Looking for help on how to distrubute a Kubuntu build over a network.

OK all you Linux gurus, I’m in need of your help. After literally months of dicking around I’ve managed to cobble together an Internet kiosk for the scanners here at work that meets my boss’s requirements using Kubuntu. I’m actually quite proud of this accomplishment, but I’m having trouble with the last part. I want to be able to deploy it to the PCs over the network as opposed to installing and building each workstation by hand. One of the guides I used during my research, How To Create An Internet Kiosk with Kubuntu over at dimmeria, suggested the following command to do the deed:

    sudo dd if=/dev/sda | ssh -t ip.target.machine sudo dd of=/dev/sda

It turns out this is an amazingly slow way to do it and it has the unfortunate habit of failing. I’ve tried it three times now and have managed only to copy 36GB, then 7GB, and then 31GB per attempt before it fails with an I/O error. This pretty much ate up most of my day here at work to this point. Doing some Google searches it seems there are about a hundred thousand different ways to do something like this all of varying difficulty and most of which don’t seem to be aimed at what I’m hoping to do. Namely I want to copy the disk layout of the current machine to the new machine exactly as it is and then just go in and give the new machine a new name and have it go.  I’ve done this sort of thing under Windows countless times using something like Ghost or Acronis True Image, but I’m not sure which of the hundreds of thousands of suggestions I’ve come across so far is the right one to take.

So I’m turning to you Obi Wan Kenobi. You’re my only hope.

9 thoughts on “Looking for help on how to distrubute a Kubuntu build over a network.

  1. A 36GB+ disk image for a kiosk seems really, really heavy.

    Any way to pare that down all the way so that these transfers start working?

    If that’s not practical, maybe look into Ubuntu’s PXE boot, which should do installs over the network from a centralized server.  On the minus side, this might be a pain in the ass to setup.

  2. Dean, I don’t think the actual image is that big. I was using DD and it pretty much does a block by block copy of the drive.

    Kevin, that looks like a cool idea. I’ll check into it.

  3. PXE boot is a pretty big security hole and most places now block such traffic. If your security dudes don’t care you are sending PXE traffic then I say go that route because it is super easy and efficient.

    If your security Gods don’t like that idea I know there is a way to have the MBR load the image from a network drive over an SSH tunnel. This is much more secure and really the best way to do what you want to do.

    Here is my write-up on my site of the system I was going to design right before I changed jobs. If it sounds interesting to you Les let me know and maybe I can spend some time on this project and try again to get it up and running.

  4. One of the advantages of PI is that it doesn’t blindly copy empty disk space.  It’s filesystem-aware and skips blank space (with an option to forcibly zero it out during restoration).

    That being said, I’m not sure why kiosk machines need such big drives (or, at least, such big system partitions).  You might even look into CompactFlash for the sake of reliability and cost.

    To “Webs”, why do you say that PXE booting is a “pretty big security hole”?  What specific vulnerability(ies) do you have in mind?

  5. To “Webs”, why do you say that PXE booting is a “pretty big security hole”?  What specific vulnerability(ies) do you have in mind?

    It would be incredibly easy to watch for PXE traffic as it travels across the wires and inject your own image. Or just wait for the machine to grab the image, then reboot it or yank the power and plug back in, then look for the PXE request and send in your own image. Sorta a man in the middle attack. Now you have a computer, or cluster of computers you can use at your complete disposal.

    Generally PXE is frowned upon in environments where people from the outside can walk right up an use a console, like in an education environment. That was my job and the networking Gods killed PXE traffic so I had to look for other solutions. But in Les’ environment things, like who from the outside can come in, might be more tightly controlled. So in this case maybe people don’t care as much. Regardless PXE is always a security hole.

  6. Just about every workstation other than the kiosks uses PXE boot so I’m sure my using it wouldn’t be a problem. In fact my boss told me outright he’d be most impressed if I could figure it out and get it to work.

    Remember this project was given to me more so I’d have a reason to learn Linux than because it was a necessity.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.