Fog 1.2.0 DBAN Advanced PXE Boot Menu
-
Hi everyone,
I needed to figure out a way to put DBAN wipe functionality in the FOG PXE menu to boot and auto-wipe systems. I found out a basic way to do this and so I am adding this info here for anyone else who needs to do it. I am using Ubuntu 14.04 LTS.
[LIST=1]
[]Create a new folder in /var/www/fog/ called dban
[]Give the www-data user and group ownership of this folder (this may not be needed)
[CODE]chown www-data /var/www/fog/dban
chgroup www-data /var/www/fog/dban[/CODE]
[]Download the DBAN iso file and extract it to /var/www/fog
[]Give the www-data user and group ownership of the files you just put in this folder (this may not be needed)
[CODE]chown www-data /var/www/fog/dban/*
chgroup www-data /var/www/fog/dban/[/CODE]
[]Go to the FOG web interface to Fog Configuration -> PXE Boot Menu
[*]Open the Advanced Configuration Options box and paste in the following menu code
[CODE]:MENU
menu Please choose an option
item dban Boot DBAN Autonuke - WILL TOTALLY WIPE PC!
choose item:dban
kernel ${boot_url}/fog/dban/dban.bzi nuke=“dwipe --autonuke” silent vga=785
boot[/CODE]
[]Save the changes you made and test on a PC - [COLOR=#ff0000][B]!BEWARE! -> It will automatically begin wiping the PC[/B][/COLOR].
[]If you need to password protect this option you can set the Advanced Menu Login on the PXE Boot Menu options page.
[/LIST]
This Autonuke command will run 1 DOD-Short pass. If you want more complex wipe options executed automatically check out the following list for specific commands you can sub in. If you want it to ask you for manual options each time just change the option to [B]nuke=“dwipe” silent vga=785[/B][CODE]LABEL autonuke
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke” silent nousb vga=785LABEL dban
KERNEL dban.bzi
APPEND nuke=“dwipe” silent vga=785LABEL dod
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method dod522022m” silent vga=785LABEL dod3pass
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method dod3pass” silent vga=785LABEL dodshort
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method dodshort” silent vga=785LABEL gutmann
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method gutmann” silent vga=785LABEL ops2
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method ops2” silent vga=785LABEL paranoid
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method prng --rounds 8 --verify all” silent vga=785LABEL prng
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method prng --rounds 8” silent vga=785LABEL quick
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method quick” silent vga=785LABEL zero
KERNEL dban.bzi
APPEND nuke=“dwipe --autonuke --method zero” silent vga=785[/CODE]
[INDENT=1] [/INDENT]
I hope this helps somebody!
CHELIT -
isn’t there already a wipe task? unless it got retired since 0.32
-
To be legit some environments actually require what’s known as a department of defense white that’s what his menu system does the current Whitecastle it’s in fog is not right every bit with random characters
-
[quote=“Tom Elliott, post: 38404, member: 7271”]To be legit some environments actually require what’s known as a department of defense white that’s what his menu system does the current Whitecastle it’s in fog is not right every bit with random characters[/quote]
this has got to look strange to anyone who doesn’t know you’re using voice to text right now, lol
translation:
To be legit some environments actually require what’s known as a Department of Defense wipe, that’s what this menu system does. the current wipe that’s in fog does not write every bit with random characters -
If you wanted simplify even more and save some typing, you could change both the owner and group with one command using the format:
[CODE]
chown username:groupname filename (assuming you’re already in the same directory as the desired file, otherwise use /path/to/file)
[/CODE]That would make step 2:
[CODE]
chown www-data:www-data /var/www/fog/dban
[/CODE]And step 4:
[CODE]
chown www-data:www-data /var/www/fog/dban/*
[/CODE]Edit:
In your case specifically, I think you could actually combine steps 2 & 4 using:
[CODE]
sudo chown -R www-data:www-data /var/www/fog/dban
[/CODE] -
Welcome to the FOG Forum, btw, and thanks for the contribution!
-
If anyone is following these instructions without success, be aware that the file name is case sensitive. I had specified ‘dban.bzi’, whereas the file extracted from my freshly-downloaded dban (v2.2.8 i586) iso was ‘DBAN.BZI’.
Probably obvious for most people, but I thought I’d post in case it saved anyone else the few hours I wasted.
-
This post is deleted! -
Big thanks for your post ChelIT !
[quote=“ArchFan, post: 38406, member: 19266”]If you wanted simplify even more and save some typing, you could change both the owner and group with one command using the format:
chown username:groupname filename (assuming you're already in the same directory as the desired file, otherwise use /path/to/file)[/quote]
And more if username and groupname are similar :
chown username: /path/to/fileMod corrected format to display properly in new forums.
-
Hi Everyone,
Hopefully someone can help me – I’ve been trying unsuccessfully to add DBAN to my current FOG setup. I’ll try to be as detailed as possible, please let me know if anymore information is needed.
OS: Ubuntu Server 12.04.5
Error: Exec format errorI followed the directions above, using the commands provided to give both the www-data user and www-data group ownership to the files located under var/www/fog/dban.
Permissions:
Any idea what may be causing the error? Here is my current iPXE Advanced Configuration:
:MENU menu item -- gap-- ---------------- iPXE boot menu ---------------- item fog.local Boot from hard disk item img1 <Created on 5-20-15> item dban Darik's Boot and Nuke item hostinfo Details About This Computer item return Return to main menu choose --default fog.local target && goto ${target} :fog.local sanboot --no-describe --drive 0x80 || goto MENU :img1 kernel bzImage root=/dev/ram0 rw ramdisk_size=127000 ip=dhcp dns=[REDACTED] web=${fog-ip}/fog/ consoleblank=0 loglevel=4 type=down img=429Win7 ftp=${fog-ip} imgType=mps osid=5 storage=${fog-ip}:/home/images capone=1 imgFormat=0 imgfetch init.xz boot || goto MENU :dban kernel ${boot_url}/fog/dban/dban.bzi nuke="dwipe --autonuke" silent vga=785 boot :hostinfo echo This computer : || echo MAC address....${net0/mac} || echo IP address.....${ip} || echo Netmask........${netmask} || echo Serial.........${serial} || echo Asset number...${asset} || echo Manufacturer...${manufacturer} || echo Product........${product} || echo BIOS platform..${platform} || echo || echo press any key to return to Menu || prompt goto MENU :return chain http://${fog-ip}/${fog-webroot}/service/ipxe/boot.php?mac=${net0/mac} || goto MENU autobootThanks!
-
Have you verified the data is correct?
https://forums.fogproject.org/topic/4069/fog-1-2-0-dban-advanced-pxe-boot-menu/9#
-
Yes I’ve already performed those steps; I updated my post to show the path location.
-
i had to use
kernel DBAN.BZI nuke=dwipe silent vga=785 ||without the quotes
-
Thank you for your quick reply and sorry for my late response, but I wanted to make sure I tried every alternative before I posted here to say this solution didn’t work for me either. The difference, however, is instead of throwing out an Exec error, instead instead says dban.bzi can’t be found. (And, of course, I made sure I had dban.bzi located in /var/www/). I didn’t change the ownership of the /var/www/ folder but dban.bzi had the owner/group changed.
-
@FoggyMemory have you made sure that the path is correct? the location is case-sensitive
-
Yes I’m certain.
-
Aside from the excellent information that is here, where can I find the actual instructions to implement DBAN into my pxe settings?
-
@Mr.B
https://wiki.fogproject.org/wiki/index.php/DBAN_(Darik's_Boot_and_Nuke)That tutorial uses FOG Trunk. So, if you wanted to proceed, you’d need to upgrade to fog trunk.
Be aware that the trunk version is developmental and is in a constant state of change.
https://wiki.fogproject.org/wiki/index.php/Upgrade_to_trunk
