Setting up and running the public server for a deployment.

Pre-requisites

• You have read and followed the Antitheft_HowTo page, and have a Master Signing Server (MSS) with your local private keys.
• You have defined a domain name for your antitheft server -- for example antitheft.yourproject.foo.tld
• XOs have been keyjected (or manufactured) with your public keys
• XOs have an OS build that includes delegation support -- that is OS 8.2.2 or newer, and builds based on F11.
• XOs have a localised OS build that sets the domain if your antitheft server.

Setup Public Server

The recommended distribution is Fedora-11 or newer. At time of this writing, F-12 is available, and RHEL6 seems to be close to release -- it is advisable to install on F-12 and upgrade to RHEL6 or CentOS6 when they are available. RHEL/CentOS provide Long Term Support appropriate for the antitheft server role.

• Perform a minimal installation, using the kickstart file outlined in http://fedoraproject.org/wiki/Features/MinimalPlatform
• Configure hostname to match the domain name assigned
• Configure network to match IP address assigned -- it is strongly recommended to disable NetworkManager and use network-scripts instead. To do this, use chkconfig to turn NetworkManager off, and the "network" service on, and configure the network interfaces in the usual way.
  • Experimental: F-12 has improvements that allow NetworkManager to be used in a server role.

Add packages from XS repository

Add the current XS stable yum repository to your yum configuration -- create a file /etc/yum.repos.d/olpcxs.repo with the configuration present in http://dev.laptop.org/git/users/martin/xs-release.git/tree/olpcxs.repo?h=xs-0.6

Install the required packages:

yum install xs-activation-server moodle-xs olpc-bios-crypto

Create Server Keys, Configure services

Monthly update of delegations

Usage and maintenance