Installation

  • sda1 (bootable flag is required by SYSLINUX) as root partition and sda2 for swap
  • not enabling gpm on servers to avoid freacking up your remote Service Processors
  • with utf-8 in case you are doing some fancy web design with elvis
  • lilo standard vga (safe choice)
  • no network setup
  • without rc.fuse rc.inetd rc.sshd (only dbus and syslog)
  • and yes, define a root password just for the operator to connect and deploy its pub key

Networking

on-premises or possibly remote SP console or serial

identify your network interfaces as usual with either mii-tool or ethtool, and then,

#this is handled by rc.M not rc.inet1
vi /etc/HOSTNAME

SHORT-IS-FINE

hostname SHORT-IS-FINE

vi /etc/modprobe.d/bonding.conf

alias bond0 bonding
options bond0 miimon=100
#options bond0 miimon=100 mode=4 lacp_rate=1

mv -i /etc/rc.d/rc.inet1 /etc/rc.d/rc.inet1.dist
mv -i /etc/rc.d/rc.inet1.conf /etc/rc.d/rc.inet1.conf.dist
vi /etc/rc.d/rc.inet1

#!/bin/bash

echo rc.inet1 PATH is $PATH

echo -n lo...
ifconfig lo up && echo up

echo -n setting up TRUNK with slaves eth1,2,3...
modprobe bonding
echo +eth1 > /sys/class/net/bond0/bonding/slaves
echo +eth2 > /sys/class/net/bond0/bonding/slaves
echo +eth3 > /sys/class/net/bond0/bonding/slaves && echo done

echo -n setting up internal ip on bond0...
ifconfig bond0 x.x.x.x/xx up && echo done

echo -n setting up public ip on eth0...
ifconfig eth0 x.x.x.x/xx up && echo done

echo -n setting up default route...
route add default gw x.x.x.x && echo done

cp -pi /etc/hosts hosts.dist
vi /etc/hosts

127.0.0.1       localhost
INTERNALIP      slack.example.local    slack
PUBLICIP        slack.example.local    slack

vi /etc/rc.d/rc.local_shutdown

#!/bin/bash

#nothing here yet

chmod +x /etc/rc.d/rc.local_shutdown

ln -s rc.d/rc.inet1 /etc/rc.inet1
ln -s rc.d/rc.local /etc/rc.local #already executable
ln -s rc.d/rc.local_shutdown /etc/rc.local_shutdown

cd /etc/rc.d/
ls -alkF
chmod -x rc.bluetooth rc.inetd ...

apply and check,

chmod +x /etc/rc.d/rc.inet1
/etc/rc.d/rc.inet1
ping -c1 208.67.222.222

enable SSH with a password temporarily,

cp -pi /etc/ssh/sshd_config /etc/ssh/sshd_config.dist
vi /etc/ssh/sshd_config

PermitRootLogin yes
PasswordAuthentication yes

chmod +x /etc/rc.d/rc.sshd
/etc/rc.d/rc.sshd start
passwd
^D

you can now leave the server room or the SP engine and connect remotely, push your public KEY there and switch back to without-password.

cd /etc/ssh/
vi sshd_config

Port XX
PermitRootLogin without-password
PasswordAuthentication no
#X11Forwarding no

diff -u sshd_config.dist sshd_config
/etc/rc.d/rc.sshd restart

and finalize the network setup,

vi /etc/resolv.conf

search example.local
nameserver 208.67.222.222
nameserver 208.67.222.220

ping -c1 opendns.com

LILO (not for a xen guest)

cd /etc/
cp -pi lilo.conf lilo.conf.dist
vi lilo.conf

lba32
...
#timeout = 1200
timeout = 100

lilo

env

cd /etc/
cp -pi profile profile.dist
vi profile

#PATH="/usr/local/bin:/usr/bin:/bin:/usr/games"
PATH="/usr/local/bin:/usr/bin:/bin:$HOME/bin"

    #PATH=/usr/local/sbin:/usr/sbin:/sbin:$PATH
    PATH=/usr/local/sbin:/usr/sbin:/sbin:/etc/rc.d:$PATH

vi bashrc #new file

(( $UID == 0 )) && PS1='# ' || PS1='\u@\h:\w\$ '
alias ll='ls -alhF'
alias cp='cp -i'
alias mv='mv -i'
alias rm='rm -i'
alias netstata='netstat -antupe --inet --inet6'
export TERM=linux
alias lynxg='lynx -accept_all_cookies google.com/ncr'
alias lynx='lynx -accept_all_cookies'

alias push='git nc && git push'
alias stat='git diff --stat --cached origin/master'

ls -al ~/.bashrc #does not exist
echo 'source /etc/bashrc' > ~/.bashrc
#echo 'source /etc/bashrc' > ~ADMIN/.bashrc
source profile
source bashrc
updatedb
git config --global --replace-all core.pager more

doing some hardware checking,

grep '^model name' /proc/cpuinfo | uniq
grep ^proc /proc/cpuinfo
free -m
hdparm -Tt /dev/sda | tee -a ~/hdparm
#hdparm -Tt /dev/xvda | tee -a ~/hdparm

setting up Slackpkg,

cp -pi /etc/slackpkg/mirrors /etc/slackpkg/mirrors.dist
vi /etc/slackpkg/mirrors

(uncomment your favorite mirrors // do not use your own mirror unless daily syncing)

#if gnupg 1 is not installed (OPT), ln -s gpg2 /usr/bin/gpg
#if wget is not installed (OPT), scp wget and installpkg it
#and in that case, take the chance to upload curl too
slackpkg update

applying latest patches,

    slackpkg upgrade-all
updatedb
locate \.new | grep new$

e.g. installing pixman,

slackpkg install pixman

setting up SlackBuilds e.g. building and installing bonnie++, fetch and install the latest sbopkg package e.g.,

cd ~/
wget https://github.com/sbopkg/sbopkg/releases/download/0.38.1/sbopkg-0.38.1-noarch-1_wsr.tgz
installpkg sbopkg-0.38.1-noarch-1_wsr.tgz 
sbopkg -r
sbopkg -i bonnie++

I understand you are a security freak. but I find it convenient to see what happened lately on the console, and if you really want to hide it, just ^L before you ^D.

cd /etc
mv inittab inittab.dist
sed 's/agetty 38/agetty --noclear 38/' inittab.dist > inittab

updating / upgrading

slackpkg update
slackpkg upgrade-all
#slackpkg install-new
#slackpkg clean-system

ref. https://docs.slackware.com/slackware:beginners_guide