RE: Changing the directory where Fog images are stored question

Also, if you choose to change the snapin directory and then have problems with the client, here’s a fix

https://forums.fogproject.org/topic/6582/ca-fog-service-error-failed-to-decrypt-when-snapins-in-non-default-directory

I had set my snapins to a different directory (/images/snapins with /images being a symlink to /home/fogRootSystem/images)
But the original install had created the /opt/fog/snapins directory and put the ca ssl folders there.
But then it did it put the CA ssl folders with new keys in the new /images/snapins folder.

All day today I have been troubleshooting the client wondering why it suddenly stopped authenticating. Uninstalling and reinstalling, re-imaging, modifying the msi, resetting encryption data, running the fog install script with the --recreate-CA and --recreate-keys options. And nothing worked. Then I noticed the duplicate CA and SSL directories and got to thinking that maybe that’s not supposed to be a thing. So I moved the /opt/fog/snapins folder to my /images/snapins directory
mv -f /opt/fog/snapins /images/snapins then deleted the opt folder rm -fr /opt/fog/snapins then made a symlink ln -s /images/snapins /opt/fog/snapins Then I reran the fog installer like this ./installfog.sh --recreate-CA --recreate-keys -Y and now the client is working again (after reinstall on the client).

So a fix exists, but it seems that changing the snapins directory doesn’t work for the client and causes weird ca/ssl authentication errors.

It’s possible that something else I did fixed my issue, but I am 99.9% sure that the symlink and reinstall recreating the CA is what solved it.

@Wayne-Workman Thanks
I’m on 2012 R2 dhcp ver 6.3

1.3.0 is really the trunk/“beta” version currently. It isn’t quite yet to release. Granted if every stable trunk was released as a final version, we would be at FOG 5782.2.0 by now.
@Tom-Elliott has been working on gpt partitions recently trying to get it perfect. Give the trunk a go

https://wiki.fogproject.org/wiki/index.php/Upgrade_to_trunk

The easiest thing to do is probably just leave it as default /images but then either mount the HDD to the path /images in your /etc/fstab nano /etc/fstab or make a symlink with sudo ln -s /path/to/hdd/images /images I personally use the symlink method. In my case I just wasn’t paying attention when I partition my drive and made a /home data partition of 400 GB and a / partition of 80 GB. I realized too late that this meant that I only had 80 GB for images… Since I didn’t feel like editing the partition table or starting over, I just moved the /images folder to a folder in /home/fogRootSystem and made a symlink to point /images to that folder and it worked like a charm.

Otherwise you also would want to edit your /etc/exports and make sure that it is pointing the nfs directory to your /images (Fog might do this for you if you specified it during install or in the gui)
You also would want to consider moving the snapins directory as it would normally be in /opt/fog/snapins and if you have a lot of scripts and large installers, than that directory can get pretty big too. Granted any of these would run faster on an ssd.

Hope that helps.

I also made a static A host record for the fog server hostname and ip as well as a cname for fog-server to that A record. Maybe that did something too?

So I think I may have just accidentally discovered a way to increase the effectiveness/speed/reliability of pxe booting in windows dhcp configurations.
Granted I did just change server boxes and OS’s, so sadly this is a discovery with a lot of variables so I’m not 100% sure that it is really a thing.

So, on top of the already existing server wide options of 66 and 67 that point pxe boots to the FOG server and specify the pxe boot file I added a couple more configurations.

So before, something that helped a little was having an ip reservation for the FOG server on the same subnet as the workstations it’s imaging. So I was adjusting that reservation whilst migrating my FOG server setup to a new ip address on a new box. I decided to try a couple other options set just to the fog-server reservation.

• option 003 Router - set to the router gateway address with a secondary address of the DHCP server itself (i.e. 192.168.100.1, 192.168.100.3)
• option 012 Host Name - set to the fog server’s host name.

The first time I booted to pxe (on a vm that usually required a few tries before it worked) it booted up with no issues at all just as it should, faster than I had ever seen even.

So my question is for people with a little more network experience than me. People like @Sebastian-Roth @Tom-Elliott @Wayne-Workman Would setting these options make a difference reasonably?

I kinda think that they would since one of the problems I would see with longer pxe boots is repeated discovers and selects of one of the 3 dhcp requests in the pxe boot process trying to find a router. So is this all in my head or did I stumble on something helpful?

I had a problem with an older raid controller not being recognized by the centos/RHEL 7 kernel just yesterday. Would this happen to be an older hp smart array controller? Like 2008 or older?
You could try adding these host kernel arguments (in the gui for the host, register it manually if you haven’t already)

hpsa.hpsa_allow_any=1 hpsa.hpsa_simple_mode=1

That might do the trick. These older array controllers are no longer supported by the RHEL kernels, this is where I got that info…
http://serverfault.com/questions/611182/centos-7-x64-and-hp-proliant-dl360-g5-scsi-controller-compatibility

@Cyrus So you haven’t actually installed any sql services?
I would just add the packages reccomended by the wiki ignoring any errors because some of them are just outdated…

rpm --import http://dl.fedoraproject.org/pub/epel/RPM-GPG-KEY-EPEL-6
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm --import http://apt.sw.be/RPM-GPG-KEY.dag.txt
rpm -Uvh http://pkgs.repoforge.org/rpmforge-release/rpmforge-release-0.5.3-1.el6.rf.x86_64.rpm
rpm --import https://www.elrepo.org/RPM-GPG-KEY-elrepo.org
rpm -Uvh http://www.elrepo.org/elrepo-release-6-5.el6.elrepo.noarch.rpm
rpm --import http://rpms.famillecollet.com/RPM-GPG-KEY-remi
rpm -Uvh http://rpms.famillecollet.com/enterprise/remi-release-6.rpm

Then manually install these packages

yum -y install htmldoc ttf2pt1 t1utils fltk subversion wget git

Then make a folder for the fog installer git and cd into it, download fog, and install it, for example…
(replace ‘fog’ with your username if you are going to let the installer create the fog user for you)

mkdir /home/fog/fogInstalls
mkdir /home/fog/fogInstalls/git
cd /home/fog/fogInstalls/git
git clone https://github.com/FOGProject/fogproject.git ./ #this part will take a little while
cd bin
./installfog.sh # follow the prompts
# Then configure the firewall per this post (https://forums.fogproject.org/topic/6162/firewall-configuration)
for service in http https tftp ftp mysql nfs mountd rpc-bind proxy-dhcp samba; do firewall-cmd --permanent --zone=public --add-service=$service; done
systemctl restart firewalld.service

Then whenever you need to update

cd /home/fog/fogInstalls/git
git pull
cd bin
./installfog.sh -Y

and that’s all there is to it.

@Cyrus Having installed it on many flavors, I would say for stress-free installation Ubuntu is a good bet.
However, I found that there are a lot issues that happen later from ubuntu doing silly things that will make things break. Like the re-occurring php package debacle of just a couple weeks ago.

I just moved my production fog server to centos 7 yesterday and while the install of centos gave me a little trouble (because of a legacy hardware issue) the install of FOG and subsequent updates and having everything up and running has been a dream. Also, since it is Red Hat, having experience with that looks better on a resume’ to some bigger companies if that’s something you care about.

So I would say stick with centos 7.

As for the mariadb issue, I didn’t have any issue there. From what I understand mariadb is just a new name for mysql (there’s more to it than that I realize, but to simplify it I’d say that)
There are some notes in the wiki about mariadb during centos 7 install you could try, but I think it’s a bit outdated now since FOG installs mariadb now.

https://wiki.fogproject.org/wiki/index.php?title=Installation_on_CentOS_7

Did you have any mysql related errors during the fog install script, or was this while trying to install it before hand. The best stress-free solution would be to let the fog install script take care of installing the requirements. If you haven’t actually configured anything yet and you think you broke your mariadb install in some way, I would go ahead and just reinstall centos 7 and follow the instructions in that wiki post. It worked for me just yesterday.

So this isn’t so much as a request for someone else to do this as it is a request for more ideas.
After adding the code for importing printer configurations to the service I had some ideas for improving the fog printer management in the service and the gui.
However, I don’t think that everyone would quite care that much about these ideas enough to add them into the core, but making a module for the fog service and a plugin for the gui would probably do the trick. I intend to start working on this in a few weeks to a month from now after a couple other projects are done first. But I figured why not get some feedback on the idea while it is in the brainstorming phase.

So here is some of the stuff I would be looking to add to an Advanced Printer Management plugin/client module

• Adding printer ports with existing prnport.vbs windows command
  (Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\Prnport.vbs)

  • Option to add SNMP private key for printers locked down with snmp keys
  • Option to enable SNMP on port with default public key
  • Option to use LPR or RAW port on standard local/TCP IP Printers
  • Option to add a usb printer shared on the network through a computer, NAS, or other network device.

• Installing the inf file to the OS with PNPUTIL -i -a file.inf

• Adding printers with Prnmngr.vbs if RUNDLL32 PRINTUI.DLL,PrintUIEntry /if fails for any reason
  (Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\Prnmngr.vbs)

• Allowing the use of network shares for inf driver files and config files

  • Either a checkbox in the add/edit printer menu or auto detect of unc path start \\ would bring up an option for domain\username and auto encrypting password (like the AD password box)
  • This user/pass would be used with a net use %share% /USER:username password command at the start of adding the printer and a subsequent net use %share% /delete at the end.
  • Also an option to ask (and perhaps detect) if a windows enterprise version is present with the nfs client installed, and if so saying to just put the printer files in a folder in the fog /images nfs share and mounting it in windows with nfs without the need for a password.
    • Maybe add the option to autoinstall a third party nfs tool to use the fog nfs share option on any version of windows
  • Maybe create a universal printer driver folder structure that can be downloaded to the fog nfs share or other network share
    • Maybe even add to that with the option to select from existing printer drivers in a drop down menu when adding a printer
    • This idea might require help, and would have the caveat of being difficult to update without some sort of automation of downloading new drivers for every model as they become available. Could just make it publicly accessible and let the community handle that as it happens or something.

Thoughts?

@Arrowhead-IT Scratch that, it totally worked after a restart. So if you go breaking your permissions just run the script posted and restart and violia!

@Arrowhead-IT Well it was worth a shot but it didn’t do the trick, maybe restarting would work, I’m backing up before I try that though.

@anthonyglamis No, you don’t need to create a new image for a new revision. It’s only if you reinstalled fog completely, regenerating the ca certs.

I found a script to restore permissions here
http://serverfault.com/questions/221447/how-to-repair-restore-ubuntu-10-04-after-sudo-chmod-777

#!/bin/bash
# Restores file permissions for all files on a debian system for which .deb
# packages exist. 
#
# Author: Larry Kagan <me at larrykagan dot com>
# Since 2007-02-20

ARCHIVE_DIR=/var/cache/apt/archives/
PACKAGES=`ls $ARCHIVE_DIR`
cd /

function changePerms() {
    CHOWN="/bin/chown"
    CHMOD="/bin/chmod"
    PERMS=`echo $1 | sed -e 's/--x/1/g' -e 's/-w-/2/g' -e 's/-wx/3/g' -e 's/r--/4/g'  -e 's/r-x/5/g' -e 's/rw-/6/g' -e 's/rwx/7/g' -e 's/---/0/g'`
    PERMS=`echo ${PERMS:1}`
    OWN=`echo $2 | /usr/bin/tr '/' '.'`
    PATHNAME=$3
    PATHNAME=`echo ${PATHNAME:1}`

#    echo -e "CHMOD: $CHMOD $PERMS $PATHNAME"    

#    result=`$CHOWN $OWN $PATHNAME`
#    if [ $? -ne 0 ]; then
#   echo -e $result
#        exit 123;
#    fi

    echo -e "CHOWN: $CHMOD $PERMS $PATHNAME"
    result=`$CHMOD $PERMS $PATHNAME`
    if [ $? -ne 0 ]; then
    echo -e $result
    fi
}

for PACKAGE in $PACKAGES;
do
    if [ -d $PACKAGE ]; then
    continue;
    fi
    echo -e "Getting information for $PACKAGE\n"
    FILES=`/usr/bin/dpkg -c "${ARCHIVE_DIR}${PACKAGE}"`

    for FILE in "$FILES";
    do
        #FILE_DETAILS=`echo "$FILE" | awk '{print $1"\t"$2"\t"$6}'`
    echo "$FILE" | awk '{print $1"\t"$2"\t"$6}' | while read line;
        do
            changePerms $line
        done
        #changePerms $FILE_DETAILS
    done
done```

It's running right now, hopefully that does the trick.

@Wayne-Workman
[Mon Jan 25 12:30:49.536526 2016] [:error] [pid 24884] [client 192.168.100.108:61538] PHP Fatal error: Uncaught exception ‘Exception’ with message 'FOGFTP: Failed to connect. Host: 192.168.100.100, Error: Undefined variable: whereA$

I couldn’t copy the whole error message from the terminal with ease, it appears to be ftp related. So I tried to ftp in only for it to not work on port 22 and on port 21 I get this message
OOPS: vsftpd: refusing to run with writable root inside chroot()

So this is a me accidentally running chmod -R 775 / instead of chmod -R 775 ./ and not cancelling it fast enough problem, not a fog problem at all.

Add printer configuration to printer management. i.e. a sharp copier that requires you to manually click auto configuration for the printer to update it’s settings to match the printer.
I already have this scripted and imagine it would be pretty easy to add to the existing printer management. I would gladly add and test the code myself if someone could point me in the right direction.

So lets say you have added a printer and configured it to all the correct settings, like how many input trays, types of output trays, maybe it requires putting in a security pin or it has a punch module. And it looks like this for example.

Then to save those configuration settings you simply need to run this command in a command prompt
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Ss /n"Printer Name" /a Path\ConfigFile.dat m f g p
and then to configure the printer once it’s been added with the saved config
RUNDLL32 PRINTUI.DLL,PrintUIEntry /Sr /n"Printer Name" /a Path\ConfigFile.dat m f g p

I imagine that the way the print manager works is similar to the script I use to add a printer with the similar command line inputs.
For example, I can use the following script (manually adding in the parameters in the call of installPrinter in the main function) to install a printer. I could probably easily change it to take arguments into the execution like snapin arguments taken from the printer information. Which I imagine is somewhat how the add a printer works.

@ECHO off

call :main
exit

:main
	REM Function to call other functions and run the installation process

	call :setVars
	call :funcHead "Welcome to the Printer installer!"
	REM inputs: 1 - Printer Port Name, 2 - printer ip or hostname 3- driverPath 4 - printer name 5 - printer model 6 - config file 7 - raw or lpr
	call :installPrinter 

	EXIT /B

:setVars
	REM function for setting script variables, typically for directories

	call :funcHead "Setting script variables"

	set share="\\networkShare\Printers\Drivers"
	net use "%share%"
	
	echo. done!

	EXIT /B

:installPrinter
	REM Function to add a new Printer
	REM inputs: 1 - Printer Port Name, 2 - printer ip or hostname 3- driverPath 4 - printer name 5 - printer model 6 - config file 7 - raw or lpr

	call :funcHead "Installing Printer %~4"

	call :printerPort %~1 %~2 %~7
	call :printerDriver "%~3"
	call :addPrinter "%~4" "%~5" %~1
	call :configPrinter "%~6" "%~4"

	echo. done installing printer %~4!

	EXIT /B

:printerPort
	REM function for adding a printer port
	REM var inputs 1 - port name 2 -hostname or ip address 3 -port type (raw or lpr)

	call :dots
	echo. Creating the printer port...
	
	IF %~3==lpr (
		Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\Prnport.vbs -a -r %~1 -h %~2 -o lpr -q lp -n 515
	) ELSE ( REM raw
		Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\Prnport.vbs -a -r %~1 -h %~2 -o raw -n 9100 
	) 
	
	echo. done!
	call :dots

	EXIT /B

:printerDriver
	REM function to add the driver input 1=full driver path

	call :dots
	
	echo. Adding printer driver...
	PNPUTIL -i -a "%~1"
	echo. done!
	
	call :dots

	EXIT /B

:addPrinter
	REM add the printer to the created port
	REM 1 - printer name 2 - printer model associated with driver 3 - port name
	
	call :dots
	
	echo. adding printer to network port...
	Cscript %WINDIR%\System32\Printing_Admin_Scripts\en-US\Prnmngr.vbs -a -p "%~1" -m "%~2" -r %~3
	echo. done!
	
	call :dots

:configPrinter
	REM add any special printer configurations
	REM 1 - config file path 2 - printer name

	call :dots
	
	echo. Configuring Printer...
	REM To create a config file for a printer, use the following syntax
	REM RUNDLL32 PRINTUI.DLL,PrintUIEntry /Ss /nPrinterName /a ConfigFilePath.dat m f g p
	RUNDLL32 PRINTUI.DLL,PrintUIEntry /Sr /n"%~2" /a %~1 m f g p
	echo. done!
	
	call :dots

	EXIT /B

:dots
	REM just echoing dots in a Function instead of copy pasting them so that it's consistent
	echo ......................................................................
	EXIT /B

:funcHead
	REM A simple function for displaying a consistent header at the start of functions
	call :dots
	echo. %~1
	call :dots
	EXIT /B

I would rather use the fog print management with the added ability to import printer config files, as it is the only thing it doesn’t do that my scripting method does. Granted I could just set this idea up as a snapin, but I don’t have the remove printer functionality in my script as is. So What can I do to add this functionality in.

On the latest revision 6096, as well as the one this morning (6094 I believe, I noticed the problem and updated before posting)
When I try to edit a snapin or create a new one it goes to a blank white page in firefox.
In chrome it gives a 500 error saying the system might be down for maintenance.

@Tom
Trunk isn’t beta in the traditional sense. I would strongly recommend upgrading to it. If there are problems you post it on the forum and often the issue is fixed in a manner of hours.

@jc35 So I think you can do this
I would follow the help @Wayne-Workman gave you on this post
https://forums.fogproject.org/topic/6454/wipe-and-restore

Using the information of what the database tables need to say you could write a bash or python script to edit the mysql database of fog.
The next question is whether or not you need help with that part too.
The basics steps you would need to do

• make a remote mysql user with access to the fog database on the fog server.
• Compose and test some mysql commands remotely based on the tables you need to edit and make sure it works
• Take those commands and put them into a script. In bash it is possible to send a single command to mysql, I don’t remember the parameter of the top of my head though, I would have to go find a script where I did that if need be.

Hopefully that helps you get started.