AlmaLinux 9 - Locmap¶
Locmap is typically installed by default when installing a new AlmaLinux system and selecting 'Software Development Workstation (CERN Recommended Setup)' during the installation.
In the event that locmap is not available, you may follow these instructions to install it.
$ sudo dnf -y install locmap-release
$ sudo dnf -y install locmap
$ sudo locmap --enable all
$ sudo locmap --configure all
Usage¶
You can access the documentation by typing (as root):
# man locmap
You can list enabled modules:
# locmap --list
[Available Modules]
afs [disabled]
cernbox [disabled]
cernphone [disabled]
chrony [disabled]
cvmfs [disabled]
eosclient [disabled]
kerberos [disabled]
lpadmin [disabled]
postfix [disabled]
resolved [disabled]
ssh [disabled]
sudo [disabled]
zoom [disabled]
You can configure all enabled module with the following command:
# locmap --configure all
You can configure a new module:
# locmap --enable modulename
# locmap --configure modulename
You can disable a module:
# locmap --disable modulename
You can remove root access to the Main Users of LanDB using the --disallow_root
. It means that, only Resposibles defined in LanDB will have root access.
# locmap --disallow_root --configure modulename
# locmap --disallow_root --configure all
Locmap and Openstack¶
It easy to run locmap during an openstack installation. Create a script with the above commands say install.sh
. Pass this as user data to openstack create
.
openstack server create --image 'ALMA9 - x86_64' --key-name <mykey> --user-data ~/tmp/install.sh --flavor m2.small mynode
alternatively the script can be uploaded via the configuration tab of the "Launch Instance" panel of OpenStack.