CorporateUbuntu
28890
Comment:
|
31902
|
Deletions are marked like this. | Additions are marked like this. |
Line 627: | Line 627: |
ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --load /tmp/terminal.xml | ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.default --load /tmp/terminal.xml |
Line 686: | Line 686: |
Running sound over a thin-client architecture requires solely relying on the ESD sound system. After extensive testing of multiple multimedia players, the following packages cover multimedia requirements: * gxine - video * beep-media-player - audio * flashplugin-nonfree - flash gxine and beep-media-player provide GTK file dialogs and both properly support additional codecs and the ESD system with minimal configuration. The installation of additional codecs may contravene copyright laws in certain regions and is only provided as a suggestion here to provide full support for the majority of media formats currently available to other operating systems. The following instructions for installing the additional codecs are taken from the RestrictedFormats wiki and may require configuring wget (see UbuntuOnSunRay) and/or enabling the universe and multiverse repositories (see AddingRepositoriesHowTo): {{{ ncampbell@naaman:~$ sudo apt-get install gstreamer0.8-plugins gstreamer0.8-plugins-multiverse gstreamer0.8-ffmpeg msttcorefonts ncampbell@naaman:~$ wget ftp://ftp.nerim.net/debian-marillat/pool/main/w/w32codecs/w32codecs_20050412-0.0_i386.deb ncampbell@naaman:~$ sudo dpkg -i w32codecs_20050412-0.0_i386.deb ncampbell@naaman:~$ sudo apt-get install libdvdread3 ncampbell@naaman:~$ sudo /usr/share/doc/libdvdread3/examples/install-css.sh }}} After the codecs have been installed, gxine and beep-media-player can be installed: {{{ ncampbell@naaman:~$ sudo apt-get install gxine beep-media-player }}} To ensure that gxine and beep-media-player have the same configuration for all users, a setup similar to the xscreensaver configuration is needed: {{{ ncampbell@naaman:~$ sudo vi /usr/bin/gnome-session-wrapper # COMING SOON }}} To complete the multimedia setup, Macromedia Flash support was installed: {{{ ncampbell@naaman:~$ sudo apt-get install flashplugin-nonfree }}} The flashplugin-nonfree package appears to be running under the Ruby language. Inside the package, it downloads the latest Macromedia Flash plugin and sets up the appropriate links into the Mozilla plugins directory. Because the package does not use the defacto standard for downloading files - wget - no proxy configuration can be passed to the package and therefore, a outgoing "hole" in the firewall may have to be opened to install the package. Another issue related to the installation of the flash plugin is the lack of multiple user sound support. On a single-user system, creating a symlink to the esd library in the right location can fix the issue. Multiple user systems (and it seems newer versions of esd on single-user machines) use a multiple esd socket file system. When a user logs on, a new socket is created under /tmp/.esd for the user. The Macromedia Flash plugin has the /tmp/.esd/socket file location hardcoded and a workaround is not possible at present. In short, Macromedia Flash sound is not possible in a mulitiple user environment. |
A suggested guide to setting up Ubuntu for use in a corporate environment by Naaman Campbell.
INCOMPLETE DOCUMENT - TESTING IN PROGRESS
Created: DateTime by NaamanCampbellBR
Contributors: NaamanCampbellBR
Status: IncompleteSpecificationBR
Foreward
Ubuntu has the potential to be a forerunner in the business Linux desktop market and potentially, the general desktop market ([http://reviews.zdnet.co.uk/software/os/0,39024180,39237495,00.htm ZDNet UK - Desktop Linux for small business]). Combining Ubuntu with a low-cost thin-client architecture such as SunRay (see UbuntuOnSunRay) could be the answer to numerous biased lower TCO reports being advertised by Microsoft.
The basis of this document will cover migration from a Sun Solaris 8 CDE user environment to Ubuntu and a number of best practices for a multi-user environment. Although there will be some SUN environment specific sections, the aim of the document is to provide and facilitate collaboration on a generic guide for setting up Ubuntu in the corporate environment.
This guide is based on a clean install of Ubuntu Breezy Badger (5.10).
Introduction
The setup of the CorporateUbuntu environment is broken up into the following:
- Authentication
- Home Directories
- Remote Mounts
- Printing
- Locale
- Keyboard
- Locking Down GNOME
- GNOME Menu
- Word Processing Suite
- Terminals
- Multimedia
- Time/Date
Authentication
Prior to the migration to Ubuntu, NIS was used for authentication. Authentication was migrated over to an LDAP-based system using a Sun Java Enterprise System Directory Server. As the configuration of Ubuntu LDAP clients is the main concern of this section, the configuration of LDAP on a Sun Directory Server is outside the scope of this document. Secure LDAP will be considered at a later date.
A suggested precautionary measure is to log in as root on a separate console because if the LDAP setup is broken at any stage, the sudo command may not work. To establish a password for root to enable logging in, perform the following command:
ncampbell@naaman:~$ sudo passwd root
The first step is to setup nss-ldap, the LDAP-specific name switch server package. During installation, accept all the defaults:
ncampbell@naaman:~$ sudo apt-get install libnss-ldap
In order to authenticate using LDAP, /etc/nsswitch.conf will need to be edited:
ncampbell@naaman:~$ sudo vi /etc/nsswitch.conf # perform the following vi commands :1,$s/compat/files ldap/g :x!
The /etc/libnss-ldap.conf file is where all the settings are configured. For brevity, the example libnss-ldap.conf is attached and not listed in this document - attachment:libnss-ldap.conf The configuration may be suited only for use with a Sun Directory Server.
To test the setup of nss-ldap, perform the following command to see a listing of LDAP shadow entries:
ncampbell@naaman:~$ getent shadow
The next step requires pam-ldap, the LDAP-specific PAM package. Answer <No> to the 2 questions asked during installation:
ncampbell@naaman:~$ sudo apt-get install libpam-ldap
The configuration file provided with the libpam-ldap package is unneccesary and can be replaced by libnss-ldap.conf:
ncampbell@naaman:~$ sudo rm /etc/pam_ldap.conf ncampbell@naaman:~$ sudo ln -s /etc/libnss-ldap.conf /etc/pam_ldap.conf
To complete the configuration of the pam-ldap package, the following files in the /etc/pam.d directory need to be changed:
ncampbell@naaman:~$ cd /etc/pam.d ncampbell@naaman:/etc/pam.d$ sudo vi common-account account sufficient pam_ldap.so account required pam_unix.so ncampbell@naaman:/etc/pam.d$ sudo vi common-auth auth sufficient pam_ldap.so auth required pam_unix.so nullok_secure use_first_pass ncampbell@naaman:/etc/pam.d$ sudo vi common-password password sufficient pam_ldap.so nullok password required pam_unix.so nullok obscure min=4 max=8 md5 ncampbell@naaman:/etc/pam.d$ sudo vi common-session session sufficient pam_ldap.so session required pam_unix.so ncampbell@naaman:/etc/pam.d$ cd ~
To test the setup of the pam-ldap package, attempt to logon as an LDAP user.
The final step in the LDAP client setup is to install nscd, the name service caching daemon, to prevent excess LDAP traffic:
ncampbell@naaman:~$ sudo apt-get install nscd ncampbell@naaman:~$ sudo mkdir -p /var/db/nscd /var/run/nscd ncampbell@naaman:~$ sudo /etc/init.d/nscd start
References
[http://www.metaconsultancy.com/whitepapers/ldap-linux.htm LDAP Authentication for Linux]
[http://craige.mcwhirter.com.au/2005/ubuntu-ldap-client.html Making a Debian or Ubuntu Machine an LDAP Authentication Client] - more suited to an OpenLDAP environment
[http://web.singnet.com.sg/~garyttt/Installing%20and%20configuring%20iPlanet%20Directory%20Server%20for%20Solaris9.htm Installing and configuring iPlanet Directory Server for Solaris9] - namely Step 4: Configure RedHat Linux LDAP Client (OpenLDAP+PADL libraries) - also a good source of information on setting up a Sun Directory Server
Home Directories
The users home directories reside on a Solaris server and are shared out via NFS. The home directories, are therefore, automounted upon logging into the Ubuntu machine.
To setup automounted home directories, the autofs package is required:
ncampbell@naaman:~$ sudo apt-get install autofs nfs-common
The remaining step is to setup the configuration files and start the service:
ncampbell@naaman:~$ sudo vi /etc/auto.master /home /etc/auto.home ncampbell@naaman:~$ sudo vi /etc/auto.home:: * solarisbox.naaman.com.au:/export/home/& ncampbell@naaman:~$ sudo /etc/init.d/autofs start
Remote Mounts
Similar to the home directories, the Solaris server contains multiple shares available over NFS. To mount the directories upon booting, /etc/fstab needs to be edited:
ncampbell@naaman:~$ sudo vi /etc/fstab solarisbox1:/export/common /mount/solarisbox1_common nfs rw 0 0 solarisbox2:/export/common /mount/solarisbox2_common nfs rw 0 0
Printing
The Ubuntu printing setup has disabled the use of CUPS for administration of printers due to security reasons. A current oversight made by the developers involved in the Ubuntu printing interface is the lack of the ability to name/rename printers. The printers are named after the printer model name and it is not scalable in a large environment where several printers of the same model may exist.
A workaround is to rename the entry made in /etc/cups/printers.conf and create a symbolic link to the printer model PPD file in the /etc/cups/ppd directory. Below is a script that can be installed into /usr/local/bin and run immediately after setting up a printer:
ncampbell@naaman:~$ sudo vi /usr/local/bin/changeprintername #!/bin/bash # ############################################ # # changeprintername - changes the name of a # printer that was # created using Ubuntu # Printing GUI # # Usage: changeprintername old_name new_name # # Written: Naaman Campbell # 22 November 2005 # ############################################ CUPS_DIR=/etc/cups CONF=$CUPS_DIR/printers.conf PPD_DIR=$CUPS_DIR/ppd # Usage Check if [ $# -ne 2 ]; then echo "Usage: $0 old_name new_name" exit fi ################################## # DISPLAY CONFIG AND PROMPT USER # ################################## # find line number of first instance of old printer name LINE=`grep -m 1 -n $1 $CONF | sed -e 's/^\(.*\)\:.*/\1/'` # obtain a magic number for 'tail' LINECOUNT=`cat $CONF | wc -l` TAILNUM=`expr $LINECOUNT - $LINE` # find number of lines between start and end of # config section for printer PATTERN="</Printer>" NUMOFLINES=`tail -$TAILNUM $CONF | grep -m 1 -n $PATTERN | sed -e 's/^\(.*\)\:.*/\1/'` ENDLINE=`expr $LINE + $NUMOFLINES` # display current config to user echo echo "Confirm changing the current printer $1 to $2" echo "with the following configuration.." echo sed -n ''$LINE','$ENDLINE' p' $CONF echo echo "Proceed with printer name change? (y or n)" read answer case $answer in y) echo "Changing $1 to $2" ;; n) echo "Exiting.." exit ;; *) echo "Invalid selection, now exiting.." exit ;; esac ################### # PERFORM CHANGES # ################### # create symlink echo echo "Creating symlink.." ln -s $PPD_DIR/$1.ppd $PPD_DIR/$2.ppd # update config file echo "Updating configuration file.." sed -i -e ''$LINE','$LINE' s/'$1'/'$2'/' $CONF # restart cups echo "Restarting CUPS.." /etc/init.d/cupsys restart echo "Script completed operations.." ncampbell@naaman:~$ sudo chmod u+x /usr/local/bin/changeprintername
The changeprintername script is also available as an attachment - attachment:changeprintername
After a new printer is added to the system, the script can be run as follows:
ncampbell@naaman:~$ sudo /usr/local/bin/changeprintername old_name new_name
Alternative Method
It is possible to subvert the measures setup by the Ubuntu printing team to enable access into the Cups administration webpages. By adding the cupsys user into the shadow group, the cupsys user is able to edit the necessary printing system files. Change the shadow group line in /etc/group to include the cupsys user:
ncampbell@naaman:~$ sudo vi /etc/group shadow:x:42:cupsys
Locale
During initial testing, it appeared that the locale was not being set correctly after logging into GNOME. The locale issue appears to be a user-specific problem from when users used to log on to a Java Desktop System (JDS) - Solaris 10 machine. Ubuntu provides adequate language configuration during the installation process. If additional languagues need to be added or the default GNOME language needs to be changed, use the Language Selector program:
ncampbell@naaman:~$ sudo /usr/bin/gnome-language-selector
Keyboard
Part of configuring Ubuntu for corporate use is locking down the desktop. Limiting the number of keyboard shortcuts, and limiting configuration of shortcuts, is part of restricting access to sections of GNOME.
Adapted from the UbuntuOnSunRay wiki, listed below are a set of suggested shortcuts to be made available to users:
- Launch help browser - Help*
- Lock screen - "Moon"*
- Home folder - Open*
- Search - Find*
- Take a screenshot - Print
Take a screenshot of a window - <Alt>Print
Close window - <Alt>F4
Move between windows with popup - <Alt>Tab
Switch to workspace on the left - <Control><Alt>Left
Switch to workspace on the right - <Control><Alt>Right
(* denotes Sun Keyboard specific keys - could be mapped to other keys on other keyboards)
To forcibly set the shortcuts, the use of the gconftool-2 command needs to be used. Follow the procedures listed on the UbuntuOnSunRay wiki - [https://wiki.ubuntu.com/UbuntuOnSunRay#head-2e702178e1ed7893504b43a908075e510af3cf37 Keyboard Shortcuts] - as a guide on how to lockdown keyboard shortcuts.
Locking Down GNOME
It appears that the GNOME team has withdrawn the setup of the lockdown configuration that was present in GNOME 2.6. The lockdown setup was also undesirable as it did not allow users to drag and drop shortcuts from the GNOME menu onto the desktop or menu bar.
The current concerns of the lockdown procedures are ensuring a consistent look-and-feel across all desktops and setting minor options for users. The look-and-feel is controlled by the three areas: theme, background and screensaver.
Theme and background are controlled by the gconf database and can be enforced system-wide. The Clearlooks theme was selected to replace the somewhat initially unfavourable brown Human theme. Clearlooks coupled with a background consisting of a 150x150 company logo on a dark-to-light grey vertical gradient, makes for a clean looking desktop. Prior to performing the gconftool-2 commands below, ensure all users are logged out of GNOME (perform commands from text console or a remotely logged-in session):
ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /desktop/gnome/background/color_shading_type "vertical-gradient" ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type bool --set /desktop/gnome/background/draw_background true ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /desktop/gnome/background/picture_filename "/usr/share/backgrounds/company_logo.png" ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type int --set /desktop/gnome/background/picture_opacity 100 ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /desktop/gnome/background/picture_options "centered" ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /desktop/gnome/background/primary_color "#3E3A36" ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /desktop/gnome/background/secondary_color "#DFDFDF" ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /desktop/gnome/interface/gtk_theme "Clearlooks"
Screensaver configuration is separate to the gconf system and is configured system-wide via /etc/X11/app-defaults/XScreenSaver. Although a system-wide file exists, users are still able to change the settings by setting up a .xscreensaver file within their home directories. A suggested method of locking down the screensavers is to "mv" the screensaver files from /usr/lib/xscreensaver to another directory and to create a symbolic link to /etc/X11/app-defaults/XScreenSaver named .xscreensaver under the user's home directory upon logging in to GNOME.
The means for creating the .xscreensaver for the user can be performed inside a gnome-session "wrapper" script. The steps are listed below for setting up the wrapper script:
ncampbell@naaman:~$ sudo rm /etc/alternatives/x-session-manager ncampbell@naaman:~$ sudo ln -s /usr/bin/gnome-session-wrapper /etc/alternatives/x-session-manager ncampbell@naaman:~$ sudo vi /usr/bin/gnome-session-wrapper #!/bin/bash # ######################################### # # gnome-session-wrapper - establishes # customised user # environment # upon logging in # to GNOME # # Written: Naaman Campbell # 2 December 2005 # ######################################### # ensure users cannot alter xscreensaver settings GLOBALCONF=/etc/X11/app-defaults/XScreenSaver # check if file exists if [ -e ~/.xscreensaver ]; then # check if file is a symlink if [ -h ~/.xscreensaver ]; then CONF=`ls -l ~/.xscreensaver | sed -e "s/.*\.xscreensaver -> //g"` # check if symlink points to correct location if [ $GLOBALCONF != $CONF ]; then rm ~/.xscreensaver fi else # file is not a symlink rm ~/.xscreensaver fi fi # check if symlink exists if [ ! -h ~/.xscreensaver ]; then ln -s $GLOBALCONF ~/.xscreensaver fi exec /usr/bin/gnome-session "$@" ncampbell@naaman:~$ sudo chmod 755 /usr/bin/gnome-session-wrapper
In a thin-client environment, it is recommended that a blank screensaver is used due to the amount of load needed to serve the video. Suggested xscreensaver settings in a "fat-client" environment include:
- Only One Screen Saver
- Blank after 10 minutes
- Lock screen upon blanking
- The GLText (clock) screensaver - with all effects turned off
- Company Name
- Monday
- Company Name
A sample /etc/X11/app-defaults/XScreenSaver containing the above suggested settings is attached - attachment:XScreenSaver. A sample /etc/X11/app-defaults/XScreenSaver for use in thin-client environments will be attached to this wiki in the near future.
The minor settings that can form part of locking down the environment include changing the default archive extension to .zip and the configuration of sound settings within GNOME to turn on sound and turn off sound events. Once again, prior to performing these gconftool-2 commands, ensure all users are logged out of GNOME:
ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type string --set /apps/file-roller/dialogs/batch-add/default_extension ".zip" ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type bool --set /desktop/gnome/sound/event_sounds false ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.mandatory --type bool --set /desktop/gnome/sound/enable_esd true
GNOME Menu
Although the GNOME menu system has improved greatly in 2.12, there still is a lack of a tool for editing the GNOME menu on a system-wide basis. GNOME menu configuration, therefore, still needs to be edited on the command line.
The GNOME menu consists of a collection of desktop files in the /usr/share/applications directory. Inside each file is a Categories line which determines where the menu entry exists. A small number of system tool desktop files exist in /usr/share/control-center-2.0/capplets.
The first step in "trimming the fat" from the GNOME menu is to create a disabledapps directory under /usr/share/applications:
ncampbell@naaman:~$ sudo mkdir /usr/share/applications/disabledapps
Next, determine which apps stay and which apps go. The current Applications menu configuration (after removing unwanted apps) is:
- Accessories
- Archive Manager
- Calculator
- Character Map
- File Browser
- Terminal
- Text Editor
- Graphics
- Dia
- Document Viewer*
- GIMP Image Editor
- gThumb Image Viewer
- Image Viewer
- Internet
- Evolution Mail
- Firefox Web Browser
- Terminal Server Client
- Office
- (no changes)
* Document Viewer was enabled - more later
The process of removing the unwanted entries consisted of moving the desktop files into /usr/share/applications/disabledapps then adding the "NoDisplay=true" line to each file. Below is a listing of the apps that currently exist in the disabledapps directory:
ncampbell@naaman:~$ ls -1 /usr/share/applications/disabledapps blackjack.desktop bug-buddy.desktop disks.desktop freecell.desktop gaim.desktop gataxx.desktop gconf-editor.desktop gdmflexiserver.desktop gdmflexiserver-xnest.desktop gdmsetup.desktop gfloppy.desktop gksu.desktop gksuexec.desktop glines.desktop gnect.desktop gnibbles.desktop gnobots2.desktop gnome-app-install.desktop gnome-btdownload.desktop gnome-cd.desktop gnome-cups-manager.desktop gnome-dictionary.desktop gnomemeeting.desktop gnome-nettool.desktop gnome-screensaver-properties.desktop gnome-sound-recorder.desktop gnome-stones.desktop gnome-system-log.desktop gnome-system-monitor.desktop gnometris.desktop gnome-volume-control.desktop gnome-volume-properties.desktop gnomine.desktop gnotravex.desktop gnotski.desktop gpilotd-control-applet.desktop gstreamer-properties.desktop gtali.desktop hal-device-manager.desktop hwdb.desktop iagno.desktop language-selector.desktop mahjongg.desktop network.desktop reclevel.desktop rhythmbox.desktop same-gnome.desktop serpentine.desktop services.desktop shares.desktop smeg.desktop smeg-kde.desktop sol.desktop sound-juicer.desktop synaptic.desktop synaptic-kde.desktop time.desktop totem.desktop update-manager.desktop users.desktop vumeter.desktop xchat.desktop xsane.desktop
Attached is a copy of this listing, however it does not contain the entries that usually reside under /usr/share/control-center-2.0/capplets - attachment:disabledapps. Save the disabledapps file and execute the following:
ncampbell@naaman:~$ sudo mv /usr/share/control-center-2.0/capplets/* /usr/share/applications/disabledapps/* ncampbell@naaman:~$ for i in `cat disabledapps`; do sudo mv /usr/share/applications/$i /usr/share/applications/disabledapps/.; done ncampbell@naaman:~$ sudo sed -i -e '/NoDisplay/d' * ncampbell@naaman:~$ for i in `ls -1 /usr/share/applications/disabledapps`; do sudo echo "NoDisplay=true" >> /usr/share/applications/disabledapps/$i; done
The final step in the GNOME menu configuration is enabling hidden items, such as the Document Viewer (evince) entry. Enabling an item is performed by changing the NoDisplay line to equal false:
ncampbell@naaman:~$ sudo vi /usr/share/applications/evince.desktop NoDisplay=false
A suggested method for administrators to regain access to some of the removed apps is to run smeg on the command-line and add the desired apps to the current user only.
The current email client used on the Solaris desktops is Mozilla Mail 1.4. Email is currently using POP to transfer emails and will continue to use POP from within Evolution. POP-to-IMAP changeover will occur at a later date.
When users log in to GNOME, an addition to the gnome-session-wrapper script can check if the user has an existing evolution profile and migrate the user's Mozilla mail into Evolution. The additional section of gnome-session-wrapper performs the following:
- creates and initialises a minimal evolution profile
- moves the email into the correct sections of the new profile
- prepares the moved files for first usage
The script requires installing and configuring ssmtp & mailx to email the system administrator errors that may arise in the migration process.
INCOMPLETE SCRIPT - Initialisation section still being developed
ncampbell@naaman:~$ sudo apt-get install ssmtp ncampbell@naaman:~$ sudo vi /etc/ssmtp/ssmtp.conf mailhub=mail.company.com.au hostname=naaman.company.com.au ncampbell@naaman:~$ sudo apt-get install mailx ncampbell@naaman:~$ sudo vi /usr/bin/gnome-session-wrapper ERRORMSG=~/moztoevoerr.`date +%F` ERRORRECIPIENT=sysadmin@company.com.au ERRORSUBJECT="Non-standard Mozilla profile" EVODIR=~/.evolution/mail/local # evolution mail directory exists if [ -d $EVODIR ]; then # further processing is not necessary exit fi function emailerrors { # error message file contains data if [ -s $ERRORMSG ]; then mailx -s "$ERRORSUBJECT" $ERRORRECIPIENT < $ERRORMSG rm $ERRORMSG exit fi } # check if more than one profile exists PROFILE_COUNT=`find ~/.mozilla/* -type d | grep slt | cut -f5 -d "/" | uniq | wc -l` if [ $PROFILE_COUNT -gt 1 ]; then echo "$USER has too many profiles - manual migration needed" >> $ERRORMSG emailerrors fi # obtain mozilla directory path PROFILEDIR=`find ~/.mozilla/* -type d | grep slt | cut -f5 -d "/" | uniq` SLTDIR=`find ~/.mozilla/* -type d | grep slt | cut -f6 -d "/" | uniq` # check for email directory EMAILDIR=~/.mozilla/$PROFILEDIR/$SLTDIR/Mail if [ ! -d $EMAILDIR ]; then # no email directory, so exiting exit fi # create evolution profile mkdir -p $EVODIR # copy emails - maintaining folder structure cp -pr $EMAILDIR/*/* $EVODIR/. # may need a better command here.. # remove unnecessary files find $EVODIR -name "*.msf" -exec rm {} \; find $EVODIR -name "*.dat" -exec rm {} \; find $EVODIR -name "*.html" -exec rm {} \;
At present, address books cannot be migrated on the command line and are going to be done manually. A solution does exist as documented here - [http://unit.villanova.edu/pc/address_book.html Web-based mab2ldif conversion tool]. The authors have been contacted and a command-line based solution may be provided if the source can be obtained.
Word Processing Suite
Terminals
A requirement of the migration was to provide access to multiple terminal-based systems via gnome-terminal. A scalable method of managing different terminals for different systems was to create the gnome-terminal profiles globally (within gconf) and provide launchers in a custom Applications menu to allow users to drag-and-drop desired launchers to their desktops/panels.
The gnome-terminal profiles were built by changing the settings using Edit -> Profiles. Settings changed included colours and the disabling of the F1 key to allow F1 to be used within certain applications. Once the settings has been configured for the current user, the configuration was exported to XML then applied globally using gconftool-2. Ensure all users are logged out prior to performing the following:
ncampbell@naaman:~$ gconftool-2 --dump /apps/gnome-terminal > /tmp/terminal.xml ncampbell@naaman:~$ sudo gconftool-2 --direct --config-source xml:readwrite:/etc/gconf/gconf.xml.default --load /tmp/terminal.xml
Creating a new menu globally in Gnome 2.12 involves a number of steps. The first part is creating the Directory entry in /usr/share/desktop-directories:
ncampbell@naaman:~$ sudo vi /usr/share/desktop-directories/CompanyName.directory [Desktop Entry] Name=Company Name Comment=Company Name applications Icon=company-name Type=Directory Encoding=UTF-8
To display .desktop entries in the Applications menu, it must belong to a legitimate Category relating to the Directory entry. An entry needs to made into /etc/xdg/menus/applications.menu to assign a category to the CompanyName directory entry:
ncampbell@naaman:~$ sudo vi /etc/xdg/menus/applications.menu <!-- CompanyName --> <Menu> <Name>CompanyName</Name> <Directory>CompanyName.directory</Directory> <Include> <And> <Category>CompanyName</Category> </And> </Include> </Menu> <!-- End CompanyName -->
Prior to populating the menu with items, a copy of the company logo was altered and placed into the right location as an icon for the new menu. The logo was set onto a transparent background, resized to 32x32 pixels and saved as a PNG using the GIMP. The icon was then copied to /usr/share/pixmaps:
ncampbell@naaman:~$ sudo cp company-logo.png /usr/share/pixmaps/.
The final step involves creating the Desktop entry files to fill the new menu. Desktop files created with the CompanyName category will appear under the Applications -> Company Name menu.
ncampbell@naaman:~$ sudo vi /usr/share/applications/sydney_production.desktop [Desktop Entry] Encoding=UTF-8 Name=Sydney Production Comment=Sydney Production Site Exec=/usr/bin/prodsys syd Categories=GNOME;Application;CompanyName
The new desktop entry should now appear under the new menu. Repeat the Desktop entry step for the remainder of terminals required.
Multimedia
Running sound over a thin-client architecture requires solely relying on the ESD sound system. After extensive testing of multiple multimedia players, the following packages cover multimedia requirements:
- gxine - video
- beep-media-player - audio
- flashplugin-nonfree - flash
gxine and beep-media-player provide GTK file dialogs and both properly support additional codecs and the ESD system with minimal configuration. The installation of additional codecs may contravene copyright laws in certain regions and is only provided as a suggestion here to provide full support for the majority of media formats currently available to other operating systems. The following instructions for installing the additional codecs are taken from the RestrictedFormats wiki and may require configuring wget (see UbuntuOnSunRay) and/or enabling the universe and multiverse repositories (see AddingRepositoriesHowTo):
ncampbell@naaman:~$ sudo apt-get install gstreamer0.8-plugins gstreamer0.8-plugins-multiverse gstreamer0.8-ffmpeg msttcorefonts ncampbell@naaman:~$ wget ftp://ftp.nerim.net/debian-marillat/pool/main/w/w32codecs/w32codecs_20050412-0.0_i386.deb ncampbell@naaman:~$ sudo dpkg -i w32codecs_20050412-0.0_i386.deb ncampbell@naaman:~$ sudo apt-get install libdvdread3 ncampbell@naaman:~$ sudo /usr/share/doc/libdvdread3/examples/install-css.sh
After the codecs have been installed, gxine and beep-media-player can be installed:
ncampbell@naaman:~$ sudo apt-get install gxine beep-media-player
To ensure that gxine and beep-media-player have the same configuration for all users, a setup similar to the xscreensaver configuration is needed:
ncampbell@naaman:~$ sudo vi /usr/bin/gnome-session-wrapper # COMING SOON
To complete the multimedia setup, Macromedia Flash support was installed:
ncampbell@naaman:~$ sudo apt-get install flashplugin-nonfree
The flashplugin-nonfree package appears to be running under the Ruby language. Inside the package, it downloads the latest Macromedia Flash plugin and sets up the appropriate links into the Mozilla plugins directory. Because the package does not use the defacto standard for downloading files - wget - no proxy configuration can be passed to the package and therefore, a outgoing "hole" in the firewall may have to be opened to install the package.
Another issue related to the installation of the flash plugin is the lack of multiple user sound support. On a single-user system, creating a symlink to the esd library in the right location can fix the issue. Multiple user systems (and it seems newer versions of esd on single-user machines) use a multiple esd socket file system. When a user logs on, a new socket is created under /tmp/.esd for the user. The Macromedia Flash plugin has the /tmp/.esd/socket file location hardcoded and a workaround is not possible at present.
In short, Macromedia Flash sound is not possible in a mulitiple user environment.
Time/Date
Additional Notes
This document, when completed, will be broken down into individual wikis relating to each section and a short paragraph on how each section relates to this document will remain. Breaking down this wiki will allow other contributors to add links to their own wikis, for example, a wiki on how to setup Ubuntu to authenticate off an OpenLDAP server.
CorporateUbuntu (last edited 2008-08-06 16:32:29 by localhost)