This chapter is targeted at IT administrators who are responsible for maintaining and installing large numbers of PCs. While Linux on the desktop is becoming more and more popular nowadays, without serious methods for standardizing, securing, and automating the install process, the interoperability of the desktop itself is only half the issue at hand.
This chapter builds upon the installation-related skills learned in Chapter 2 to help you secure your standardized desktop, workstation, and server OS installs. The kickstart technology covered here will enable you to create standardized desktop and server loads, customize those standard loads, and then roll them out to machines over the network. This client/server kickstart automated provisioning system comes with all Fedora Core-and Red Hat-based systems.
This type of OS install technology, when combined with OS hardening skills we cover in this chapter, is exactly what it takes to be able to roll out, or provision, Linux systems in the enterprise environment. This level of provisioning automation has been built into Red Hat-based systems for years and is one of the many features that really helps to decrease a Linux shop's Total Cost of Ownership (TCO), while increasing your bosses Return on Investment (ROI) (that is, justification for your salary).
We start off with a nice leisurely overview of the kickstart technology, and then get into how to customize your template machine loads. We review some best practices for locking down and securing your desktop and server template machines, go through the steps for creating your own kickstart provisioning server, and explain how to run a kickstart network install via boot floppy or CD. We wrap up with a couple of common kickstart problems (and their solutions).