« Mac Kernel Panics | Main | Fragmentation Bug in Disk Utility and Boot Camp Assistant »

March 05, 2008

Leveraging NetBoot for Mac OS Kernel Updates

One of the things that have troubled us in the past has been using Radmind for major OS updates. If the kernel is updated, or if /System/Library/CoreServices/BootX is touched, Radmind can fail to update the loadset and in some cases our scripts won't reboot the station. In our transition from 10.3 to 10.4, we had student employees rebooting stations across campus after their Radmind session finished. Looking forward to the 10.4 to 10.5 transition, I think I'm going to develop a set of scripts to get around this issue. Here's how it'll work:

  1. After fsdiff runs, a pre-apply script checks the difference transcript against a list of items that may break the update (e.g. mach_kernel and BootX).
  2. If one of those items is present, it touches a file that acts as a flag (maybe /var/radmind/client/.UpdateSystemFiles). Then it sets the default boot behavior to our NetBoot image.
  3. The NetBoot image, upon detecting the file on the hard drive, runs ktcheck to get the proper command file for the hostname. It checks the version of the OS contained in the command file (using the transcripts' names) against the version of the OS currently on the hard drive. If there's a major discrepancy, such as 10.4 to 10.5 (really, anything that would use a different negative), it will apply an ASR image to the hard drive.
  4. The NetBoot image runs a Radmind session (thanks to relative paths) on the hard drive, updating the kernel and other sensitive files as necessary.
  5. The computer reboots, and has been updated without any user interaction.

This method will allow us not only to deploy 10.5 to stations running 10.4, but also to deploy future system updates. Say 10.5.3 updates the kernel, for instance. It'll probably take a while for this to all come into place, but it will set the groundwork for making our lives a lot easier.

Posted by slauncha at March 5, 2008 03:32 PM

Trackback Pings

TrackBack URL for this entry:

Comments

Login to leave a comment. Create a new account.