You will need BLED112 dongle and pylgbst library.

yum install python3
pip3 install pygatt
pip3 install pexpect
pip3 install https://github.com/undera/pylgbst/archive/1.0.tar.gz

now you can write your first program test.py:

from pylgbst.hub import MoveHub, COLOR_RED
from time import sleep

hub = MoveHub()
hub.led.set_color(COLOR_RED)
sleep(5)
hub.disconnect()

and test it:

python3 test.py

The LED has been changed to red for 5 seconds.

Test iSCSI

The LUN is created on ReadyNAS (192.168.1.28) in group CentOS-PXE, target iqn.1994-11.com.netgear:nas:08303042:centos-pxe.

All commands are run from my laptop (T530), but it can be any Linux:

[root@T530 ~]# iscsiadm -m discovery -t sendtargets -p 192.168.1.28
192.168.1.28:3260,1 iqn.1994-11.com.netgear:nas:051ada19:group1
192.168.1.28:3260,1 iqn.1994-11.com.netgear:nas:08303042:centos-pxe

We are interested in the second one:

[root@T530 ~]# iscsiadm -m node -T 'iqn.1994-11.com.netgear:nas:08303042:centos-pxe' -p 192.168.1.28 -l
Logging in to [iface: default, target: iqn.1994-11.com.netgear:nas:08303042:centos-pxe, portal: 192.168.1.28,3260] (multiple)
Login to [iface: default, target: iqn.1994-11.com.netgear:nas:08303042:centos-pxe, portal: 192.168.1.28,3260] successful.

Now we can list disks:

[root@T530 ~]# ls -l /dev/disk/by-path
razem 0
lrwxrwxrwx. 1 root root  9 10-22 17:25 fc---lun-0 -> ../../sdd
iqn.1994-11.com.netgear:nas:08303042:centos-pxe-lun-0 -> ../../sdd
lrwxrwxrwx. 1 root root  9 10-22 16:29 pci-0000:00:0d.0-ata-1.0 -> ../../sda
lrwxrwxrwx. 1 root root 10 10-22 16:29 pci-0000:00:0d.0-ata-1.0-part1 -> ../../sda1
lrwxrwxrwx. 1 root root 10 10-22 16:29 pci-0000:00:0d.0-ata-1.0-part2 -> ../../sda2
lrwxrwxrwx. 1 root root  9 10-22 16:29 pci-0000:00:0d.0-ata-2.0 -> ../../sr0

as you can see, the new volume is linked as /dev/sdd usualy it will be sda or sdb.

Now we can "unmount" as it won't be needed.

iscsiadm -m node -T 'iqn.1994-11.com.netgear:nas:08303042:centos-pxe' -p 192.168.1.28 -u

Configure network install

You will need: tftp, dhcp and ftp server and CentOS installation ISO file. Unpack ISO content to ftp server to some (CentOS7-1908-minimal in my case) directory.

Add entry in /data/tftpboot/pxelinux.cfg/default file:

LABEL InstallCentOS7
MENU LABEL Install CentOS 7 1908
KERNEL /networkboot/CentOS7-1908/vmlinuz
APPEND initrd=/networkboot/CentOS7-1908/initrd.img inst.repo=ftp://192.168.1.28/CentOS7-1908-minimal

You have to create networkboot/CentOS7-1908 directory in your tftp root directory. In my (ReadtNAS) case /data/tftpboot/, so full path is /data/tftpboot/networkboot/CentOS7-1908.

Files vmlinux and initrd.img are from ISO from isolinux directory. Because my ftp root is /data/pub/ I typed:

cp /data/pub/CentOS-7-x86_64-Minimal-1908/isolinux/{vmlinuz,initrd.img} /data/tftpboot/networkboot/CentOS7-1908

Now you should be able to run CentOS installation from network.

Installation

Boot computer from network (PXE BOOT) choose Install CentOS 7 1908 from pxe menu.

Run standard installator. As Installation destination add disk in Specialized & Network Disks. In Add iSCSI Target... enter 192.168.1.28 as Target IP Address and click Start discovery. Choose desired node (if you have more than one you should know what do do) and click Log in and (after a while) OK.

Now you should have some drive (sda, sdb or similar) - select it and click Done. Probably there will be Error checking storage configuration message - click Full disk summary and boot loader ... and unselect your disk as a boot device by clicking Do not install boot loader. Click Done.

Now be sure the name of your network card. In my case it is enp0s3.

You can add more installation repositories, but it is not necessary now.

Click Begin installation. It will take a while - in the meantime you can set root password.

When installation is complete switch to console (Ctrl-Alt-F2) and copy vmlinuz and initramfs files to your tftp server:

scp /mnt/sysimage/boot/vmlinuz-3.10.0-1062.el7.x86_64 /mnt/sysimage/boot/initramfs-3.10.0-1062.el7.x86_64.img user@192.168.1.28:

and place this two files in tftp directory:

mv /home/user/vmlinuz-3.10.0-1062.el7.x86_64 /home/user/initramfs-3.10.0-1062.el7.x86_64.img /data/tftpboot/networkboot/CentOS7-1908

as you can see I use the same directory as in network install, but it is no necessary.

Now it is time to final PXE configuration on tftp server prepare entry similar to:

LABEL Centos7
MENU DEFAULT
MENU LABEL Cent OS 7
kernel /networkboot/CentOS7-1908/vmlinuz-3.10.0-1062.el7.x86_64 root=/dev/mapper/centos-root ro netroot=iscsi:@192.168.1.28::::iqn.1994-11.com.netgear:nas:08303042:centos-pxe rd.iscsi.initiator=iqn.1994-05.com.redhat:2f3474eec735 vconsole.keymap=pl LANG=en_GB.UTF-8  console=tty0 ip=enp3s0:dhcp  rhgb quiet
append initrd=/networkboot/CentOS7-1908/initramfs-3.10.0-1062.el7.x86_64.img

You can check "magic numbers" on freshly installed system by:

[anaconda root@localhost /]# cat /etc/iscsi/initiatorname.iscsi
InitiatorName=iqn.1994-05.com.redhat:2f3474eec735
[anaconda root@localhost /]# iscsiadm -m session
tcp: [1] 192.168.1.28:3260,1 iqn.1994-11.com.netgear:nas:08303042:centos-pxe
[anaconda root@localhost /]# grep root /mnt/sysimage/etc/fstab
/dev/mapper/centos-root /    xfs      defaults,_netdev,_netdev 0 0 

Now you can click Reboot.

After some time you have network booted system.

Configure iPXE

Instead of PXE I should be possible to use iPXE. For now I can only boot iPXE - then I return to PXE because it works.

Download binary (on ReadyNAS - TFTP server) and move to tftp directory:

cd /tmp/
wget http://boot.ipxe.org/undionly.kpxe
mv /tmp/undionly.kpxe /data/tftpboot/

Not to have to flash network card ROM I use PXE chainloading. Change (on Gargoyle - DHCP server):

dhcp-match=set:ipxe,175
dhcp-boot=tag:!ipxe,undionly.kpxe,,192.168.1.28
dhcp-boot=menu.ipxe,,192.168.1.28

It should be more convenient way to upgrade kernel in future.

For now, in menu.ipxe I've entry:

:pxelinux
set 210:string tftp://192.168.1.28/
chain ${210:string}pxelinux.0 || goto failed
goto start

Sources:

Diskless iSCSI boot with PXE HOWTO

How to chainload ipxe using dnsmasq?

Centos 7 Diskless Environment – PXE booting OpenStack compute nodes from iSCSI SAN

Last time I've prepared Gargoyle as dhcp and tftp server.

Prepare tftp on ReadyNAS

To enable tftp on ReadyNAS I've installed Tftp Server for Readynas. All files have to be in tftpboot share, so I've created it.

I have to copy all syslinux files (can be copied from gargoyle) to this share, so it contains (full path):

/data/tftpboot/pxelinux.cfg
/data/tftpboot/pxelinux.cfg/default
/data/tftpboot/ldlinux.c32
/data/tftpboot/libutil.c32
/data/tftpboot/menu.c32
/data/tftpboot/pxelinux.0

Reconfigure DHCP

Now I have to change dhcp server configuration. On gargoyle, in file /etc/dnsmasq.conf:

dhcp-boot=pxelinux.0,,192.168.1.28

as you can see, now it has address of my ReadyNAS (192.168.1.28).

You can comment out lines

enable-tftp
tftp-root=/var/lib/misc/tftpboot

tftp on gargoyle is not need any more.

Now you should be able to boot any PC using PXE from ReadyNAS.

Boot to CentOS 7 (or any Linux) Installer

Now you can try to run Cent OS installer from network. You have to prepare FTP share and copy there files from installation image (CD/DVD). I've copied it to ReadyNAS to pub/CentOS7-1708 share .

If you use proftpd you have to create /etc/frontview/proftpd/proftpd.conf.overrides file to allow anonymous access:

UserAlias anonymous guest
<Anonymous /var/ftp/pub>

User guest
Group guest

  <Directory *>
    <Limit WRITE>
      DenyAll
    </Limit>
  </Directory>

  <Directory incoming>
    <Limit READ >
      DenyAll
    </Limit>
    <Limit STOR>
      AllowAll
    </Limit>
  </Directory>
</Anonymous>

Create /data/tftpboot/networkboot/CentOS7-1708 directory and copy there files:

/data/tftpboot/networkboot/CentOS7-1708/initrd.img
/data/tftpboot/networkboot/CentOS7-1708/vmlinuz

In /data/tftpboot/pxelinux.cfg/default file add lines:

LABEL InstallCentOS7
MENU DEFAULT
MENU LABEL Install CentOS 7
KERNEL /networkboot/CentOS7-1708/vmlinuz
APPEND initrd=/networkboot/CentOS7-1708/initrd.img inst.repo=ftp://192.168.1.28/CentOS7-1708-minimal

notice that ftp path is relative to pub share.

Now you should be able to boot to Cent OS installer.

Prepare NFS share

I've done it on ReadtNAS. You have to set in Settings - Network Access - NFS - Advanced settings: No Root Squash.

Be careful because you have to provide full path when mount share. My share is pub/root, so I have to mount as /data/pub/root:

mount -vt nfs 192.168.1.18:/data/pub/root /mnt/nfsroot/

As you can see, I've mounted this share in /mnt/nfsroot directory.

Install Cent OS

yum install --releasever=7 --installroot=/mnt/nfsroot \@base \@core

when You want to install another packages you can see error:

Wczytane wtyczki: fastestmirror, langpacks
Loading mirror speeds from cached hostfile
There are no enabled repos.
 Run "yum repolist all" to see the repos you have.
 To enable Red Hat Subscription Management repositories:
     subscription-manager repos --enable <repo>
 To enable custom repositories:
     yum-config-manager --enable <repo>

you will have to

cp /etc/yum.repos.d/CentOS-Base.repo /mnt/nfsroot/etc/yum.repos.d/

Now you can add some GUI packages:

yum install --releasever=7 --installroot=/mnt/nfsroot \@fonts \@gnome-desktop \@x11

Based on: CentOS 7: Install PXE Boot server for thin client with NFS.

The solution is similar as in Windows 7. To add a drive you have to type command (single line):

"C:\Program Files\Oracle\VirtualBox\VBoxManage.exe" 
internalcommands createrawvmdk -filename 
"C:\Users\jaqb\SP900.vmdk" -rawdisk "\\.\PhysicalDrive1"

The VirutalBox also have to be run as privileged user (administrator).

On CentOS 7 you can log all commands to syslog an then to local file or even to remote server.

Send all commands to syslog

Create file /etc/sysconfig/bash-prompt-xterm:

RETRN_VAL=$?;logger -p local6.debug "$(whoami) [$$]: $(history 1 | sed "s/^[ ]*[0-9]\+[ ]*//" ) [$RETRN_VAL]"

and change, to be executable:

chmod a+x /etc/sysconfig/bash-prompt-xterm

Configure syslog to send messages from local6 facility to separate file

Create file /etc/rsyslog.d/bash.conf:

local6.*    /var/log/commands.log

finally:

service restart rsyslog

Now you can monitor commands:

tail -f /var/log/commands.log

Log command using audit

Alternatively you can use audit - create /etc/audit/rules.d/bash_history.rules:

-a exit,always -F arch=b64 -S execve
-a exit,always -F arch=b32 -S execve

but logs are not very human friendly:

grep EXECVE /var/log/audit/audit.log

and you may also want to log execvp, execl, execveat etc.

Sources:

https://askubuntu.com/questions/93566/how-to-log-all-bash-commands-by-all-users-on-a-server

https://unix.stackexchange.com/questions/86000/how-can-you-log-every-command-typed

http://whmcr.com/2011/10/14/auditd-logging-all-commands/

Ten kto umie pisze kod, ten kto nie umie pisze książki..., albo blog.

Pon Wt Śr Czw Pt So N
  1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31      
eZ Publish™ copyright © 1999-2024 eZ Systems AS