RE: Unable to locate /tftpboot/pxelinux.cfg/default on fedora install to change IP address/dns etc

i think the easiest way is to change the IP in /opt/fog/.fogsettings and rerun your installation?

sorry for my 2nd and 3rd questions.
and option 66 is your FOG server IP?
Have you temporarily tried to disable firewall or iptables?

@jamesb Like Wayne Workman said, if you are using dnsmasq you need to recreate a link to your undionly.kkpxe files as undionly.0.

@george1421 I just changed search scope to subtree and below and magically I was able to login with domain user ID (no domain name is needed). I can’t thank you enough for your support. Thank you!!!

@Sebastian-Roth @Tom-Elliott Huge thanks for the fix. 1709 is uploading after updating init and init_32.

@Sebastian-Roth Thank you very much. We had an outage last week so I didn’t have time to follow up. I just upgraded to latest dev-branch and things are working now. Advanced menu is working as it was before. Thanks everyone involved!

Please scratch out my previous question.

systemctl enable httpd.service resolved it.

@technolust It looks like your Storage node is pointing to /fogserver/images. Verify if it exists otherwise change your image path and FTP path to /images

Thank you all for your help. I was able get an exemption from the security team for ftp plaintext. I’m down to the last issue about the nfs mount points and folder permissions. They don’t like the fact that these mount points are open to everyone. What is the proper way to secure them?
I currently have:
/images *(ro,sync,no_wdelay,no_subtree_check,insecure_locks,no_root_squash,insecure,fsid=0)
/images/dev *(rw,async,no_wdelay,no_subtree_check,no_root_squash,insecure,fsid=1)

What is the proper permission for /images folder (and sub folders)? It is now set to drwxrwxrwx. fogproject root 4096.

@technolust It looks like your Storage node is pointing to /fogserver/images. Verify if it exists otherwise change your image path and FTP path to /images

@Sebastian-Roth @george1421 Thank you. I’ll give them the source code to see what they say. @george1421 I explained that to them. They are okay with it but they need a written document from the developer in order to grant a exemption.

Good morning @george1421 @Sebastian-Roth. The security team agreed to grant an exception for ftp plain text authentication but they do need some documentations from the developer. I looked through the wiki but I could any places that mention this. Could you please point me to the right place?

@sebastian-roth Yes, sir! Lesson learned…for now.

@george1421 @Sebastian-Roth Thank you all for your help. I downgraded to php7 but couldn’t get around the HTTP error 500. We didn’t take a snapshot of the VM before messing around with it. It took a while for the admin to restore our FOG server from the backup. I’m staying at PHP 7.4.28 and mysql 5.7.33 for now.

@george1421 I updated FOG to 1.5.9 while working on these issues and was able to enable HTTPS with a custom cert. The site was loading fine/we were able to clone images from FOG server.

The security team also wanted me to update PHP 7.2.34 and mysql to the latest version.
I updated PHP to 8.1.3 and now the website is not loading. I’m getting HTTP ERROR 500.
What are the right steps to update php and its dependencies and MYSQL?
Sorry for asking too may questions.

Please scratch out my previous question.

systemctl enable httpd.service resolved it.

@george1421 I updated httpd to httpd2.4 version 2.4.52. Webservice is running but FOG webservice is not. I’m getting URL not found. I know there is an easy fix but I couldn’t find it on my note. I forgot to take a snap shot and don’t want to mess around to cause more damage =). Could you please point me some hint how to remedy this issue?

@george1421 said in Fog Server vulnerable:

sshd

Thank you very much @george1421. I will update apache and openssl to see how it goes.

We are not using fog clients or https so I’m not so worry about TLS 1.0. I couldn’t get https to work when we configured FOG in the past so I gave up on it. We only have one storage node and it’s on the same server.

You are right. We had a compliance audit. I will ask the security team to see if they can make an exemption on the ftp part.

Thanks again for your help.