Installing Bedework

From Motorcycle Action Group Wiki
Revision as of 01:32, 4 December 2015 by Meredith (talk | contribs)
Jump to navigation Jump to search

Privilege Separation

Bedework comes as an all in one self contained system in the style of the old school Unix days. However, given the large number of moving parts, this isn't a bad plan. In order to prevent any other processes using anything in the bedework zone of operations, and vice versa, bedework has it's own user account and group, the files all go in the bedework home directory, to which only the bedework user has access.

All of the following is based on procedures from The Bedework Manual

Create the group

  # groupadd -r bedework

Find out the gid

  # getent group bedework
  bedework:x:508:

A local system account with a home directory in /var/lib and that gid

  # useradd -r -g 508 -c "Bedework User" -d /var/lib/bedework -m -s /bin/bash bedework

Check the account

  # fgrep bede /etc/passwd
  bedework:x:542:508:Bedework User:/var/lib/bedework:/bin/bash

No need for a password, this user will be accessed either from root, or by ssh key.

Separate Data Volume

This thing is pretty big an has potential to get bigger still, so separate to a new filesystem.

Check what volume groups are present ... in this case vgs_webhost is SSD based disk and vgd_webhost is hard drives

  [root@webhost ~]# pvscan
    PV /dev/vdb1   VG vgd_webhost   lvm2 [3.90 GiB / 3.90 GiB free]
    PV /dev/vda2   VG vgs_webhost   lvm2 [31.00 GiB / 7.18 GiB free]
    Total: 2 [34.90 GiB] / in use: 2 [34.90 GiB] / in no VG: 0 [0   ]

Peel off a logical volume from the hard drive surce

  [root@webhost ~]# lvcreate -L 2G -n bedework vgd_webhost
    Logical volume "bedework" created.

Make the filesystem

  [root@webhost ~]# mkfs /dev/mapper/vgd_webhost-bedework 
  mke2fs 1.42.9 (28-Dec-2013)
  Filesystem label=
  OS type: Linux
  Block size=4096 (log=2)
  Fragment size=4096 (log=2)
  Stride=0 blocks, Stripe width=0 blocks
  131072 inodes, 524288 blocks
  26214 blocks (5.00%) reserved for the super user
  First data block=0
  Maximum filesystem blocks=536870912
  16 block groups
  32768 blocks per group, 32768 fragments per group
  8192 inodes per group
  Superblock backups stored on blocks: 
  	32768, 98304, 163840, 229376, 294912
  Allocating group tables: done                            
  Writing inode tables: done                            
  Writing superblocks and filesystem accounting information: done 




Download and install

Download Bedework Here

Login as user bedework

Fetch the zipfile, warning, it's 350+ Megabytes

  [bedework@webhost ~]$ wget "http://dev.bedework.org/downloads/3.10.2/quickstart-3.10.2.zip"
  --2015-12-03 23:52:50--  http://dev.bedework.org/downloads/3.10.2/quickstart-3.10.2.zip
  Resolving dev.bedework.org (dev.bedework.org)... 128.113.2.72
  Connecting to dev.bedework.org (dev.bedework.org)|128.113.2.72|:80... connected.
  HTTP request sent, awaiting response... 200 OK
  Length: 383332167 (366M) [application/zip]
  Saving to: ‘quickstart-3.10.2.zip’
  100%[=============================================================================>] 383,332,167  860KB/s   in 6m 39s 
  2015-12-03 23:59:29 (939 KB/s) - ‘quickstart-3.10.2.zip’ saved [383332167/383332167]

Then unpack it