Fog Reports and DBAN
-
Hello everyone, I am trying to set up a system that will allow me to run DBAN’s “DOD 3-pass wipe” on the hard drives of machines connected to my FOG PXE network and when the process is complete I would like the machines to register automatically with the FOG server.
I have gotten as far as scripting the DBAN wipe to perform the wipe automatically as soon as the DBAN option is selected from the FOG boot menu, and I have Quick Registration working, I would just like to combine the two options into one, if possible. This is just to save time because I will have a great deal of computers with sensitive information in the next two weeks, and I need to be able to easily keep track of the hard drive serial numbers as well as the machine serial and model numbers that have been sanitized.
Any advice or suggestions would be very much appreciated, thanks!
-
I’m really sorry that I did not get a chance to reply to this earlier, but thank you so much for taking the time to help me out with this! I had been wrapped up in other projects until today, but I will definitely work on this and let you know if I make any progress! Again, thank you!
-
I can see how one would go about doing this. It would be as easy as queueing up a couple of tasks in the WEBUI, if you are willing to figure out how to alter the pages to allow you to schedule a dban job. It isn’t that hard. Otherwise, you could manually queue them. You’d need to start a dban job on each client and then after it started, queue up a quick host registration job. This would be as simple as creating two files for each client.
I don’t have dban setup yet, but you’d need to create a file to start the dban process named after the mac address of the nic of the client you want to wipe. Put them in a folder like /var/tmp/local/dbanfiles. Then create a file for the systems to do the quickreg part. Save those in /var/tmp/local/quickreg. Copy the appropriate “dbanfiles” for the systems that you want to run dban on to /tftpboot/pxelinux.cfg. After those dban starts on those clients, copy your “quickreg” files for those systems over to /tftpboot/pxelinux.cfg. When the systems are done wiping and reboot, they will do a quickreg, assuming your machines are set to pxeboot first in the boot order.
Example, I have one machine with mac address 01-00-26-88-77-bb-aa:
My files would look like:
more /var/tmp/local/dbanfiles/01-00-26-88-77-bb-aa
[code]
DEFAULT fog
LABEL dbanwipe
KERNEL /fog/kernel/dban_image_filename
APPEND proper_dban_info_here
[/code]
(use your KERNEL and APPEND options…I don’t know what they are for dban)
If you reboot that client and PXE boot it, it will auto wipe.
more /var/tmp/local/quickreg/01-00-26-88-77-bb-aa
[code]
DEFAULT fog
LABEL quickreg
KERNEL fog/kernel/bzImage
APPEND initrd=fog/images/init.gz root=/dev/ram0 rw ramdisk_size=127000 ip=dhcp d
ns= mode=autoreg web=XXX.XXX.XXX.XXX/fog/ loglevel=4
[/code]
To start things off for my client, I copy my dban file:
[code]
sudo cp /var/tmp/local/dbanfiles/01-00-26-88-77-bb-aa /tftpboot/pxelinux.cfg/01-00-26-88-77-bb-aa
[/code]
After dban starts, I copy the other file:
[code]
sudo cp /var/tmp/local/quickreg/01-00-26-88-77-bb-aa /tftpboot/pxelinux.cfg/01-00-26-88-77-bb-aa
[/code][LEFT][COLOR=#555555][SIZE=2][FONT=Tahoma][COLOR=#141414]You could probably write a script to create these files easily by pulling the mac addresses for your clients from the MYSQL db. I’d look into it, but that would take more time than I have right now. I’ll add it to my todo list, but please don’t wait for it. :)[/COLOR][/FONT][/SIZE][/COLOR][/LEFT]