Tip: Run a script after FAI install

Martin Krämer mk.maddin at gmail.com
Thu Jan 10 07:29:16 CET 2019 

Hi John,

if you are using LDAP - why not permitting a LDAP group (which already
exists during install) and then configure sudo via LDAP?

Thats how I solved it for my soho environment.

See: https://www.sudo.ws/man/1.8.17/sudoers.ldap.man.html

Kind Regards

Martin

On Wed, Jan 9, 2019, 22:06 John G Heim <jheim at math.wisc.edu wrote:

> So I had this problem. I want to configure certain users to have sudo on
> the workstations I manage. Problem we do ldap authenticaition -- so the
> users don't exist during the install. I can easily write an fai script
> to do an adduser but it doesn't work because the user doesn't exist
> during the install. What I needed to do is to run a script once after
> the system reboots into the newly installed operating system. I thought
> about putting a script on there that would run at boot time and delete
> itself. But that's ugly and failure prone. But I came up with a solution
> that is much more reliable and flexible.
>
> 1. Create a crontab file to be copied to the target system during the
> install. For example, during my fai installs, I create a class called
> INSTALL. So I created a crontab file
> /srv/fai/config/files/etc/crontab/INSTALL.
>
> Put a command like this in this file:
>
> @reboot root fai --class/dev/null=POSTINST softupdate
>
> 2. Add an fcopy command to one of your installation scripts to copy the
> crontab file:
>
> fcopy -Bi /etc/crontab
>
> 3. Create another, normal crontab file without the above line and call
> it POSTINST or whatever you called the class in the first crontab. In
> this example, it would be /srv/fai/config/files/etc/crontab/POSTINST.
>
> 4. in your fai script space, create a directory called POSTINST
>
> mkdir /srv/fai/config/scripts/POSTINST
>
> 5. Put a script in there to install the normal crontab file
>
> fcopy -Bi /etc/crontab
>
> 6. Put scripts to do whatever else you want into that same directory.
> These scripts will be run just once when the system reboots after the
> original fai install. The target machine will look completely normal and
> there won't be any extra programs/scripts on it (unless you count fai
> itself).
>
> Verstehst du?
>
> --
> --
> John G. Heim; jheim at math.wisc.edu; sip://jheim@sip.linphone.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.uni-koeln.de/pipermail/linux-fai/attachments/20190110/87cc8d0e/attachment.html>

More information about the linux-fai mailing list