BeagleBone Black – Installing Ubuntu – Part 2


OM Nom Nom

OM Nom Nom

 

Let’s Keep Going…

Back in Part 1, we got a lot done:

  • Installed Ubuntu 13 -Raring to a sd-card
  • Configured network stuff
  • Added IP Mailer script
  • Learned I don’t feed trolls

but there still so much more to do.  Let’s keep going…

System Updates

We really need to update the OS at this point.  Thankfully, this is wicked easy:

sudo apt-get update

When that’s done…

sudo apt-get upgrade

This second one will take about 3-5 minutes.  Once done, we are ready to rock! \m/

User Administration

Right now, we are still working under the default ubuntu user account.  This might be handy to have as a OSIS (oh s**t I’m screwed) account but we have to lock it down so we don’t invite trouble.  We also need to create our own user account and get our groups sorted out so we have access to sudo and continue our quest for BBB-Ubuntu nirvana.

First, lets get a new account going.  I created a user account by typing in the following:

ubuntu@ubuntu-armhf:~$ sudo adduser dfrey
[sudo] password for ubuntu: ****************
 Adding user `dfrey' ...
 Adding new group `dfrey' (1001) ...
 Adding new user `dfrey' (1001) with group `dfrey' ...
 Creating home directory `/home/dfrey' ...
 Copying files from `/etc/skel' ...
 Enter new UNIX password: ********************
 Retype new UNIX password: ********************
 passwd: password updated successfully
 Changing the user information for dfrey
 Enter the new value, or press ENTER for the default
 Full Name []: David Frey
 Room Number []:
 Work Phone []:
 Home Phone []:
 Other []:
 Is the information correct? [Y/n] y
 ubuntu@ubuntu-armhf:~$

(I added the asterisks for effect.  You will not see them when you create the user.)

Ok, so now we have a user with a default group of the same name.  We still need to grant access to the sudo group:

sudo usermod -a -G sudo dfrey

Here’s what’s going on with this command:

  • -a allows the group to be appended instead of being replaced
  • -G adds the specified group as supplemental group (-g) would be primary)
  • the second ‘sudo’ is the group designator
  • dfrey‘ is the user to which all this will be applied

You can test out your handy work by typing:

ubuntu@ubuntu-armhf:~$ su dfrey
Password:

Note:  This password prompt is for the ‘dfrey‘ password, not the existing user.  With this, we are actually logging in as ‘dfrey.’  Next, try:

dfrey@ubuntu-armhf:/home/ubuntu$ sudo date
[sudo] password for dfrey: 
Wed Sep 11 01:16:49 UTC 2013
dfrey@ubuntu-armhf:/home/ubuntu$ exit

Now that we have tested our user account, let’s reboot the BBB to make sure everything is working.  We are going to test a few things here:

  • We haven’t broken the BBB
  • The IP Mailer script works
  • We can log into the system with our new user

Cross your fingers, say a little prayer, and type in:

sudo shutdown -r now

When you get kicked out of your SSH session, start pinging the BBB with the address you’ve been using or use the Hosts file entry we talked about in Part 1.

If you start seeing this:

Host Unreachable

That’s a pretty good sign that the IP assignment has been changed for your BBB.  If your IP Mailer script is working, you should have an email waiting for you with your new IP.  Actually, it should be there with your current one whether or not it’s new.

If you have a valid IP address, then SSH back into the system. If you are having trouble, didn’t get the email and SSH doesn’t work with your current IP, go back to Part 1 and look for “The Hard Way.”  This process will help you get your IP.

However, we’re moving on, so catch up with us when you get done goofin’ around.

Secure The Default User

This distro of Ubuntu (as you are already aware) comes with a default user account, ubuntu.  The password is cleverly disguised as “ubuntu”  All the forces of the universe call on us to either disable this account or at the least, change the password.  We’ll go through both processes and you can choose which one is right for you.

Disable The “ubuntu” Account

To protect your new BBB, you need to shut this account down.  Since its preconfigured to the distro, you may be able to leverage it later so were just going to shut it down rather than outright delete it (which might still be a good idea for public accessable installations).

In the terminal simply type:

sudo passwd -l ubuntu

Now the account is still on the BBB but locked.  To unlock it is just as simple:

sudo passwd -u ubuntu

Voila!  Security! Just keep in mind that this may not be a fool-proof method.  If someone has accessed your BBB with a SSH key, this might not stop them.  Just keep an eye on who’s logging onto your system with the ‘last‘ command.

Now, don’t go and get all nutty and do this until you have a fairly secure system.  The “ubuntu” account may still come in handy.  Let’s make is a bit more secure though.

Change The Default Account Password

Assuming we logged in with the new user that we created above (in my case “dfrey“), let’s change the password for “ubuntu.”  In the terminal, follow along:

First, let’s log in as “ubuntu“:

dfrey@ubuntu-armhf:~$ su ubuntu
Password: <should still be 'ubuntu'>

Then we will issue the password change command:

ubuntu@ubuntu-armhf:~$ passwd
Changing password for ubuntu.
(current) UNIX password: <still 'ubuntu'>
Enter new UNIX password: <super difficult-to-remember, impossible-to-guess password>
Retype new UNIX password: <see above>
passwd: password updated successfully

Finally, let’s test that (the password verification was a test but we go above and beyond):

dfrey@ubuntu-armhf:~$ su ubuntu
Password: <super difficult-to-remember, impossible-to-guess password>
ubuntu@ubuntu-armhf:~$

UPDATE: After posting this, I got to thinking that if changing the password or disabling the account is a good measure, one could change the password then lock the account and that gives you extra protection.  Just take this message home with you.  There are a lot of very cleaver people out there looking for an opportunity to mess with your chi.  Be proactive about your system security.

That’s all there is to that.

Save The Date

Because the BBB doesn’t have a real-time clock, Ubuntu needs to be configured to fetch the time on a regular basis.  You may not care but time can be an issue with regards to certificates and security tokens, so lets run though this exercise to get things up to snuff.

First, let’s see where we are.  Type in the following:

dfrey@ubuntu-armhf:~$ date
Wed Sep 11 01:20:23 UTC 2013

Since it is 9:20 PM where I’m at, we’re a bit off.  Navigate to /etc remove or backup your localtime file:

sudo rm localtime

or

dfrey@ubuntu-armhf:/etc$ sudo mv localtime localtime-orig

Now lets update the time file.  You should be able to navigate to /usr/share/zoneinfo and see a bunch of countries or zones.  Find the one you are in and if it’s a country drill down into that.  For instance the America folder has a file, New_York, which is in my time zone.  Yours will probably be different.

You will need to create a symbolic link in /etc to your timezone file.  This is how I did mine:

sudo ln -s /usr/share/zoneinfo/America/New_York /etc/localtime

Now we can see if your locale-base date will work.  We can update the date from a date server by entering the following:

dfrey@ubuntu-armhf:~$ ntpdate -b -s -u pool.ntp.org
dfrey@ubuntu-armhf:~$ date
Wed Sep 10 21:23:12 EDT 2013

So, we are mostly done here but we still need to check in with the time server to keep everything in lock-step.  If you are just browsing around, getting familiar with your BBB, you can do this maybe 2 – 4 times a day.  If you have date/timing apps, you will need to increase this due to clock drift.  Over at Gigamegablog.com, dwatts has a section called “Setting the timezone.”   I used his awesome tutorial to initially setup up my BBB and I’m happy to report that the Timezone section works for Ubuntu.

So, let’s get to time-synching eh?

Back in Part 1, we added a script to cron so that it would run every time the system rebooted.  Well, we’ll be doing the same thing here but we need to set an interval.  I will give you two examples and you can choose which one you want.

For an update twice a day, add this line to your crontab file:

00 */12 * * * ntpdate -b -s -u pool.ntp.org

For updates every thirty minutes, add this line:

*/30 * * * * ntpdate -b -s -u pool.ntp.org

Either of these should work.

Aliases

Ok, so you guys have been pretty good (except for those two goofs in the back) so I’ll throw you my alias list.  It’s not much but it keeps me cozy at night.

First, here’s the list:

alias c='clear'
alias reboot='sudo shutdown -r now'
alias la='ls -als'
alias lt='ls -alt'
alias mkdir='mkdir -pv'
alias path='echo -e ${PATH//:/\\n}'
alias sudo='sudo env PATH=$PATH'
alias now='date +%T'
alias nowtime=now
alias nowdate='date +"%d-%m-%Y"'
alias ports='netstat -tulanp'
alias apt-get="sudo apt-get"
alias updatey="sudo apt-get --yes"
alias update='sudo apt-get update && sudo apt-get upgrade'

Now, let’s get these squared away.  By default, Ubuntu is going to set your profile to Bash (Borne-Again SHell).  It’s my favorite and it’s what I’ll be using for the example.

The cool thing is that Ubuntu was ready for you.  In your home directory, is a hidden file called .bashrc.  It contains a couple of the most popular aliases but there is an option for you to add more.  Simply create a new file in your home directory called: “.bash_aliases” and paste whatever you want in there and save the file.  Everytime you log in, your aliases will be loaded and available to you.

The final step is to log out (exit) from your SSH session and then log back in.  All your aliases will be ready to serve you.  .bashrc is parsed every time log on so doing this will update your personal profile configs.

In my next post, I will be installing and configuring several applications that I use including:

Oh and I haven’t forgotten the BeagleBone Black Ubuntu Wireless Configurations Throwdown.  That’s coming soon as well.

Please check back soon for that.

http://learn.adafruit.com/beaglebone-black-installing-operating-systems/ubuntu

http://robotic-controls.com/learn/beaglebone/beaglebone-black-ubuntu

http://www.gigamegablog.com/2012/01/29/beaglebone-linux-101-configuring-angstrom-linux/

https://github.com/mottihoresh/Snoopy-Aquarium-Controller/wiki/Setting-up-Beaglebone-black

http://www.liberiangeek.net/2011/11/disable-user-accounts-in-ubuntu-11-10-oneiric-ocelot/

Advertisements

5 thoughts on “BeagleBone Black – Installing Ubuntu – Part 2

  1. I correct myself by saying the BBB doesn’t have a built-in “battery-powered” RTC. Even if it did, updates of the date/time via ntp periodically are required or time drift will occur. Most apps wouldn’t care but if you’re doing things that rely on key encryption/decryption or geolocation, this drift might make your app sad. I mention configuring the RTC in this post.

    It’s a subtle difference but I was not specific. I think I will experiment with the RTC to see what the drift will be.

    EDIT: Or you just simply add one of these to your project: http://learn.adafruit.com/adding-a-real-time-clock-to-beaglebone-black/overview

  2. Pingback: BeagleBone Black:WordPress On Ubuntu | Digital Ink Splatter

  3. Pingback: Beaglebone Black – Set Up Wireless on Ubuntu | Digital Ink Splatter

  4. Pingback: BeagleBone Black – Installing Ubuntu – Part 1 | Digital Ink Splatter

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s