Linux

This document gives guidelines for setting up Linux to use the College and University network. As there are many distributions of Linux, a step-by-step guide is not given. Instead, the important configuration files and parameters are described.

If you are unsure in what you’re doing, the College recommends that you use Windows or MacOS instead. You must not attempt to set up your computer on the network until you have registered for, and received, an IP address from the Computing Support Office.  You will receive the IP address (together with all the other network addresses and information that you need) in an email from computing@chu.cam.ac.uk. If you don’t know what you’re doing, the College recommends that you use Windows or MacOS instead.

You must not attempt to set up your computer on the network until you have registered for, and received, an IP address from the Computing Support Office (via the form on the previous page). You will receive the IP address (together with all the other network addresses and information that you need) in an email from computing@chu.cam.ac.uk

Distribution notes

Most modern distributions of Linux will provide graphical configuration utilities which can make all of the changes required. Consult your distribution’s documentation for details on how to set up the specific version you are using.

General Configuration Parameters

The following configuration parameters will need to be set if you compile your kernel. Most distribution-supplied kernels will already be configured appropriately.

  • Networking Support: Yes
  • Network Device Support: Yes
  • Ethernet Support: Yes
  • TCP/IP Networking: Yes
  • SMB (or CIFS) Filesystem Support: Yes (if you need to access the DS/MCS fileservers or other CIFS/SMB fileservers)
  • The IPX Protocol: No
  • Network Aliasing: No
  • IP Forwarding: No

You will also need to install the smbfs package, and enable support for your specific network card. Some of the above (e.g. SMB filesystem support or CIFS filesystem support) may be compiled as modules if you wish.

Setting up TCP/IP networking

The exact location of the configuration files for TCP/IP varies slightly between Linux implementations. On Debian-based systems the files you are likely to need to change are as follows:
  • /etc/hostname : Contains the hostname for your computer.
  • /etc/network/interfaces : Contains the IP address, subnet mask, broadcast address, network address and default gateway.
  • /etc/resolv.conf : Contains the IP addresses of the DNS servers. and any required search domains.

 

Under Red Hat, the equivalent of the /etc/hostname and /etc/network/interfaces files are called /etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-eth0, and under SuSE the relevant file is called /etc/rc.config.

Your computer must not be configured to forward packets; this can be done using one of the following two commands:

  • echo 0 > /proc/sys/net/ipv4/ip_forward
  • sysctl -w net.ipv4.ip_forward=0

You’ll need to do this as root, or by using the sudo command to temporarily gain root privileges. These must be added to your startup scripts, or configured using your distribution’s tools such as /etc/sysctl.conf. This will be the default configuration in many cases.

If you are install networking during your initial install of Linux, you will be asked to specify many of the items on your pink notification form, and will not need to manually enter them later.

Guidelines for maintaining your system

As with any operating system, you need to keep your system up to date. You should regularly update your installed packages to the latest versions, and ensure that you are running a recent kernel. This is particularly important in security (as well as stability) terms, as any recently-discovered security problems should have been fixed. Remember that if a malicious user uses your machine to attack another one, you are likely to be blamed, so be sure to take precautions!

Do not run any services or packages which you do not need, as this will reduce the maintenance of your system and gives you a less complex system to manage. For example, unless you specifically want to give others access to services that your machine provides, you should not run any servers such as apacheftpdvncserver or mysql, amongst others. This will prevent others from accessing services on your machine while still enabling you to connect to Departmental and College machines. If you do run any of these servers, you may wish to use a firewall to limit access to these services to only the computers which need to access them. You should ensure that passwords are non-trivial. Do not run a telnet daemon; use the secure shell daemon instead.

You must NOT configure your machine as a mail host, or use email addresses like abc123@mycomputer.chu.cam.ac.uk, as such mail will not be delivered and will cause problems. You should use a University or Departmental mail host (such as for Imap: outlook.office365.com and smtp.office365.com) to send and receive email, and specify the email address which was assigned to you by the University Computing Service or by your Department. Guidance for email set-up is shown here:

Email Guidance

 

If in doubt about any aspect of the configuration of your system, seek advice. It is easy to incorrectly configure something and run into problems (and possibly cause problems for others as well). There are a large number of Linux users in College, many of whom may have had to solve the same problems. Advice is also available from the Computer Support Office and from the University Computing Service.