FreeBoo: an Open Architecture for Network Dual Boot
Administrating large installations of computer desktops requires many tedious system reparations due to software updates, hardware fixes, user mistakes and viruses. To reduce costs, some enterprises adopt restrictive IT politics. But, if your business cannot afford a highly secure and restrictive environment, and you want to provide your many users with dual-boot capacity, desktop administration privileges and the possibility to execute a large amount of different software, you probably are using Rembo.
This article presents FreeBoo, an open architecture that provides you with a dual-boot system of secure desktop images. FreeBoo is based on network boot, provides image restoration and allows hot boot. With FreeBoo, any malicious software installation done on a desktop by a previous user can be overwritten seamlessly.
Many IT departments' efforts are dedicated to the time-consuming task of repairing end-user desktops. For this task, most IT systems use open-source imaging systems that exist today, such as SystemImager, partimage, FileZilla, clonezilla, Frisbee, rsync, rdiff-backup, ADIOS and so on, or their commercial equivalents, including Norton Ghost, Active, True Image and Image. All these tools create a compressed image of a client's hard drive data and save it in case a future data recovery is necessary. An image is the complete copy of a filesystem, and it usually is stored on a backup server. When image changes are small, incremental backup is used to improve performance.
Imaging systems use well-known IETF protocols to transfer data from client to server or vice versa. They also include many functionalities for image management, with easy-to-use GUIs. IT departments in charge of large installations also use them to clone OS images onto several identical computers and to update systems with new patches.
In general, this software requires a high level of expertise, works basically on-demand and runs with a client program. This last feature is very important, because it assumes that the client computer is executing with specific conditions. Typically, this means the client always executes the same operating system.
At our university, computer labs can boot either MS Windows or Linux operating systems, and students select the desired partition using Rembo. Other PC-compatible dual-boot options include Norton BootMagic, OSL2000 or the MSTBOOT commercial systems and the GRUB open-source software solution. But, none of these tools can dual boot from the network.
Rembo is the only existing tool that provides the option of restoring any of the computer's saved images. And, very important, once the image is recovered, the computer boots it directly. Rembo is a commercial evolution of the open-source BP Batch Project, recently integrated into the IBM Tivoli suite. Rembo introduces local disk caches for fast image restoration, is able to use multicast messages and can be programmed using the Rembo-C scripting language.
FreeBoo is proposed as an open-source, alternative solution to Rembo. Instead of open-source software, FreeBoo is an architecture built from many existing open-source programs. In fact, the number of new lines of code is insignificant. We have written only eight simple scripts and have used the urldecoder script authored by Heiner Steven. Figure 1 shows the global picture. The open protocols used include TFTP, DHCP, HTTP and NFS. And, the open-source code, running either on the server or client includes PXELinux, rsync, partimage, Apache, Netcat, links2 and gensplash. In Figure 1, you can see which program is executed at each computer site (client or server).
To illustrate the use of FreeBoo, let's assume the following scenario: ten or more desktops connected by LAN with a remote, non-accessible server room, using a PXE-compliant NIC. The desktops boot in three phases, as shown in Figure 2. The first phase is similar to a thin-client boot. In the second phase, the user selects a boot option, and the necessary image data is sent to the client. Finally, in the third phase, the client computer boots the user-selected OS.
- Cluetrain at Fifteen
- Getting Good Vibrations with Linux
- Embedding Python in Your C Programs
- New Products
- Security Hardening with Ansible
- Monitoring Android Traffic with Wireshark
- [<Megashare>] Watch Mrs Brown's Boys Movie Online Full Movie HD 2014
- diff -u: What's New in Kernel Development
- Memory Ordering in Modern Microprocessors, Part I
- Tech Tip: Really Simple HTTP Server with Python