This document provides guidance on installing and configuring OpenSUSE 12.2 to build a desktop solution as a replacement for Windows. It outlines selecting software packages, performing the installation, configuring settings like the clock, partitions, users and security. It also recommends optimizations like disabling unneeded services and daemons, tuning filesystems and recompiling the kernel for performance. The goal is to create a secure, optimized and customizable Linux desktop environment that provides the functionality people need.
1. OpenSUSE 12.2
Building the Perfect Desktop Solution
Davor Guttierrez
System Integrations Specialist
dguttierrez@me.com
2. What we want?
● Replacement for Windows desktop
● All software that people need to do the things they do on
their Windows desktop
● Secure system
● System that works on old hardware
● All with Open Source and Free Software
13. After installation task
● Set Hostname
● Set Network
– on Desktop use Network Manager
● Firewall must be enabled
● Enable VNC Remote Administration (not Win like)
● Read Release Notes
● Make hardware configuration for printer, TV card, sound
system, ...
14. Make online update
● Don't use graphical frontend … it's slow
● Use CLI like real man … „zypper up“
● It's about 700 MB of download RPM's
● Reboot your system after upgrade
16. Optimization and performance tuning
● Disk subsystem tuning
/proc/sys/vm/dirty_background_ratio
The value “10” defines at what percentage of main memory
the pdflush daemon should write data out to the disk - a
larger value will cause less frequent flushes
sysctl -w vm.dirty_background_ratio=25
17. Shoot The Beagle
● SUSE® Linux Enterprise Desktop and openSUSE come
with an application called "beagle", kind of a search engine,
that tries to index your whole system (emails, IM, visited
websites,... ).
● While in theory this sounds like a good idea, it'll be also a
considerable performance hog.
● To get rid of it, simply remove the package "beagle".
● Note: You cannot (easily) deinstall the
"libbeagle" shared libs.
18. Unneded Deamons / Services
● DHCP - if your network topology is simple and set, you just might want to switch to static IP address settings
● Auditd - nice thing to have, if you are interested in watching what your programs do. If you don't, disable it.
● AppArmor - nice thing to have, if you don't trust yourself (or use untrusted third party software). AppArmor has it's own menuitem in YaST
controlcenter, where it can be disabled.
● CUPS - if all your print jobs go to a remote printer, you do not need to run a local cups demon. In this case, you might also want to prevent
loading of parallelport modules, which can be done by moving the according file in /etc/sysconfig/hardware away.
● mdsnd - Got a Mac? No? Ok!
● Once a day, CRON runs updatedb. One could consider this as an earlier version of beagle and expendable as well. if you do not use locate(1),
than you can probably also live without this service. Disable it in /etc/sysconfig/locate.
● YaST has been offering Software RAID as a partitioning option for some time now. Unless you explicitly choose to enable it, it is not used by
default. However, upon bootup the according modules are loaded into the kernel. Easiest way to stop this, is to deinstall the "mdadm" package.
● By default, SUSE® starts six getties (linux textconsole). As X is nowadays standard, you can probably live with less. Disable as many as you
like in /etc/inittab (but keep at least one).
● Do you need gpg-agent and ssh-agent? They can both be disabled in /etc/X11/xdm/sys.xsession
● Do you need ipv6 networking? You can disable it by writing the following two lines to /etc/modprobe.conf.local:
alias net-pf-10 off
alias ipv6 off
19. Files system tuning / recompile kernel
● Disable accesstime logging
● Use noatime option in /etc/fstab
● Partitions /home and /tmp should
live on partitions of their own
● Recompile kernel – it's easy
20. The Obvious Stuff
● Try to use "simple" wallpapers. Photorealistic, high
resolution wallpapers will eat several MB of RAM.
Especially of transparancy effects for the panel are
activated.
● Try to keep the number of applets low. Throw out, whats not
used.
● Disable animations (using gconf-editor) in the panel.
● Use lightweight themes. Small can also be beautiful.
● Disable preview in nautilus
21. And now we're using Linux Desktop
● Need Internet Explorer?
● Now we have fast and secure desktop
● We can use virtualization with VirtualBox or with XEN
● We can also implement Windows 7 Theme (but why?)
● …
● …
● ...