FAI + SaltStack anybody?
Thomas Lange
lange at cs.uni-koeln.de
Fri Oct 6 11:18:07 CEST 2023
>>>>> On Fri, 06 Oct 2023 21:57:28 +1300, Andrew Ruthven <andrew at etc.gen.nz> said:
> This isn't ideal as the secrets are still present in the NFSROOT for a short
> period of time, but does solve the chicken and egg issue others mentioned
This reminds me of a solution I once saw.
Put some info into a fifo (named pipe), so only one receiver can read
it. After that the fifo is empty.
What about having a daemon on the FAI server which serves some secrect
using:
echo secrect | nc -p 12345 -l
So only one FAI client can read the secrect from port 12345 once.
This may help a little bit.
--
regards Thomas
More information about the linux-fai
mailing list