How to prevent new installations when I have already installed my client through LAN boot?

Ivan Reche ivan.reche at
Thu Feb 9 15:59:03 CET 2012

2012/2/9 Ivan Reche <ivan.reche at>

> 2012/2/9 Thomas Neumann <blacky+fai at>
>> >> +It is possible to remotely execute 'fai-chboot ...' on the fai
>> >> server to switch the installed client to localboot after the
>> >> installation has completed. Warning: This may open up the fai
>> >> installation environment to exploits if the remote login account
>> >> is not properly secured.
>> > Sorry to chime in here, but if you require this to be added, where
>> > would you stop?
>> Point taken. Too generic.
>> Warning: This allows any fai client to control all other clients' boot
>> settings if no additional hardening is performed.
>> Better?
> I'm sorry, I didn't mean to start a flame war. However, I still have some
> doubts about the original subject of this topic. I've read almost
> everything in the documentation but some things are not clear for me as I'm
> new to FAI.
> So, going back to the original subject. I need to make my system stop
> reinstalling itself after the first installation, which itself must be done
> with the reboot flag. fai_chboot seems to do this perfectly well with the
> -o option, but the problem is I'm still not able to execute remote commands
> in my server.
> My doubts are:
>  - will I need to manually create a ssh key in my nfsroot and then add it
> to my server's authorized_keys?
>  - is there a "standard" way of doing this (maybe I'm reinventing the
> wheel)? Thomas Lange said something about using $LOGUSER. Maybe I'll begin
> by reading again this part of the guide, but I'd appreciate any help in
> this.
> Thanks again for your attention.

Oh, I just forgot to mention another doubt:
 - when I ssh into a system that has just been installed and waiting for
reboot, I can see a lot of FAI's variables, but $SERVER doesn't show
anything and there isn't any variable that holds the server IP or hostname.
Is this right? How do I find out who is my server?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the linux-fai mailing list