On Mon, Oct 27, 2008 at 9:53 AM, Kyle McDonald <KMcDonald at egenera.com> wrote:
> That brings me here. The two ideas I've had for this, both seem to have
> advantages and disadvantages, and both seem to have their own security
> risks. So I'm curious if anyone thinks one of these is better than the
> other, or if anyone has any other ideas.
Idea 3:
Add the following to a begin script with appropriate error checking
mkdir /tmp/restore_to_new_be
mount $SI_ROOTDISK /a
cd /a
find etc/ssh/*key* [any other stuff you want to copy] \
| cpio -pd /tmp/restore_to_new_be
cd /
umount /a
Add the following to a finish script:
cd /tmp/restore_to_new_be
find . -type f | cpio -pd /a
I do this for ssh keys and similar files associated with various
agents that have per-host keys or configuration.
--
Mike Gerdts
http://mgerdts.blogspot.com/
