Updated 2009-03-05, see bottom.
At work the other week, we decommissioned 24 old desktops - Dell GX280’s that were used in the student labs as print release stations. They didn’t have anything sensitive on them, just Windows XP, but with licensing and all we have to wipe Windows off of them before surplussing them. Since there were 24 of them, it wasn’t exactly going to be the quickest task. Moreover, the GX280’s we used don’t have any removable media drives.
A few people mentioned Darik’s Boot And Nuke (DBAN), which is a bootable Linux distro (CD or floppy) aimed at wiping all of the fixed disks attached to a machine. While they do offer an “Enterprise” version that supports network booting (and logging wipe verifications to a central machine), the pricing isn’t exactly favorable for a small project (or something that just needs Windows to go away, not a DoD-grade 7-pass overwrite with random data). Between the lack of a CD drive and the apparent need to select wiping options at boot, this didn’t seem to be the best method for me.
Luckily, with a little googling, I came by the Cobbler project, a ready-to-run install server aimed at automating network-based OS installation. It turns out that Cobbler has a wiki article on system retirement that deals with using Cobbler to automate a network boot of DBAN. Cobbler takes control of DHCP and TFTP, boots the machine(s) to a PXE boot menu, and allows selection of one of the cobbler “profiles”.
The general procedure is something along these lines:
- Get the DBAN iso and grab the .ima image off of it. Loopback mount it.
- Copy the
initrdand kernel into
- Assuming you have cobblerd running (cobbler check), add a Distro for
cobbler distro add --name=DBAN-1.0.7-i386 --kernel=/opt/cobbler/dban/vmlinuz --initrd=/opt/cobbler/dban/initrd.img --kopts="root=/dev/ram0 init=/rc nuke=dwipe floppy=0,16,cmos"
- Add a Profile for it:
cobbler profile add --name=DBAN-1.0.7-i386 --distro=DBAN-1.0.7-i386
Assuming all went well, when we PXE boot a machine on the same LAN as
the Cobbler system, we’ll get DHCP and a PXE boot menu which will list
DBAN-1.0.7.i386 as one of the options. On some of the GX280’s that I
did, I had to go into the BIOS and enable PXE boot (or select PXE from
the BIOS boot menu). Now, when DBAN boots, we’ll get the standard dmesg
output and then a selection screen allowing us to pick a wipe type (I
used the single pass all zeros for just getting rid of the old OS) and
select which disks to wipe. If you use the default wipe, just press
“space” to select all disks and then “F10” to begin the wipe.
This process allowed me to wipe 7 machines at once (8 port KVM, 1 port for the server). With a better KVM or (even better yet) a totally automatic system as described below, it would essentially be limited to whatever the server and network hardware will handle.
To add a little more automation, we can run
cobbler system add --name=default --profile=DBAN-1.0.7-i386 which adds
a default profile to Cobbler, saying that any machines with MACs not
specifically assigned to a profile should boot the DBAN profile, and
bypassing the PXE boot menu.
WARNING: what follows will setup Cobbler and DBAN to automatically wipe all PXE-booting devices without ANY human intervention. Use at your own risk and, for God’s sake, don’t plug your server into a production network (I recommend this only in a lab environment with a dedicated switch, all machines in one physical area, and no possibility of getting on the same ‘net as production machines).
It’s theoretically possible to totally automate this setup. According to
the DBAN docs, it will also accept kernel options (kopts) that effect
how dnuke works - specifically,
--autonuke to tell it to wipe without
human intervention and a method option such as
--method=zero to select
the wipe method. This means that if we PXE boot with kernel options set
nuke="dwipe --autonuke --method=zero" we should go straight to the
dwipe utility (the heart of DBAN) and automatically wipe all disks by
writing zeros once - without operator intervention. Unfortunately,
there’s a bug in the
current (1.4.0) Cobbler which prevents quote-encapsulated strings in
kopts, meaning that we can’t set one kernel option to a string with
whitespace as needed here. If this bug is fixed, it should allow this
process to work without any operator intervention, assuming the clients
will PXE boot.
Updated 2009-03-05 I haven’t tested it yet, but apparently the Cobbler bug preventing complex kernel options has been fixed. The fix should be included in the 1.4.3 release and is currently in the development tree.