
   echo "."
   echo "Usage: /etc/init.d/iptables {start|stop|restart|save}" >&2
   exit 1


exit 0[/code]

now make it executable, add it to the system startup, and also initialize the /etc/iptables.rules file: [code]sudo chmod 755 /etc/init.d/iptables sudo update-rc.d iptables start 37 S . stop 37 0 . sudo iptables-save > iptables.rules sudo cp iptables.rules /etc/iptables.rules rm iptables.rules[/code]

remove stuff

i remove some things i don’t like. the command for that looks like this:

`sudo apt-get remove packages`

where packages is at least one package to remove. to remove more than one package, separate their names with spaces. here are the packages i remove:

  • **rhythmbox** - a music player that doesn’t do all that well with my read-only mp3 share from my file server. i’ll install audacious instead.
  • **simple-scan** - an oversimplified scanner interface, missing important basic features like preview. install xsane instead if you have a scanner that works with linux

here’s the full command to remove everything i remove:

`sudo apt-get remove rhythmbox simple-scan`

install more stuff

of course there are also a few things i use that aren’t in ubuntu by default. add them with a command that looks like this:

[code]sudo apt-get install packages[/code]

where packages again is at least one package to install, and multiple packages can be specified separated with spaces. ubuntu can find most software i want — i’ll discuss those it can’t find or that it finds an older version of than i want later. here are the packages i install with apt-get:

[bullets][b]audacious[/b] - sound player derived from xmms (similar to winamp). this works better for my setup than the default player (rhythmbox). [b]audacity[/b] - sound editor. [b]avidemux[/b] - simple video editor i have used to convert mkv to avi. [b]compizconfig-settings-manager[/b] - advanced display effects settings tool, which also configures some unity settings. unity handles the menu and running programs list. [b]eclipse[/b] - programming environment that i use for building websites with php, mysql, html, css, and javascript. i need to install more features from within eclipse later on, but this simplifies the core eclipse install at least. [b]filezilla[/b] - ftp client. i use this for transferring files to my website that aren’t managed by subversion. a filezilla item is added to the [i]internet[/i] submenu in the applications menu. [b]gimp[/b] - graphics editor. this was in the default ubuntu install until 10.04 where they decided that fspot handles all the photo enhancing that most users want, but i want more than that so i install gimp. [b]gnome-gmail[/b] - creates a menu entry for gmail which launches it in firefox. can also be used as a preferred application (sort of — see below). [b]gnome-tweak-tool[/b] - gives back some basic display options, like font sizes and themes. [b]handbrake-gtk[/b] - dvd ripping program handy for getting movies from disc to an ipad, for example. it wouldn’t install for me on 12.10 though. [b]konqueror[/b] - a khtml-based browser (safari and chrome use webkit, which is based on khtml). i have installed this in the past to test my web development in it, but i tend to not actually use it so this time i won’t. it adds a bunch of kde stuff to the menus, with konqueror in the [i]internet[/i] section. [b]mixxx[/b] - dj software i’m playing around with on my laptop. [b]mp3gain[/b] - loudness analyser for mp3 files. mp3gain attempts to figure out how loud an mp3 file sounds, and then adds gain information to the file so that it sounds like it has the same loudness as the other mp3s (provided you use this on all of them). it’s a command-line tool so won’t put anything in the applications menu. [b]myunity[/b] - some customization options for the unity desktop. it’s easier to use than compizconfig-settings-manager, but also doesn’t have as many options. seems to not exist as of 12.10. [b]openshot[/b] - video editor i’ve used to fade two video clips together. [b]pidgin[/b] - instant messaging client with more important features than the default empathy. [b]puddletag[/b] - mp3 tag editor. [b]screenlets[/b] - desktop widgets/gadgets/whatever you want to call them. i use this to get weather and a slideshow of my photos on the desktop. screenlets shows up in the [i]accessories[/i] submenu of the applications menu. [b]screenlets-pack-all[/b] - more screenlets, including the weather one i like. [b]sound-juicer[/b] - cd ripper. shows up as [i]audio cd extractor[/i] in the [i]sound & video[/i] section. [b]soundconverter[/b] - just as it sounds like, this program can load up a bunch of sound files and convert them to a different format. i don’t typically do this, so i wait to install it until i’m about to use it. [b]subversion[/b] - command-line subversion client. mostly i use subversion through an eclipse plugin, but sometimes it’s handy to have the svn command available at the command line. since it’s a command-line utility it doesn’t show up in the applications menu. [b]sux[/b] - switch user and forward x context. handy when i want to run a gui application as a different user. [b]ubuntu-restricted-extras[/b] - mp3, flash, java, and dvd playback. these changes affect browsers and players that are installed (or will be installed later) so nothing is added to the applications menu. [b]xsane[/b] - scanner interface that works with gimp. as far as i know my current scanner isn’t supported but my old one is, so sometimes i’ll install it on my laptop in case i want to bring it and the scanner somewhere.[/bullets]

here’s the full command to install everything i install:

[code]sudo apt-get install audacious audacity compizconfig-settings-manager eclipse filezilla gimp gnome-tweak-tool mp3gain puddletag screenlets screenlets-pack-all sound-juicer subversion ubuntu-restricted-extras[/code]

tweak default theme titlebars and change font size

while it’s possible to move the min/max/close buttons to the upper right with a single line pasted into the terminal, getting the program icon to show up requires editing the theme. all the themes are stored in [code]/usr/share/themes/[/code], and the default is named Ambiance. i start out by copying it to a new directory so i don’t have to change the actual Ambiance theme:

[code]cd /usr/share/themes/ sudo cp -r Ambiance/ AmbianceIcon[/code]

there are two files that need to be changed — [code]index.theme[/code] to move the buttons and [code]metacity-1/metacity-theme-1.xml[/code] to use the program icon instead of a grey dot. both files need to be edited as root. in [code]index.theme[/code], find the line that starts with [code]ButtonLayout=[/code] (probably the last line) and change it to [code]ButtonLayout=menu:minimize,maximize,close[/code] to put the buttons in the right places. next in [code]metacity-1/metacity-theme-1.xml[/code], you’re better off searching for [i]name="menu_[/i] to find the 4 draw_ops tags that match since it’s a large file. each tag has on the next line an image tag referencing a couple png files for that grey dot thing. on each of the 4 image tags, change image to icon, delete the filename="..." and change object_width and object_height to mini_icon_width and mini_icon_height.

once both files have been modified, run tweak tool. under the theme section, set gtk+ theme and current theme to AmbianceIcon. You should see the icons appear as soon as current theme is changed. you can also turn on icons for menus and buttons from this screen. if you still don’t see icons in the upper left and minimize, maximize, and close buttons in the upper right, you may need to also set the titlebar icon string with this:

[code]gsettings set org.gnome.desktop.wm.preferences button-layout 'menu:minimize,maximize,close'[/code]

you can change fonts and their sizes in tweak tool’s fonts section. you can use the scaling factor to scale all font sizes at once, but when i tried that it left the titlebar font size alone. i don’t actually change any of the font names, but i set all the sizes to 9.

run puddletag as alternate user

puddletag is an mp3 (and other audio formats) tag editor. i use it after i rip an audio cd or after i download music to embed cover art and make sure my iphone will sort albums in the correct order. as of 12.04 it’s available in ubuntu’s standard repositories. since my music files are owned by a different user, i need to be able to run puddletag as someone else. copy the following into a file (i put it in my home directory named puddletag-somebody) and replace somebody with the other user account:

[code]xhost +SI:localuser:somebody gksudo -u somebody puddletag[/code]

then make it executable with chmod:

[code]chmod 755 puddletag-somebody[/code]

then add a menu entry to run that script, or just run it from a terminal. the easiest way i’ve found to add it to the menu is get to [code]/usr/share/applications/[/code] and copy the existing puddletag.desktop to puddletag-somebody.desktop, then edit the copy and update the name, tryexec, and exec values.

install opera browser

opera is useful for testing web development, but isn’t available in ubuntu’s repositories, so go to [url=]opera’s site[/url]. it recognized that i was running ubuntu and gave me a 64-bit deb file to download. it calls it the default package format. firefox gives you the option to directly open the file with ubuntu software center, which gives you a handy install button you can click. otherwise save the file and install it with this command once downloaded:

[code]sudo dpkg -i opera...64.deb[/code]

there is more information on using opera with ubuntu available at [url=][/url].

install skype

skype isn’t open source, so ubuntu won’t find it right away. ubuntu does sort of support it though, so you can go through a lot of steps to be able to install it the way you do for almost everything else, or you can go to [url=][/url] and download a deb file and install like the directions for opera. for the more official way, here are the steps:

you need to add the canonical partners repository, but the menu option for adding repositories is hidden by default, so start by adding that. right-click the system menu and choose [i]edit menus[/i]. in the left pane of the [i]main menu[/i] window that comes up, scroll down and [i]system[/i] → [i]administration[/i] (it’s normally last in the list). in the right pane, check the box for [i]software sources[/i] and close the window. now you can go to the system menu and choose [i]administration[/i] → [i]software sources[/i].

in the [i]software sources[/i] window, go to the [i]other software[/i] tab and check the box next to [i]canonical partners[/i]. close the window and reload available software information when prompted. now you can get to the command line and install skype just as you would anything else:

[code]sudo apt-get install skype[/code]

it will now be available from the internet menu under the applications menu.

install wine

wine isn't in the repositories, but there's a ppa for it. add the ppa and install wine with this:

[code]sudo add-apt-repository ppa:ubuntu-wine/ppa sudo apt-get install wine[/code]

run [i]Configure Wine[/i] from the menu to configure it how you like. i need to at least visit the audio tab so it recognizes my sound. exe files can be started by double-clicking, but msi files need to be run with [code]wine start /unix /path/to/setup.msi[/code] or [code]wine start 'D:\setup.msi'[/code] (exe files can also be run in that way).

set up eclipse

while it may make sense to run eclipse as root to install additional eclipse features for all users, doing so causes problems when the eclipse package gets updated ― so just run it normally. i want support for php, html/css/javascript, subversion, and sql. this requires adding some update sites in order to install using eclipse. select [i]install new software[/i] from the [i]help[/i] menu (no idea how this is help). use the [i]add[/i] button to add this url as subslipse 1.10:


once the update sites are added, set [i]work with[/i] to all available sites and select the following packages:

[bullets]database development -> data tools platform enablement extender sdk subclipse → subclipse subclipse → subversion client adapter subclipse → subversion javahl native library adapter web, xml, java ee, and osgi enterprise development → eclipse web developer tools web, xml, java ee, and osgi enterprise development → php development tools (pdt)[/bullets]

ubuntu 11.04 has fancy narrow scroll bar replacements most places, but they don’t quite work in eclipse (you see them, and they respond to scroll wheels, but there’s no click and drag). to revert just eclipse to the old scroll bars, make a file with the following contents:

[code]#!/bin/bash LIBOVERLAY_SCROLLBAR=0 eclipse[/code]

chmod it to 755 so it's executable, then edit the main menu (power icon -> system settings) and find eclipse under programming. edit it with the properties button and change it to the path to the file you just created.

set gmail as preferred mail program

this would be a lot simpler, but gnome-gmail doesn’t show up in the list of mail programs, and there’s no longer an option to use a custom one. see above to install gnome-gmail if you haven’t already, since otherwise you need to create a script. edit the file [code]~/.local/share/applications/mimeapps.list[/code] (or create it if you already removed evolution) and give it the following contents:

[code][Default Applications] x-scheme-handler/mailto=gnome-gmail.desktop

[Added Applications] x-scheme-handler/mailto=gnome-gmail.desktop[/code]

this will use a gmail icon for the check email item in the unity dash and should also open mailto: links in gmail.

more tweaks

some of the other software i install is so that i get more settings. here’s what i like to change in each program:


THERE'S NO MYUNITY ANYMORE myunity starts on the launcher tab. for my laptop i drop size all the way down to 32 px since it has a small display height and i want to fit more. if you have a really small screen (netbook), you may want to set behavior to hidden to give you more desktop space.

under font i set everything to ubuntu -1 which then displays as 9.

compizconfig settings manager

under general options, go to the desktop size and bump horizontal virtual size and vertical virtual size both down to 1 if you don’t use more than one desktop. this will also cause the workspace switcher to disappear from the launcher.

map caps lock key as insert

to remap capslock to insert for the entire machine, edit `/usr/share/X11/xkb/symbols/pc` as root, and set the key `<CAPS>` line to: ``` key <CAPS> { [ Insert ] }; ```

this takes effect on your next login. it doesn’t seem to apply when using remmina to rdp though.

set up screenlets

go to [i]applications -> accessories[/i] -> screenlets to bring up the screenlets manager. find a screenlet you want and double-click it to start it up and put it in the upper left. you can move it and normally set a number of options once it’s running. i like to run clearweather, and also slideshow on tesla. to make sure a screenlet comes up every time, check the [i]auto start on login[/i] box in the screenlets manager when that screenlet is selected.

now to set the options, right-click clearweather and choose [i]properties[/i]. on the options / screenlet tabs, set scale to 1.25 and opacity to 0.75. check [i]stick to desktop[/i]. on the options / weather tab enter your zip code, or look up your city on and take the code from the url and use that. uncheck [i]use celsius temperature[/i] unless you prefer to see temperatures in celsius.

slideshow got much better in 11.04 — no need to adjust scale, and keep opacity at 1.00 since it’s showing photos, with [i]stick to desktop[/i] checked and [i]keep above[/i] unchecked. on the options / image loading tab, set [i]select engine[/i] to folder (click apply), [i]update interval[/i] to 30, [i]image folder[/i] to the directory with photos, and check [i]folder recursion. on the options / appearance tab, set [i]bounding x[/i] to 150, [i]frame width[/i] to 0, and [i]shadow width[/i] to 2.