doc-2.166
DESCRIPTION
Uranus documentationTRANSCRIPT
-
Uranos Documentation 1.2166
http://sourceforge.net/projects/uranos/
December 7, 2013
-
Contents
1 License 3
2 Documentation 112.1 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.1.1 Thanks . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112.1.2 About . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
2.2 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 122.2.1 Components . . . . . . . . . . . . . . . . . . . . . . . . . 12
2.2.1.1 External components . . . . . . . . . . . . . . . 122.2.1.1.1 Fileserver . . . . . . . . . . . . . . . . . 122.2.1.1.2 Webserver . . . . . . . . . . . . . . . . 132.2.1.1.3 DHCP . . . . . . . . . . . . . . . . . . 132.2.1.1.4 DNS . . . . . . . . . . . . . . . . . . . . 132.2.1.1.5 PXE . . . . . . . . . . . . . . . . . . . 132.2.1.1.6 TFTP . . . . . . . . . . . . . . . . . . . 14
2.2.1.2 Internel components . . . . . . . . . . . . . . . . 142.2.1.2.1 Authentification . . . . . . . . . . . . . 152.2.1.2.2 User/Group back-end . . . . . . . . . . 162.2.1.2.3 LDAP . . . . . . . . . . . . . . . . . . . 172.2.1.2.4 DB . . . . . . . . . . . . . . . . . . . . 172.2.1.2.5 Modules . . . . . . . . . . . . . . . . . 182.2.1.2.6 Connectors . . . . . . . . . . . . . . . . 182.2.1.2.7 Boot environment . . . . . . . . . . . . 19
2.2.2 Run the install script . . . . . . . . . . . . . . . . . . . . 212.2.2.1 Download . . . . . . . . . . . . . . . . . . . . . . 212.2.2.2 Install and preapare webserver . . . . . . . . . . 21
2.2.2.2.1 Extract files . . . . . . . . . . . . . . . 212.2.2.2.2 Install minimum . . . . . . . . . . . . . 222.2.2.2.3 Install optional . . . . . . . . . . . . . . 222.2.2.2.4 Configure apache . . . . . . . . . . . . . 222.2.2.2.5 Configure php . . . . . . . . . . . . . . 222.2.2.2.6 Configure mysql . . . . . . . . . . . . . 23
2.2.2.3 Configure networkshare . . . . . . . . . . . . . . 232.2.2.3.1 Configure samba . . . . . . . . . . . . . 23
2.2.2.4 Run install.php . . . . . . . . . . . . . . . . . . 242.2.2.4.1 Install check . . . . . . . . . . . . . . . 242.2.2.4.2 Step 1 Chooce language . . . . . . . . . 252.2.2.4.3 Step 2 Read license . . . . . . . . . . . 25
1
-
2.2.2.4.4 Step 3 Check config file . . . . . . . . . 262.2.2.4.5 Step 4 Database settings . . . . . . . . 262.2.2.4.6 Step 5 Created tables . . . . . . . . . . 272.2.2.4.7 Step 6 Register functions . . . . . . . . 282.2.2.4.8 Step 7 Add initial group . . . . . . . . 282.2.2.4.9 Step 8 Add initial user . . . . . . . . . 292.2.2.4.10 Step 9 Installation end . . . . . . . . . 302.2.2.4.11 Step 10 Create laguages . . . . . . . . . 302.2.2.4.12 Ready . . . . . . . . . . . . . . . . . . . 31
2.3 Modules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312.3.1 sshclient . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31
2.3.1.1 Description . . . . . . . . . . . . . . . . . . . . . 312.3.1.2 Installation . . . . . . . . . . . . . . . . . . . . . 31
2.3.1.2.1 Configuration . . . . . . . . . . . . . . 322.3.1.2.2 Personal configuration . . . . . . . . . . 332.3.1.2.3 First connect to host . . . . . . . . . . 33
2.3.1.3 SSH Shell . . . . . . . . . . . . . . . . . . . . . . 342.3.1.4 SSH Browser . . . . . . . . . . . . . . . . . . . . 35
2.3.2 ldapmgr . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352.3.2.1 Description . . . . . . . . . . . . . . . . . . . . . 352.3.2.2 Installation . . . . . . . . . . . . . . . . . . . . . 35
2.3.2.2.1 Configuration . . . . . . . . . . . . . . 362.3.2.2.2 Personal configuration . . . . . . . . . . 38
2.3.2.3 Ldap Manager . . . . . . . . . . . . . . . . . . . 392.3.2.3.1 The menu . . . . . . . . . . . . . . . . . 392.3.2.3.2 Tree view . . . . . . . . . . . . . . . . . 402.3.2.3.3 Search . . . . . . . . . . . . . . . . . . . 412.3.2.3.4 New entry . . . . . . . . . . . . . . . . 412.3.2.3.5 Edit entry . . . . . . . . . . . . . . . . 422.3.2.3.6 View entry . . . . . . . . . . . . . . . . 432.3.2.3.7 Clear cache . . . . . . . . . . . . . . . . 43
2.3.3 licences . . . . . . . . . . . . . . . . . . . . . . . . . . . . 432.3.3.1 Description . . . . . . . . . . . . . . . . . . . . . 432.3.3.2 Installation . . . . . . . . . . . . . . . . . . . . . 43
2.3.3.2.1 Configuration . . . . . . . . . . . . . . 442.3.3.2.2 Licence types . . . . . . . . . . . . . . . 44
2.3.3.3 Usage . . . . . . . . . . . . . . . . . . . . . . . . 442.3.3.3.1 Licence groups . . . . . . . . . . . . . . 442.3.3.3.2 Licences . . . . . . . . . . . . . . . . . . 492.3.3.3.3 Mediums . . . . . . . . . . . . . . . . . 51
2.3.4 Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . 532.3.4.1 Description . . . . . . . . . . . . . . . . . . . . . 53
2.3.4.1.1 Installation . . . . . . . . . . . . . . . . 532.3.5 dnsldap . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53
2.3.5.1 Description . . . . . . . . . . . . . . . . . . . . . 532.3.5.2 Installation . . . . . . . . . . . . . . . . . . . . . 53
2.3.6 locations . . . . . . . . . . . . . . . . . . . . . . . . . . . . 542.3.6.1 Description . . . . . . . . . . . . . . . . . . . . . 542.3.6.2 Installation . . . . . . . . . . . . . . . . . . . . . 54
2.3.7 samhain . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
2
-
2.3.7.1 Description . . . . . . . . . . . . . . . . . . . . . 542.3.7.2 Quick start: . . . . . . . . . . . . . . . . . . . . . 54
2.3.7.2.1 Configure your Yule Server . . . . . . . 542.3.7.2.2 Remote installation . . . . . . . . . . . 55
2.3.8 switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 552.3.8.1 Description . . . . . . . . . . . . . . . . . . . . . 552.3.8.2 Installation . . . . . . . . . . . . . . . . . . . . . 55
2.3.9 PXE . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562.3.9.1 Description . . . . . . . . . . . . . . . . . . . . . 562.3.9.2 Installation . . . . . . . . . . . . . . . . . . . . . 562.3.9.3 TFTP Server configuration . . . . . . . . . . . . 56
2.3.9.3.1 tftpd.remap . . . . . . . . . . . . . . . 562.3.9.3.2 TFTP Server config example . . . . . . 56
2.3.10 rsyslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 562.3.10.1 Description . . . . . . . . . . . . . . . . . . . . . 56
2.3.10.1.1 Rsyslog Documentation . . . . . . . . . 572.3.10.2 Installation . . . . . . . . . . . . . . . . . . . . . 57
2.3.10.2.1 Configuration . . . . . . . . . . . . . . 582.3.10.2.2 Personal configuration . . . . . . . . . . 59
2.3.10.3 Layout . . . . . . . . . . . . . . . . . . . . . . . 592.3.10.4 Syslog configuration . . . . . . . . . . . . . . . . 63
2.3.10.4.1 Add a new server . . . . . . . . . . . . 632.3.10.4.2 Add a new database . . . . . . . . . . . 632.3.10.4.3 Add a new table . . . . . . . . . . . . . 642.3.10.4.4 Create new config . . . . . . . . . . . . 642.3.10.4.5 View and write config . . . . . . . . . . 662.3.10.4.6 Server commands . . . . . . . . . . . . 672.3.10.4.7 Logs . . . . . . . . . . . . . . . . . . . . 682.3.10.4.8 Statistic . . . . . . . . . . . . . . . . . . 702.3.10.4.9 Statistic Graph . . . . . . . . . . . . . . 71
2.3.10.5 Rotate the tables: . . . . . . . . . . . . . . . . . 712.3.10.6 Clear old syslog entries . . . . . . . . . . . . . . 72
2.3.11 cal . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 732.3.11.1 Description . . . . . . . . . . . . . . . . . . . . . 732.3.11.2 Installation . . . . . . . . . . . . . . . . . . . . . 73
2.3.12 Computer . . . . . . . . . . . . . . . . . . . . . . . . . . . 732.3.12.1 Description . . . . . . . . . . . . . . . . . . . . . 732.3.12.2 Installation . . . . . . . . . . . . . . . . . . . . . 74
2.3.12.2.1 Configuration . . . . . . . . . . . . . . 742.3.12.2.2 Personal configuration . . . . . . . . . . 752.3.12.2.3 The menu . . . . . . . . . . . . . . . . . 76
2.3.12.3 Computer view . . . . . . . . . . . . . . . . . . . 772.3.12.3.1 Arp entries / automatic fetch network
devices . . . . . . . . . . . . . . . . . . 772.3.12.3.2 Add a new computer . . . . . . . . . . 782.3.12.3.3 Single computer view . . . . . . . . . . 862.3.12.3.4 Operating systems . . . . . . . . . . . . 872.3.12.3.5 Partitioning . . . . . . . . . . . . . . . 882.3.12.3.6 Software and packages . . . . . . . . . . 892.3.12.3.7 PXE . . . . . . . . . . . . . . . . . . . 92
3
-
2.3.12.3.8 Reset . . . . . . . . . . . . . . . . . . . 922.3.12.3.9 Power on/off WOL . . . . . . . . . . . 932.3.12.3.10 Clone a computer . . . . . . . . . . . . 94
2.3.12.4 Searchgroups . . . . . . . . . . . . . . . . . . . . 942.3.12.4.1 Add a new searchgroup . . . . . . . . . 942.3.12.4.2 Add a new definition to a searchgroup . 952.3.12.4.3 Overview of a searchgroup . . . . . . . 95
2.3.13 Software . . . . . . . . . . . . . . . . . . . . . . . . . . . . 962.3.13.1 Description . . . . . . . . . . . . . . . . . . . . . 962.3.13.2 Installation . . . . . . . . . . . . . . . . . . . . . 96
2.3.13.2.1 Configuration . . . . . . . . . . . . . . 962.3.13.2.2 User configuration . . . . . . . . . . . . 97
2.3.13.3 Repositories . . . . . . . . . . . . . . . . . . . . 982.3.13.4 Software . . . . . . . . . . . . . . . . . . . . . . 98
2.3.13.4.1 Software versions . . . . . . . . . . . . . 992.3.13.5 Packages . . . . . . . . . . . . . . . . . . . . . . 992.3.13.6 User . . . . . . . . . . . . . . . . . . . . . . . . . 992.3.13.7 Groups . . . . . . . . . . . . . . . . . . . . . . . 992.3.13.8 Winupdates . . . . . . . . . . . . . . . . . . . . 99
2.3.14 syslogng . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1002.3.14.1 Description . . . . . . . . . . . . . . . . . . . . . 100
2.3.14.1.1 Syslog-ng Documentation . . . . . . . . 1002.3.14.2 Installation . . . . . . . . . . . . . . . . . . . . . 100
2.3.14.2.1 Configuration . . . . . . . . . . . . . . 1002.3.14.2.2 Personal configuration . . . . . . . . . . 101
2.3.14.3 Layout . . . . . . . . . . . . . . . . . . . . . . . 1012.3.14.4 Syslog configuration . . . . . . . . . . . . . . . . 105
2.3.14.4.1 Add a new server . . . . . . . . . . . . 1052.3.14.4.2 Add a new database . . . . . . . . . . . 1052.3.14.4.3 Add a new table (destination) . . . . . 1062.3.14.4.4 Create new config . . . . . . . . . . . . 1062.3.14.4.5 View and write config . . . . . . . . . . 1082.3.14.4.6 Server commands . . . . . . . . . . . . 1082.3.14.4.7 Logs . . . . . . . . . . . . . . . . . . . . 1092.3.14.4.8 Statistic . . . . . . . . . . . . . . . . . . 1102.3.14.4.9 Statistic Graph . . . . . . . . . . . . . . 111
2.3.14.5 Rotate the tables: . . . . . . . . . . . . . . . . . 1112.3.14.6 Clear old syslog entries . . . . . . . . . . . . . . 112
2.3.15 dhcpldap . . . . . . . . . . . . . . . . . . . . . . . . . . . 1132.3.15.1 Description . . . . . . . . . . . . . . . . . . . . . 1132.3.15.2 Installation . . . . . . . . . . . . . . . . . . . . . 113
2.3.16 Inventory . . . . . . . . . . . . . . . . . . . . . . . . . . . 1132.3.16.1 Description . . . . . . . . . . . . . . . . . . . . . 1132.3.16.2 Installation . . . . . . . . . . . . . . . . . . . . . 1132.3.16.3 Usage . . . . . . . . . . . . . . . . . . . . . . . . 1142.3.16.4 Settings . . . . . . . . . . . . . . . . . . . . . . . 114
2.3.16.4.1 Global module settings . . . . . . . . . 1142.3.16.4.2 User settings . . . . . . . . . . . . . . . 115
2.3.17 cron . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1152.3.17.1 Description . . . . . . . . . . . . . . . . . . . . . 115
4
-
2.3.17.2 Installation . . . . . . . . . . . . . . . . . . . . . 1152.3.17.3 Install on clients . . . . . . . . . . . . . . . . . . 115
2.3.17.3.1 Run the container Script via scheduledtask on Windows systems . . . . . . . . 115
2.3.18 Search . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1162.3.18.1 Description . . . . . . . . . . . . . . . . . . . . . 1162.3.18.2 Installation . . . . . . . . . . . . . . . . . . . . . 116
2.3.19 Wiki . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1162.3.19.1 Description . . . . . . . . . . . . . . . . . . . . . 1162.3.19.2 Installation . . . . . . . . . . . . . . . . . . . . . 116
2.3.20 radiusldap . . . . . . . . . . . . . . . . . . . . . . . . . . . 1162.3.20.1 Description . . . . . . . . . . . . . . . . . . . . . 1162.3.20.2 Setup freeradius . . . . . . . . . . . . . . . . . . 117
2.3.20.2.1 radiusd.conf . . . . . . . . . . . . . . . 1172.3.20.2.2 Functions to rewrite mac-address . . . . 1172.3.20.2.3 ldap configuration . . . . . . . . . . . . 1182.3.20.2.4 log configuration . . . . . . . . . . . . . 118
2.3.20.3 Deploy logs to database . . . . . . . . . . . . . . 1192.3.21 Installation . . . . . . . . . . . . . . . . . . . . . . . . . . 119
2.3.21.1 Description . . . . . . . . . . . . . . . . . . . . . 1192.3.21.2 Installation . . . . . . . . . . . . . . . . . . . . . 119
2.3.21.2.1 Get harddisk and os templates . . . . . 1192.3.21.2.2 Prepare Operating system . . . . . . . 1202.3.21.2.3 info.txt . . . . . . . . . . . . . . . . . . 122
2.3.21.3 Operating systems . . . . . . . . . . . . . . . . . 1232.3.21.3.1 Install methods . . . . . . . . . . . . . 1232.3.21.3.2 Windows . . . . . . . . . . . . . . . . . 1252.3.21.3.3 Kickstart . . . . . . . . . . . . . . . . . 1292.3.21.3.4 Presseed . . . . . . . . . . . . . . . . . 1292.3.21.3.5 openSuSE/SLES . . . . . . . . . . . . . 130
2.4 Connectors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1302.4.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
2.4.1.1 Description . . . . . . . . . . . . . . . . . . . . . 1302.4.1.2 Installation . . . . . . . . . . . . . . . . . . . . . 1312.4.1.3 Configuration . . . . . . . . . . . . . . . . . . . . 1312.4.1.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 131
2.4.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1312.4.2.1 Description . . . . . . . . . . . . . . . . . . . . . 1312.4.2.2 Installation . . . . . . . . . . . . . . . . . . . . . 1322.4.2.3 Configuration . . . . . . . . . . . . . . . . . . . . 1322.4.2.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 132
2.4.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1322.4.3.1 Description . . . . . . . . . . . . . . . . . . . . . 1322.4.3.2 Installation . . . . . . . . . . . . . . . . . . . . . 133
2.4.4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1332.4.4.1 Description . . . . . . . . . . . . . . . . . . . . . 1332.4.4.2 Installation . . . . . . . . . . . . . . . . . . . . . 1332.4.4.3 Configuration . . . . . . . . . . . . . . . . . . . . 133
2.4.4.3.1 Configure credentials . . . . . . . . . . 1342.4.4.3.2 Configure commands . . . . . . . . . . 135
5
-
2.4.4.3.3 Logs . . . . . . . . . . . . . . . . . . . . 1352.4.4.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 136
2.4.4.4.1 Run command from the connector . . . 1362.4.4.4.2 Run commands via cron / script . . . . 136
2.4.5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1382.4.5.1 Description . . . . . . . . . . . . . . . . . . . . . 1382.4.5.2 Installation . . . . . . . . . . . . . . . . . . . . . 1382.4.5.3 Statistic . . . . . . . . . . . . . . . . . . . . . . . 1382.4.5.4 Configuration . . . . . . . . . . . . . . . . . . . . 1392.4.5.5 Commands . . . . . . . . . . . . . . . . . . . . . 140
2.4.6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1402.4.6.1 Description . . . . . . . . . . . . . . . . . . . . . 1402.4.6.2 Installation . . . . . . . . . . . . . . . . . . . . . 1402.4.6.3 Configuration . . . . . . . . . . . . . . . . . . . . 1402.4.6.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 140
2.4.7 Inventory . . . . . . . . . . . . . . . . . . . . . . . . . . . 1412.4.7.1 Description . . . . . . . . . . . . . . . . . . . . . 1412.4.7.2 Installation . . . . . . . . . . . . . . . . . . . . . 1412.4.7.3 Configuration . . . . . . . . . . . . . . . . . . . . 1412.4.7.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 141
2.4.8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1422.4.8.1 Description . . . . . . . . . . . . . . . . . . . . . 1422.4.8.2 Installation . . . . . . . . . . . . . . . . . . . . . 1432.4.8.3 Configuration . . . . . . . . . . . . . . . . . . . . 1432.4.8.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 143
2.4.9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1432.4.9.1 Description . . . . . . . . . . . . . . . . . . . . . 1432.4.9.2 Installation . . . . . . . . . . . . . . . . . . . . . 1432.4.9.3 Configuration . . . . . . . . . . . . . . . . . . . . 1432.4.9.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 143
2.4.10 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1442.4.10.1 Description . . . . . . . . . . . . . . . . . . . . . 1442.4.10.2 Installation . . . . . . . . . . . . . . . . . . . . . 144
2.4.11 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1442.4.11.1 Description . . . . . . . . . . . . . . . . . . . . . 1442.4.11.2 Installation . . . . . . . . . . . . . . . . . . . . . 1452.4.11.3 Configuration . . . . . . . . . . . . . . . . . . . . 1452.4.11.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 145
2.4.12 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1462.4.12.1 Description . . . . . . . . . . . . . . . . . . . . . 1462.4.12.2 Installation . . . . . . . . . . . . . . . . . . . . . 1462.4.12.3 Configuration . . . . . . . . . . . . . . . . . . . . 1462.4.12.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 147
2.4.13 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1482.4.13.1 Description . . . . . . . . . . . . . . . . . . . . . 1482.4.13.2 Installation . . . . . . . . . . . . . . . . . . . . . 1492.4.13.3 Configuration . . . . . . . . . . . . . . . . . . . . 1492.4.13.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 149
2.4.14 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1492.4.14.1 Description . . . . . . . . . . . . . . . . . . . . . 149
6
-
2.4.14.2 Installation . . . . . . . . . . . . . . . . . . . . . 1502.4.14.3 Configuration . . . . . . . . . . . . . . . . . . . . 1502.4.14.4 Usage . . . . . . . . . . . . . . . . . . . . . . . . 150
3 Changelog 1533.1 Changelog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153
3.1.1 Computer Release: 723 . . . . . . . . . . . . . . . . . . . 1533.1.2 Computer Ping and Memory Release: 728 . . . . . . . . . 1533.1.3 LDAP / Software Release: 751 . . . . . . . . . . . . . . . 1533.1.4 Computer Release: 763 . . . . . . . . . . . . . . . . . . . 1543.1.5 Ldap Auth Computer Import Release: 777 . . . . . . . . 1543.1.6 Feature Requests/Bugs Release: 793 . . . . . . . . . . . . 1543.1.7 New Theme Release: 804 . . . . . . . . . . . . . . . . . . 1543.1.8 Computer Release: 808 . . . . . . . . . . . . . . . . . . . 1543.1.9 HTML Release: 809 . . . . . . . . . . . . . . . . . . . . . 1543.1.10 Switch Release: 818 . . . . . . . . . . . . . . . . . . . . . 1553.1.11 Switch port management Release: 830 . . . . . . . . . . . 1553.1.12 Software Bug Release: 875 . . . . . . . . . . . . . . . . . . 1553.1.13 PXE Release: 892 . . . . . . . . . . . . . . . . . . . . . . 1553.1.14 New release Release: 892 . . . . . . . . . . . . . . . . . . 1553.1.15 APIssh Feature Request #2355852 Release: 908 . . . . . 1553.1.16 Feature Request #2256096 Release: 911 . . . . . . . . . . 1563.1.17 Feature Request #2355821 Release: 913 . . . . . . . . . . 1563.1.18 API shh Release: 920 . . . . . . . . . . . . . . . . . . . . 1563.1.19 Feature Request #2540495 Release: 927 . . . . . . . . . . 1563.1.20 Syslog Release: 931 . . . . . . . . . . . . . . . . . . . . . . 1563.1.21 New modules Release: 1020 . . . . . . . . . . . . . . . . . 1563.1.22 Bugfixes and inventory profile Release: 1030 . . . . . . . . 1573.1.23 Add support for Vista/2008/Windows7 and ubuntu Re-
lease: 1088 . . . . . . . . . . . . . . . . . . . . . . . . . . 1573.1.24 New logo Release: 1116 . . . . . . . . . . . . . . . . . . . 1573.1.25 Multicast installations Release: 1121 . . . . . . . . . . . . 1573.1.26 Documentation Release: 1128 . . . . . . . . . . . . . . . . 1583.1.27 BUG fixes Release: 1134 . . . . . . . . . . . . . . . . . . . 1583.1.28 Feature requests Release: 1144 . . . . . . . . . . . . . . . 1583.1.29 BUG fix php 5.3 compatibiliy Release: 1216 . . . . . . . . 1583.1.30 Release update Release: 1350 . . . . . . . . . . . . . . . . 1583.1.31 Feature requests Release: 1357 . . . . . . . . . . . . . . . 1593.1.32 Feature requests Release: 1372 . . . . . . . . . . . . . . . 1593.1.33 BUG fixes Release: 1378 . . . . . . . . . . . . . . . . . . . 1593.1.34 Feature requests Release: 1382 . . . . . . . . . . . . . . . 1593.1.35 BUG fixes Release: 1386 . . . . . . . . . . . . . . . . . . . 1603.1.36 BUG fixes Release: 1395 . . . . . . . . . . . . . . . . . . . 1603.1.37 BUG fixes Release: 1402 . . . . . . . . . . . . . . . . . . . 1603.1.38 Feature requests Release: 1149 . . . . . . . . . . . . . . . 1603.1.39 BUG fix Release: 1151 . . . . . . . . . . . . . . . . . . . . 1603.1.40 Fusioninventory Release: 1456 . . . . . . . . . . . . . . . 1603.1.41 first release of uranos . . . . . . . . . . . . . . . . . . . . . 1613.1.42 BUG fixes . . . . . . . . . . . . . . . . . . . . . . . . . . . 1613.1.43 BUG fixes, Feature Requests . . . . . . . . . . . . . . . . 161
7
-
3.1.44 BUG fixes, documentation . . . . . . . . . . . . . . . . . . 1613.1.45 New Release . . . . . . . . . . . . . . . . . . . . . . . . . 1623.1.46 New Theme . . . . . . . . . . . . . . . . . . . . . . . . . . 1623.1.47 BUG fixes . . . . . . . . . . . . . . . . . . . . . . . . . . . 1623.1.48 Syslog-ng 3.x compatibility . . . . . . . . . . . . . . . . . 1623.1.49 pChart . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1633.1.50 System tables . . . . . . . . . . . . . . . . . . . . . . . . . 1633.1.51 Ubuntu 11.04 Template . . . . . . . . . . . . . . . . . . . 1633.1.52 Bug Fixing new Feature: Windows update scanning . . . 1643.1.53 Bug Fix release . . . . . . . . . . . . . . . . . . . . . . . . 1643.1.54 Support for Advanced Disk Format . . . . . . . . . . . . . 1653.1.55 Bug Fix release . . . . . . . . . . . . . . . . . . . . . . . . 1653.1.56 Cron module update . . . . . . . . . . . . . . . . . . . . . 1653.1.57 Direct install from iso/wim . . . . . . . . . . . . . . . . . 1663.1.58 BugFix . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1673.1.59 fusioninventory deployment and esx inventory . . . . . . . 1673.1.60 Bug Fixes / radiusldap . . . . . . . . . . . . . . . . . . . 1673.1.61 Bug Fixes / correct datatbase . . . . . . . . . . . . . . . . 1683.1.62 New release . . . . . . . . . . . . . . . . . . . . . . . . . . 1683.1.63 New release . . . . . . . . . . . . . . . . . . . . . . . . . . 1683.1.64 New module and connector for rsyslog . . . . . . . . . . . 168
3.2 Uranos-boot . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1693.2.0.0.1 boot-cd update Release: 0.8.7 . . . . . 1693.2.0.0.2 boot-cd update Release: 1.1.2 . . . . . 169
3.2.0.1 boot-cd update Release: 1.2 . . . . . . . . . . . 1693.2.0.1.1 boot-cd update Release: 1.2.1 . . . . . 1703.2.0.1.2 boot-cd update Release: 1.2.2 . . . . . 1703.2.0.1.3 boot-cd update Release: 1.2.3 . . . . . 1703.2.0.1.4 boot-cd update Release: 1.2.4 . . . . . 1703.2.0.1.5 boot-cd update Release: 1.3.0 . . . . . 1703.2.0.1.6 boot-cd update Release: 1.3.1 . . . . . 1713.2.0.1.7 boot-cd update Release: 1.3.2 . . . . . 1713.2.0.1.8 boot-cd update Release: 1.3.3 . . . . . 1713.2.0.1.9 boot-cd update Release: 1.4.0 . . . . . 1713.2.0.1.10 boot-cd update Release: 1.4.1 . . . . . 1713.2.0.1.11 boot-cd update Release: 1.4.2 . . . . . 1723.2.0.1.12 boot-cd update Release: 1.4.3 . . . . . 1733.2.0.1.13 boot-cd update Release: 1.4.4 . . . . . 1733.2.0.1.14 boot-cd update Release: 1.4.5 . . . . . 1733.2.0.1.15 boot-cd update Release: 1.4.7 . . . . . 1733.2.0.1.16 boot-cd update Release: 1.4.8 . . . . . 1743.2.0.1.17 boot-cd update Release: 1.4.9 . . . . . 1743.2.0.1.18 boot-cd update - first uranos boot re-
lease Release: 1.5.0 . . . . . . . . . . . 1743.2.0.1.19 boot-cd update . . . . . . . . . . . . . . 1753.2.0.1.20 boot-cd update . . . . . . . . . . . . . . 1753.2.0.1.21 boot-cd update . . . . . . . . . . . . . . 1753.2.0.1.22 boot-cd update . . . . . . . . . . . . . . 1763.2.0.1.23 boot-cd update . . . . . . . . . . . . . . 1763.2.0.1.24 boot-cd update . . . . . . . . . . . . . . 176
8
-
3.2.0.1.25 boot-cd update . . . . . . . . . . . . . . 1763.2.0.1.26 boot-cd update . . . . . . . . . . . . . . 1763.2.0.1.27 boot-cd update . . . . . . . . . . . . . . 1773.2.0.1.28 boot-cd update new option to access re-
motely and monitor the progress . . . . 1773.2.0.1.29 boot-cd update new versioning . . . . . 1773.2.0.1.30 boot-cd update . . . . . . . . . . . . . . 1793.2.0.1.31 new libs . . . . . . . . . . . . . . . . . . 1793.2.0.1.32 boot-cd update . . . . . . . . . . . . . . 1793.2.0.1.33 boot-cd update . . . . . . . . . . . . . . 1803.2.0.1.34 boot-cd update . . . . . . . . . . . . . . 1803.2.0.1.35 boot-cd update . . . . . . . . . . . . . . 180
3.2.0.2 boot-cd update . . . . . . . . . . . . . . . . . . . 180
9
-
10
-
Chapter 1
License
License
GNU GENERAL PUBLIC LICENSE
Version 2, June 1991
Copyright (C) 1989, 1991 Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
Everyone is permitted to copy and distribute verbatim copies
of this license document, but changing it is not allowed.
Preamble
The licenses for most software are designed to take away your
freedom to share and change it. By contrast, the GNU General Public
License is intended to guarantee your freedom to share and change free
software--to make sure the software is free for all its users. This
General Public License applies to most of the Free Software
Foundations software and to any other program whose authors commit to
using it. (Some other Free Software Foundation software is covered by
the GNU Lesser General Public License instead.) You can apply it to
your programs, too.
When we speak of free software, we are referring to freedom, not
price. Our General Public Licenses are designed to make sure that you
have the freedom to distribute copies of free software (and charge for
this service if you wish), that you receive source code or can get it
if you want it, that you can change the software or use pieces of it
in new free programs; and that you know you can do these things.
To protect your rights, we need to make restrictions that forbid
anyone to deny you these rights or to ask you to surrender the rights.
These restrictions translate to certain responsibilities for you if you
11
-
distribute copies of the software, or if you modify it.
For example, if you distribute copies of such a program, whether
gratis or for a fee, you must give the recipients all the rights that
you have. You must make sure that they, too, receive or can get the
source code. And you must show them these terms so they know their
rights.
We protect your rights with two steps: (1) copyright the software, and
(2) offer you this license which gives you legal permission to copy,
distribute and/or modify the software.
Also, for each authors protection and ours, we want to make certain
that everyone understands that there is no warranty for this free
software. If the software is modified by someone else and passed on, we
want its recipients to know that what they have is not the original, so
that any problems introduced by others will not reflect on the original
authors reputations.
Finally, any free program is threatened constantly by software
patents. We wish to avoid the danger that redistributors of a free
program will individually obtain patent licenses, in effect making the
program proprietary. To prevent this, we have made it clear that any
patent must be licensed for everyones free use or not licensed at all.
The precise terms and conditions for copying, distribution and
modification follow.
GNU GENERAL PUBLIC LICENSE
TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION
0. This License applies to any program or other work which contains
a notice placed by the copyright holder saying it may be distributed
under the terms of this General Public License. The "Program", below,
refers to any such program or work, and a "work based on the Program"
means either the Program or any derivative work under copyright law:
that is to say, a work containing the Program or a portion of it,
either verbatim or with modifications and/or translated into another
language. (Hereinafter, translation is included without limitation in
the term "modification".) Each licensee is addressed as "you".
Activities other than copying, distribution and modification are not
covered by this License; they are outside its scope. The act of
running the Program is not restricted, and the output from the Program
is covered only if its contents constitute a work based on the
Program (independent of having been made by running the Program).
Whether that is true depends on what the Program does.
1. You may copy and distribute verbatim copies of the Programs
source code as you receive it, in any medium, provided that you
12
-
conspicuously and appropriately publish on each copy an appropriate
copyright notice and disclaimer of warranty; keep intact all the
notices that refer to this License and to the absence of any warranty;
and give any other recipients of the Program a copy of this License
along with the Program.
You may charge a fee for the physical act of transferring a copy, and
you may at your option offer warranty protection in exchange for a fee.
2. You may modify your copy or copies of the Program or any portion
of it, thus forming a work based on the Program, and copy and
distribute such modifications or work under the terms of Section 1
above, provided that you also meet all of these conditions:
a) You must cause the modified files to carry prominent notices
stating that you changed the files and the date of any change.
b) You must cause any work that you distribute or publish, that in
whole or in part contains or is derived from the Program or any
part thereof, to be licensed as a whole at no charge to all third
parties under the terms of this License.
c) If the modified program normally reads commands interactively
when run, you must cause it, when started running for such
interactive use in the most ordinary way, to print or display an
announcement including an appropriate copyright notice and a
notice that there is no warranty (or else, saying that you provide
a warranty) and that users may redistribute the program under
these conditions, and telling the user how to view a copy of this
License. (Exception: if the Program itself is interactive but
does not normally print such an announcement, your work based on
the Program is not required to print an announcement.)
These requirements apply to the modified work as a whole. If
identifiable sections of that work are not derived from the Program,
and can be reasonably considered independent and separate works in
themselves, then this License, and its terms, do not apply to those
sections when you distribute them as separate works. But when you
distribute the same sections as part of a whole which is a work based
on the Program, the distribution of the whole must be on the terms of
this License, whose permissions for other licensees extend to the
entire whole, and thus to each and every part regardless of who wrote it.
Thus, it is not the intent of this section to claim rights or contest
your rights to work written entirely by you; rather, the intent is to
exercise the right to control the distribution of derivative or
collective works based on the Program.
In addition, mere aggregation of another work not based on the Program
with the Program (or with a work based on the Program) on a volume of
13
-
a storage or distribution medium does not bring the other work under
the scope of this License.
3. You may copy and distribute the Program (or a work based on it,
under Section 2) in object code or executable form under the terms of
Sections 1 and 2 above provided that you also do one of the following:
a) Accompany it with the complete corresponding machine-readable
source code, which must be distributed under the terms of Sections
1 and 2 above on a medium customarily used for software interchange; or,
b) Accompany it with a written offer, valid for at least three
years, to give any third party, for a charge no more than your
cost of physically performing source distribution, a complete
machine-readable copy of the corresponding source code, to be
distributed under the terms of Sections 1 and 2 above on a medium
customarily used for software interchange; or,
c) Accompany it with the information you received as to the offer
to distribute corresponding source code. (This alternative is
allowed only for noncommercial distribution and only if you
received the program in object code or executable form with such
an offer, in accord with Subsection b above.)
The source code for a work means the preferred form of the work for
making modifications to it. For an executable work, complete source
code means all the source code for all modules it contains, plus any
associated interface definition files, plus the scripts used to
control compilation and installation of the executable. However, as a
special exception, the source code distributed need not include
anything that is normally distributed (in either source or binary
form) with the major components (compiler, kernel, and so on) of the
operating system on which the executable runs, unless that component
itself accompanies the executable.
If distribution of executable or object code is made by offering
access to copy from a designated place, then offering equivalent
access to copy the source code from the same place counts as
distribution of the source code, even though third parties are not
compelled to copy the source along with the object code.
4. You may not copy, modify, sublicense, or distribute the Program
except as expressly provided under this License. Any attempt
otherwise to copy, modify, sublicense or distribute the Program is
void, and will automatically terminate your rights under this License.
However, parties who have received copies, or rights, from you under
this License will not have their licenses terminated so long as such
parties remain in full compliance.
5. You are not required to accept this License, since you have not
14
-
signed it. However, nothing else grants you permission to modify or
distribute the Program or its derivative works. These actions are
prohibited by law if you do not accept this License. Therefore, by
modifying or distributing the Program (or any work based on the
Program), you indicate your acceptance of this License to do so, and
all its terms and conditions for copying, distributing or modifying
the Program or works based on it.
6. Each time you redistribute the Program (or any work based on the
Program), the recipient automatically receives a license from the
original licensor to copy, distribute or modify the Program subject to
these terms and conditions. You may not impose any further
restrictions on the recipients exercise of the rights granted herein.
You are not responsible for enforcing compliance by third parties to
this License.
7. If, as a consequence of a court judgment or allegation of patent
infringement or for any other reason (not limited to patent issues),
conditions are imposed on you (whether by court order, agreement or
otherwise) that contradict the conditions of this License, they do not
excuse you from the conditions of this License. If you cannot
distribute so as to satisfy simultaneously your obligations under this
License and any other pertinent obligations, then as a consequence you
may not distribute the Program at all. For example, if a patent
license would not permit royalty-free redistribution of the Program by
all those who receive copies directly or indirectly through you, then
the only way you could satisfy both it and this License would be to
refrain entirely from distribution of the Program.
If any portion of this section is held invalid or unenforceable under
any particular circumstance, the balance of the section is intended to
apply and the section as a whole is intended to apply in other
circumstances.
It is not the purpose of this section to induce you to infringe any
patents or other property right claims or to contest validity of any
such claims; this section has the sole purpose of protecting the
integrity of the free software distribution system, which is
implemented by public license practices. Many people have made
generous contributions to the wide range of software distributed
through that system in reliance on consistent application of that
system; it is up to the author/donor to decide if he or she is willing
to distribute software through any other system and a licensee cannot
impose that choice.
This section is intended to make thoroughly clear what is believed to
be a consequence of the rest of this License.
8. If the distribution and/or use of the Program is restricted in
certain countries either by patents or by copyrighted interfaces, the
15
-
original copyright holder who places the Program under this License
may add an explicit geographical distribution limitation excluding
those countries, so that distribution is permitted only in or among
countries not thus excluded. In such case, this License incorporates
the limitation as if written in the body of this License.
9. The Free Software Foundation may publish revised and/or new versions
of the General Public License from time to time. Such new versions will
be similar in spirit to the present version, but may differ in detail to
address new problems or concerns.
Each version is given a distinguishing version number. If the Program
specifies a version number of this License which applies to it and "any
later version", you have the option of following the terms and conditions
either of that version or of any later version published by the Free
Software Foundation. If the Program does not specify a version number of
this License, you may choose any version ever published by the Free Software
Foundation.
10. If you wish to incorporate parts of the Program into other free
programs whose distribution conditions are different, write to the author
to ask for permission. For software which is copyrighted by the Free
Software Foundation, write to the Free Software Foundation; we sometimes
make exceptions for this. Our decision will be guided by the two goals
of preserving the free status of all derivatives of our free software and
of promoting the sharing and reuse of software generally.
NO WARRANTY
11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY
FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN
OTHERWISE STATED IN WRITING THE COPYRIGHT HOLDERS AND/OR OTHER PARTIES
PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED
OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. THE ENTIRE RISK AS
TO THE QUALITY AND PERFORMANCE OF THE PROGRAM IS WITH YOU. SHOULD THE
PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING,
REPAIR OR CORRECTION.
12. IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MAY MODIFY AND/OR
REDISTRIBUTE THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES,
INCLUDING ANY GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING
OUT OF THE USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED
TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY
YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER
PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE
POSSIBILITY OF SUCH DAMAGES.
END OF TERMS AND CONDITIONS
16
-
How to Apply These Terms to Your New Programs
If you develop a new program, and you want it to be of the greatest
possible use to the public, the best way to achieve this is to make it
free software which everyone can redistribute and change under these terms.
To do so, attach the following notices to the program. It is safest
to attach them to the start of each source file to most effectively
convey the exclusion of warranty; and each file should have at least
the "copyright" line and a pointer to where the full notice is found.
Copyright (C)
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License along
with this program; if not, write to the Free Software Foundation, Inc.,
51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
Also add information on how to contact you by electronic and paper mail.
If the program is interactive, make it output a short notice like this
when it starts in an interactive mode:
Gnomovision version 69, Copyright (C) year name of author
Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type show w.
This is free software, and you are welcome to redistribute it
under certain conditions; type show c for details.
The hypothetical commands show w and show c should show the appropriate
parts of the General Public License. Of course, the commands you use may
be called something other than show w and show c; they could even be
mouse-clicks or menu items--whatever suits your program.
You should also get your employer (if you work as a programmer) or your
school, if any, to sign a "copyright disclaimer" for the program, if
necessary. Here is a sample; alter the names:
Yoyodyne, Inc., hereby disclaims all copyright interest in the program
Gnomovision (which makes passes at compilers) written by James Hacker.
17
-
, 1 April 1989
Ty Coon, President of Vice
This General Public License does not permit incorporating your program into
proprietary programs. If your program is a subroutine library, you may
consider it more useful to permit linking proprietary applications with the
library. If this is what you want to do, use the GNU Lesser General
Public License instead of this License.
18
-
Chapter 2
Documentation
Documentation
2.1 Introduction
Uranos is not only a tool to install operating systems. It is a system/networkmanagement software.
2.1.1 Thanks
Special thanks to all people who helped to develop and test this software.
Thanks also to the pear people. Some functionality is based on the pearstuff.
2.1.2 About
The design of uranos is build to have an easy application framework. For eachwebapplication you have to ask the same questions again and again:
Authentification
Database
Securtity
Search
Calendar
...
19
-
Uranos is built to give you an environment which includes this main function-ality:
Permission management
Authentification to database, LDAP (also M$ Active Directory), IMAP,Radius
User[+Group]backend: database or LDAP
Different security checks (e.g. Prevent Session Hijacking, check POST,GETand FILE variables,....)
Templating for easy customize the views
Installing the webapplication
...
2.2 Installation
2.2.1 Components
2.2.1.1 External components
External components depends on your set up and your needs. This will giveyou an overview for what you need which component.
2.2.1.1.1 Fileserver
You will need a fileserver for different things. The first is for the boot-cd. Theboot-cd can handle the following servers:
NFS Use your NFS Server to hold the environment.
SSH You can use a ssh server for mount your environment. This is sup-ported through the sshfs project.
SMB/CIFS This can be a simple share from a Microsoft computer or aSamba share
Local (for local mount the environment, maybe on a usb-stick or a dvd)
See boot cd options how to configure the kernel for this features.
For the os installation the fileserver depends on the installation method ofthe os you want to install. For example you can install fedora through:
20
-
http
nfs
ftp
For the Microsoft Windows os-installation you can use the supported filesystemsfrom the boot cd (see above).
For the software installation in Microsoft Windows through the tools postinst.jsand wemerge.cmd you will need a SMB/CIFS share from a Microsoft computeror a Samba share.
2.2.1.1.2 Webserver
You need a webserver with php support to run the GUI. We preffer to use Linuxas platform for running the Apache-Webserver.
But it is also possible to run the GUI in every other webserver with phpsupport.
2.2.1.1.3 DHCP
A DHCP-Server is optional. A DHCP-Server gives you the possibility to as-sign an IP address automatically to your clients. Also it is a precondition toboot your clients via PXE. We prefer to use the DHCP-Server from InternetSystems Consortium. The ISC-DHCP-Server has the possibility to hold yourconfiguration in a LDAP tree. The GUI gives you the availability to managethe DHCP configuration in your LDAP tree. It is also possible to use thisLDAP configuration for other DHCP-Servers because the module is based onthe Ldap-schema-draft for DHCP.
2.2.1.1.4 DNS
A DNS-Server is optional. A DNS-Server gives you the possibility to assignnames to IP addresses. We prefer to use the ISC BIND DNS-Server from Inter-net Systems Consortium. This ISC BIND DNS-Server can get the configurationfrom a LDAP tree. The GUI gives you the availability to manage the DNSconfiguration in your LDAP tree.
2.2.1.1.5 PXE
The PXE (Preboot Execution Environment) is optional. You can boot yourclients over the wired network in a PXE.
For the PXE you will need:
TFTP-Server
DHCP-Server
21
-
pxelinux.0 - from the SYSLINUX distribution
With the SYSLINUX distribution you are also able to build graphical menus:
The GUI gives you the availability to manage the global PXE configurationand the configuration for each client.
2.2.1.1.6 TFTP
A TFTP-Server is optional. You will need the TFTP-Server for your PXE boot.The server is used to provide the pxelinux file and configuration.
2.2.1.2 Internel components
The internal components will give you an overview about how you can use theGUI to manage the internal or external components.
22
-
2.2.1.2.1 Authentification
The user authentification is handled by an internal API.
Currently the API supports these storage drivers:
MDB2 Storage container using PEAR MDB2.
IMAP Storage container for use against IMAP servers.
LDAP Storage container for use against LDAP servers. - also ActiveDirectory.
The GUI provides simple setup for these modules:
LDAP Use your LDAP Server or your Microsoft Active Directory Server.
IMAP Use your IMAP Server.
DB - Use every supported MDB2 (mssql, mysql, mysqli, pgsql,...) whithyour own username/password table.
23
-
2.2.1.2.2 User/Group back-end
The User/Group back-end is different to your authentification settings. Thismeans you can manage your users in the database (every supported databasefrom the pear package DB) and authentificate them against your IMAP Server,or use the LDAP Server to manage the users but authentificate them against adatabase. The idea behind this is that you can use your internal user database.Currently the following back-ends are supported:
LDAP and through this also (but untested) Active Directory
Database in every supported DB (fbsql, ibase, informix, msql, mssql,mysql, mysqli, oci8, odbc, pgsql, sqlite and sybase)
24
-
2.2.1.2.3 LDAP
For the LDAP back-end you have to set up the parameters in the config file
Set this to 1 to enable the LDAP back-end:
//use ldap as user/groups backend$u_cfg["useldap"] = 1;
set this to your needs, the ldapdb is used for read actions, the backu-pldapdb is used for write actions
//ldap database only need if u use ldap user/groups backend$u_cfg["ldapdb"]=array("phptype" => "ldap","username" => "unattended","password" => "password","port" => "389","hostspec" => "localhost","database" => "dc=example,dc=de");
set this to you needs, the user you set up here needs write permissions onyour user and groups in your LDAP tree
//ldap backupdatabase for write actions --> only need if u use ldap user/groups backend$u_cfg["backupldapdb"]=array("phptype" => "ldap","username" => "unattended","password" => "password","port" => "389","hostspec" => "localhost","database" => "dc=example,dc=de");
The settings are also used for the module Ldap Manager.
2.2.1.2.4 DB
The DB back-end is enabled if your are running through the install process fromthe GUI.
Parameters in the config file:
Set this to 0 to disable the LDAP back-end:
//use ldap as user/groups backend$u_cfg["useldap"] = 0;
25
-
This are the connection settings for the database:
//database$u_cfg["database"]=array("phptype" => "mysql","username" => "unattended","password" => "","hostspec" => "localhost","database" => "unattended");
2.2.1.2.5 Modules
The GUI is designed modular. This means that you can run the GUI for differ-ent setups, for example as a GUI to syslog-servers.
Through the modular system it is easy for you to write your own modules.You can use the API from the GUI which provides you with easy functions. Forexample to add a entry into a table in a database you can use:
db_insert($tablename,$fields,$dbd="");
db_insert(part_computerconfig,array(pid=>$pid,hdtype=>$hdtype,computername=>$computername,mbr=>$mbr));
the $dbd can be your own database DSN.
There are core modules which you can not install or uninstall. The followingcore modules will be setup and installed through the installation:
User (core) The user module manages the users in your User/Group back-end.
Groups (core) The group module manages the groups in your User/Groupback-end.
Settings (core) The settings module manages blocks, permissions, lan-guage, modules, connectors, sessions, update and authentification settings.
2.2.1.2.6 Connectors
The main idea behind the connectors is that you can bind easy functionality toyour computers. It is a precondition that you install the module computer touse the connectors.The internal connectors are:
Checklist
26
-
Comments
DHCP Ldap
DNS Ldap
Inventory (fusioninventory)
Status
One example how to bind other informations to a computer is:
Request Tracker http://bestpractical.com/
It is also possible to use other inventory-tools or databases to bind them to theGUI. For example there is a connector for
Open Computers and Software Inventory
which access the data via the SOAP interface of OCS.
2.2.1.2.7 Boot environment
The boot environment is used for different scenarios. You will need the boot en-vironment for installing Microsoft Windows (2000/XP/2003/Vista/2008). Butyou can use the boot environment for other things like backup, restore, diskwipe out and so on...
2.2.1.2.7.1 Componets
kernel - linux kernel which is optimized for harddisk and network support
initrd - the root filesystem for the kernel, all programs except the profilescripts
/z - The directory structure which holds the profile environment
The components of the boot environment can be used in different ways:
kenel/initrd can be boot from cd,usb,pxe(network) or other bootable de-vices
/z can be mount from network (cifs,sshfs,nfs) or from a local device (cd,usb,harddisk,..)
27
-
2.2.1.2.7.2 Boot process
The kernel and initrd is loaded by the used boot manager. If you are usingthe cd the boot manager is syslinux.
The /init which is located in the initrd is loaded by the kernel. The initis a bash script.
init starts:
Mounting /proc and /sys
Mounting /dev for udev
Start udev
Fire up shells on virtual consoles 2 and 3
Start /etc/master on virtual console 1
-> /etc/master take control:
Sending log output to /dev/tty4
Starting syslog - logging to /dev/tty5
Setting umask
Disable kernelmessages
Load keyboard settings (if defined)
Setting up hardware
Force loading modules
configure network (DCHP or manually)
configure / mount /z (this can be from network (cifs,sshfs,nfs) or from alocal device (cd,usb,harddisk,..))
gives controll to z/bin/init.sh
-> z/bin/init.sh:
source the z/etc/init.conf
init.sh control your profiles (defined in z/etc/init.conf or via the kernelcommand line)
init.sh starts the selected profile -> see next section for profile informations
/etc/init/profile/PROFILENAME/ is started
28
-
2.2.1.2.7.3 Profiles
The main idea behind the profiles is that you can use the same boot environ-ment for different solutions. Profiles are simple directories which may have oneore more scripts inside. You can specify the profile you want to start via:
kernel command line (profile=PROFILENAME)
the file z/etc/init.conf
The profile directories can contain more than one script. All executable files inthis directory will be run in alphabetical order.
2.2.1.2.7.4 z/etc/init.conf
This is the main configuration file for the boot environment.
2.2.2 Run the install script
2.2.2.1 Download
Main Download page:
http://sourceforge.net/projects/uranos/files/
2.2.2.2 Install and preapare webserver
For installing all needed packages you have to install at least (this is only anexample, you are free to use other combinations):
apache
php
pear
mysql
2.2.2.2.1 Extract files
Extract the files, in this documentation /srv/ will be used.
#create src directorymkdir /root/src#change directorycd /root/src#get releasewget http://downloads.sourceforge.net/uranos/uranos-1.531.tar.gz#change directory to /srv (need to create it or chooce your own)cd /srv#extract filestar xzf /root/src/uranos-1.531.tar.gz#movemv /srv/uranos-1.531 /srv/uranos#give all to the apache user (this is for ubuntu, change www-run to your needs):chown -R www-data:www-data /srv/uranos
29
-
2.2.2.2.2 Install minimum
To install this in debian/ubuntu run the following:
apt-get install apache2 php-pear mysql-server subversion php5-ldap php5-mysql php5-mcrypt php5-gd samba
2.2.2.2.3 Install optional
apt-get install nmap tftpd-hpa syslog-ng slapd gcc dhcp3-server-ldap genisoimage
nmap is for auto discover your network
tftp-hpa if you want to use this host for pxe-boot
syslog-ng if you want to use this host as an syslog server
slapd if you want to managage your DHCP/DNS entries
genisoimage if you want to create auto-running installation cds
dhcp3-server-ldap if you want tio use this host as an dhcp server
2.2.2.2.4 Configure apache
Enable php:
a2enmod php5
This is an example virtual host configuration for the apache webserver.
ServerName install.example.comDocumentRoot /srv/uranos
Options Indexes FollowSymLinksAllowOverride NoneOrder allow,denyAllow from all
2.2.2.2.5 Configure php
You will need php support in your webserver and the folowing pear packages:
Calendar 0.5.3 beta (pear install Calendar-0.5.3)
HTTPDownload (pear install alldeps HTTPDownload)
30
-
HTMLTemplateSigma (pear install alldeps HTMLTemplateSigma)
ImageCanvas 0.3.1 alpha (pear install imagecanvas-0.3.2)
ImageGraph 0.7.1 alpha (pear install alldeps imagegraph-0.7.1)
MDB2 2.5.0b2 beta (pear install mdb2-2.5.0b2)
MDB2Drivermysql 1.5.0b2 beta (pear install mdb2Drivermysql-1.5.0b2)
MDB2Drivermysqli 1.5.0b2 beta (pear install mdb2Drivermysqli-1.5.0b2)
Change memory limit in php:
vi /etc/php5/apache2/php.ini #change the value of the variable "memory_limit" to 128M
2.2.2.2.6 Configure mysql
Create a user and a database for mysql:
CREATE DATABASE unattended;
Remember this user and password because you will need it during the installprocess.
GRANT ALL PRIVILEGES ON unattended TO unattended@localhost IDENTIFIED BY some_pass WITH GRANT OPTION;
Optional you can do this steps also with a tool like phpmyadmin.
2.2.2.3 Configure networkshare
The networkshare holds the software, os and the environment for the boot-cd.The root of this share should be point to uranos/z/.
2.2.2.3.1 Configure samba
If you have already a networkshare you can skip this and go on.
This is a short smb.conf
[global]workgroup = WORKGROUPserver string = %h server (Deploy)wins support = nodns proxy = yesname resolve order = lmhosts host wins bcastlog file = /var/log/samba/log.%mmax log size = 1000syslog = 1security = userencrypt passwords = truepassdb backend = tdbsamobey pam restrictions = yesguest account = nobodyinvalid users = rootunix password sync = yespasswd program = /usr/bin/passwd %upasswd chat = *Enter\snew\s*\spassword:* %n\n *Retype\snew\s*\spassword:* %n\n *password\supdated\ssuccessfully* .pam password change = yes
31
-
map to guest = bad userdomain logons = noload printers = nosocket options = TCP_NODELAY SO_RCVBUF=8192 SO_SNDBUF=8192[install]comment = Installation Servicepath = /srv/uranos/zguest ok = yesread only = no
2.2.2.4 Run install.php
After setting up and starting apache and mysql you can call install.php. Forthat open your preffered browser and go to the address:
http://install.example.com/www/install.php
install.example.com is the name you have configured in your virtual host.If you got the error:
Warning: touch() [function.touch]: Unable to create file include/config.phpbecause Permission denied in /home/mario/public_html/ua-install/www/install.php on line 12The config file is not writeable, pleace check the permissions on the file and try again!
Do the following:
touch include/config.phpchown YOURAPACHEUSER:YOURAPACHEGROUP include/config.phpchmod 600 include/config.php
then check the permissions for your webserver (described in 2.2.2.1. Extractfiles).
2.2.2.4.1 Install check
If you have installed all needed pear packages you should see someting simularto this. If not, read section 2.2.2.5. Configure php of this document. You canfollow the link at the bottom to go on to step 1. On some systems it might
32
-
be that the PEAR path is different, e.g on SLES11 use PEAR include path/usr/share/php5/PEAR.
2.2.2.4.2 Step 1 Chooce language
You can chooce the language. English and german are supported at thistime.
2.2.2.4.3 Step 2 Read license
33
-
You can read the license. All code wich is shiped with this software is li-censed under the GNU General Public License Version 2 (GNU GPL v2).
2.2.2.4.4 Step 3 Check config file
If the check runs ok you can go on to the next step.
2.2.2.4.5 Step 4 Database settings
34
-
Here you have to fill in the database settings of the allready created database(section 2.2.2.6. Configure mysql of this document).
DB hostname: your database hostname, if it runs on the same host likethe webserver leave that at localhost
DB user: the username to connect to the database
DB password: the password to connect to the database
DB name: the name of the database, the database have to be createdbefore this step
DB type: The type of the database you want to connect
Tested databases:
MySQL
PostgreSQL
MS SQL
2.2.2.4.6 Step 5 Created tables
You see if all tables are created, if there are errors go back and check yourdatabase settings.
35
-
2.2.2.4.7 Step 6 Register functions
Functions registered. This is a security feature. You can go on.
2.2.2.4.8 Step 7 Add initial group
Add a initial group. Fields:
Name: The name of the group. This should not conatin whitespace orother special characters.
Comment: A short decription of the group.
36
-
2.2.2.4.9 Step 8 Add initial user
Add a initial user. Required fields:
Userid: The login-name of the user. This should not conatin whitespaceor other special characters.
Username: The name of the user.
Main group: The main group of this user, only the group you have specifiedin step 7 should be available at this step.
Password: The password for the user.
Additional fields:
Phone: The users phone number.
Room: The users room number.
EMail: The users email.
37
-
2.2.2.4.10 Step 9 Installation end
If the user is created you can go on.
2.2.2.4.11 Step 10 Create laguages
All language settings are done, follow the white rabbit.
38
-
2.2.2.4.12 Ready
Installation done, you can proceed with login.
2.3 Modules
2.3.1 sshclient
sshclient
2.3.1.1 Description
This module manages your ssh hosts and give you the availability to acces thefilesystem via ssh and run commands on the hosts. This is also used by someother modules to run commands on the specified hosts.
2.3.1.2 Installation
Simple install the module via settings->modules.
39
-
2.3.1.2.1 Configuration
Go to settings->modules->SSH Client->configuration:
SSH Libary: you can use the ssh commands or the phpseclib. The sshcommands are usable in linux and windows systems. The phpseclib isplatform independent.
SSH paths: set the paths to the program files of the ssh, scp and ssh-keygen command, this is only needed if you use the setting ssh com-mands above. The webserver must be able to execute this commands.
40
-
2.3.1.2.2 Personal configuration
Go to usersettings->SSH:
Generate key: with this you can create a new private/public key pair.
Public key: this is your public key, you have to place this key into.ssh/authorizedkeys of the users home directory on the host you want toconnect to.
Secret key: this is your private key.
Shell background: the color of the shell background.
Shell font: the color of the shells font.
Stay connected for seconds: after this number of seconds you will bedisconnected.
You can also upload you exsisting RSA private/public key pairs here. This willspend you the time if you ave allready deployed it to some hosts.
2.3.1.2.3 First connect to host
Use:
Name: the name of the remote host you want to connect to
IP address: the IP address of the remote host you want to connect to
Username: the Username on the remote host you want to connect to
41
-
to connect to a new host.
2.3.1.2.3.1 Host settings
After that you have to save the hosts public key:
You can manage your ssh hosts in this view.
2.3.1.3 SSH Shell
First connect with hostname (IP will be taken from the host table) and theusername:
After connecting you can send commands to this host. This is not a comfort-able shell like shellinabox but it is working for simple administrative tasks likerestarting a service.
42
-
2.3.1.4 SSH Browser
First connect with hostname (IP will be taken from the host table) and theusername:
In the ssh filebrowser you can:
Upload a file
Create a new Directory
Delete files and directories
Download files
Browse the entire tree
2.3.2 ldapmgr
ldapmgr
2.3.2.1 Description
The ldapmgr module is to manage your ldap server.
2.3.2.2 Installation
Simple install the module via settings->modules.
43
-
2.3.2.2.1 Configuration
2.3.2.2.1.1 Add new Server
Name: The name for your configuration. This should be a uniq name.
Hostname: The host name can be an IP, a DNS name or a LDAP URI.
Port: The port of the LDAP server.
Userattribute: The useratribute to search for the Bind as user. Thesearch will be run in each base DN with Userattribute=username. Theusername is taken from the login session.
Bind user DN: The user DN to bind to the LDAP server.
Bind user password : The password for the user DN to bind to theLDAP server.
Bind as user: If you want to bind as logged in user you have to choosethis option. You also have to define the Userattribute.
LDAP referrals: Follow referrals.
Version: The LDAP version.
44
-
2.3.2.2.1.2 Base DNs
Set different Base DNs.
2.3.2.2.1.3 Templates
Define Templates to use for the specified LDAP server to add new entries.
45
-
2.3.2.2.1.4 Search configuration
Define the attributes for the global search.
2.3.2.2.2 Personal configuration
You have to install also the module Reference missing: doc:modules:usersettingsto use this configuration.
start: Where to start if you access the ldapmgr module.
Base DN: The default base DN for the search. This can be configuredfor each server.
Search attribute: The default search attribute for the search.
Sort attribute: The default sort attribute for the search.
Search scope: The default scope for the search.
46
-
2.3.2.3 Ldap Manager
2.3.2.3.1 The menu
47
-
2.3.2.3.2 Tree view
The tree view. From here you can:
Enter the view entry
Enter the edit entry
Copy and move entries (with subentries) also from one server to an other
Delete entries (with subentries)
48
-
2.3.2.3.3 Search
Chooce the server you want to search. If you have set default variables forthe choosen server in the Reference missing: doc:modules:usersettings you candirectly start the search.
Base DN: The default base DN for the search.
Search attribute: The search attribute for the search.
Searchterm: The search term. You can use place holders in the search.
Sort attribute: The sort attribute for the search.
Search scope: The scope for the search.
On the right part of this view you will see the matched entries for your search.
2.3.2.3.4 New entry
49
-
First you have to choose a server. Then you can choose a template which youhave defined in the configuration for this server.
2.3.2.3.5 Edit entry
50
-
2.3.2.3.6 View entry
2.3.2.3.7 Clear cache
The objectclasses and attributes will be cached in the current session. Accessingthis link will clear the cache and force to read the attributes and objectclassesagain.
2.3.3 licences
licences
2.3.3.1 Description
Controll and manage your liceces with this module.
2.3.3.2 Installation
Simple install the module via settings->modules.
51
-
2.3.3.2.1 Configuration
You can set if this module should:
Prevent installation of operating systems if assigned liceneces are ex-pired/consumed
Prevent installation of software if assigned liceneces are expired/consumed
2.3.3.2.2 Licence types
This is for future use only. There are different rules which are currently onlyfor informational use:
per user single licences per user
per client single licences per client
OEM ONE single licence per client
per processor single licences per processor
per core single licences per core
on demand licece single licences per use
network licece floating or concurrent licences
unlimited no limits
2.3.3.3 Usage
2.3.3.3.1 Licence groups
Licence groups are for grouping licences. You are able to add and remove li-cences to a group to extend or reduce the licence pool.
52
-
2.3.3.3.1.1 Add new licencegroup
First you have to add a licence group. Groups are needed for a licence. Everylicence have to have a group.
Name The group name
Description A short description of the group
2.3.3.3.1.2 Show a single licencegroup
53
-
You can see the licence group and short description. From here you can editthis group, add operating systems and software versions to this group. You canalso assign a single licence to a user.
2.3.3.3.1.3 Assign operating system to licence
Assign operating systems to a licence group:
Match assigned Select this to match this operating system to each assignedhost
Match Inventory Select this to macth this operating system and versionto each inventory set - search there for name and version or only the name
You have to define searchstrings into the fields name and version. Here someexamples:
Search for Microsoft Office 2003 Professional: Use Name: Microsoft Of-fice Professional Edition 2003 and let the version empty
Search for every Acrobat Reader installation: use name: %Adobe Reader%and let the version empty
Use the fusioninventory module to find out the searchstings which best fit yourneeds.
2.3.3.3.1.4 Assign software to licence
Assign software to a licence group:
Match assigned Select this to match this software version to each assignedhost
Match Inventory Select this to match this software version to each inven-tory set - search there for name and version or only the name
You have to define searchstrings into the fields name and version. Here someexamples:
Search for Windows 2008R2: Use Name: Microsoft Windows Server 2008R2 Enterprise and let the version empty (or use 6.1.7601)
54
-
Search for every SUSE Linux Enterprise Server installation: use name:SUSE Linux Enterprise Server % and let the version empty
Search for every SUSE Linux Enterprise Server 11 installation: use name:SUSE Linux Enterprise Server 11% and let the version empty
Search for every SUSE Linux Enterprise Server 11 SP1 installation: usename: SUSE Linux Enterprise Server 11% and use version: 2.6.32.%
Use the fusioninventory module to find out the searchstings which best fit yourneeds.
2.3.3.3.1.5 Assign licence to a user
Assign a licence to a user is a manually entry. There is no automatic counterbehind this.
2.3.3.3.1.6 show details on operating system matches
From here you can jump directly to the entry which matches this operatingsystem.
55
-
56
-
2.3.3.3.1.7 show details on software matches
From here you can jump directly to the entry which matches this software.
2.3.3.3.2 Licences
2.3.3.3.2.1 Add new licence
A licence should at least have a expire date and the licence count. The licencewill be assigned to a group. The group can be assigned to operating systemsand to softwareversions.
57
-
Name The name
Description A short description
Producer The producer of this software/licence
Supplier The supplier
Supplydate The date the licence have been supplied
Account info Account informations if you have an account to manage thislicence
Account date The date the account was added
Licence info Additional licence informations
Licence count Licence count
58
-
Type The type of the licence
Groups The licence group this licence should belong to
Licence expiration When the licence will expire
Comment A comment
Contact info A name who can be asked in context with this licence
Operating system The operating system this licence is for
Product key The product key associated with this licence
2.3.3.3.2.2 Show licences
List your licences here. You can filer, group and sort the entries.
2.3.3.3.3 Mediums
Mediums are optional. You can use this to manage all your CDs, DVDs, isosand so on.
59
-
2.3.3.3.3.1 Show mediums
Name The name
Description A short description
Medium type The type of the medium e.g. iso, CD or other
Operating system The operating system this medium is for
Language The language of the software on this medium
Mediumcount The medium count
Location Where the medium is located
Licences Assign licences to this medium
Contact A name who can be asked in context with this medium
Archived Select to mark this medium as archived
60
-
List your mediums here. You can filer, group and sort the entries.
2.3.4 Settings
Settings
2.3.4.1 Description
This module gives you the availability to modify your userdefined settings. Soeach user can have its own language, theme and so on. There are also somemodule specified settings which can be controlled from here. It is highly recom-mended to install this module.
2.3.4.1.1 Installation
Simple install the module via settings->modules.
2.3.5 dnsldap
dnsldap
2.3.5.1 Description
The dnsldap module is to manage your DNS entries in your ldap database.
2.3.5.2 Installation
Simple install the module via settings->modules.
61
-
2.3.6 locations
locations
2.3.6.1 Description
The locations module is to manage your locations.
2.3.6.2 Installation
Simple install the module via settings->modules.
2.3.7 samhain
samhain
2.3.7.1 Description
This module manages the main yule database and configuration for samhain.Also it is possible to deploy samhain to each host.
2.3.7.2 Quick start:
For the functionality of remote installation, database update and commandsyou need the ssh module installed. At this time only ssh-key authentification issupported.
2.3.7.2.1 Configure your Yule Server
This is only an example!
./configure \--enable-static \--enable-network=server \--with-database=mysql \--enable-xml-log \--with-sender= \--with-recipient= \--enable-udp \--with-trusted=
You should use with-trusted= if you want to use this module to send mes-sages through yulectl and if you want remote installation.
62
-
2.3.7.2.2 Remote installation
!!!THE FOLLOWING STEPS ARE ONLY NEEDED IF YOU WANT TO DOREMOTE UPDATE/INSTALLATION!!! Be sure you do the following after themake-stuff:
create a group for yule
be sure the daemon (or the user which runs yule) and the webserver-useris member of this group
chown daemon:yule /etc/yulerc
chmod 660 /etc/yulerc
chown -R daemon:yule /var/lib/yule/
chmod 770 /var/lib/yule/
chmod 660 /varlib/yule/[fr]*
Configure your Samhain Packages:
./configure \--enable-login-watch \--enable-mounts-check \--enable-static \--enable-suidcheck \--with-config-file=REQ_FROM_SERVER/etc/samhainrc \--with-data-file=REQ_FROM_SERVER/var/lib/samhain/samhain_file \--with-logserver= \--enable-network=client \--enable-xml-log \--enable-userfiles
Now you can build several packages with make runrpm.... At this time onlythe linux packages run, rpm and deb (untested) are supported. Make a directoryinstall in your yule data dir e.g: /var/lib/yule/install/ and take care that thewebserver has read access to this directory and the files. Here you have to placeyour packages.
2.3.8 switch
switch
2.3.8.1 Description
This module manages your switches. You can use it to document your networktopologie.
2.3.8.2 Installation
Simple install the module via settings->modules.
63
-
2.3.9 PXE
PXE
2.3.9.1 Description
The PXE module is to manage your PXE entries and control which image acomputer has to boot.
2.3.9.2 Installation
Simple install the module via settings->modules.
2.3.9.3 TFTP Server configuration
DHCP options to get use of the pxe files: * filename pxelinux.0 * next-serverIP.OF.THE.TFTP-SERVER
Use the path /PATH/TO/URANOS/www/modules/pxe/pxeroot as the rootof your tftp server.
2.3.9.3.1 tftpd.remap
The file /PATH/TO/URANOS/www/modules/pxe/pxeroot/tftpd.remap (shippedwith uranos) is only needed if you want to start WinPE over PXE.
2.3.9.3.2 TFTP Server config example
apt-get install tftpd-hpa
Here is an example for ubuntu /etc/default/tftpd-hpa:
-l -s /PATH/TO/URANOS/www/modules/pxe/pxeroot -m /PATH/TO/URANOS/www/modules/pxe/pxeroot/tftpd.remap
2.3.10 rsyslog
rsyslog
2.3.10.1 Description
This module manages your rsyslog servers, including configuration and databases.
64
-
2.3.10.1.1 Rsyslog Documentation
RSyslog - Documentation
2.3.10.2 Installation
Simple install the module via settings->modules. You will also need at least onedatabase and one rsyslog server (you can run all on the same host).To install rsyslog in ubuntu simply run:
apt-get install rsyslog rsyslog-mysql
If you want to use your postgres database:
apt-get install rsyslog-pgsql
65
-
2.3.10.2.1 Configuration
Go to settings->modules->Rsyslog->configuration:
color: you can set the color for each priority.
live search: Time in miliseconds after the live search will be send aftera key is pressed.
Create client rule if AUTOADD was send as message via syslogDefault settings if you use the inputparser.php to automatical add clientsto a default server.
66
-
2.3.10.2.1.1 inputparser.php to automatical add clients
To use this file you need the following rules, the best is that you use this as lastrule in your config:
$template URANOS_RSYSLOG_MODULE_FORMAT,"%hostname%###%fromhost-ip%###%msg%\n"Module (load="omprog")*.* action(type="omprog" binary="/pathtouranos/www/modules/rsyslog/input_parser.php" template="URANOS_RSYSLOG_MODULE_FORMAT")& stop
You can test this script by running:
echo "test###127.0.0.1###AUTOADD" | /pathtouranos/www/modules/rsyslog/input_parser.php
This will create a config for the client test. And add it to a server if youset the needed option in the module configuration.
2.3.10.2.2 Personal configuration
Go to usersettings->Rsyslog:
Activate live search: activate this if you want to use the live filter.
Show entries: how much entries should be displayed per page.
2.3.10.3 Layout
This module is designed to manage different databases on differnt hosts andprovide a search over all tables on each database. It is also possible to manageand configure more than one rsyslog server. In the basic setup you can run thedatabase, the syslog server and also uranos on the same host. But you can alsorun it on different hosts. Some examples following.
A simple layout with 1 syslog server and 1 database:
67
-
A simple layout with 1 syslog server and 2 databases:
68
-
A simple layout with 2 syslog server and 2 databases:
69
-
70
-
2.3.10.4 Syslog configuration
2.3.10.4.1 Add a new server
First you have to add a new server:
You have to configure this server, with the same name and IP setting in theSSH client module because the configuration is transfered via ssh to the server.Also the reload (or restart, stop and start) commands are sended via ssh.You can also use the import files to import the current configuration from theserver.
2.3.10.4.2 Add a new database
You need at least one database to add tables as destination for syslog messages:
Define the database as a backup database if you want to use it for searchbut not for active logging.
71
-
2.3.10.4.3 Add a new table
Add a table to a database to better seperate the syslog messages.
2.3.10.4.4 Create new config
Please reffer to the rsyslog documentation to get more information about theconfiguration.
2.3.10.4.4.1 Add a configuration
Define a name for the configuration. This will be used as filename if you addthis config to a server. The filename will be build in the following way: priority-name.conf. You can use the fields bleow to add:
A table -> this will generate a text string like ###DATABASEID#TABLENAME###which will be replaced later with
$template DBIDTABLENAME,"insert into TABLENAME(host, source_ip, facility, priority, tag, unixtime, program, msg ) values (%hostname%, %fromhost-ip%, %syslogfacility-text%, %syslogpriority-text%, %syslogtag%, %timegenerated:::date-unixtimestamp%, %programname%, %msg%)",SQLaction(type="omDBTYPE" server="DBHOST" serverport="DBPORT" db="DBNAME" uid="DBUSER" pwd="DBPASSWORD" template="DBIDTABLENAME")
default rsyslog keywords
You will need javascript enabled to auto add the selected field to the currentcursor position.
72
-
2.3.10.4.4.2 Add a client configuration
Computer Chooce the host you want to add
Filename The filename which will be used to write the servers to theclient configuration, currently only rsyslog clients are supported. If youhave an other syslog software leave this field empty.
Initscript The init script which will be used to send commands to theclient via ssh. You can use this with every compatible init script whichaccepts start, stop, restart, reload and status.
Hostname If you set this option the hosts name will be used as a filter.
IP If you set this option the hosts ip address will be used as a filter.
Message Set the filter which will be used for the message.
Priority Set the filter which will be used for the priority.
Facility Set the filter which will be used for the facility.
Progamname Set the filter which will be used for the progamname.
Last rule If you set this the config for this client on the server will got the& stop at the end, this is suggested because without this the messagewill be passed through each other filter which follows.
2.3.10.4.4.3 View client configurations
From this view you can see all defined client configurations. You can filer thisview and sort by klicking on the field descriptors.
73
-
2.3.10.4.4.4 Combine config for a server
The main configuration options have to be defined per server. This is normalythe rsyslog.conf file. From here normaly all other files are included from rsys-log.d directory. You can add the previous defined configurations to any definedserver.
1 View or write the current configuration to the selected server
2 The main (rsyslog.conf) for the selected server, you should define herethe modules you need to write database (e.g. ommysql) and you have todefine that you include the configuration files from the directory you havedefined for this server (e.g. $IncludeConfig /etc/rsyslog.d/*.conf)
3 Add a client configuration to a server
3 View the client configuration assignments for this server
5 Add a configuration to a server
6 View the configuration assignments for this server
2.3.10.4.5 View and write config
View or write the config for this server. You will see the files which will bepublished to the server.
74
-
Restart syslog: chooce this option if you want to send a reload to thersyslog after writing the config.
If you write the files to the server the current config will be saved to /tmp. Afterthat a config check will be performed, if something failes the old config from/tmp will be rolled back and you will get an error message.
2.3.10.4.6 Server commands
You can send the following commands to the server:
Reload
Stop
Start
Restart
75
-
If you access this page the command status will be passed to the init scriptand you will see the current status.
2.3.10.4.7 Logs
The logs are stored in tables. You can view and search each table.
2.3.10.4.7.1 View the logs
1 Chooce the table to view.
2 Chooce if you want to relad the page automaticaly.
3 Filter the messages.
4 Group entries, group the entries (by msg) to do not show the samemassage more than one time.
5: Pagelinks - go to special page.
6: Entries found -count entries matching the current filter.
76
-
7: Sorting - sort the entries by clicking on the fieldname.
2.3.10.4.7.2 Filter the logs
1 Positive Filter: match the [sub]string.
2 Negative Filter: starting with ! will show all entries which do notmatch the [sub]string.
2.3.10.4.7.3 Global search around all tables and all databases
1 Load old saved search settings. You can save the defined searches to useit later again.
2 Chooce the tables you want to search. You can also chooce * which willstand on the first postion for each database host, second position for eachdatabase, and third for each table.
3 Select per table will show you each table seperatly. Select timeline willshow you all entries in one timeline.
4 The filter section. For each input field a filter will be set in the form:LIKE %FILTER%
77
-
5 Select the timespan you want to see.
6 Use perl regular expressions to search.
2.3.10.4.8 Statistic
Here you see a statistical view about all tables in the selected timespan. Fromhere you can jump to the table or directly to the filtered messages behind thelines. You can set the timespan at the top.
78
-
2.3.10.4.9 Statistic Graph
2.3.10.5 Rotate the tables:
When you have more than one table it will be better to use an own database forthe old logs and rotate them e.g. every week. create a database (eg. syslogold)crate a user which has access to write to he database: GRANT ALL PRIVI-LEGES ON syslogold.* TO USERNAME@localhost IDENTIFIED BY PASS-WORD;If you want to rotate the tables you can use this script (example):
#!/bin/bash# ATTANTION THIS SCRIPT WILL ROTATE ALL TABLES IN THE GIVEN DBSQLHOST=localhostSQLUSER=USERNAMESQLPASS=PASSWORDSQLDB=syslogSQLOLDDB=syslog_oldTIMESTAMP=date +%Y-%m-%d-%H%MTEMPNAME=_tmp_table \hspace*{\fill}