RE: No success installing FOG on a CentOS 7 server

@george1421 , I already have a firewall configuration that has been tested for awhile now and works (the hardest part was nfs as it was using random ports, but that is easily limited). As for SELinux I already have a policy made, I just need more people to test it and see if I missed anything (after I package it up nicely).

@george1421 @Wayne-Workman @pmonstad

Avoid disabling SELinux. If you ever want to re-enable it, you would need to relabel your entire filesystem. Instead set it to permissive. (This is essentially an ‘audit’ mode which records violations but doesn’t prevent them).

To do so:

setenforce 0
sed -i 's/SELINUX=enforcing/SELINUX=permissive/' /etc/selinux/config

This approach will NOT require a reboot either.

I have an SELinux policy that I’ve been working on that makes FOG work with SELinux enabled if anyone would be interested. I am also a huge proponent of NOT disabling your firewall for FOG, it is a terribly insecure idea and one of my biggest complaints about our recommended installation. I would take the time to configure the firewall by opening the appropriate ports. Or at the very least make a zone of your internal IPs and set it to open (not the best solution, but it will work). I also have firewalld configurations that will work with FOG, which I’ll publish soon.

Confirmed and fixed in v0.9.7 (https://news.fogproject.org/fog-client-v0-9-7/). Upgrade your FOG server to get the patch. Sorry about the oversight.

@Claude-Girard v0.9.6 is released, and this includes the snapin fix for the problem you originally posted on. (https://news.fogproject.org/client-v0-9-6/ )

@plegrand v0.9.6 is released, and this includes the Samba fix. (https://news.fogproject.org/client-v0-9-6/)

@kktwenty101 you can also go to a group and hit the button to affect multiple hosts.

EDIT
The Reset Encryption button tells the server “Lock in the first client that claims to be THIS computer.” This is how to ensure that the server can trust clients that request sensitive information.

Its on the web management portal. Go to your host in the portal and the button should be there.

@Hanz The client will not have a security token until after the first successful authentication. The problem is that the server doesn’t seem to be doing “Reset encryption data” right. Paging @Tom-Elliott

There’s no need to use fog prep on windows 10 (or even on windows 7 for that matter). To be honest I’m not sure what system it was built for… (It is from a long time ago).

@Tom-Elliott , the client doesn’t care about the server address.

@d4rk3 Snapins. If you are smart about forking processes you could use a snapin to upgrade the client.

Version of the client.

@johnomaz ,the next version should automatically remove the legacy client:
https://github.com/FOGProject/fog-client/issues/31

@johnomaz , a couple quick notes:

1. Handlers.dll will not exist in newer version of the client, FOGService.exe is the safest file to check for.
2. Any setting you see in the MSI can be set via CLI arguments. For example, to set the server address, just append WEBADDRESS=“x.x.x” to the install command.

@Asthea not that I am aware of. You could spawn a new thread that makes a local timetick event. Or you could make it as a Service, which would prevent any web portal freezing altogether.

I believe @Tom-Elliott did some modifications to how slashes were handled recently.

@Gilou there are other files that must be updated to perform a “complete” hostnamechange (network files, and others), otherwise things like sudo can fail on certain machines.

@jrm I have begun internal testing of the linux client. If you are just interested in hostnamechanging and taskreboot let me know (via chat) and I can give you my preview build to use. It will perform both those operations just fine.

@jrm , I am not sure what you are referring to. We have no official linux client released. What you found is probably a debian client made by one of our users. As to what @Wayne-Workman is referring to, we do have a linux and osx client in the works. However, it is not ready for release yet.

We do it this way because the current FOG code base can’t do it any other way without a serious amount of work. FOG 2.0 removes polling altogether. As for “fixing” the slow down, just change the client checkin time (found on the server). It defaults to 60 seconds.

Fix has been pushed. If you update all should work again.