4

For one of my labs, I need to maintain consistent file systems. So, I do not want any changes written to the file system after the system is shutdown. Currently, I am maintaining an operating system image and copying it manually after the lab session is over.

I am trying to figure out if there is any open source implementation of Deep Freeze software for Fedora based systems. I am trying to maintain a consistent file system so that any changes made will be lost when the system reboots.

From this link, I see there are similar software to Deep freeze, however, they are available for Debian based systems. I also came across LVM partitions which I did not understand much.

Suggest me some software that can be used in Fedora based systems or some other better solution.

slm
  • 369,824
Ramesh
  • 39,297
  • Why not make all the files read-only, so they could not be written to? – Wilf Jan 13 '14 at 17:55
  • I need the students to make some changes to the files and play around. However, for the next session of the lab, there would be different set of students who need to do the same chores again. So, I need the files to be writable. – Ramesh Jan 13 '14 at 17:57
  • You could copy the files to that location on boot, and remove them on shutdown, or when it next boots (more reliable)... – Wilf Jan 13 '14 at 17:57
  • I am trying to do it automatically, rather than doing it manually. Basically, whatever the student tries, it should last only for that session. I am trying to achieve a system performance similar to the internet cafes. – Ramesh Jan 13 '14 at 18:00
  • You mentioned in your comment that the students are running virtualbox images. Can you just give them a clone of the base image every time they start, then discard it when the lab session is over? – Mark Plotnick Jan 13 '14 at 19:25
  • How can I do that? – Ramesh Jan 13 '14 at 19:31
  • https://www.virtualbox.org/manual/ch01.html#clone explains how to clone a VM – Mark Plotnick Jan 15 '14 at 20:07

3 Answers3

3

You could set up aufs on the root partition and have the original image read only and all changes are stored in RAM. That way the students can make any changes they like (even as root), after a reboot a clean well defined system state is restored.

I did exactly this setup using Debian but the same should be possible without too much modification on Fedora as well. Since the clients were running diskless, I used PXE boot. Here are the basic steps, the instructions are mainly taken from Diskless Debian Linux booting via dhcp/pxe/nfs/tftp/aufs and Installing Debian using network booting.

The PXE boot server has the IP address 192.168.1.10 and it also serves as TFTP and NFS server. It uses aufs and the root filesystem is mounted read-only. Due to the aufs the clients have write access. All changes reside in memory and are wiped on reboot.

Install necessary packages

apt-get install isc-dhcp-server tftp-hpa nfs-kernel-server debootstrap syslinux

Configure DHCP server to serve a PXE boot image

cat >/etc/dhcp/dhcpd.conf <<EOF
next-server 192.168.1.10;  # address of the TFTP server
allow bootp;
allow booting;

subnet 192.168.1.0 netmask 255.255.255.0 {
  # clients get a dynamic IP address
  range dynamic-bootp 192.168.1.20 192.168.1.254;
  filename "pxelinux.0";
  option domain-name-servers 192.168.0.10;
  option broadcast-address 192.168.1.255;
  option routers 192.168.0.10;
}
EOF

This configures DHCP to use the TFTP server on address 192.168.1.10 and load the PXE boot image pxelinux.0.

Configure TFTP server

mkdir /srv/tftp

Configure NFS server.

The root file system is mounted read only via NFS.

mkdir /srv/nfsroot
cat >/etc/exports <<EOF
/srv/nfsroot 192.168.1.10/24(ro,no_root_squash,no_subtree_check)
EOF

Populate NFS directory with a Debian installation

debootstrap stable /srv/nfsroot <mirror>
# e.g.
debootstrap stable /srv/nfsroot \
  http://ftp.sunet.se/pub/Linux/distributions/debian/

Install kernel and initramfs tools:

chroot /srv/nfsroot apt-get update
chroot /srv/nfsroot apt-get install initramfs-tools linux-image-amd64

Configure its initramfs to generate NFS-booting initrds:

sed 's/BOOT=local/BOOT=nfs/' \
  -i /srv/nfsroot/etc/initramfs-tools/initramfs.conf

Load the aufs module:

echo aufs >> /srv/nfsroot/etc/initramfs-tools/modules

Configure aufs:

cat >/srv/nfsroot/etc/initramfs-tools/scripts/init-bottom/aufs <<EOF
modprobe aufs
mkdir /ro /rw /aufs
mount -t tmpfs tmpfs /rw -o noatime,mode=0755
mount --move $rootmnt /ro
mount -t aufs aufs /aufs -o noatime,dirs=/rw:/ro=ro
mkdir -p /aufs/rw /aufs/ro
mount --move /ro /aufs/ro
mount --move /rw /aufs/rw
mount --move /aufs /root
exit 0
EOF

Make the file executable:

chmod +x /srv/nfsroot/etc/initramfs-tools/scripts/init-bottom/aufs

Generate initrd:

chroot /srv/nfsroot update-initramfs -k $(uname -r) -u

Watch out if the kernel of the host and the chroot do not match. Replace $(uname -r) with the correct kernel if necessary.

Copy generated initrd, kernel image, and PXE bootloader to TFTP root and create folder for PXE config:

cp /srv/nfsroot/boot/initrd.img-* /srv/tftp/
cp /srv/nfsroot/boot/vmlinuz-*    /srv/tftp/
cp /usr/lib/syslinux/pxelinux.0   /srv/tftp/
mkdir /srv/tftp/pxelinux.cfg

The file pxelinux.0 is the PXELINUX bootstrap program.

Configure boot loader:

cat >/srv/tftp/pxelinux.cfg/default <<EOF
default Debian
prompt 1
timeout 10
label Debian
kernel vmlinuz-2.6.32-5-amd64  # <- use correct version!
append ro initrd=initrd.img-2.6.32-5-amd64 root=/dev/nfs ip=dhcp 
nfsroot=192.168.1.10:/srv/nfsroot
EOF

Change root password

chroot /srv/nfsroot passwd root

Restart services

invoke-rc.d isc-dhcp-server restart
invoke-rc.d tftpd-hpa restart
exportfs -ra
Marco
  • 33,548
  • Thanks for your answer. Can you please elaborate a little more and provide me pointers to some link where I can learn more? – Ramesh Jan 14 '14 at 01:13
  • @Ramesh I expanded my answer and added links for further information. – Marco Jan 14 '14 at 01:38
2

First, copy the files out of the /home/USERNAME folder (the folder of the USERNAME the students use.), to something like /home/backup. You can do this with:

cp -R /home/USERNAME/TEMPFILES /home/backup/BACKUPFILES

where TEMPFILES is the folder with stuff that the students need to access in, and where BACKUPFILES is the backup copy of the folder elsewhere. Note: this does sort of mean it would be useful for all the stuff to be in a folder, like TEMPFILES, INSIDE the home directory, as you cannot really do this stuff to the actual home directory folder

To make sure that the students cannot access them, you may want them to be owned by root by running:

sudo chown -R root:root /home/backup/BACKUPFILES

Open up the nano editor with sudo nano /etc/rc.local, and add these commands to rc.local.

rm -rf /home/USERNAME/TEMPFILES
cp -r /home/backup/BACKUPFILES /home/USERNAME/TEMPFILES

These commands will run on boot as root - you may want to test them in terminal first, with the prefix sudo .., to check whether they work.

If the rc.local is empty start off with, add in this line at the top:

#!/bin/sh -e

and had this line at the bottom:

exit 0

save with Ctrl+O, and exit with Ctrl+X.

Next, make the file executable, so it will run the commands, with:

sudo chmod +x /etc/rc.local

Reboot, and it should work.

If it has permissions errors, you may need to add this command below the cp... command to make the files owned by the USERNAME that the students can access:

sudo chown USERNAME:USERNAME /home/USERNAME/TEMPFILES
Wilf
  • 2,385
  • It is a very good suggestion. But the students will be logged in as root in the virtualbox. They access the guest operating systems as administrators. So, I need to achieve something like deep freeze. – Ramesh Jan 13 '14 at 18:52
1

If you take a look at alternativesto.net site there are 3 applications listed as alternatives to Deep Freeze.

NOTE: I have no experience with any of these tools so I can't offer you any additional info about how they work etc. I can only provide you with these leads.

Lethe

Lethe is a Deep Freeze-like partition freezing software for Debian GNU/Linux and Lihuen GNU/Linux (May work on other Debian-based GNU/Linux distributions). Lethe makes the partitions behave like a Live CD: all changes made on the file system will not be saved on the disk but in RAM and when the system restarts, all the content saved in the previous session is "forgotten" and lost and the disk / partitions are restored to their original state.

Lethe is based on Rootaufs, originally written by Nicholas Schembri, to whom we have to thank for publishing the script under a GPL license and making this application possible.

There's also a video on YouTube, titled: Freezing a Linux Ubuntu System With Lethe which demonstrates how it works.

fsprotect

fsprotect is a set of scripts, customized for debian systems that protect existing filesystems.

It uses the AUFS filesystem and some initramfs magic to protect the root filesystem. It also uses a simple init script to protect other filesystems as early as possible.

fsprotect is excellent for public computers like those in libraries, labs, etc. It will ease the life of all administrators with a couple of simple steps.

The benefits of using fsprotect are:

  • Filesystems are protected and no change is ever written to the disk
  • Protected filesystems are mounted read-only. This means that they aren't >damaged when the computer is turned off improperly.
  • It is very easy to use. Just add an "fsprotect" parameter to the kernel for the root filesystem and list the filesystems to be protected in /etc/default/fsprotect.
  • In some cases it makes the filesystem access faster.

The drawbacks of using fsprotect:

  • Filesystem changes cannot be more than a predefined limit (set by you) (in bytes).
  • Since tmpfs is heavily used, you need to have adequate swap space.

Dafturn Ofris

Dafturn Ofris, Freeze from Indonesia, is an open source application that can freeze your Linux, like Deep Freeze in Microsoft Windows operating system. So, you can lock your system by using this application. Feel free and open with this application.

I found this pretty good review and discussion on using Ofris, it's titled: [HOW TO] Deep Freeze Xubuntu with Ofris.

slm
  • 369,824