netboot rescue disk with FAI

Jean Spirat jeanspirat at squirk.org
Tue Mar 3 16:05:40 CET 2009 

> Most live cd's come with their own config and system for netbooting.
> I don't see a benefit of doing this with FAI.
> These systems most often have much more features than the FAI nfsroot
> when you use it with sysinfo instead of install.
>
>
>   

the goal here is to use the existing network infrastructure for this 
added functionality. parted, chkfs and such are allready not so bad for 
disaster recovery.


> But how to you know _what_ to mount?
> Assduming you have quite a bunch of different systems and disk
> configurations, it's pretty hard to know for all of them what to mount.
>
> In case of emergency, it should be enough to boot a system, and let the
> person working on the disaster recovery/debugging decide what to mount.
>
> Again, this is easier with for example the grml live cd, which at least
> prepares some mountpoints for all disks/partitions it has found on the
> system.
>
>   

FAI with sysinfo seems to know it so i will try to use the system here 
and see if it can work for me.

thanks for the pointer i will see if i can use this in netboot for me if 
not FAI will be quite good by itself :)


>> One important feature would be to have a root password setup
>> that is different on each "netboot" etc... :)  Any ideas ?
>>     
>
> Sorry, I don't understand anymore what you are trying to achieve here.
>
>   

i want to be able to let each department to launch netboot rescue 
session of their servers and if they all have a standard password in 
netboot then anyone with ssh acces could connect to the live system so i 
want a new pass at each boot where my script know to who send the 
temporary netboot password. My hook should be able to do that i just 
have to be sure i do it before sshd start :)


> In case of disaster, I'd want fast and easy access to a system, not
> fiddle around with some magic random password.
>
> Sure, that way anybody who can bring a system into this mode of
> netbbot/rescue system, has full access to the system, but that is the
> same with access to hardware...
>   
the trick is that we are 230km away from the machines so i need to have 
everything done via ssh. As i want to delegate to department this i need 
to make sure only the department that is in charge of this particular 
server to be able to acces the live temporary system. So to be short i 
want to be sure that the one rescue booting the server is the one that 
can connect to it :)


regards,
JEan.

More information about the linux-fai mailing list