Linux

This document gives guidelines for setting up Linux to use the College and University network. As there are many distributions of Linux, a step-by-step guide is not given. Instead, the important configuration files and parameters are described.

You must not attempt to set up your computer on the network until you have registered for, and received, an IP address from the Computing Support Office. You will receive the IP address (together with all the other network addresses and information that you need) on a pink notification form when you arrive at College.

You will receive the IP address (together with all the other network addresses and information that you need) on a pink notification form similar to that shown here. If you don't know what you're doing, the College recommends that you use Windows 7 or MacOS X instead.

Distribution notes

Most modern distributions of Linux will provide graphical configuration utilities which can make all of the changes required. Consult your distribution's documentation for details on how to set up the specific version you are using.

General configuration parameters

The following configuration parameters will need to be set if you compile your kernel. Most distribution-supplied kernels will already be configured appropriately.

Networking support: YES
Network device support: YES
Ethernet support: YES
TCP/IP networking: YES
SMB (or CIFS) filesystem support: YES
(if you need to access the DS/MCS fileservers or other CIFS/SMB fileservers)
The IPX protocol: NO
Network aliasing: NO
IP forwarding: NO

You will also need to install the smbfs package, and enable support for your specific network card. Some of the above (e.g. SMB filesystem support or CIFS filesystem support) may be compiled as modules if you wish.

Setting up TCP/IP networking

The exact location of the configuration files for TCP/IP varies slightly between Linux implementations. On Debian-based systems the files you are likely to need to change are as follows:

/etc/hostname   Contains the host name for your computer.
/etc/network/
interfaces
  Contains the IP address, subnet mask, broadcast address, network address and default gateway.
/etc/resolv.conf   Contains the IP addresses of the DNS servers, and any required search domains.

Under Red Hat, the equivalent of the /etc/hostname and /etc/network/interfaces files are called /etc/sysconfig/network and /etc/sysconfig/network-scripts/ifcfg-eth0, and under SuSE the relevant file is called /etc/rc.config.

Your computer must not be configured to forward packets; this can be done using one of the following two commands:

You'll need to do this as root, or by using the sudo command to temporarily gain root privileges. These must be added to your startup scripts, or configured using your distribution's tools such as /etc/sysctl.conf. This will be the default configuration in many cases.

If you are install networking during your initial install of Linux, you will be asked to specify many of the items on your pink notification form, and will not need to manually enter them later.

Guidelines for maintaining your system

As with any operating system, you need to keep your system up to date. You should regularly update your installed packages to the latest versions, and ensure that you are running a recent kernel. This is particularly important in security (as well as stability) terms, as any recently-discovered security problems should have been fixed. Remember that if a malicious user uses your machine to attack another one, you are likely to be blamed, so be sure to take precautions!

Do not run any services or packages which you do not need, as this will reduce the maintenance of your system and gives you a less complex system to manage. For example, unless you specifically want to give others access to services that your machine provides, you should not run any servers such as apache, ftpd, vncserver or mysql, amongst others. This will prevent others from accessing services on your machine while still enabling you to connect to Departmental and College machines. If you do run any of these servers, you may wish to use a firewall to limit access to these services to only the computers which need to access them. You should ensure that passwords are non-trivial. Do not run a telnet daemon; use the secure shell daemon instead.

You must NOT configure your machine as a mail host, or use email addresses like abc123@mycomputer.chu.cam.ac.uk, as such mail will not be delivered and will cause problems. You should use a University or Departmental mail host (such as imap.hermes.cam.ac.uk and smtp.hermes.cam.ac.uk) to send and receive email, and specify the email address which was assigned to you by the University Computing Service or by your Department.

If in doubt about any aspect of the configuration of your system, seek advice. It is easy to incorrectly configure something and run into problems (and possibly cause problems for others as well). There are a large number of Linux users in College, many of whom may have had to solve the same problems. Advice is also available from the Computer Support Office and from the University Computing Service.

Connecting to DS-Filestore CIFS Service.

The University Computing Service (UCS) provides members with a personal space on the DS-Filestore. You can use the DS-Filestore CIFS Service to connect your personal machine to this space directly. This is particularly recommended for backing up your work.

More information

Connecting to DS-Print.

The College uses DS-Print, also provided by the UCS, to enable members to use the College printers.

More information

Using College printers

Ban on use of Peer-to-peer (P2P) filesharing software.

Please remember that you are NOT allowed to use peer-to-peer filesharing programs such as BitTorrent, KaZaA, eDonkey, Gnutella, Limewire or Direct Connect on the College network. The use of all such programs has been banned by the College Council.

More information