Fog 1.2.0 DBAN Advanced PXE Boot Menu



  • Hi everyone,

    I needed to figure out a way to put DBAN wipe functionality in the FOG PXE menu to boot and auto-wipe systems. I found out a basic way to do this and so I am adding this info here for anyone else who needs to do it. I am using Ubuntu 14.04 LTS.

    [LIST=1]
    []Create a new folder in /var/www/fog/ called dban
    [
    ]Give the www-data user and group ownership of this folder (this may not be needed)
    [CODE]chown www-data /var/www/fog/dban
    chgroup www-data /var/www/fog/dban[/CODE]
    []Download the DBAN iso file and extract it to /var/www/fog
    [
    ]Give the www-data user and group ownership of the files you just put in this folder (this may not be needed)
    [CODE]chown www-data /var/www/fog/dban/*
    chgroup www-data /var/www/fog/dban/[/CODE]
    [
    ]Go to the FOG web interface to Fog Configuration -> PXE Boot Menu
    [*]Open the Advanced Configuration Options box and paste in the following menu code
    [CODE]:MENU
    menu Please choose an option
    item dban Boot DBAN Autonuke - WILL TOTALLY WIPE PC!
    choose item

    :dban
    kernel ${boot_url}/fog/dban/dban.bzi nuke=“dwipe --autonuke” silent vga=785
    boot[/CODE]
    []Save the changes you made and test on a PC - [COLOR=#ff0000][B]!BEWARE! -> It will automatically begin wiping the PC[/B][/COLOR].
    [
    ]If you need to password protect this option you can set the Advanced Menu Login on the PXE Boot Menu options page.
    [/LIST]
    This Autonuke command will run 1 DOD-Short pass. If you want more complex wipe options executed automatically check out the following list for specific commands you can sub in. If you want it to ask you for manual options each time just change the option to [B]nuke=“dwipe” silent vga=785[/B]

    [CODE]LABEL autonuke
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke” silent nousb vga=785

    LABEL dban
    KERNEL dban.bzi
    APPEND nuke=“dwipe” silent vga=785

    LABEL dod
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method dod522022m” silent vga=785

    LABEL dod3pass
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method dod3pass” silent vga=785

    LABEL dodshort
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method dodshort” silent vga=785

    LABEL gutmann
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method gutmann” silent vga=785

    LABEL ops2
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method ops2” silent vga=785

    LABEL paranoid
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method prng --rounds 8 --verify all” silent vga=785

    LABEL prng
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method prng --rounds 8” silent vga=785

    LABEL quick
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method quick” silent vga=785

    LABEL zero
    KERNEL dban.bzi
    APPEND nuke=“dwipe --autonuke --method zero” silent vga=785[/CODE]
    [INDENT=1] [/INDENT]
    I hope this helps somebody!
    CHELIT


  • Moderator

    @Mr.B
    https://wiki.fogproject.org/wiki/index.php/DBAN_(Darik's_Boot_and_Nuke)

    That tutorial uses FOG Trunk. So, if you wanted to proceed, you’d need to upgrade to fog trunk.
    Be aware that the trunk version is developmental and is in a constant state of change.
    https://wiki.fogproject.org/wiki/index.php/Upgrade_to_trunk



  • Aside from the excellent information that is here, where can I find the actual instructions to implement DBAN into my pxe settings?



  • @Junkhacker

    Yes I’m certain.


  • Developer

    @FoggyMemory have you made sure that the path is correct? the location is case-sensitive



  • @Junkhacker

    Thank you for your quick reply and sorry for my late response, but I wanted to make sure I tried every alternative before I posted here to say this solution didn’t work for me either. The difference, however, is instead of throwing out an Exec error, instead instead says dban.bzi can’t be found. (And, of course, I made sure I had dban.bzi located in /var/www/). I didn’t change the ownership of the /var/www/ folder but dban.bzi had the owner/group changed.


  • Developer

    i had to use

    kernel DBAN.BZI nuke=dwipe silent vga=785 ||
    

    without the quotes



  • @Tom-Elliott

    Yes I’ve already performed those steps; I updated my post to show the path location.


  • Senior Developer



  • @ChelIT @tom-elliott

    Hi Everyone,

    Hopefully someone can help me – I’ve been trying unsuccessfully to add DBAN to my current FOG setup. I’ll try to be as detailed as possible, please let me know if anymore information is needed.

    OS: Ubuntu Server 12.04.5
    Error: Exec format error

    I followed the directions above, using the commands provided to give both the www-data user and www-data group ownership to the files located under var/www/fog/dban.

    Permissions:
    upload-dff3f79d-4c91-4c6d-a78a-d375e0b2651f

    Any idea what may be causing the error? Here is my current iPXE Advanced Configuration:

    :MENU
    
    menu
    
    item -- gap-- ---------------- iPXE boot menu ----------------
    
    item fog.local 		Boot from hard disk
    
    item img1 		<Created on 5-20-15>
    
    item dban 		Darik's Boot and Nuke
    
    item hostinfo        	Details About This Computer
    
    item return Return to main menu
    
    choose --default fog.local target && goto ${target}
    
    :fog.local
    
    sanboot --no-describe --drive 0x80 || goto MENU
    
    :img1
    
    kernel bzImage root=/dev/ram0 rw ramdisk_size=127000 ip=dhcp dns=[REDACTED] web=${fog-ip}/fog/ consoleblank=0 loglevel=4 type=down img=429Win7 ftp=${fog-ip} imgType=mps osid=5 storage=${fog-ip}:/home/images capone=1 imgFormat=0
    
    imgfetch init.xz
    
    boot || goto MENU
    
    :dban
    kernel ${boot_url}/fog/dban/dban.bzi nuke="dwipe --autonuke" silent vga=785
    boot
    
    :hostinfo
    
    echo This computer : ||
    
    echo MAC address....${net0/mac} ||
    
    echo IP address.....${ip} ||
    
    echo Netmask........${netmask} ||
    
    echo Serial.........${serial} ||
    
    echo Asset number...${asset} ||
    
    echo Manufacturer...${manufacturer} ||
    
    echo Product........${product} ||
    
    echo BIOS platform..${platform} ||
    
    echo ||
    
    echo press any key to return to Menu ||
    
    prompt
    
    goto MENU
    
    :return
    
    chain http://${fog-ip}/${fog-webroot}/service/ipxe/boot.php?mac=${net0/mac} || goto MENU
    
    
    
    autoboot
    

    Thanks!



  • Big thanks for your post ChelIT !

    [quote=“ArchFan, post: 38406, member: 19266”]If you wanted simplify even more and save some typing, you could change both the owner and group with one command using the format:

    chown username:groupname filename (assuming you're already in the same directory as the desired file, otherwise use /path/to/file)
    

    [/quote]

    And more if username and groupname are similar :

    chown username: /path/to/file
    

    Mod corrected format to display properly in new forums.


  • Moderator

    This post is deleted!


  • If anyone is following these instructions without success, be aware that the file name is case sensitive. I had specified ‘dban.bzi’, whereas the file extracted from my freshly-downloaded dban (v2.2.8 i586) iso was ‘DBAN.BZI’.

    Probably obvious for most people, but I thought I’d post in case it saved anyone else the few hours I wasted.



  • Welcome to the FOG Forum, btw, and thanks for the contribution!



  • If you wanted simplify even more and save some typing, you could change both the owner and group with one command using the format:
    [CODE]
    chown username:groupname filename (assuming you’re already in the same directory as the desired file, otherwise use /path/to/file)
    [/CODE]

    That would make step 2:
    [CODE]
    chown www-data:www-data /var/www/fog/dban
    [/CODE]

    And step 4:
    [CODE]
    chown www-data:www-data /var/www/fog/dban/*
    [/CODE]

    Edit:
    In your case specifically, I think you could actually combine steps 2 & 4 using:
    [CODE]
    sudo chown -R www-data:www-data /var/www/fog/dban
    [/CODE]


  • Developer

    [quote=“Tom Elliott, post: 38404, member: 7271”]To be legit some environments actually require what’s known as a department of defense white that’s what his menu system does the current Whitecastle it’s in fog is not right every bit with random characters[/quote]

    this has got to look strange to anyone who doesn’t know you’re using voice to text right now, lol

    translation:
    To be legit some environments actually require what’s known as a Department of Defense wipe, that’s what this menu system does. the current wipe that’s in fog does not write every bit with random characters


  • Senior Developer

    To be legit some environments actually require what’s known as a department of defense white that’s what his menu system does the current Whitecastle it’s in fog is not right every bit with random characters


  • Moderator

    isn’t there already a wipe task? unless it got retired since 0.32


Log in to reply
 

362
Online

38976
Users

10712
Topics

101675
Posts

Looks like your connection to FOG Project was lost, please wait while we try to reconnect.