From 4304822915c2e4dc45eac988c7e25b6b1c508f4b Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Fri, 30 Aug 2019 16:51:44 +0200 Subject: [PATCH 01/89] Update to 3.0.0 --- cobbler.spec | 163 +++++++++++++++++---------------------------------- sources | 2 +- 2 files changed, 55 insertions(+), 110 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index df1242e..6ad5995 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,62 +6,50 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 2.8.5 -Release: 0.1%{?dist} +Version: 3.0.0 +Release: 1%{?dist} Summary: Boot server configurator URL: http://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz BuildRequires: git -BuildRequires: /usr/bin/pathfix.py -BuildRequires: python2-devel -BuildRequires: python2-pyyaml -BuildRequires: python2-setuptools -%if 0%{?fedora} >= 28 || 0%{?rhel} > 7 -BuildRequires: python2-cheetah -%else -BuildRequires: python-cheetah -%endif +BuildRequires: python3-devel +BuildRequires: python3-pyyaml +BuildRequires: python3-setuptools +BuildRequires: python3-cheetah Requires: httpd Requires: tftp-server Requires: createrepo Requires: rsync -Requires: python2-simplejson -Requires: python2-pyyaml -%if 0%{?fedora} >= 28 || 0%{?rhel} > 7 -Requires: python2-mod_wsgi -Requires: python2-cheetah -Requires: python2-netaddr -Requires: python2-urlgrabber -%else -Requires: mod_wsgi -Requires: python-cheetah -Requires: python-netaddr -Requires: python-urlgrabber -%endif +Requires: python3-simplejson +Requires: python3-pyyaml +Requires: python3-mod_wsgi +Requires: python3-cheetah +Requires: python3-netaddr +Requires: python3-urlgrabber + # syslinux is only available on x86 %ifarch %{ix86} x86_64 Requires: syslinux %endif Requires: genisoimage -%if 0%{?fedora} +%if 0%{?fedora} || 0%{?rhel} >= 7 Requires: dnf-plugins-core %else Requires: yum-utils %endif -%if 0%{?fedora} || 0%{?rhel} >= 7 + BuildRequires: systemd Requires(post): systemd Requires(preun): systemd Requires(postun): systemd -%else -Requires(post): /sbin/chkconfig -Requires(preun): /sbin/chkconfig -Requires(preun): /sbin/service -%endif + +# koan is not yet available - to be re-introduced later ? +# https://github.com/cobbler/cobbler/issues/2087 +Obsoletes: koan < 3.0.0-1 %description Cobbler is a network install server. Cobbler supports PXE, ISO @@ -77,19 +65,9 @@ other applications. %package -n cobbler-web Summary: Web interface for Cobbler BuildArch: noarch -Requires: cobbler -%if 0%{?fedora} >= 28 -Requires: python2-django1.11 -%endif -%if 0%{?el7} -Requires: python2-django -%endif -%if 0%{?fedora} >= 28 || 0%{?rhel} > 7 -Requires: python2-mod_wsgi -%else -Requires: Django > 1.6 -Requires: mod_wsgi -%endif +Requires: cobbler = %{version}-%{release} +Requires: python3-django +Requires: python3-mod_wsgi Requires: mod_ssl Requires(post): openssl @@ -98,62 +76,50 @@ Web interface for Cobbler that allows visiting http://server/cobbler_web to configure the install server. +%if 0 %package -n koan Summary: Helper tool that performs cobbler orders on remote machines BuildArch: noarch -Requires: python2-simplejson -%if 0%{?fedora} >= 28 || 0%{?rhel} > 7 -Requires: python2-ethtool -Requires: python2-urlgrabber -%else -Requires: python-ethtool -Requires: python-urlgrabber -%endif +Requires: python3-simplejson +Requires: python3-ethtool +Requires: python3-urlgrabber Requires: virt-install %description -n koan Koan stands for kickstart-over-a-network and allows for both network installation of new virtualized guests and reinstallation of an existing system. For use with a boot-server configured with Cobbler +%endif %prep %autosetup -p1 -pathfix.py -pni "%{__python2} %{py2_shbang_opts}" . %build -%py2_build +%py3_build %install -%py2_install +# bypass install errors ( don't chown in install step) +%py3_install ||: # cobbler -rm $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobbler.conf +rm %{buildroot}%{_sysconfdir}/cobbler/cobbler.conf -mkdir -p $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d -mv $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobblerd_rotate $RPM_BUILD_ROOT%{_sysconfdir}/logrotate.d/cobblerd +mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d +mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd_rotate %{buildroot}%{_sysconfdir}/logrotate.d/cobblerd # Create data directories in tftp_dir -mkdir -p $RPM_BUILD_ROOT%{tftp_dir}/{boot,etc,grub,images{,2},ppc,pxelinux.cfg,s390x} +mkdir -p %{buildroot}%{tftp_dir}/{boot,etc,grub,images{,2},ppc,pxelinux.cfg,s390x} -%if 0%{?rhel} == 6 -# sysvinit -mkdir -p %{_sysconfdir}/init.d -mv $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobblerd $RPM_BUILD_ROOT%{_sysconfdir}/init.d/cobblerd -rm $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobblerd.service -%else # systemd -rm $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobblerd -rm $RPM_BUILD_ROOT%{_sysconfdir}/init.d/cobblerd -mkdir -p $RPM_BUILD_ROOT%{_unitdir} -mv $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobblerd.service $RPM_BUILD_ROOT%{_unitdir} -%endif +mkdir -p %{buildroot}%{_unitdir} +mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd.service %{buildroot}%{_unitdir} # cobbler-web -rm $RPM_BUILD_ROOT%{_sysconfdir}/cobbler/cobbler_web.conf +rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf # koan -mkdir -p $RPM_BUILD_ROOT/var/spool/koan +mkdir -p %{buildroot}/var/spool/koan %pre @@ -173,30 +139,6 @@ if (( $1 >= 2 )); then fi fi - -%if 0%{?rhel} == 6 -%post -# package install -if (( $1 == 1 )); then - /sbin/chkconfig --add cobblerd > /dev/null 2>&1 - /etc/init.d/cobblerd start > /dev/null 2>&1 - /etc/init.d/httpd restart > /dev/null 2>&1 -fi -%preun -# before last package is removed -if (( $1 == 0 )); then - /sbin/chkconfig --del cobblerd > /dev/null 2>&1 - /etc/init.d/cobblerd stop > /dev/null 2>&1 -fi -%postun -# after last package is removed -if (( $1 == 0 )); then - /etc/init.d/httpd condrestart > /dev/null 2>&1 -fi -%endif - - -%if 0%{?fedora} || 0%{?rhel} >= 7 %post %systemd_post cobblerd.service @@ -205,7 +147,6 @@ fi %postun %systemd_postun_with_restart cobblerd.service -%endif %post -n cobbler-web # Change the SECRET_KEY option in the Django settings.py file @@ -216,7 +157,8 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %files %license COPYING -%doc AUTHORS README.md docs/README.openvz docs/README.mysql +%doc AUTHORS.in README.md +%doc docs/developer-guide.rst docs/quickstart-guide.rst docs/installation-guide.rst %config(noreplace) %{_sysconfdir}/cobbler %config(noreplace) %{_sysconfdir}/logrotate.d/cobblerd %config(noreplace) /etc/httpd/conf.d/cobbler.conf @@ -224,14 +166,12 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %{_bindir}/cobbler-ext-nodes %{_bindir}/cobblerd %{_sbindir}/tftpd.py +%dir %{_datadir}/cobbler +%{_datadir}/cobbler/bin %{_mandir}/man1/cobbler.1* -%{python2_sitelib}/cobbler/ -%{python2_sitelib}/cobbler*.egg-info -%if 0%{?fedora} || 0%{?rhel} >= 7 +%{python3_sitelib}/cobbler/ +%{python3_sitelib}/cobbler*.egg-info %{_unitdir}/cobblerd.service -%else -/etc/init.d/cobblerd -%endif %{tftp_dir}/* /var/www/cobbler %config(noreplace) /var/lib/cobbler @@ -240,12 +180,13 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %files -n cobbler-web %license COPYING -%doc AUTHORS README.md +%doc AUTHORS.in README.md %config(noreplace) /etc/httpd/conf.d/cobbler_web.conf %attr(-,apache,apache) /usr/share/cobbler/web %dir %attr(700,apache,root) /var/lib/cobbler/webui_sessions %attr(-,apache,apache) /var/www/cobbler_webui_content/ +%if 0 %files -n koan %license COPYING %doc AUTHORS README.md @@ -254,16 +195,20 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %{_bindir}/ovz-install %{_mandir}/man1/koan.1* %{_mandir}/man1/cobbler-register.1* -%{python2_sitelib}/koan/ -%exclude %{python2_sitelib}/koan/sub_process.py* -%exclude %{python2_sitelib}/koan/opt_parse.py* -%exclude %{python2_sitelib}/koan/text_wrap.py* +%{python3_sitelib}/koan/ +%exclude %{python3_sitelib}/koan/sub_process.py* +%exclude %{python3_sitelib}/koan/opt_parse.py* +%exclude %{python3_sitelib}/koan/text_wrap.py* /var/lib/koan /var/log/koan /var/spool/koan +%endif %changelog +* Fri Aug 30 2019 Nicolas Chauvet - 3.0.0-1 +- Update to 3.0.0 + * Mon Aug 26 2019 Nicolas Chauvet - 2.8.5-0.1 - Update to 2.8.5 - pre-release diff --git a/sources b/sources index 5301563..0d6c9a1 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-2.8.5.tar.gz) = 6097618b6ad394f23f496eee14a74a334162b2d420c39059bf54472a44b4a6a645faf9ee50139f7c169503d34524489282b03a2f7318ca8b276745cc518567a7 +SHA512 (cobbler-3.0.0.tar.gz) = 80d0010a02a8ca6c3ed6fc06e2b2ddf58f033c8a86ee7fd85280ace44f56239102603aad1a6968bfbd76798e23916811b44944d63eb941c88e4dd09ea5210abf From be40789b901f3b6424ce9795d7023f2373334232 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 3 Sep 2019 13:59:12 +0200 Subject: [PATCH 02/89] Add python3-tornado - rhbz#1061907 --- cobbler.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/cobbler.spec b/cobbler.spec index 6ad5995..c9ae862 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -29,6 +29,7 @@ Requires: python3-mod_wsgi Requires: python3-cheetah Requires: python3-netaddr Requires: python3-urlgrabber +Requires: python3-tornado # syslinux is only available on x86 %ifarch %{ix86} x86_64 From 8c8742f9b209a4000fb7c4b9b540e031c8fd69e9 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Mon, 9 Sep 2019 10:17:50 +0200 Subject: [PATCH 03/89] Update to 3.0.1 --- cobbler.spec | 5 ++++- sources | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index c9ae862..ba16f66 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.0.0 +Version: 3.0.1 Release: 1%{?dist} Summary: Boot server configurator URL: http://cobbler.github.io/ @@ -207,6 +207,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Mon Sep 09 2019 Nicolas Chauvet - 3.0.1-1 +- Update to 3.0.1 + * Fri Aug 30 2019 Nicolas Chauvet - 3.0.0-1 - Update to 3.0.0 diff --git a/sources b/sources index 0d6c9a1..89303fe 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.0.0.tar.gz) = 80d0010a02a8ca6c3ed6fc06e2b2ddf58f033c8a86ee7fd85280ace44f56239102603aad1a6968bfbd76798e23916811b44944d63eb941c88e4dd09ea5210abf +SHA512 (cobbler-3.0.1.tar.gz) = 932141615aaa9a6b2bde479c3f50bf422762010cea5572f88d78685fb5280f387437d374f48ea2a9f355f3da8d9be83eddb3b7a72c49b1800cfa04b577e81720 From 0906ca93e286be7d69a1095c7a7c33b27df61f12 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Mon, 9 Sep 2019 10:19:05 +0200 Subject: [PATCH 04/89] Remove source file --- cobblerd.service | 13 ------------- 1 file changed, 13 deletions(-) delete mode 100644 cobblerd.service diff --git a/cobblerd.service b/cobblerd.service deleted file mode 100644 index 0df27d9..0000000 --- a/cobblerd.service +++ /dev/null @@ -1,13 +0,0 @@ -[Unit] -Description=Cobbler Helper Daemon -After=syslog.target network.target - -[Service] -Type=oneshot -ExecStart=/usr/bin/cobblerd -RemainAfterExit=yes -PrivateTmp=yes - -[Install] -WantedBy=multi-user.target - From a015a1c26e6a560af1b745553ad3c2183bbe8d39 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 10 Sep 2019 15:25:54 +0200 Subject: [PATCH 05/89] Add python3 future and re-order --- cobbler.spec | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index ba16f66..440bba6 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -15,21 +15,23 @@ Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/% BuildRequires: git BuildRequires: python3-devel +BuildRequires: python3-cheetah +BuildRequires: python3-future BuildRequires: python3-pyyaml BuildRequires: python3-setuptools -BuildRequires: python3-cheetah Requires: httpd Requires: tftp-server Requires: createrepo Requires: rsync -Requires: python3-simplejson -Requires: python3-pyyaml -Requires: python3-mod_wsgi Requires: python3-cheetah +Requires: python3-future +Requires: python3-mod_wsgi Requires: python3-netaddr -Requires: python3-urlgrabber +Requires: python3-pyyaml +Requires: python3-simplejson Requires: python3-tornado +Requires: python3-urlgrabber # syslinux is only available on x86 %ifarch %{ix86} x86_64 From 6e7187fa0a20d50511654a1bbdb72f8fd386b106 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 17 Sep 2019 13:54:30 +0200 Subject: [PATCH 06/89] Add https --- cobbler.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 440bba6..0ba8544 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -9,7 +9,7 @@ Name: cobbler Version: 3.0.1 Release: 1%{?dist} Summary: Boot server configurator -URL: http://cobbler.github.io/ +URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz From b4d4215db35f1df716acc1a718e64a7c57ed2186 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 10 Sep 2019 15:51:36 +0200 Subject: [PATCH 07/89] Add missing BR --- cobbler.spec | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/cobbler.spec b/cobbler.spec index 0ba8544..cc4ceec 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -16,9 +16,14 @@ Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/% BuildRequires: git BuildRequires: python3-devel BuildRequires: python3-cheetah +BuildRequires: python3-coverage +BuildRequires: python3-distro BuildRequires: python3-future +BuildRequires: python3-netaddr BuildRequires: python3-pyyaml +BuildRequires: python3-requests BuildRequires: python3-setuptools +BuildRequires: python3-simplejson Requires: httpd Requires: tftp-server From ce3617316ff3e543e9eae7ec27ac6e6298794c47 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 10 Sep 2019 16:04:42 +0200 Subject: [PATCH 08/89] Fixup rhel7 requires --- cobbler.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index cc4ceec..6225d35 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -44,7 +44,7 @@ Requires: syslinux %endif Requires: genisoimage -%if 0%{?fedora} || 0%{?rhel} >= 7 +%if 0%{?fedora} || 0%{?rhel} > 7 Requires: dnf-plugins-core %else Requires: yum-utils From 9bdab009e7a34b32d14d86281b2387724059d7c4 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 10 Sep 2019 16:23:45 +0200 Subject: [PATCH 09/89] Avoid to obsoletes on el8 --- cobbler.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cobbler.spec b/cobbler.spec index 6225d35..4d45b92 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -57,7 +57,10 @@ Requires(postun): systemd # koan is not yet available - to be re-introduced later ? # https://github.com/cobbler/cobbler/issues/2087 +# Avoid to obsoletes koan in EL8 (from modules) +%if 0%{?fedora} Obsoletes: koan < 3.0.0-1 +%endif %description Cobbler is a network install server. Cobbler supports PXE, ISO From 0cd7658cf6cc7417a0ec63a2336b4206da31912b Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 10 Sep 2019 16:25:38 +0200 Subject: [PATCH 10/89] cobbler is truly a noarch package --- cobbler.spec | 11 +++-------- 1 file changed, 3 insertions(+), 8 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 4d45b92..853fa28 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -1,5 +1,3 @@ -%global debug_package %{nil} - %global tftp_dir /var/lib/tftpboot/ %global commit0 f78af86a963b099d1e22586b24aedff9062da9c1 @@ -12,6 +10,7 @@ Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +BuildArch: noarch BuildRequires: git BuildRequires: python3-devel @@ -38,14 +37,11 @@ Requires: python3-simplejson Requires: python3-tornado Requires: python3-urlgrabber -# syslinux is only available on x86 -%ifarch %{ix86} x86_64 -Requires: syslinux -%endif - Requires: genisoimage %if 0%{?fedora} || 0%{?rhel} > 7 Requires: dnf-plugins-core +# syslinux is only available on x86 +Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) %else Requires: yum-utils %endif @@ -75,7 +71,6 @@ other applications. %package -n cobbler-web Summary: Web interface for Cobbler -BuildArch: noarch Requires: cobbler = %{version}-%{release} Requires: python3-django Requires: python3-mod_wsgi From b60ad4d5af64680d1a8864030487291aa61b58d7 Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 10 Sep 2019 17:22:39 +0200 Subject: [PATCH 11/89] Exclude mongodb serializer - optional alpha state plugin --- cobbler.spec | 2 ++ 1 file changed, 2 insertions(+) diff --git a/cobbler.spec b/cobbler.spec index 853fa28..0423e16 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -24,6 +24,8 @@ BuildRequires: python3-requests BuildRequires: python3-setuptools BuildRequires: python3-simplejson +%global __requires_exclude_from ^%{python3_sitelib}/modules/serializer_mongodb.py*$ + Requires: httpd Requires: tftp-server Requires: createrepo From 280ff18862b743c8d5100c2d1f106fcf2adf427e Mon Sep 17 00:00:00 2001 From: Nicolas Chauvet Date: Tue, 17 Sep 2019 16:37:42 +0200 Subject: [PATCH 12/89] Add patch for tftp_boot location --- Set-the-default-tftp_boot-location.patch | 42 ++++++++++++++++++++++++ cobbler.spec | 2 ++ 2 files changed, 44 insertions(+) create mode 100644 Set-the-default-tftp_boot-location.patch diff --git a/Set-the-default-tftp_boot-location.patch b/Set-the-default-tftp_boot-location.patch new file mode 100644 index 0000000..ba2e839 --- /dev/null +++ b/Set-the-default-tftp_boot-location.patch @@ -0,0 +1,42 @@ +From 311c4161a638e91138939d806c3c7989fdd16fbc Mon Sep 17 00:00:00 2001 +From: Nicolas Chauvet +Date: Tue, 17 Sep 2019 16:35:07 +0200 +Subject: [PATCH] Set the default tftp_boot location + +Signed-off-by: Nicolas Chauvet +--- + cobbler/settings.py | 2 +- + config/cobbler/settings | 4 ++-- + 2 files changed, 3 insertions(+), 3 deletions(-) + +diff --git a/cobbler/settings.py b/cobbler/settings.py +index b97b11f1..dd14b3a7 100644 +--- a/cobbler/settings.py ++++ b/cobbler/settings.py +@@ -131,7 +131,7 @@ DEFAULTS = { + "sign_puppet_certs_automatically": [0, "bool"], + "signature_path": ["/var/lib/cobbler/distro_signatures.json", "str"], + "signature_url": ["https://cobbler.github.io/signatures/3.0.x/latest.json", "str"], +- "tftpboot_location": ["/srv/tftpboot", "str"], ++ "tftpboot_location": ["/var/lib/tftpboot", "str"], + "virt_auto_boot": [0, "bool"], + "webdir": ["/var/www/cobbler", "str"], + "webdir_whitelist": [".link_cache", "misc", "distro_mirror", "images", "links", "localmirror", "pub", "rendered", "repo_mirror", "repo_profile", "repo_system", "svc", "web", "webui"], +diff --git a/config/cobbler/settings b/config/cobbler/settings +index 169910c8..4fbd4ad1 100644 +--- a/config/cobbler/settings ++++ b/config/cobbler/settings +@@ -246,8 +246,8 @@ manage_tftpd: 1 + + # This variable contains the location of the tftpboot directory. If this directory is not present cobbler does not + # start. +-# Default: /srv/tftpboot +-tftpboot_location: "/srv/tftpboot" ++# Default: /var/lib/tftpboot ++tftpboot_location: "/var/lib/tftpboot" + + # set to 1 to enable Cobbler's RSYNC management features. + manage_rsync: 0 +-- +2.20.1 + diff --git a/cobbler.spec b/cobbler.spec index 0423e16..d8bcfaa 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -10,6 +10,8 @@ Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz +# Distro specific patch - tftp default location +Patch0: Set-the-default-tftp_boot-location.patch BuildArch: noarch BuildRequires: git From 4cf006ccde69d8c96bd1dab82c2a9ddf409c69a6 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 8 Oct 2019 21:14:00 -0600 Subject: [PATCH 13/89] Fix requires (requests instead of urlgrabber) Fix BR for EL8 --- cobbler.spec | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index d8bcfaa..376a16e 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.0.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -17,7 +17,7 @@ BuildArch: noarch BuildRequires: git BuildRequires: python3-devel BuildRequires: python3-cheetah -BuildRequires: python3-coverage +BuildRequires: %{py3_dist coverage} BuildRequires: python3-distro BuildRequires: python3-future BuildRequires: python3-netaddr @@ -37,9 +37,9 @@ Requires: python3-future Requires: python3-mod_wsgi Requires: python3-netaddr Requires: python3-pyyaml +Requires: python3-requests Requires: python3-simplejson Requires: python3-tornado -Requires: python3-urlgrabber Requires: genisoimage %if 0%{?fedora} || 0%{?rhel} > 7 @@ -216,6 +216,10 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Tue Oct 8 2019 Orion Poplawski - 3.0.1-2 +- Fix requires (requests instead of urlgrabber) +- Fix BR for EL8 + * Mon Sep 09 2019 Nicolas Chauvet - 3.0.1-1 - Update to 3.0.1 From d74548059391c585dcb9245c95058b520806c2e3 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 10 Oct 2019 20:15:14 -0600 Subject: [PATCH 14/89] Require /sbin/service --- cobbler.spec | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 376a16e..3951b8f 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.0.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -49,6 +49,8 @@ Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) %else Requires: yum-utils %endif +# https://github.com/cobbler/cobbler/issues/1685 +Requires: /sbin/service BuildRequires: systemd Requires(post): systemd @@ -216,6 +218,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Thu Oct 10 2019 Orion Poplawski - 3.0.1-3 +- Require /sbin/service + * Tue Oct 8 2019 Orion Poplawski - 3.0.1-2 - Fix requires (requests instead of urlgrabber) - Fix BR for EL8 From 7a96e69917c81cb123d96258b67c8413825b4d4e Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 22 Oct 2019 21:28:55 -0600 Subject: [PATCH 15/89] Drop koan completely, including obsoletes. It is a separate package now. --- cobbler.spec | 49 ++++--------------------------------------------- 1 file changed, 4 insertions(+), 45 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 3951b8f..d678a16 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.0.1 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -57,13 +57,6 @@ Requires(post): systemd Requires(preun): systemd Requires(postun): systemd -# koan is not yet available - to be re-introduced later ? -# https://github.com/cobbler/cobbler/issues/2087 -# Avoid to obsoletes koan in EL8 (from modules) -%if 0%{?fedora} -Obsoletes: koan < 3.0.0-1 -%endif - %description Cobbler is a network install server. Cobbler supports PXE, ISO virtualized installs, and re-installing existing Linux machines. @@ -88,22 +81,6 @@ Web interface for Cobbler that allows visiting http://server/cobbler_web to configure the install server. -%if 0 -%package -n koan -Summary: Helper tool that performs cobbler orders on remote machines -BuildArch: noarch -Requires: python3-simplejson -Requires: python3-ethtool -Requires: python3-urlgrabber -Requires: virt-install - -%description -n koan -Koan stands for kickstart-over-a-network and allows for both -network installation of new virtualized guests and reinstallation -of an existing system. For use with a boot-server configured with Cobbler -%endif - - %prep %autosetup -p1 @@ -130,9 +107,6 @@ mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd.service %{buildroot}%{_unitdir} # cobbler-web rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf -# koan -mkdir -p %{buildroot}/var/spool/koan - %pre if (( $1 >= 2 )); then @@ -198,26 +172,11 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %dir %attr(700,apache,root) /var/lib/cobbler/webui_sessions %attr(-,apache,apache) /var/www/cobbler_webui_content/ -%if 0 -%files -n koan -%license COPYING -%doc AUTHORS README.md -%{_bindir}/cobbler-register -%{_bindir}/koan -%{_bindir}/ovz-install -%{_mandir}/man1/koan.1* -%{_mandir}/man1/cobbler-register.1* -%{python3_sitelib}/koan/ -%exclude %{python3_sitelib}/koan/sub_process.py* -%exclude %{python3_sitelib}/koan/opt_parse.py* -%exclude %{python3_sitelib}/koan/text_wrap.py* -/var/lib/koan -/var/log/koan -/var/spool/koan -%endif - %changelog +* Tue Oct 22 2019 Orion Poplawski - 3.0.1-4 +- Drop koan completely, including obsoletes. It is a separate package now. + * Thu Oct 10 2019 Orion Poplawski - 3.0.1-3 - Require /sbin/service From 89e9d569da5c7ec41dd6e1ed85342222b20f8a22 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 11 Jan 2020 22:33:28 -0700 Subject: [PATCH 16/89] Update to 3.1.1 --- Set-the-default-tftp_boot-location.patch | 42 ------------------------ cobbler.spec | 20 +++++++---- sources | 2 +- 3 files changed, 14 insertions(+), 50 deletions(-) delete mode 100644 Set-the-default-tftp_boot-location.patch diff --git a/Set-the-default-tftp_boot-location.patch b/Set-the-default-tftp_boot-location.patch deleted file mode 100644 index ba2e839..0000000 --- a/Set-the-default-tftp_boot-location.patch +++ /dev/null @@ -1,42 +0,0 @@ -From 311c4161a638e91138939d806c3c7989fdd16fbc Mon Sep 17 00:00:00 2001 -From: Nicolas Chauvet -Date: Tue, 17 Sep 2019 16:35:07 +0200 -Subject: [PATCH] Set the default tftp_boot location - -Signed-off-by: Nicolas Chauvet ---- - cobbler/settings.py | 2 +- - config/cobbler/settings | 4 ++-- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/cobbler/settings.py b/cobbler/settings.py -index b97b11f1..dd14b3a7 100644 ---- a/cobbler/settings.py -+++ b/cobbler/settings.py -@@ -131,7 +131,7 @@ DEFAULTS = { - "sign_puppet_certs_automatically": [0, "bool"], - "signature_path": ["/var/lib/cobbler/distro_signatures.json", "str"], - "signature_url": ["https://cobbler.github.io/signatures/3.0.x/latest.json", "str"], -- "tftpboot_location": ["/srv/tftpboot", "str"], -+ "tftpboot_location": ["/var/lib/tftpboot", "str"], - "virt_auto_boot": [0, "bool"], - "webdir": ["/var/www/cobbler", "str"], - "webdir_whitelist": [".link_cache", "misc", "distro_mirror", "images", "links", "localmirror", "pub", "rendered", "repo_mirror", "repo_profile", "repo_system", "svc", "web", "webui"], -diff --git a/config/cobbler/settings b/config/cobbler/settings -index 169910c8..4fbd4ad1 100644 ---- a/config/cobbler/settings -+++ b/config/cobbler/settings -@@ -246,8 +246,8 @@ manage_tftpd: 1 - - # This variable contains the location of the tftpboot directory. If this directory is not present cobbler does not - # start. --# Default: /srv/tftpboot --tftpboot_location: "/srv/tftpboot" -+# Default: /var/lib/tftpboot -+tftpboot_location: "/var/lib/tftpboot" - - # set to 1 to enable Cobbler's RSYNC management features. - manage_rsync: 0 --- -2.20.1 - diff --git a/cobbler.spec b/cobbler.spec index d678a16..98e35b9 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -1,20 +1,18 @@ %global tftp_dir /var/lib/tftpboot/ -%global commit0 f78af86a963b099d1e22586b24aedff9062da9c1 +%global commit0 c46abca11dca886411fc95802a2cbaa66fdb691b %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.0.1 -Release: 4%{?dist} +Version: 3.1.1 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ -Source0: https://github.com/cobbler/cobbler/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz -# Distro specific patch - tftp default location -Patch0: Set-the-default-tftp_boot-location.patch +Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz +#Source0: https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz BuildArch: noarch -BuildRequires: git BuildRequires: python3-devel BuildRequires: python3-cheetah BuildRequires: %{py3_dist coverage} @@ -25,6 +23,8 @@ BuildRequires: python3-pyyaml BuildRequires: python3-requests BuildRequires: python3-setuptools BuildRequires: python3-simplejson +# For docs +BuildRequires: python3-sphinx %global __requires_exclude_from ^%{python3_sitelib}/modules/serializer_mongodb.py*$ @@ -152,9 +152,12 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %{_bindir}/cobbler-ext-nodes %{_bindir}/cobblerd %{_sbindir}/tftpd.py +%{_datadir}/bash-completion/ %dir %{_datadir}/cobbler %{_datadir}/cobbler/bin %{_mandir}/man1/cobbler.1* +%{_mandir}/man5/cobbler.conf.5* +%{_mandir}/man8/cobblerd.8* %{python3_sitelib}/cobbler/ %{python3_sitelib}/cobbler*.egg-info %{_unitdir}/cobblerd.service @@ -174,6 +177,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Sun Jan 12 2020 Orion Poplawski - 3.1.1-1 +- Update to 3.1.1 + * Tue Oct 22 2019 Orion Poplawski - 3.0.1-4 - Drop koan completely, including obsoletes. It is a separate package now. diff --git a/sources b/sources index 89303fe..08e9301 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.0.1.tar.gz) = 932141615aaa9a6b2bde479c3f50bf422762010cea5572f88d78685fb5280f387437d374f48ea2a9f355f3da8d9be83eddb3b7a72c49b1800cfa04b577e81720 +SHA512 (cobbler-3.1.1.tar.gz) = b4df95de2f57185375c00c6fbcd9d80a9b2e796477956f9b4988c63b20b369fe388372a37a33e0302d27f6a4f2fdfc086765fd8cf645d334d56e7fd7fc4c8780 From 99d963f283563d34b3f51ed63bf75df115b04540 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 28 Jan 2020 14:21:32 +0000 Subject: [PATCH 17/89] - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 98e35b9..bcab90e 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.1.1 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -177,6 +177,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Tue Jan 28 2020 Fedora Release Engineering - 3.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + * Sun Jan 12 2020 Orion Poplawski - 3.1.1-1 - Update to 3.1.1 From 3afa6212c0048fe5d1f1ab1a7ed7db7d4230efc9 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 20 Feb 2020 21:50:02 -0700 Subject: [PATCH 18/89] Use %{python3_pkgversion} for EL7 compatibility --- cobbler.spec | 44 ++++++++++++++++++++++++-------------------- 1 file changed, 24 insertions(+), 20 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index bcab90e..5513348 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -13,18 +13,22 @@ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-% #Source0: https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz BuildArch: noarch -BuildRequires: python3-devel -BuildRequires: python3-cheetah +BuildRequires: python%{python3_pkgversion}-devel +BuildRequires: python%{python3_pkgversion}-cheetah +%if 0%{?fedora} || 0%{?rhel} >= 8 BuildRequires: %{py3_dist coverage} -BuildRequires: python3-distro -BuildRequires: python3-future -BuildRequires: python3-netaddr -BuildRequires: python3-pyyaml -BuildRequires: python3-requests -BuildRequires: python3-setuptools -BuildRequires: python3-simplejson +%else +BuildRequires: python%{python3_pkgversion}-coverage +%endif +BuildRequires: python%{python3_pkgversion}-distro +BuildRequires: python%{python3_pkgversion}-future +BuildRequires: python%{python3_pkgversion}-netaddr +BuildRequires: python%{python3_pkgversion}-PyYAML +BuildRequires: python%{python3_pkgversion}-requests +BuildRequires: python%{python3_pkgversion}-setuptools +BuildRequires: python%{python3_pkgversion}-simplejson # For docs -BuildRequires: python3-sphinx +BuildRequires: python%{python3_pkgversion}-sphinx %global __requires_exclude_from ^%{python3_sitelib}/modules/serializer_mongodb.py*$ @@ -32,14 +36,14 @@ Requires: httpd Requires: tftp-server Requires: createrepo Requires: rsync -Requires: python3-cheetah -Requires: python3-future -Requires: python3-mod_wsgi -Requires: python3-netaddr -Requires: python3-pyyaml -Requires: python3-requests -Requires: python3-simplejson -Requires: python3-tornado +Requires: python%{python3_pkgversion}-cheetah +Requires: python%{python3_pkgversion}-future +Requires: python%{python3_pkgversion}-mod_wsgi +Requires: python%{python3_pkgversion}-netaddr +Requires: python%{python3_pkgversion}-PyYAML +Requires: python%{python3_pkgversion}-requests +Requires: python%{python3_pkgversion}-simplejson +Requires: python%{python3_pkgversion}-tornado Requires: genisoimage %if 0%{?fedora} || 0%{?rhel} > 7 @@ -71,8 +75,8 @@ other applications. %package -n cobbler-web Summary: Web interface for Cobbler Requires: cobbler = %{version}-%{release} -Requires: python3-django -Requires: python3-mod_wsgi +Requires: python%{python3_pkgversion}-django +Requires: python%{python3_pkgversion}-mod_wsgi Requires: mod_ssl Requires(post): openssl From 9f18f64d209d487e92dc271ec2393d58f8108fa9 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Fri, 21 Feb 2020 15:25:32 -0700 Subject: [PATCH 19/89] Add requires for python3-dns --- cobbler.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 5513348..2f6d900 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.1.1 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -37,6 +37,7 @@ Requires: tftp-server Requires: createrepo Requires: rsync Requires: python%{python3_pkgversion}-cheetah +Requires: python%{python3_pkgversion}-dns Requires: python%{python3_pkgversion}-future Requires: python%{python3_pkgversion}-mod_wsgi Requires: python%{python3_pkgversion}-netaddr @@ -181,6 +182,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Fri Feb 21 2020 Orion Poplawski - 3.1.1-3 +- Add requires for python3-dns + * Tue Jan 28 2020 Fedora Release Engineering - 3.1.1-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild From 868c803385380d635335ba8e7d6946ff88d62213 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= Date: Mon, 4 May 2020 00:36:52 +0200 Subject: [PATCH 20/89] Escape % in date format to prevent RPM errors cobbler.spec: line 119: %S: argument expected --- cobbler.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 2f6d900..f52ddfa 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -116,7 +116,7 @@ rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf %pre if (( $1 >= 2 )); then # package upgrade: backup configuration - DATE=$(date "+%Y%m%d-%H%M%S") + DATE=$(date "+%%Y%%m%%d-%%H%%M%%S") if [[ ! -d /var/lib/cobbler/backup/upgrade-${DATE} ]]; then mkdir -p /var/lib/cobbler/backup/upgrade-${DATE} fi From a0bed46104e15567fb647a72c9815e0110f20be2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miro=20Hron=C4=8Dok?= Date: Tue, 26 May 2020 02:42:50 +0200 Subject: [PATCH 21/89] Rebuilt for Python 3.9 --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index f52ddfa..e42f829 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.1.1 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -182,6 +182,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %changelog +* Tue May 26 2020 Miro Hrončok - 3.1.1-4 +- Rebuilt for Python 3.9 + * Fri Feb 21 2020 Orion Poplawski - 3.1.1-3 - Add requires for python3-dns From 29f603a1353eab9bbb90bf723b8dca7210ed7efc Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 30 May 2020 20:13:52 -0600 Subject: [PATCH 22/89] Update to 3.1.2 --- cobbler.spec | 1562 ++------------------------------------------------ sources | 2 +- 2 files changed, 37 insertions(+), 1527 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index e42f829..537f73b 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -1,11 +1,11 @@ -%global tftp_dir /var/lib/tftpboot/ +%global tftpboot_dir %{_sharedstatedir}/tftpboot/ %global commit0 c46abca11dca886411fc95802a2cbaa66fdb691b %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.1.1 -Release: 4%{?dist} +Version: 3.1.2 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -30,12 +30,11 @@ BuildRequires: python%{python3_pkgversion}-simplejson # For docs BuildRequires: python%{python3_pkgversion}-sphinx -%global __requires_exclude_from ^%{python3_sitelib}/modules/serializer_mongodb.py*$ - Requires: httpd Requires: tftp-server -Requires: createrepo +Requires: createrepo_c Requires: rsync +Requires: xorriso Requires: python%{python3_pkgversion}-cheetah Requires: python%{python3_pkgversion}-dns Requires: python%{python3_pkgversion}-future @@ -47,10 +46,16 @@ Requires: python%{python3_pkgversion}-simplejson Requires: python%{python3_pkgversion}-tornado Requires: genisoimage -%if 0%{?fedora} || 0%{?rhel} > 7 +%if 0%{?fedora} || 0%{?rhel} >= 8 +# Not everyone wants bash-completion...? +Recommends: bash-completion Requires: dnf-plugins-core # syslinux is only available on x86 Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) +# grub2 efi stuff is only available on x86 +Recommends: grub2-efi-ia32 +Recommends: grub2-efi-x64 +Recommends: logrotate %else Requires: yum-utils %endif @@ -79,7 +84,8 @@ Requires: cobbler = %{version}-%{release} Requires: python%{python3_pkgversion}-django Requires: python%{python3_pkgversion}-mod_wsgi Requires: mod_ssl -Requires(post): openssl +Requires(post): coreutils +Requires(post): sed %description -n cobbler-web Web interface for Cobbler that allows visiting @@ -102,8 +108,8 @@ rm %{buildroot}%{_sysconfdir}/cobbler/cobbler.conf mkdir -p %{buildroot}%{_sysconfdir}/logrotate.d mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd_rotate %{buildroot}%{_sysconfdir}/logrotate.d/cobblerd -# Create data directories in tftp_dir -mkdir -p %{buildroot}%{tftp_dir}/{boot,etc,grub,images{,2},ppc,pxelinux.cfg,s390x} +# Create data directories in tftpboot_dir +mkdir -p %{buildroot}%{tftpboot_dir}/{boot,etc,grub/system{,_link},images{,2},ppc,pxelinux.cfg,s390x} # systemd mkdir -p %{buildroot}%{_unitdir} @@ -114,19 +120,19 @@ rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf %pre -if (( $1 >= 2 )); then +if [ $1 -ge 2 ]; then # package upgrade: backup configuration DATE=$(date "+%%Y%%m%%d-%%H%%M%%S") - if [[ ! -d /var/lib/cobbler/backup/upgrade-${DATE} ]]; then - mkdir -p /var/lib/cobbler/backup/upgrade-${DATE} + if [ ! -d "%{_sharedstatedir}/cobbler/backup/upgrade-${DATE}" ]; then + mkdir -p "%{_sharedstatedir}/cobbler/backup/upgrade-${DATE}" fi - for i in "config" "snippets" "kickstarts" "triggers" "scripts"; do - if [[ -d /var/lib/cobbler/${i} ]]; then - cp -r /var/lib/cobbler/${i} /var/lib/cobbler/backup/upgrade-${DATE} + for i in "config" "snippets" "templates" "triggers" "scripts"; do + if [ -d "%{_sharedstatedir}/cobbler/${i}" ]; then + cp -r "%{_sharedstatedir}/cobbler/${i}" "%{_sharedstatedir}/cobbler/backup/upgrade-${DATE}" fi done - if [[ -d /etc/cobbler ]]; then - cp -r /etc/cobbler /var/lib/cobbler/backup/upgrade-${DATE} + if [ -d %{_sysconfdir}/cobbler ]; then + cp -r %{_sysconfdir}/cobbler "%{_sharedstatedir}/cobbler/backup/upgrade-${DATE}" fi fi @@ -142,8 +148,9 @@ fi %post -n cobbler-web # Change the SECRET_KEY option in the Django settings.py file # required for security reasons, should be unique on all systems -RAND_SECRET=$(openssl rand -base64 40 | sed 's/\//\\\//g') -sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/web/settings.py +# Choose from letters and numbers only, so no special chars like ampersand (&). +RAND_SECRET=$(head /dev/urandom | tr -dc 'A-Za-z0-9!' | head -c 50 ; echo '') +sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler/web/settings.py %files @@ -156,6 +163,7 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %{_bindir}/cobbler %{_bindir}/cobbler-ext-nodes %{_bindir}/cobblerd +%{_sbindir}/fence_ipmitool %{_sbindir}/tftpd.py %{_datadir}/bash-completion/ %dir %{_datadir}/cobbler @@ -166,22 +174,25 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ %{python3_sitelib}/cobbler/ %{python3_sitelib}/cobbler*.egg-info %{_unitdir}/cobblerd.service -%{tftp_dir}/* +%{tftpboot_dir}/* /var/www/cobbler -%config(noreplace) /var/lib/cobbler -%exclude /var/lib/cobbler/webui_sessions +%config(noreplace) %{_sharedstatedir}/cobbler +%exclude %{_sharedstatedir}/cobbler/webui_sessions /var/log/cobbler %files -n cobbler-web %license COPYING %doc AUTHORS.in README.md %config(noreplace) /etc/httpd/conf.d/cobbler_web.conf -%attr(-,apache,apache) /usr/share/cobbler/web -%dir %attr(700,apache,root) /var/lib/cobbler/webui_sessions +%attr(-,apache,apache) %{_datadir}/cobbler/web +%dir %attr(700,apache,root) %{_sharedstatedir}/cobbler/webui_sessions %attr(-,apache,apache) /var/www/cobbler_webui_content/ %changelog +* Fri May 29 2020 Orion Poplawski - 3.1.2-1 +- Update to 3.1.2 + * Tue May 26 2020 Miro Hrončok - 3.1.1-4 - Rebuilt for Python 3.9 @@ -389,1504 +400,3 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" /usr/share/cobbler/ * Mon Apr 21 2014 Orion Poplawski - 2.6.0-1 - Update to 2.6.0 - -* Mon Apr 21 2014 Orion Poplawski - 2.4.3-1 -- Update to 2.4.3 -- Add patch to fix bug #1047350 -- Add requires python-simplejson and virt-install for EL5 (bug #852422) -- Use updated systemd macros (bug #850061) -- Require python-ctypes on EL5 (bug #838884) - -* Sat Aug 03 2013 Fedora Release Engineering - 2.4.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild - -* Thu Jun 20 2013 James Cammarata 2.4.0-1 -- Release 2.4.0-1 (jimi@sngx.net) -* Fri May 24 2013 James Cammarata 2.4.0-beta6 -- New BETA release - 2.4.0 beta6 -* Mon Apr 22 2013 James Cammarata 2.4.0-beta5 -- A few bugfixes and rebuilding the RPM because of a goof - (jimi@sngx.net) - -* Wed Apr 03 2013 James Cammarata 2.4.0-beta4 -- 2.4.0-beta4 release -* Wed Dec 12 2012 James Cammarata 2.4.0-beta3 -- New release 2.4.0-beta3 -* Thu Oct 11 2012 James Cammarata 2.4.0-beta2 -- Modified spec version/release to be 2.4.0-beta2 (jimi@sngx.net) -- fixing up a bad commit merge (jimi@sngx.net) - -* Thu Oct 11 2012 James Cammarata 2.4.0-beta1 -- Beta Release 1 of 2.4.0 -- BUGFIX - Issue #329 - Systems no longer allow an add with an image for a - parent (jimi@sngx.net) -- BUGFIX - Issue #327 - revert 5afcff7 and fix in a more sane way - (jimi@sngx.net) -- Removed some duplicates created by reapplying a patch (jimi@sngx.net) -- BUGFIX - Issue #267 - old python-virtinst does not support --boot - (jimi@sngx.net) -- Revise install_post_puppet.py to use newer puppet syntax - (stephen@esstec.co.uk) -- Get rid of deprecated Puppet syntax so that cobbler works with Puppet 3.0 - (stephen@esstec.co.uk) -- Added ubuntu to dist check for named.conf location - (daniel.givens@rackspace.com) -- Expanded automatic determination of tftpboot path, isc dhcp and bind service - names and config files based on distro. (daniel@givenstx.com) -- Make the service name for DHCP and DNS restarts configurable for better - portable between distros. (daniel.givens@rackspace.com) -- Serial based on formatted date and revision number (alevy@mobitv.com) -- Correct undefined variable name (jbd@jbdenis.net) -- fix merge Issue #252 BUGFIX and #262 (daikame@gmail.com) -- Add check for valid driver_type before executing qemu-img (jimi@sngx.net) -- fix mistake remove import. (daikame@gmail.com) -- move exec method to utils.py, and catch unexpected exception. - (daikame@gmail.com) -- not check driver type on create method. (daikame@gmail.com) -- BUGFIX - Issue #305 - Incorrect Kickstart file when gPXE enabled - (jimi@sngx.net) -- BUGFIX - Issue #304 - Cobbler does not store values correctly for ksmeta - Objects were getting flattened improperly, so it was losing escapes/quoting - for values with spaces (jimi@sngx.net) -- add vmdk and raw file create support. (daikame@gmail.com) -- BUGFIX - Issue #267 - old python-virtinst does not support --boot - (jimi@sngx.net) -- Modified spec version/release to be 2.4.0-beta-1 (jimi@sngx.net) -- Initial commit for mysql backend support (jimi@sngx.net) -- BUGFIX - Issue #277 - move webroot to /srv/www for debian/ubuntu - (jimi@sngx.net) -- FEATURE - adding 'zonetype' variable for DNS zone rendering (jimi@sngx.net) -- BUGFIX - Issue #278 - cobbler import fails for ubuntu images due to rsync - args (jimi@sngx.net) -- BUGFIX - Issue #285 - update cobbler man page for incorrect options - (jimi@sngx.net) -- BUGFIX - Issue #241 - adding distro with blank name via XMLRPC should not - work (jimi@sngx.net) -- BUGFIX - Issue #272 - allow anamon to log entries when building systems based - on profiles (no corresponding system record) (jimi@sngx.net) -- BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match - preventing LV creation (jimi@sngx.net) -- BUGFIX - Issue #287 - patch to allow templar to work without a config, which - was breaking the tftpd.py script (jimi@sngx.net) -- add qcow2 driver type (daikame@gmail.com) -- fix koan qemu-machine-type param test. (daikame@gmail.com) -- Only cosmetic cleanup - removed commands that were commented out, added - spaces for more clear code (flaks@bnl.gov) -- Modified sample.seed to make use kickstart_start and kickstart_done snippets - for debian. As a result the following cobbler features work for debian: - - prevent net boot looping - cobbler status reflects debian installations - - preseed file is downloaded a nd saved on the installed system as - /var/log/cobbler.seed Also made download_config_files_deb snippet, make use - of late_command New post_run_deb snippet allows to execute post installation - script. (flaks@bnl.gov) -- Some changes for testing (jimi@sngx.net) -- Minor fix for urlparse on older pythons (>2.5) (jimi@sngx.net) -- FEATURE - Issue #253 - Use PEERDNS=no for DHCP interfaces when name servers - are specified (jimi@sngx.net) -- install-tree for debian/ubuntu modified to take tree= from meta data. http, - ftp and nfs remote tree locations supported (flaks@bnl.gov) -- add support of custom logical volume name (daikame@gmail.com) -- Partial revert of 87acfc8b, and a minor change to bring the koan extra-args - inline with the PXE args (jimi@sngx.net) -- New default preseed, and a few minor changes to make ubuntu auto install work - better (jimi@sngx.net) -- Add support for qemu machine type to emulate (option --qemu-machine-type). - (isaoshimizu@gmail.com) -- Modern x86 kernels have 2048 char limit and this is needed to support - configurations with kickstart+NIC kernel params. Otherwise koan refuses to - accept the param list. (oliver@cpan.org) -- Allow koan's -S option to work for SuSE breed. Also remove -S for breed=None, - as I assume "Red Hat" is not a sane assumption for all Distros without a - breed. (oliver@cpan.org) -- Only add a udev net rule for an interface if the MAC is set. This fixes - behaviour whereby a dummy udev rule at eth0 forces the first NIC to get eth1 - post-install. (oliver@cpan.org) -- Make the domainname setting be the full eth0 DNS Name, minus the first dotted - part (and not the FQDN). (oliver@cpan.org) -- BUGFIX - Issue #252 - fuzzy match on lvs name returns a false match - preventing LV creation (jimi@sngx.net) -- Added back in the filesystem loader. (oliver@cpan.org) -- BUGFIX - Issue #247 - Reposync does not work from the web interface - (jimi@sngx.net) -- BUGFIX - Issue #246 - CentOS 5.x install fence_tools to /sbin/ - (jimi@sngx.net) -- Fix post_report trigger typo (jimi@sngx.net) -- Some fixes for koan running with an old virt-install (jimi@sngx.net) -- Define pxe_menu_items variable when creating PXE files for systems - (jthiltges2@unl.edu) -- Refactor PXE and GRUB menu item creation into a separate function - (jthiltges2@unl.edu) -- django 1.4 and later have deprecated the old TEMPLATE_LOADERS and replaced - them with a new app_directories.Loader (oliver@cpan.org) -- Add support for UEFI boot to the subnet, but not for defined systems yet. - (erinn.looneytriggs@gmail.com) -- Fix redhat import whitelist for Fedora 17 (jimi@sngx.net) -- Fix unittest on the case of haven't virt-install libs. (daikame@gmail.com) -- os_version for debian should be similar to ubunty for virt-install to work - changed tree in app.py so that I can use debian mirror different from cobbler - server (flaks@bnl.gov) -- fedora 17 changed the output of ifconfig command. This will make IFNAME set - in snippets again (flaks@bnl.gov) -- remove edit for now (flaks@bnl.gov) -- Fixed snippets for bonded_bridge_slave and a few other fixes for koan/web GUI - (jimi@sngx.net) -- Initial support for bonded_bridge_slave type. TODO: modifying snippets to - actually make it work... (jimi@sngx.net) -- The webui_sessions directory belongs only to cobbler-web - (chutzimir@gmail.com) -- RPM: put cobbler*.conf files only in /etc/httpd/conf.d - (cristian.ciupitu@yahoo.com) -- better fix for pull request #228 (jorgen.maas@gmail.com) -- make rpms failed because the misc/ directory containing the augeas lense - could not be found. this simple diff fixes that. (jorgen.maas@gmail.com) -- Ubuntu actually requires auto=true in kopts See - http://serverfault.com/a/144290/39018 (ekirpichov@gmail.com) -- Whitespace cleanup for the new openvz stuff (jimi@sngx.net) -- Remove dead code (useless imports) (cristian.ciupitu@yahoo.com) -- BUGFIX extra-args option problems (daikame@gmail.com) -- FIX koan virt-install tests. (daikame@gmail.com) -- added debian support to prevent net boot looping (flaks@bnl.gov) -- README.openvz: - added (nvrhood@gmail.com) -- scripts/ovz-install: - added support for "services" kickstart option - - corrected repos and installation source processing (nvrhood@gmail.com) -- cobbler.spec, setup.py: - added scripts/ovz-install (nvrhood@gmail.com) -- koan/openvzcreate.py, scripts/ovz-install: - changes in copyright notice - (nvrhood@gmail.com) -- koan/app.py: - bug in koan: size of freespace on VG expressed as float with - comma, but need fload with point (nvrhood@gmail.com) -- koan/app.py: - added type "openvz" (nvrhood@gmail.com) -- cobbler/collection.py: - openvz containers doesn't need to boot from PXE, so - we prevent PXE-menu creation for such profiles. (nvrhood@gmail.com) -- cobbler/item_profile.py, cobbler/utils.py: - added "openvz" virtualization - type (nvrhood@gmail.com) -- cobbler/item_system.py: - added openvz for virt_type (nvrhood@gmail.com) -- [BUGFIX] template errors can hit an exception path that references an - undefined variable (jimi@sngx.net) -- If the call to int() fails, inum has no value, thus the reference to inum in - the except clause causes an UnboundLocalError when it tries to reference - inum. (joshua@azariah.com) -- Add new ubuntu (alpha) version to codes.py (jorgen.maas@gmail.com) -- Not all remove current ifcfg- post_install_network_config (me@n0ts.org) -- Update systemctl script to resolve some issues (jimi@sngx.net) -- More spec fixes (jimi@sngx.net) -- Removing replicate_use_default_rsync_options setting and setting - replicate_rsync_options to existing rsync default. Issue #58 - (john@julienfamily.com) -- Commit for RFE: Expose rsync options during replication. Issue #58 - (john@julienfamily.com) -- Yet more HTML/CSS fixes, cleaning up some overly large inputs caused by other - CSS changes (jimi@sngx.net) -- More HTML/CSS improvements for new weblayout (jimi@sngx.net) -- CSS improvements for the tabbed layout (jimi@sngx.net) -- Fix for settings edit using the new tab format (jimi@sngx.net) -- Added a cancel button to replace the reset button (jimi@sngx.net) -- Fix saving of multiselect fields (jimi@sngx.net) -- Modification to generic_edit template to use tabs for categories plus some - miscellaneous cleanup (jimi@sngx.net) -- Adding an example line for redhat imports to the whitelist file - (jimi@sngx.net) -- Another minor fix for suse imports - fixing up name when using --available-as - (already done in other import modules) - allowing multiple arch imports (also - already done in other imports) (jimi@sngx.net) -- Some fixups for suse using --available-as (jimi@sngx.net) -- Fix for import when using --available-as - currently rsyncs full remote tree, - changing that to only import files in a white list - some modifications to - import modules to clean some things up and make available-as work better - - fix in utils.py for path_tail, which was not working right and appending the - full path (jimi@sngx.net) -- Run the same sed command on the default distributed config file to ensure - consistent indentation (jimi@sngx.net) -- Add setting to enable/disable dynamic settings changes Adding - cobblersettings.aug to distributed files, since we need a copy that doesn't - insert tabs Added a "cobbler check" that checks if dynamic settings is - enabled and prints a sed command to cleanup the settings file spacing/indents - (jimi@sngx.net) -- Change cli command "settings" to "setting" to match other commands (which are - not plurarlized) (jimi@sngx.net) -- Removing commented-out try/except block in config.py, didn't mean to commit - this (jimi@sngx.net) -- Fixed/improved CLI reporting for settings (jimi@sngx.net) -- Added support for validating setting type when saving Also fixed up the - augeas stuff to save lists and hashes correctly (jimi@sngx.net) -- Fix for incorrect redirect when login times out when looking at a setting - edit (jimi@sngx.net) -- Dynamic settings edit support for the web GUI (jimi@sngx.net) -- Added ability to write settings file via augeas (jimi@sngx.net) -- Initial support for modifying settings live Changed settings do not survive a - reboot and revert to what's in /etc/cobbler/settings TODO: * report --name - show a single setting * validate settings based on type (string, list, bool, - etc.) * web support for editing * persisting settings after change - (jimi@sngx.net) -- Branch for 2.4.0, updated spec and setup.py (jimi@sngx.net) - -* Sun Jun 17 2012 James Cammarata 2.2.3-2 -- [BUGFIX] re-enable writing of DHCP entries for non-pxeboot-enabled systems - unless they're static (jimi@sngx.net) -* Tue Jun 05 2012 James Cammarata 2.2.3-1 -- [BUGFIX] add dns to kernel commandline when using static interface - (frido@enu.zolder.org) -- [BUGFIX] issue #196 - repo environment variables bleed into other repos - during sync process This patch has reposync cleanup/restore any environment - variables that were changed during the process (jimi@sngx.net) -- BUGFIX quick dirty fix to work around an issue where cobbler would not log in ldap - usernames which contain uppercase characters. at line 60 instead of "if user - in data", "if user.lower() in data" is used. It would appear the parser puts - the usernames in data[] in lowercase, and the comparison fails because "user" - does hold capitalizations. (matthiasvandegaer@hotmail.com) -- [BUGFIX] simplify SELinux check reporting - * Remove calls to semanage, policy prevents apps from running that directly - (and speeds up check immensely) - * Point users at a wiki page which will contain details on ensuring cobbler - works with SELinux properly (jimi@sngx.net) -- [BUGFIX] issue #117 - incorrect permissions on files in /var/lib/cobbler - (j-nomura@ce.jp.nec.com) -- [BUGFIX] issue #183 - update objects mgmt classes field when a mgmt class is - renamed (jimi@sngx.net) -- [BUGFIX] adding some untracked directories and the new augeas lense to the - setup.py and cobbler.spec files (jimi@sngx.net) -- [FEATURE] Added ability to disable grubby --copy-default behavior for distros that may - have problems with it (jimi@sngx.net) -- [SECURITY] Major changes to power commands: - * Fence options are now based on /usr/sbin/fence_* - so basically anything the - fence agents package provides. - * Templates will now be sourced from /etc/cobbler/power/fence_.template. - These templates are optional, and are only required if you want to do extra - options for a given command. - All options for the fence agent command are sent - over STDIN. - * Support for ipmitool is gone, use fence_ipmilan instead (which uses ipmitool - under the hood anyway). This may apply to other power types if they were provided - by a fence_ command. - * Modified labels for the power options to be more descriptive. (jimi@sngx.net) -- [BUGFIX] issue #136 - don't allow invalid characters in names when copying - objects (jimi@sngx.net) -- [BUGFIX] issue #168 - change input_string_or_list to use shlex for split This - function was using a regular string split, which did not allow quoted or - escaped strings to be preserved. (jimi@sngx.net) -- [BUGFIX] Correct method to process the template file. This Fixes the previous issue - and process the template. (charlesrg@gmail.com) -- [BUGFIX] issue #170 - koan now checks length of drivers list before indexing - (daniel@defreez.com) -- [BUGFIX] Issue #153 - distro delete doesn't remove link from - /var/www/cobbler/links Link was being created incorrectly during the import - (jimi@sngx.net) -- [FEATURE] snippets: save/restore boot-device on ppc64 on fedora17 (nacc@us.ibm.com) -- [BUGFIX] Fixed typo in pre_anamon (brandor5@gmail.com) -- [BUGFIX] Added use of $http_port to server URL in pre_anamon and post_anamon - (brandor5@gmail.com) -- [BUGFIX] Fixed dnsmasq issue regarding missing dhcp-host entries (cobbler@basjes.nl) -- [BUGFIX] in buildiso for RedHat based systems. The interface->ip resolution was - broken when ksdevice=bootif (default) (jorgen.maas@gmail.com) -- [BUGFIX] rename failed for distros that did not live under ks_mirror - (jimi@sngx.net) -- [BUGFIX] Partial revert of commit 3c81dd3081 - incorrectly removed the 'extends' - template directive, breaking rendering in django (jimi@sngx.net) -- [BUGFIX] Reverting commit 1d6c53a97, which was breaking spacewalk Changed the web - interface stuff to use the existing extended_version() remote call - (jimi@sngx.net) -- [BUGFIX] Minor fix for serializer_pretty_json change, setting indent to 0 was still - causing more formatted JSON to be output (jimi@sngx.net) -- [SECURITY] Adding PrivateTmp=yes to the cobblerd.service file for systemd - (jimi@sngx.net) -- [FEATURE] add a config option to enable pretty JSON output (disabled by default) - (aronparsons@gmail.com) -- [BUGFIX] issue #107 - creating xendomains link for autoboot fails Changing an - exception to a printed warning, there's no need to completely bomb out on the - process for this (jimi@sngx.net) -- [BUGFIX] issue #28 - Cobbler drops errors on the floor during a replicate - Added additional logging to add_ functions to report an error if the add_item - call returns False (jimi@sngx.net) -- [BUGFIX] add requirement for python-simplejson to koan's package - (jimi@sngx.net) -- [BUGFIX] action_sync: fix sync_dhcp remote calls (nacc@us.ibm.com) -- [BUGFIX] Add support for KVM paravirt (justin@thespies.org) -- [BUGFIX] Makefile updates for debian/ubuntu systems (jimi@sngx.net) -- [BUGFIX] fix infinite netboot cycle with ppc64 systems (nacc@us.ibm.com) -- [BUGFIX] Don't allow Templar classes to be created without a valid config - There are a LOT of places in the templar.py code that use self.settings - without checking to make sure a valid config was passed in. This could cause - random stack dumps when templating, so it's better to force a config to be - passed in. Thankfully, there were only two pieces of code that actually did - this, one of which was the tftpd management module which was fixed elsewhere. - (jimi@sngx.net) -- [BUGFIX] instance of Templar() was being created without a config passed in - This caused a stack dump when the manage_in_tftpd module tried to access the - config settings (jimi@sngx.net) -- [BUGFIX] Fix for issue #17 - Make cobbler import be more squeaky when it doesn't - import anything (jimi@sngx.net) -- [FEATURE] autoyast_sample: save and restore boot device order (nacc@us.ibm.com) -- [BUGFIX] Fix for issue #105 - buildiso fails Added a new option for buildiso: - --mkisofs-opts, which allows specifying extra options to mkisofs TODO: add - input box to web interface for this option (jimi@sngx.net) -- [BUGFIX] incorrect lower-casing of kickstart paths - regression from issue - #43 (jimi@sngx.net) -- [FEATURE] Automatically detect and support bind chroot (orion@cora.nwra.com) -- [FEATURE] Add yumopts to kickstart repos (orion@cora.nwra.com) -- [BUGFIX] Fix issue with cobbler system reboot (nacc@us.ibm.com) -- [BUGFIX] fix stack trace in write_pxe_file if distro==None (smoser@brickies.net) -- [BUGFIX] Changed findkeys function to be consisten with keep_ssh_host_keys snippet - (flaks@bnl.gov) -- [BUGFIX] Fix for issue #15 - cobbler image command does not recognize - --image-type=memdisk (jimi@sngx.net) -- [BUGFIX] Issue #13 - reposync with --tries > 1 always repeats, even on - success The success flag was being set when the reposync ran, but didn't - break out of the retry loop - easy fix (jimi@sngx.net) -- [BUGFIX] Fix for issue #42 - kickstart not found error when path has leading - space (jimi@sngx.net) -- [BUGFIX] Fix for issue #26 - Web Interface: Profile Edit - * Added jquery UI stuff - * Added javascript to generic_edit template to make all selects in the - class "edit" resizeable - (jimi@sngx.net) -- [BUGFIX] Fix for issue #53 - cobbler system add without --profile exits 0, - but does nothing (jimi@sngx.net) -- [BUGFIX] Issue #73 - Broken symlinks on distro rename from web_gui - (jimi@sngx.net) -- regular OS version maintenance (jorgen.maas@gmail.com) -- [BUGFIX] let koan not overwrite existing initrd+kernel (ug@suse.de) -- [FEATURE] koan: - * Port imagecreate to virt-install (crobinso@redhat.com) - * Port qcreate to virt-install (crobinso@redhat.com) - * Port xen creation to virt-install (crobinso@redhat.com) -- [FEATURE] new snippet allows for certificate-based RHN registration - (jim.nachlin@gawker.com) -- [FEATURE] Have autoyast by default behave more like RHEL, regarding networking etc. - (chorn@fluxcoil.net) -- [BUGFIX] sles patches (chorn@fluxcoil.net) -- [BUGFIX] Simple fix for issue where memtest entries were not getting created after - installing memtest86+ and doing a cobbler sync (rharriso@redhat.com) -- [BUGFIX] REMOTE_ADDR was not being set in the arguments in calls to CobblerSvc - instance causing ip address not to show up in install.log. - (jweber@cofront.net) -- [BUGFIX] add missing import of shutil (aparsons@redhat.com) -- [BUGFIX] add a sample kickstart file for ESXi (aparsons@redhat.com) -- [BUGFIX] the ESXi installer allows two nameservers to be defined (aparsons@redhat.com) -- [BUGFIX] close file descriptors on backgrounded processes to avoid hanging %%pre - (aparsons@redhat.com) -- [BUGFIX] rsync copies the repositories with --delete hence deleting everyhting local - that isn't on the source server. The createrepo then creates (following the - default settings) a cache directory ... which is deleted by the next rsync - run. Putting the cache directory in the rsync exclude list avoids this - deletion and speeds up running reposync dramatically. (niels@basjes.nl) -- [BUGFIX] Properly blame SELinux for httpd_can_network_connect type errors on initial - setup. (michael.dehaan@gmail.com) -- fix install=... kernel parameter when importing a SUSE distro (ug@suse.de) -- [BUGFIX] Force Django to use the system's TIME_ZONE by default. - (jorgen.maas@gmail.com) -- [FEATURE] Separated check for permissions from file existence check. - (aaron.peschel@gmail.com) -- [BUGFIX] If the xendomain symlink already exists, a clearer error will be produced. - (aaron.peschel@gmail.com) -- [FEATURE] Adding support for ESXi5, and fixing a few minor things (like not having a - default kickstart for esxi4) Todos: * The esxi*-ks.cfg files are empty, and - need proper kickstart templates * Import bug testing and general kickstart - testing (jimi@sngx.net) -- [FEATURE] Adding basic support for gPXE (jimi@sngx.net) -- [FEATURE] Add arm as a valid architecture. (chuck.short@canonical.com) -- [SECURITY] Changes PYTHON_EGG_CACHE to a safer path owned just by the webserver. - (chuck.short@canonical.com) -- [BUGFIX] koan: do not include ks_meta args when obtaining tree When obtaining the tree - for Ubuntu machines, ensure that ks_meta args are not passed as part of the - tree if they exist. (chuck.short@canonical.com) -- [FEATURE] koan: Use grub2 for --replace-self instead of grubby The koan option - '--replace-self' uses grubby, which relies on grub1, to replace a local - installation by installing the new kernel/initrd into grub menu entries. - Ubuntu/Debian no longer uses it grub1. This patch adds the ability to use - grub2 to add the kernel/initrd downloaded to a menuentry. On reboot, it will - boot from the install kernel reinstalling the system. Fixes (LP: #766229) - (chuck.short@canonical.com) -- [BUGFIX] Fix reposync missing env variable for debmirror Fixes missing HOME env - variable for debmirror by hardcoding the environment variable to - /var/lib/cobbler (chuck.short@canonical.com) -- [BUGFIX] Fix creation of repo mirror when importing iso. Fixes the creation of a - disabled repo mirror when importing ISO's such as the mini.iso that does not - contain any mirror/packages. Additionally, really enables 'apt' as possible - repository. (chuck.short@canonical.com) -- [BUGFIX] adding default_template_type to settings.py, caused some issues with - templar when the setting was not specified in the /etc/cobbler/settings - (jimi@sngx.net) -- [BUGFIX] fix for following issue: can't save networking options of a system - in cobbler web interface. (#8) (jimi@sngx.net) -- [BUGFIX] Add a new setting to force CLI commands to use the localhost for xmlrpc - (chjohnst@gmail.com) -- [BUGFIX] Don't blow up on broken links under /var/www/cobbler/links - (jeffschroeder@computer.org) -- [SECURITY] Making https the default for the cobbler web GUI. Also modifying the cobbler- - web RPM build to require mod_ssl and mod_wsgi (missing wsgi was an oversight, - just correcting it now) (jimi@sngx.net) -- [FEATURE] Adding authn_pam. This also creates a new setting - authn_pam_service, which - allows the user to configure which PAM service they want to use for cobblerd. - The default is the 'login' service (jimi@sngx.net) -- [SECURITY] Change in cobbler.spec to modify permissions on webui sessions directory to - prevent non-privileged user acccess to the session keys (jimi@sngx.net) -- [SECURITY] Enabling CSRF protection for the web interface (jimi@sngx.net) -- [SECURITY] Convert all yaml loads to safe_loads for security/safety reasons. - https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/858883 (jimi@sngx.net) -- [FEATURE] Added the setting 'default_template_type' to the settings file, and created - logic to use that in Templar().render(). Also added an option to the same - function to pass the template type in as an argument. (jimi@sngx.net) -- [FEATURE] Initial commit for adding support for other template languages, namely jinja2 - in this case (jimi@sngx.net) - -* Tue Nov 15 2011 Scott Henson 2.2.2-1 -- Changelog update (shenson@redhat.com) -- Fixed indentation on closing tr tag (gregswift@gmail.com) -- Added leader column to the non-generic tables so that all tables have the - same layout. It leaves room for a checkbox and multiple selects i nthese - other tables as well. (gregswift@gmail.com) -- Added action class to the event log link to bring it inline with other table - functions (gregswift@gmail.com) -- buildiso bugfix: overriding dns nameservers via the dns kopt now works. - reported by Simon Woolsgrove (jorgen.maas@gmail.com) -- Fix for pxegen, where an image without a distro could cause a stack dump on - cobbler sync (jimi@sngx.net) -- Added initial support for specifying the on-disk format of virtual disks, - currently supported for QEMU only when using koan (jimi@sngx.net) -- Add fedora16, rawhide, opensuse 11.2, 11.3, 11.4 and 12.1 to codes.py This - should also fix ticket #611 (jorgen.maas@gmail.com) -- Use VALID_OS_VERSIONS from codes.py in the redhat importer. - (jorgen.maas@gmail.com) -- Cleanup: use utils.subprocess_call in services.py (jorgen.maas@gmail.com) -- Cleanup: use utils.subprocess_call in remote.py. (jorgen.maas@gmail.com) -- Cleanup: use utils.subprocess_call in scm_track.py. Also document that 'hg' - is a valid option in the settings file. (jorgen.maas@gmail.com) -- Dont import the sub_process module when it's not needed. - (jorgen.maas@gmail.com) -- Fixes to import_tree() to actually copy files to a safe place when - --available-as is specified. Also some cleanup to the debian/ubuntu import - module for when --available-as is specified. (jimi@sngx.net) -- Modification to import processes so that rsync:// works as a path. These - changes should also correct the incorrect linking issue where the link - created in webdir/links/ pointed at a directory in ks_mirror without the arch - specified, resulting in a broken link if --arch was specified on the command - line Also removed the .old import modules for debian/ubuntu, which were - replaced with the unified manage_import_debian_ubuntu.py (jimi@sngx.net) -- cleanup: use codes.VALID_OS_VERSIONS in the freebsd importer - (jorgen.maas@gmail.com) -- cleanup: use codes.VALID_OS_VERSIONS in the debian/ubuntu importer - (jorgen.maas@gmail.com) -- Bugfix: add the /var/www/cobbler/pub directory to setup.py. Calling buildiso - from cobbler-web now works as expected. (jorgen.maas@gmail.com) -- BUGFIX: patch koan (xencreate) to correct the same issue that was broken for - vmware regarding qemu_net_type (jimi@sngx.net) -- BUGFIX: fixed issue with saving objects in the webgui failing when it was the - first of that object type saved. (jimi@sngx.net) -- Minor fix to the remote version to use the nicer extended version available - (jimi@sngx.net) -- Fix a bug in buildiso when duplicate kopt keys are used. Reported and tested - by Simon Woolsgrove (jorgen.maas@gmail.com) -- Fix for koan, where vmwcreate.py was not updated to accept the network type, - causing failures. (jimi@sngx.net) -- Added a %%post section for the cobbler-web package, which replaces the - SECRET_KEY field in the Django settings.py with a random string - (jimi@sngx.net) -- BUGFIX: added sign_puppet_certs_automatically to settings.py. The fact that - this was missing was causing failures in the the pre/post puppet install - modules. (jimi@sngx.net) -- set the auto-boot option for a virtual machine (ug@suse.de) -- Correction for koan using the incorrect default port for connecting to - cobblerd (jimi@sngx.net) -- config/settings: add "manage_tftpd: 1" (default setting) - (cristian.ciupitu@yahoo.com) - -* Wed Oct 05 2011 Scott Henson 2.2.1-1 -- Import changes for systemd from the fedora spec file (shenson@redhat.com) - -* Wed Oct 05 2011 Scott Henson 2.2.0-1 -- Remove the version (shenson@redhat.com) -- New upstream 2.2.0 release (shenson@redhat.com) -- Add networking snippet for SuSE systems. (jorgen.maas@gmail.com) -- Add a /etc/hosts snippet for SuSE systems. (jorgen.maas@gmail.com) -- Add a proxy snippet for SuSE systems. (jorgen.maas@gmail.com) -- Buildiso: make use of the proxy field (SuSE, Debian/Ubuntu). - (jorgen.maas@gmail.com) -- Rename buildiso.header to buildiso.template for consistency. Also restore the - local LABEL in the template. (jorgen.maas@gmail.com) -- Bugfix: uppercase macaddresses used in buildiso netdevice= keyword cause the - autoyast installer to not setup the network and thus fail. - (jorgen.maas@gmail.com) -- Buildiso: minor cleanup diff. (jorgen.maas@gmail.com) -- Buildiso: behaviour changed after feedback from the community. - (jorgen.maas@gmail.com) -- Build standalone ISO from the webinterface. (jorgen.maas@gmail.com) -- Fix standalone ISO building for SuSE, Debian and Ubuntu. - (jorgen.maas@gmail.com) -- add proxy field to field_info.py (jorgen.maas@gmail.com) -- Remove FreeBSD from the unix breed as it has it's own now. Also, add freebsd7 - as it is supported until feb 2013. Minor version numbers don't make sense, - also removed. (jorgen.maas@gmail.com) -- Add a proxy field to profile and system objects. This is useful for - environments where systems are not allowed to make direct connections to the - cobbler/repo servers. (jorgen.maas@gmail.com) -- Introduce a "status" field to system objects. Useful in environments where - DTAP is required, the possible values for this field are: development, - testing, acceptance, production (jorgen.maas@gmail.com) -- Buildiso: only process profiles for selected systems. (jorgen.maas@gmail.com) -- Buildiso: add batch action to build an iso for selected profiles. - (jorgen.maas@gmail.com) -- Buildiso: use management interface feature. (jorgen.maas@gmail.com) -- Buildiso: get rid of some code duplication (ISO header). - (jorgen.maas@gmail.com) -- Buildiso: add interface to macaddr resolution. (jorgen.maas@gmail.com) -- Buildiso: add Debian and Ubuntu support. (jorgen.maas@gmail.com) -- Buildiso: select systems from the webinterface. (jorgen.maas@gmail.com) -- Fix an exception when buildiso is called from the webinterface. - (jorgen.maas@gmail.com) -- fix power_virsh template to check dom status before executing command. - (bpeck@redhat.com) -- if hostname is not resolvable do not fail and use that hostname - (msuchy@redhat.com) -- Removed action_import module and references to it in code to prevent future - confusion. (jimi@sngx.net) -- Fixing redirects after a failed token validation. You should now be - redirected back to the page you were viewing after having to log back in due - to a forced login. (jimi@sngx.net) -- Use port to access cobbler (peter.vreman@acision.com) -- Stripping "g" from vgs output case-insensitive runs faster - (mmello@redhat.com) -- Adding ability to create new sub-directories when saving snippets. Addresses - trac #634 - save new snippet fails on non existing subdir (jimi@sngx.net) -- Fix traceback when executing "cobbler system reboot" with no system name - specified Trac ticket #578 - missing check for name option with system reboot - (jimi@sngx.net) -- bind zone template writing (jcallaway@squarespace.com) -- Removing the duplicate lines from importing re module (mmello@redhat.com) -- Merge remote-tracking branch 'jimi1283/bridge-interface' (shenson@redhat.com) -- Modification to allow DEPRECATED options to be added as options to optparse - so they work as aliases (jimi@sngx.net) -- Re-adding the ability to generate a random mac from the webui. Trac #543 - (Generate random mac missing from 2.x webui) (jimi@sngx.net) -- Merge remote-tracking branch 'jsabo/fbsdreplication' (shenson@redhat.com) -- Tim Verhoeven (Tue. 08:35) (Cobbler attachment) - Subject: [PATCH] Add support to koan to select type of network device to - emulate To: cobbler development list - Date: Tue, 2 Aug 2011 14:35:21 +0200 (shenson@redhat.com) -- Hello, (shenson@redhat.com) -- scm_track: Add --all to git add options to handle deletions (tmz@pobox.com) -- Moved HEADER heredoc from action_buildiso.py to - /etc/cobbler/iso/buildiso.header (gbailey@terremark.com) -- Enable replication for FreeBSD (jsabo@verisign.com) -- Merge branch 'master' into bridge-interface (jimi@sngx.net) -- Remove json settings from local_get_cobbler_xmlrpc_url() (jsabo@verisign.com) -- 1) Moving --subnet field to --netmask 2) Created DEPRECATED_FIELDS structure - in field_info.py to deal with moves like this * also applies to the - bonding->interface_type move for bridged interface support (jimi@sngx.net) -- Merge remote-tracking branch 'jimi1283/bridge-interface' (shenson@redhat.com) -- Fixing up some serializer module stuff: * detecting module load errors when - trying to deserialize collections * added a what() function to all the - serializer modules for ID purposes * error detection for mongo stuff, - including pymongo import problems as well as connection issues - (jimi@sngx.net) -- Cleanup of bonding stuff in all files, including webui and koan. Additional - cleanup in the network config scripts, and re-added the modprobe.conf - renaming code to the post install network config. (jimi@sngx.net) -- Initial rework to allow bridge/bridge slave interfaces Added static route - configuration to pre_install_network_config Major cleanup/reworking of - post_install_network_config script (jimi@sngx.net) -- Fix for bad commit of some json settings test (jimi@sngx.net) -- Merge remote-tracking branch 'jsabo/fbsdimport' (shenson@redhat.com) -- Adding initial support for FreeBSD media importing (jsabo@verisign.com) -- Setting TIME_ZONE to None in web/settings.py causes a 500 error on a RHEL5 - system with python 2.4 and django 1.1. Commenting out the config line has the - same effect as setting it to None, and prevents the 500. (jimi@sngx.net) -- Fixes for importing RHEL6: * path_tail() was previously moved to utils, a - couple places in the import modules still used self.path_tail instead - of utils.path_tail, causing a stack dump * Fixed an issue in - utils.path_tail(), which was using self. still from when it was a member - of the import class * When mirror name was set on import and using - --available-as, it was appending a lot of junk instead of just using the - specified mirror name (jimi@sngx.net) -- Merge branch 'master' of git://git.fedorahosted.org/cobbler (jimi@sngx.net) -- Fix a quick error (shenson@redhat.com) -- Set the tftpboot dir for rhel6 hosts (jsabo@verisign.com) -- Fixed a typo (jorgen.maas@gmail.com) -- Added an extra field in the system/interface item. The field is called - "management" and should be used to identify the management interface, this - could be useful information for multihomed systems. (jorgen.maas@gmail.com) -- In the event log view the data/time field got wrapped which is very annoying. - Fast fix for now, i'm pretty sure there are better ways to do this. - (jorgen.maas@gmail.com) -- Event log soring on date reverted, let's sort on id instead. Reverse over - events in the template. Convert gmtime in the template to localtime. - (jorgen.maas@gmail.com) -- Sort the event log by date/time (jorgen.maas@gmail.com) -- Remove some unsupported OS versions from codes.py (jorgen.maas@gmail.com) -- Some changes in the generate_netboot_iso function/code: - Users had to supply - all system names on the commandline which they wanted to include in the ISO - boot menu. This patch changes that behaviour; all systems are included by - default now. You can still provide an override with the --systems parameter, - thus making this feature more consistent with what one might expect from - reading the help. - While at it I tried to make the code more readable and - removed some unneeded iterations. - Prevent some unneeded kernel/initrd - copies. - You can now override ip/netmask/gateway/dns parameters with - corresponding kernel_options. - Fixed a bug for SuSE systems where ksdevice - should be netdevice. - If no ksdevice/netdevice (or equivalent) has been - supplied via kernel_options try to guess the proper interface to use, but - don't just use one if we can't be sure about it (e.g. for multihomed - systems). (jorgen.maas@gmail.com) -- Add SLES 11 to codes.py (jorgen.maas@gmail.com) -- Add support for Fedora15 to codes.py (jorgen.maas@gmail.com) -- Django uses the timezone information from web/settings.py Changing the - hardcoded value to None forces Django to use the systems timezone instead of - this hardcoded value (jorgen.maas@gmail.com) -- Fix cobbler replication for non-RHEL hosts. The slicing used in the - link_distro function didn't work for all distros. (jsabo@verisign.com) -- Fix vmware esx importing. It was setting the links dir to the dir the iso was - mounted on import (jsabo@verisign.com) -- Merge remote-tracking branch 'jsabo/webuifun' (shenson@redhat.com) -- Fix bug with esxi replication. It wasn't rsyncing the distro over if the - parentdir already existed. (jsabo@verisign.com) -- Merge branch 'master' of git://git.fedorahosted.org/cobbler (jimi@sngx.net) -- Initial commit for mongodb backend support and adding support for settings as - json (jimi@sngx.net) -- Web UI patches from Greg Swift applied (jsabo@verisign.com) -- whitespace fix (dkilpatrick@verisign.com) -- Fix to fix to py_tftp change to sync in bootloaders - (dkilpatrick@verisign.com) -- Fixing a bug reported by Jonathan Sabo. (dkilpatrick@verisign.com) -- Merge branch 'master' of git://git.fedorahosted.org/cobbler - (dkilpatrick@verisign.com) -- Revert "Jonathan Sabo (June 09) (Cobbler)" - (shenson@redhat.com) -- Unmount and deactivate all software raid devices after searching for ssh keys - (jonathan.underwood@gmail.com) -- Merge remote-tracking branch 'ugansert/master' (shenson@redhat.com) -- Jonathan Sabo (June 09) (Cobbler) Subject: [PATCH] Fix - issue with importing distro's on new cobbler box To: cobbler development list - Date: Thu, 9 Jun 2011 16:17:20 -0400 - (shenson@redhat.com) -- missing manage_rsync option from config/settings (jsabo@criminal.org) -- Remove left-over debugging log message (dkilpatrick@verisign.com) -- SUSE requires the correct arch to find kernel+initrd on the inst-source - (ug@suse.de) -- added autoyast=... parameter to the ISO building code when breed=suse - (ug@suse.de) -- calculate meta data in the XML file without cheetah variables now - (ug@suse.de) -- render the cheetah template before passing the XML to the python XML parser - (ug@suse.de) -- made the pathes flexible to avoid problem on other distros than fedora/redhat - (ug@suse.de) -- bugfix (ug@suse.de) -- Merge patch from stable (cristian.ciupitu@yahoo.com) -- utils: initialize main_logger only when needed (cristian.ciupitu@yahoo.com) -- During refactor, failed to move templater initialization into - write_boot_files_distro. (dkilpatrick@verisign.com) -- Fixed a couple of simple typos. Made the boot_files support work (added - template support for the key, defined the img_path attribute for that - expansion) (dkilpatrick@verisign.com) -- Fixes to get to the "minimally tested" level. Fixed two syntax errors in - tftpd.py, and fixed refences to api and os.path in manage_in_tftpd.py - (dkilpatrick@verisign.com) -- Rebasing commit, continued. (kilpatds@oppositelock.org) -- Change the vmware stuff to use 'boot_files' as the space to set files that - need to be available to a tftp-booting process (dkilpatrick@verisign.com) -- Added 'boot_files' field for 'files that need to be put into tftpboot' - (dkilpatrick@verisign.com) -- Merge conflict. (kilpatds@oppositelock.org) -- Add in a default for puppet_auto_setup, thanks to Camille Meulien - for finding it. (shenson@redhat.com) -- Add a directory remap feature to fetchable_files processing. /foo/*=/bar/ - Client requests for "/foo/baz" will be turned into requests for /bar/baz. - Target paths are evaluated against the root filesystem, not tftpboot. - Template expansion is done on "bar/baz", so that would typically more - usefully be something like /boot/*=$distro_path/boot - (dkilpatrick@verisign.com) -- Removed trailing whitespace causing git warnings (dkilpatrick@verisign.com) -- Fix a bug where tftpd.py would throw if a client requested '/'. - (dkilpatrick@verisign.com) -- Allow slop in the config, not just the client. modules: don't hardcode - /tftpboot (dkilpatrick@verisign.com) -- Moved footer to actually float at the bottom of the page or visible section, - whichever is further down. Unfortunately leaves a slightly larger margin pad - on there. Will have to see if it can be made cleaner (gregswift@gmail.com) -- Removed right padding on delete checkboxes (gregswift@gmail.com) -- Adjusted all the self closing tags to end eith a " />" instead of not having - a space separating them (gregswift@gmail.com) -- Added "add" button to the filter bit (gregswift@gmail.com) -- Removed "Enabled" label on checkboxes, this can be added via css as part of - the theme if people want it using :after { content: " Enabled" } Padded the - context-tip off the checkboxes so that it lines up with most of the other - context tips instead of being burring in the middle of the form - (gregswift@gmail.com) -- Added bottom margin on text area so that it isn't as tight next to other form - fields (gregswift@gmail.com) -- Added id tags to the forms for ks templates and snippets Set some margins for - those two forms, they were a bit scrunched because they didn't have a - sectionbody fieldset and legend Removed inline formatting of input sizes on - those two pages Set the textareas in those two pages via css - (gregswift@gmail.com) -- Made the tooltips get hiddent except for on hover, with a small image - displayed in their place (gregswift@gmail.com) -- Added a top margin to the submit/reset buttons... looks cleaner having some - space. (gregswift@gmail.com) -- Changed generic edit form to the following: - Made blocks into fieldsets - again, converting the h2 to a legend. I didn't mean to change this the first - time through. - Pulled up a level, removing the wrapping div, making each - fieldset contain an order list, instead of each line being an ordered list, - which was silly of me. - Since it went up a level, un-indented all of the - internal html tags 2 spaces - changed the place holder for the network - widgets to spans so that they displayed cleanly (Don't like the spans either, - but its for the javascript) In the stylesheet just changed the - div.sectionbody to ol.sectionbody (gregswift@gmail.com) -- Fixed closing ul->div on multiselect section. Must have missed it a few - commits ago. (gregswift@gmail.com) -- IE uses input styling such as borders even on checkboxes... was not intended, - so has been cleared for checkboxes (gregswift@gmail.com) -- This is a change to the multiselect buttons view, i didn't mean to commit - the style sheet along with the spelling check fixes, but since I did might as - well do the whole thing and then erevert it later if people dislike it - (gregswift@gmail.com) -- Fixed another postition mispelling (gregswift@gmail.com) -- fixed typo postition should be position (gregswift@gmail.com) -- Returned the multiselect section to being div's, since its actually not a set - of list items, it is a single list item. Re-arranged the multiselect so that - the buttons are centered between the two sections Removed all of the line - breaks form that section Made the select box headings actually labels moved - the order of multiselect after sectionbody definition due to inheritence - (gregswift@gmail.com) -- Restored select boxes to "default" styling since they are not as cleanly css- - able Made visibly selected action from Batch Actions bold, mainly so by - default Batch Action is bold. Moved text-area and multi-select sizing into - stylesheet. re-alphabetized some of the tag styles Made the default login's - text inputs centered, since everything else on that page is - (gregswift@gmail.com) -- Added missing bracket from two commits ago in the stylesheet. - (gregswift@gmail.com) -- Re-added the tool tips for when they exist in the edit forms and set a style - on them. Removed an extraneous line break from textareas in edit form - (gregswift@gmail.com) -- Fixed javascript where I had used teh wrong quotes, thus breaking the network - interface widgets (gregswift@gmail.com) -- Added label and span to cleanup block (gregswift@gmail.com) -- Added version across all of the template loads so that the footer is - populated with it (gregswift@gmail.com) -- all css: - set overall default font size of 1em - added missing tags to the - cleanup css block - fixed button layout -- list line buttons are smaller font - to keep lines smaller -- set action input button's size - set indentation and - bolding of items in batch action - redid the list formatting -- removed zebra - stripes, they share the standard background now -- hover is now the - background color of the old darker zebra stripe -- selected lines now - background of the older light zebra stripe - added webkit border radius - (gregswift@gmail.com) -- generic_lists.tmpl - Removed force space on the checklists generic_lists.tmpl - - Added javascript to allow for selected row highlighting - (gregswift@gmail.com) -- Removed inline formatting from import.tmpl Made the context tips spans - (gregswift@gmail.com) -- Made both filter-adder elements exist in the same li element - (gregswift@gmail.com) -- Added default formatting for ordered lists Added formatting for the new - multiselect unordered list Changed old div definitions for the multiselect to - li Added label formatting for inside sectionbody to line up all the forms. - (gregswift@gmail.com) -- Adjusted multiselect section to be an unordered list instead of a div - (gregswift@gmail.com) -- Moved the close list tag inside the for loop, otherwise we generate lots of - nasty nested lists (gregswift@gmail.com) -- Changed edit templates to use ol instead of ul, because it apparently helps - out those using screen readers, and we should be making things accessible, - yes? (gregswift@gmail.com) -- Re-structured the edit templates to be unordered lists. Standardized the - tooltip/contextual data as context-tip class Redid the delete setup so that - its Delete->Really? Instead of Delete:Yes->Really? Same number of check - boxes. Setup the delete bit so that Delete and Really are labels for the - checkboxes and there isn't extraneous html input tags (gregswift@gmail.com) -- Added top margin on the filter adder (gregswift@gmail.com) -- Adjusted single action item buttons to be in the same list element, as it - makes alignment cleaner, and more sense from a grouping standpoint Set - submenubar default height to 26px Set submenubar's alignment to be as clean - as I've been able to get so far. (gregswift@gmail.com) -- Set background color back to original (gregswift@gmail.com) -- Adjusted all buttons to hover invert from blue to-blackish, the inverse of - the normal links (which go blackish to blue) but left the text color the - same. i'm not sure its as pretty, but dfinately more readable. Plus the - color change scheme is more consistant. Also made table buttons smaller than - other buttons (gregswift@gmail.com) -- Fixed width on paginate select boxes to auto, instead of over 200px - (gregswift@gmail.com) -- Removed margin around hr tag, waste of space, and looks closer to original - now (gregswift@gmail.com) -- Removed extraneous body div by putting user div inside container. - (gregswift@gmail.com) -- Adjuested style sheet to improve standardization of form fields, such as - buttons, text input widths, and fontsizes in buttons vs drop downs. - (gregswift@gmail.com) -- Some menu re-alignment on both menubar and submenubar (gregswift@gmail.com) -- Got the container and the user display into a cleaner size alignment to - display on the screen. less chance of horiz scroll (gregswift@gmail.com) -- Fix to get login form a bit better placed without duplicate work - (gregswift@gmail.com) -- pan.action not needed... .action takes care of it (gregswift@gmail.com) -- Removed padding on login screen (gregswift@gmail.com) -- Redid action and button classes to make them look like buttons.. still needs - work. Resized pointer classes to make things a bit more level on that row - (gregswift@gmail.com) -- New cleanup at the top negates the need for this table entry - (gregswift@gmail.com) -- Removed the body height to 99%%. Was doing this for sticky footer, but - current path says its not needed (gregswift@gmail.com) -- Added some windows and mac default fonts Made the body relative, supposed to - help with the layout Set text color to slightly off black.. was told there is - some odd optical reasoning behind this (gregswift@gmail.com) -- Made class settings for the table rows a touch more specific in the css - (gregswift@gmail.com) -- Added "normalization" to clean up cross browser differences at top of - style.css (gregswift@gmail.com) -- Added button class to all buttons, submit, and resets (gregswift@gmail.com) -- Fixed sectionheader to not be styled as actions... they are h2! - (gregswift@gmail.com) -- Fixed container reference from class to id (gregswift@gmail.com) -- Added missing action class on the "Create new" links in generic_list.tmpl - (gregswift@gmail.com) -- Revert part of 344969648c1ce1e753af because RHEL5's django doesn't support - that (gregswift@gmail.com) -- removed underline on remaing links (gregswift@gmail.com) -- Fixed the way the logo was placed on the page and removed the excess - background setting. (gregswift@gmail.com) -- Some cleanup to the style sheet along - removed fieldset since no more exist - (not sure about this in long run.... we'll see) - cleaned up default style - for ul cause it was causing override issues - got menubar and submenu bar - mostly settled (gregswift@gmail.com) -- Fixed submenu bar ul to be identified by id not class (gregswift@gmail.com) -- Rebuilt primary css stylesheet - not complete yet (gregswift@gmail.com) -- Removed logout from cobbler meft hand menu (gregswift@gmail.com) -- Next step in redoing layout: - added current logged in user and logout button - to a div element at top of page - fixed content div from class to id - added - footer (version entry doesn't work for some reason) - links to cobbler - website (gregswift@gmail.com) -- in generic_list.tmpl - set the edit link to class 'action' - merged the - creation of the edit action 'View kickstart' for system and profile - (gregswift@gmail.com) -- Replaced tool tip as div+em with a span classed as tooltip. tooltip class - just adds italic. (gregswift@gmail.com) -- Fixed table header alignment to left (gregswift@gmail.com) -- Take the logo out of the html, making it a css element, but retain the - location and basic feel of the placement. (gregswift@gmail.com) -- Step one of redoing the action list, pagination and filters. - split - pagination and filters to two tmpl files - pagination can be called on its - own (so it can live in top and bottom theoretically) - filter will eventually - include pagination so its on the bottom - new submenubar includes pagination - - new submenubar does age specific actiosn as links instead of drop downs - cause there is usually 1, rarely 2, never more. (gregswift@gmail.com) -- Removed pagination from left hand column (gregswift@gmail.com) -- Removed an erroneous double quote from master.tmpl (gregswift@gmail.com) -- Went a bit overboard and re-adjusted whitespace in all the templates. Trying - to do the code in deep blocks across templates can be a bit tedious and - difficult to maintain. While the output is not perfect, at least the - templates are more readable. (gregswift@gmail.com) -- Removed remaining vestige of action menu shading feature - (gregswift@gmail.com) -- Removed header shade references completely from the lists and the code from - master.tmpl (gregswift@gmail.com) -- Wrapped setting.tmpl error with the error class (gregswift@gmail.com) -- Changed h3 to h2 inside pages Made task_created's h4 into a h1 and - standarized with the other pages (gregswift@gmail.com) -- Standardized header with a hr tag before the form tags (gregswift@gmail.com) -- Added base width on the multiple select boxes, primarily for when they are - empty (gregswift@gmail.com) -- Removed fieldset wrappers and replaced legends with h1 and h2 depending on - depth (gregswift@gmail.com) -- Adjusted logic for the legent to only change one word, instead of the full - string (gregswift@gmail.com) -- Removed empty cell from table in generic_edit.tmpl (gregswift@gmail.com) -- Revert 8fed301e61f28f8eaf08e430869b5e5df6d02df0 because it was to many - different changes (gregswift@gmail.com) -- Removed empty cell from table in generic_edit.tmpl (gregswift@gmail.com) -- Moved some cobbler admin and help menus to a separate menu in the menubar - (gregswift@gmail.com) -- Added HTML5 autofocus attribute to login.tmpl. Unsupported browsers just - ignores this. (gregswift@gmail.com) -- Re-built login.tmpl: - logo isn't a link anymore back to the same page - logo - is centered with the login form - fieldset has been removed - set a css class - for the body of the login page, unused for now. And the css: - removed the - black border from css - centered the login button as well - (gregswift@gmail.com) -- Made the links and span.actions hover with the same color as used for the - section headings (gregswift@gmail.com) -- Removed as much in-HTML placed formatting as possible and implemented them in - css. The main bit remaining is the ul.li floats in paginate.tmpl - (gregswift@gmail.com) -- Cleaned up single tag closing for several of the checkboxes - (gregswift@gmail.com) -- removed a trailing forward slash that was creating an orphaned close span tag - (gregswift@gmail.com) -- Relabeled cells in thead row from td tags to th (gregswift@gmail.com) -- Added tr wrapper inside thead of tables for markup validation - (gregswift@gmail.com) -- Use :// as separator for virsh URIs (atodorov@otb.bg) -- Create more condensed s390 parm files (thardeck@suse.de) -- Add possibility to interrupt zPXE and to enter CMS (thardeck@suse.de) -- Cleanup the way that we download content - Fixes a bug where we were only - downloading grub-x86_64.efi (shenson@redhat.com) -- Port this config over as well (shenson@redhat.com) -- Only clear logs that exist. (bpeck@redhat.com) -- Pull in new configs from the obsoletes directory. (shenson@redhat.com) -- Removed extraneous close row tag from events.tmpl (gregswift@gmail.com) -- Fixed spelling of receive in enoaccess.tmpl (gregswift@gmail.com) -- Added missing close tags on a few menu unordered list items in master.tmpl - (gregswift@gmail.com) -- Added missing "for" correlation tag for labels in generic_edit.tmpl - (gregswift@gmail.com) -- Removed extraneous close divs from generic_edit.tmpl (gregswift@gmail.com) -- Removing old and unused template files (gregswift@gmail.com) -- Add support for Ubuntu distros. (andreserl@ubuntu.com) -- Koan install tree path for Ubuntu/Debian distros. (andreserl@ubuntu.com) -- Fixing hardlink bin path. (andreserl@ubuntu.com) -- Do not fail when yum python module is not present. (andreserl@ubuntu.com) -- Add Ubuntu/Debian support to koan utils for later use. (andreserl@ubuntu.com) -- typo in autoyast xml parsing (ug@suse.de) -- Minor change to validate a token before checking on a user. (jimi@sngx.net) -- get install tree from install=... parameter for SUSE (ug@suse.de) -- handle autoyast XML files (ug@suse.de) -- fixed support for SUSE in build-iso process. Fixed a typo (ug@suse.de) -- added SUSE breed to import-webui (ug@suse.de) -- Merge remote-tracking branch 'lanky/master' (shenson@redhat.com) -- Merge remote-tracking branch 'jimi1283/master' (shenson@redhat.com) -- added support for suse-distro import (ug@suse.de) -- Fix a sub_process Popen call that did not set close_fds to true. This causes - issues with sync where dhcpd keeps the XMLRPC port open and prevents cobblerd - from restarting (jimi@sngx.net) -- Cleanup of unneccsary widgets in distro/profile. These needed to be removed - as part of the multiselect change. (jimi@sngx.net) -- Yet another change to multiselect editing. Multiselects are now presented as - side-by-side add/delete boxes, where values can be moved back and forth and - only appear in one of the two boxes. (jimi@sngx.net) -- Fix for django traceback when logging into the web interface with a bad - username and/or password (jimi@sngx.net) -- Fix for snippet/kickstart editing via the web interface, where a 'tainted - file path' error was thrown (jimi@sngx.net) -- added the single missed $idata.get() item (stuart@sjsears.com) -- updated post_install_network_config to use $idata.get(key, "") instead of - $idata[key]. This stops rendering issues with the snippet when some keys are - missing (for example after an upgrade from 2.0.X to 2.1.0, where a large - number of new keys appear to have been added.) and prevents us from having to - go through all system records and add default values for them. - (stuart@sjsears.com) -- Take account of puppet_auto_setup in install_post_puppet.py - (jonathan.underwood@gmail.com) -- Take account of puppet_auto_setup in install_pre_puppet.py - (jonathan.underwood@gmail.com) -- Add puppet snippets to sample.ks (jonathan.underwood@gmail.com) -- Add puppet_auto_setup to settings file (jonathan.underwood@gmail.com) -- Add snippets/puppet_register_if_enabled (jonathan.underwood@gmail.com) -- Add snippets/puppet_install_if_enabled (jonathan.underwood@gmail.com) -- Add configuration of puppet pre/post modules to settings file - (jonathan.underwood@gmail.com) -- Add install_post_puppet.py module (jonathan.underwood@gmail.com) -- Add install_pre_puppet.py module (jonathan.underwood@gmail.com) -- Apply a fix for importing red hat distros, thanks jsabo (shenson@redhat.com) -- Changes to action/batch actions at top of generic list pages * move logic - into views, where it belongs * simplify template code * change actions/batch - actions into drop down select lists * added/modified javascript to deal with - above changes (jimi@sngx.net) -- Minor fixes to cobbler.conf, since the AliasMatch was conflicting with the - WSGI script alias (jimi@sngx.net) -- Initial commit for form-based login and authentication (jimi@sngx.net) -- Convert webui to use WSGI instead of mod_python (jimi@sngx.net) -- Save field data in the django user session so the webui doesn't save things - unnecessarily (jimi@sngx.net) -- Make use of --format in git and use the short hash. Thanks Todd Zullinger - (shenson@redhat.com) -- We need git. Thanks to Luc de Louw (shenson@redhat.com) -- Start of the change log supplied by Michael MacDonald - (shenson@redhat.com) -- Fix typo in cobbler man page entry for profile (jonathan.underwood@gmail.com) -- Fix cobbler man page entry for parent profile option - (jonathan.underwood@gmail.com) -- Set SELinux context of host ssh keys correctly after reinstallation - (jonathan.underwood@gmail.com) -- Fixing bug with img_path. It was being used prior to being set if you have - images. (jonathan.sabo@gmail.com) -- Add firstboot install trigger mode (jonathan.sabo@gmail.com) -- Fix old style shell triggers by checking for None prior to adding args to arg - list and fix indentation (jonathan.sabo@gmail.com) -- Bugfix: restore --no-fail functionality to CLI reposync - (icomfort@stanford.edu) -- Add the ability to replicate the new object types (mgmtclass,file,package). - (jonathan.sabo@gmail.com) -- Add VMware ESX and ESXi replication. (jonathan.sabo@gmail.com) -- Add batch delete option for profiles and mgmtclasses - (jonathan.sabo@gmail.com) -- Spelling fail (shenson@redhat.com) -- Remove deploy as a valid direct action (shenson@redhat.com) -- Trac Ticket #509: A fix that does not break everything else. - (https://fedorahosted.org/cobbler/ticket/509) (andrew@eiknet.com) -- Only chown the file if it does not already exist (shenson@redhat.com) -- Modification to cobbler web interface, added a drop-down select box for - management classes and some new javascript to add/remove items from the - multi-select (jimi@sngx.net) -- Check if the cachedir exists before we run find on it. (shenson@redhat.com) -- Fix trac#574 memtest (shenson@redhat.com) -- Add network config snippets for esx and esxi network configuration - $SNIPPET('network_config_esxi') renders to: (jonathan.sabo@gmail.com) -- Trac Ticket #510: Modified 'cobbler buildiso' to use - /var/cache/cobbler/buildiso by default. Added a /etc/cobbler/settings value - of 'buildisodir' to make it setable by the end user. --tempdir will still - overwrite either setting on the command line. (andrew@eiknet.com) -- Add img_path to the metadata[] so that it's rendered out in the esxi pxe - templates. Add os_version checks for esxi in kickstart_done so that it uses - wget or curl depending on what's known to be available. - (jonathan.sabo@gmail.com) -- Added --sync-all option to cobbler replicate which forces all systems, - distros, profiles, repos and images to be synced without specifying each. - (rrr67599@rtpuw027.corpnet2.com) -- Added manage_rsync option which defaults to 0. This will make cobbler not - overwrite a local rsyncd.conf unless enabled. - (rrr67599@rtpuw027.corpnet2.com) -- Added semicolon master template's placement of the arrow in the page heading - (gregswift@gmail.com) -- Quick fix from jsabo (shenson@redhat.com) -- added hover line highlighting to table displays (gregswift@gmail.com) -- Modification to generic_edit template so that the name field is not a text - box when editing. (jimi@sngx.net) -- Minor fixes for mgmt classes webui changes. - Bug when adding a new obj, - since obj is None it was causing a django stack dump - Minor tweaks to - javascript (jimi@sngx.net) -- Fixed error in which the json files for mgmtclasses was not being deleted - when a mgmtclass was removed, meaning they showed back up the next time - cobblerd was restarted (jimi@sngx.net) -- Fixed syntax error in clogger.py that was preventing cobblerd from starting - (jimi@sngx.net) -- Supports an additional initrd from kernel_options. (bpeck@redhat.com) -- Remove a bogus self (shenson@redhat.com) -- Re-enable debmirror. (chuck.short@canonical.com) -- Extending the current Wake-on-Lan support for wider distro compatibility. - Thanks to Dustin Kirkland. (chuck.short@canonical.com) -- Dont hardcode /etc/rc.d/init.d redhatism. (chuck.short@canonical.com) -- Newer (pxe|sys)linux's localboot value produces unreliable results when using - documented options, -1 seems to provide the best supported value - (chuck.short@canonical.com) -- Detect the webroot to be used based on the distro. - (chuck.short@canonical.com) -- If the logfile path doesn't exist, don't attempt to create the log file. - Mainly needed when cobbler is required to run inside the build env - (cobbler4j). Thanks to Dave Walker - (chuck.short@canonical.com) -- Implement system power status API method and CLI command (crosa@redhat.com) -- Update setup files to use proper apache configuration path - (konrad.scherer@windriver.com) -- Debian has www-data user for web server file access instead of apache. - (konrad.scherer@windriver.com) -- Update init script to work under debian. (konrad.scherer@windriver.com) -- Use lsb_release module to detect debian distributions. Debian release is - returned as a string because it could be sid which will never have a version - number. (konrad.scherer@windriver.com) -- Fix check for apache installation (konrad.scherer@windriver.com) -- Handle Cheetah version with more than 3 parts (konrad.scherer@windriver.com) -- Allow dlcontent to use proxy environment variables (shenson@redhat.com) -- Copy memtest to $bootloc/images/. Fixes BZ#663307 (shenson@redhat.com) -- Merge remote branch 'jimi1283/master' (shenson@redhat.com) -- Turn the cheetah version numbers into integers while testing them so we don't - always return true (shenson@redhat.com) -- Kill some whitespace (shenson@redhat.com) -- Fix for bug #587 - Un-escaped '$' in snippet silently fails to render - (jimi@sngx.net) -- Fix for bug #587 - Un-escaped '$' in snippet silently fails to render - (jimi@sngx.net) -- Merge branch 'master' of git://git.fedorahosted.org/cobbler (jimi@sngx.net) -- Don't use link caching in places it isn't needed (shenson@redhat.com) -- Better logging on subprocess calls (shenson@redhat.com) -- Fix for trac #541 - cobbler sync deletes /var/www/cobbler/pub (jimi@sngx.net) -- Merged work in the import-modules branch with the debian/ubuntu modules - created by Chuck Short (jimi@sngx.net) -- Merge branch 'cshort' into import-modules (jimi@sngx.net) -- Finished up debian/ubuntu support for imports Tweaked redhat/vmware import - modules logging output Added rsync function to utils to get it out of each - module - still need to fix the redhat/vmware modules to actually use this - (jimi@sngx.net) -- Initial commit for the Debian import module. * tested against Debian squeeze. - (chuck.short@canonical.com) -- Initial commit for the Ubuntu import module. * tested against Natty which - imported successfully. (chuck.short@canonical.com) -- tftp-hpa users for both Ubuntu Debian use /var/lib/tftpboot. - (chuck.short@canonical.com) -- Disable the checks that are not really valid for Ubuntu or Debian. - (chuck.short@canonical.com) -- Add myself to the authors file. (chuck.short@canonical.com) -- Updates for debian/ubuntu support in import modules (jimi@sngx.net) -- Fix a problem with cheetah >= 2.4.2 where the snippets were causing errors, - particularly on F14 due to its use of cheetah 2.4.3. (shenson@redhat.com) -- Initial commit of the Ubuntu import module (jimi@sngx.net) -- Merge remote branch 'jimi1283/import-modules' (shenson@redhat.com) -- Merge remote branch 'jimi1283/master' (shenson@redhat.com) -- Extended ESX/ESXi support * Fixed release detection for both ESX and ESXi * - Added support to kickstart_finder() so that the fetchable_files list gets - filled out when the distro is ESXi (jimi@sngx.net) -- Fixed distro_adder() in manage_import_vmware so ESXi gets imported properly - (jimi@sngx.net) -- Initial commit for the VMWare import module * tested against esx4 update 1, - which imported successfully (jimi@sngx.net) -- Minor style changes for web css * darken background slightly so the logo - doesn't look washed out * make text input boxes wider (jimi@sngx.net) -- Fix for the generic_edit function for the web page. The choices field for - management classes was not being set for distros/profiles - only systems, - causing a django stack dump (jimi@sngx.net) -- modify keep_ssh_host_keys snippet to use old keys during OS installation - (flaks@bnl.gov) -- Merge remote branch 'jimi1283/master' (shenson@redhat.com) -- Added replicate to list of DIRECT_ACTIONS, so it shows up in the --help - output (jimi@sngx.net) -- Merge branch 'master' into import-modules (jimi@sngx.net) -- Merge branch 'master' of git://git.fedorahosted.org/cobbler (jimi@sngx.net) -- Some fixes to the manage_import_redhat module * stop using mirror_name for - path stuff - using self.path instead * fixed rsync command to use self.path - too, this should really be made a global somewhere else though - (jimi@sngx.net) -- Add synopsis entries to man page to enable whatis command - (kirkland@ubuntu.com) -- Add "ubuntu" as detected distribution. (clint@ubuntu.com) -- Fix for redhat import module. Setting the kickstart file with a default - value was causing some issues later on with the kickstart_finder() function, - which assumes all new profiles don't have a kickstart file yet - (jimi@sngx.net) -- Fix for non x86 arches, bug and fix by David Robinson - (shenson@redhat.com) -- Don't die when we find deltas, just don't use them (shenson@redhat.com) -- Merge remote branch 'khightower/khightower/enhanced-configuration-management' - (shenson@redhat.com) -- By: Bill Peck exclude initrd.addrsize as well. This - affects s390 builds (shenson@redhat.com) -- Fix an issue where an item was getting handed to remove_item instead of the - name of the item. This would cause an exception further down in the stack - when .lower() was called on the object (by the call to get_item). - (shenson@redhat.com) -- Add a check to make sure system is in obj_types before removing it. Also - remove an old FIXME that this previously fixed (shenson@redhat.com) -- Fix regression in 2.0.8 that dumped into pxe cfg files (shenson@redhat.com) -- Initial commit of import module for redhat (jimi@sngx.net) -- Merge branch 'master' of git://git.fedorahosted.org/cobbler (jimi@sngx.net) -- Added new modules for copying a distros's fetchable files to the - /tftpboot/images directory - add_post_distro_tftp_copy_fetchable_files.py - copies on an add/edit - sync_post_tftp_copy_fetchable_files.py copies the - files for ALL distros on a full sync (jimi@sngx.net) -- Removed trailing '---' from each of the PXE templates for ESXi, which causes - PXE issues (jimi@sngx.net) -- Make stripping of "G" from vgs output case-insensitive - (heffer@fedoraproject.org) -- Replace rhpl with ethtool (heffer@fedoraproject.org) -- Add --force-path option to force overwrite of virt-path location - (pryor@bnl.gov) -- item_[profile|system] - update parents after editing (mlevedahl@gmail.com) -- collection.py - rename rather than delete mirror dirs (mlevedahl@gmail.com) -- Wil Cooley (shenson@redhat.com) -- Merge remote branch 'kilpatds/io' (shenson@redhat.com) -- Add additional qemu_driver_type parameter to start_install function - (Konrad.Scherer@windriver.com) -- Add valid debian names for releases (Konrad.Scherer@windriver.com) -- Add debian preseed support to koan (Konrad.Scherer@windriver.com) -- Add support for EFI grub booting. (dgoodwin@rm-rf.ca) -- Turn the 'daemonize I/O' code back on. cobbler sync seems to still work - (dkilpatrick@verisign.com) -- Fix some spacing in the init script (dkilpatrick@verisign.com) -- Added a copy-default attribute to koan, to control the params passed to - grubby (paji@redhat.com) -- Turn on the cache by default Enable a negative cache, with a shorter timeout. - Use the cache for normal lookups, not much ip-after-failed. - (dkilpatrick@verisign.com) -- no passing full error message. Der (dkilpatrick@verisign.com) -- Pull the default block size into the template, since that can need to be - changed. Make tftpd.py understand -B for compatibility. Default to a smaller - mtu, for vmware compatibility. (dkilpatrick@verisign.com) -- in.tftpd needs to be run as root. Whoops (dkilpatrick@verisign.com) -- Handle exceptions in the idle-timer handling. This could cause tftpd.py to - never exit (dkilpatrick@verisign.com) -- Do a better job of handling things when a logger doesn't exist. And don't try - and find out what the FD is for logging purposes when I know that might throw - and I won't catch it. (dkilpatrick@verisign.com) -- Scott Henson pointed out that my earlier changes stopped a sync from also - copying kernel/initrd files into the web directry. Split out the targets - from the copy, and make sure that sync still copies to webdir, and then also - fixed where I wasn't copying those files in the synclite case. - (dkilpatrick@verisign.com) -- Put back code that I removed incorrectly. (sync DHCP, DNS) - (dkilpatrick@verisign.com) -- Support installing FreeBSD without an IP address set in the host record. - (dkilpatrick@verisign.com) -- Fixed some bugs in the special-case handling code, where I was not properly - handling kernel requests, because I'd merged some code that looked alike, but - couldn't actually be merged. (dkilpatrick@verisign.com) -- fixing koan to use cobblers version of os_release which works with RHEL 6 - (jsherril@redhat.com) -- Adding preliminary support for importing ESXi for PXE booting (jimi@sngx.net) -- Fix cobbler check tftp typo. (dgoodwin@rm-rf.ca) -- buildiso now builds iso's that include the http_port setting (in - /etc/cobbler/settings) in the kickstart file url - (maarten.dirkse@filterworks.com) -- Add check detection for missing ksvalidator (dean.wilson@gmail.com) -- Use shlex.split() to properly handle a quoted install URL (e.g. url - --url="http://example.org") (jlaska@redhat.com) -- Update codes.py to accept 'fedora14' as a valid --os-version - (jlaska@redhat.com) -- No more self (shenson@redhat.com) -- Don't die if a single repo fails to sync. (shenson@redhat.com) -- Refactor: depluralize madhatter branch (kelsey.hightower@gmail.com) -- Updating setup.py and spec file. (kelsey.hightower@gmail.com) -- New unit tests: Mgmtclasses (kelsey.hightower@gmail.com) -- Updating cobbler/koan man pages with info on using the new configuration - management capabilities (kelsey.hightower@gmail.com) -- Cobbler web integration for new configuration management capabilities - (kelsey.hightower@gmail.com) -- Koan configuration management enhancements (kelsey.hightower@gmail.com) -- Cobbler configuration management enhancements (kelsey.hightower@gmail.com) -- New cobbler objects: mgmtclasses, packages, and files. - (kelsey.hightower@gmail.com) -- Merge remote branch 'jsabo/kickstart_done' (shenson@redhat.com) -- Move kickstart_done and kickstart_start out of kickgen.py and into their own - snippets. This also adds support for VMware ESX triggers and magic urls by - checking for the "vmware" breed and then using curl when that's all thats - available vs wget. VMware's installer makes wget available during the %%pre - section but only curl is around following install at %%post time. Yay! I've - also updated the sample kickstarts to use $SNIPPET('kickstart_done') and - $SNIPPET('kickstart_start') (jonathan.sabo@gmail.com) -- No more getting confused between otype and obj_type (shenson@redhat.com) -- The clean_link_cache method was calling subprocess_call without a logger - (shenson@redhat.com) -- Scott Henson pointed out that my earlier changes stopped a sync from also - copying kernel/initrd files into the web directry. Split out the targets - from the copy, and make sure that sync still copies to webdir, and then also - fixed where I wasn't copying those files in the synclite case. - (dkilpatrick@verisign.com) -- revert bad templates path (dkilpatrick@verisign.com) -- Put back code that I removed incorrectly. (sync DHCP, DNS) - (dkilpatrick@verisign.com) -- Support installing FreeBSD without an IP address set in the host record. - (dkilpatrick@verisign.com) -- Fixed some bugs in the special-case handling code, where I was not properly - handling kernel requests, because I'd merged some code that looked alike, but - couldn't actually be merged. (dkilpatrick@verisign.com) -- Two more fixes to bugs introduced by pytftpd patch set: * The generated - configs did not have initrd set propertly * Some extra debugging log lines - made it into remote.py (dkilpatrick@verisign.com) -- Fix Trac#530 by properly handling a logger being none. Additionally, make - subprocess_call and subprocess_get use common bits to reduce duplication. - (shenson@redhat.com) -- Fix a cobbler_web authentication leak issue. There are times when the token - that cobbelr_web had did not match the user logged in. This patch ensures - that the token always matches the user that is logged in. - (shenson@redhat.com) -- No more getting confused between otype and obj_type (shenson@redhat.com) -- The clean_link_cache method was calling subprocess_call without a logger - (shenson@redhat.com) -- Merge remote branch 'kilpatds/master' (shenson@redhat.com) -- Scott Henson pointed out that my earlier changes stopped a sync from also - copying kernel/initrd files into the web directry. Split out the targets - from the copy, and make sure that sync still copies to webdir, and then also - fixed where I wasn't copying those files in the synclite case. - (dkilpatrick@verisign.com) -- revert bad templates path (dkilpatrick@verisign.com) -- Put back code that I removed incorrectly. (sync DHCP, DNS) - (dkilpatrick@verisign.com) -- Support installing FreeBSD without an IP address set in the host record. - (dkilpatrick@verisign.com) -- Fixed some bugs in the special-case handling code, where I was not properly - handling kernel requests, because I'd merged some code that looked alike, but - couldn't actually be merged. (dkilpatrick@verisign.com) -- Two more fixes to bugs introduced by pytftpd patch set: * The generated - configs did not have initrd set propertly * Some extra debugging log lines - made it into remote.py (dkilpatrick@verisign.com) -- fast sync. A new way of copying files around using a link cache. It creates - a link cache per device and uses it as an intermediary so that files that are - the same are not copied multiple times. Should greatly speed up sync times. - (shenson@redhat.com) -- A few small fixes and a new feature for the Python tftp server * Support - environments where the MAC address is know, but the IP address is not - (private networks). I do this by waiting for pxelinux.0 to request a file - with the mac address added to the filename, and then look up the host by - MAC. * Fix my MAC lookup logic. I didn't know to look for the ARP type (01-, - at least for ethernet) added by pxelinux.0 * Fix up some log lines to make - more sense * Fix a bug where I didn't get handle an empty fetchable_files - properly, and didn't fall back to checking for profile matches. - (dkilpatrick@verisign.com) -- Two fixed to bad changes in my prior patch set. Sorry about that. * Bad path - in cobbler/action_sync.py. No "templates" * Bad generation of the default - boot menu. The first initrd from a profile was getting into the metadata - cache and hanging around, thus becoming the initrd for all labels. - (dkilpatrick@verisign.com) -- A smart tftp server, and a module to manage it - (dkilpatr@dkilpatr.verisign.com) -- Export the generated pxelinux.cfg file via the materialized system - information RPC method. This enables the python tftpd server below to serve - that file up without any sync being required. - (dkilpatr@dkilpatr.verisign.com) -- Move management of /tftpboot into modules. This is a setup step for a later - python tftpd server that will eliminate the need for much of this work. - (dkilpatr@dkilpatr.verisign.com) -- Fetchable Files attribute: Provides a new attribute similar in spirit to - mgmt_files, but with somewhat reversed meaning. - (dkilpatr@dkilpatr.verisign.com) -- fix log rotation to actually work (bpeck@redhat.com) -- find_kernel and find_initrd already do the right checks for file_is_remote - and return None if things are wrong. (bpeck@redhat.com) -- Trac #588 Add mercurial support for scm tracking (kelsey.hightower@gmail.com) -- Add a breed for scientific linux (shenson@redhat.com) -- "mgmt_parameters" for item_profile has the wrong default setting when - creating a sub_profile. I'm assuming that <> would be correct for a - sub_profile as well. (bpeck@redhat.com) -- The new setup.py placed webui_content in the wrong spot... - (akesling@redhat.com) -- Merge commit 'a81ca9a4c18f17f5f8d645abf03c0e525cd234e1' (jeckersb@redhat.com) -- Added back in old-style version tracking... because api.py needs it. - (akesling@redhat.com) -- Wrap the cobbler-web description (shenson@redhat.com) -- Create the tftpboot directory during install (shenson@redhat.com) -- Add in /var/lib/cobbler/loaders (shenson@redhat.com) -- Create the images directory so that selinux will be happy - (shenson@redhat.com) -- Dont install some things in the webroot and put the services script down - (shenson@redhat.com) -- Fix some issues with clean installs of cobbler post build cleanup - (shenson@redhat.com) -- rhel5 doesn't build egg-info by default. (bpeck@redhat.com) -- Some systems don't reboot properly at the end of install. s390 being one of - them. This post module will call power reboot if postreboot is in ks_meta for - that system. (bpeck@redhat.com) -- Changes to allow s390 to work. s390 has a hard limit on the number of chars - it can recieve. (bpeck@redhat.com) -- show netboot status via koan. This is really handy if you have a system which - fails to pxe boot you can create a service in rc.local which checks the - status of netboot and calls --replace-self for example. (bpeck@redhat.com) -- When adding in distros/profiles from disk don't bomb out if missing kernel or - ramdisk. just don't add it. (bpeck@redhat.com) -- add X log to anamon tracking as well. (bpeck@redhat.com) -- Added new remote method clear_logs. Clearing console and anamon logs in %%pre - is too late if the install never happens. (bpeck@redhat.com) -- fixes /var/www/cobbler/svc/services.py to canonicalize the uri before parsing - it. This fixes a regression with mod_wsgi enabled and trying to provision a - rhel3 machine. (bpeck@redhat.com) -- anaconda umounts /proc on us while were still running. Deal with it. - (bpeck@redhat.com) -- fix escape (bpeck@redhat.com) -- dont lowercase power type (bpeck@redhat.com) -- Bump to 2.1.0 (shenson@redhat.com) -- Properly detect unknown distributions (shenson@redhat.com) -- cobblerd service: Required-Start: network -> $network - (cristian.ciupitu@yahoo.com) -- cobblerd service: add Default-Stop to LSB header (cristian.ciupitu@yahoo.com) -- No more . on the end (shenson@redhat.com) -- Do not delete settings and modules.conf (shenson@redhat.com) -- Remove manpage generation from the make file (shenson@redhat.com) -- Update the author and author email (shenson@redhat.com) -- Proper ownership on some files (shenson@redhat.com) -- More rpm cleanups (shenson@redhat.com) -- Don't have the #! because rpm complains (shenson@redhat.com) -- No more selinux here, we should not be calling chcon, things will end up with - the proper context in a well configured selinux environment - (shenson@redhat.com) -- No more chowning the log file. (shenson@redhat.com) -- A new spec file to go with the new setup.py (shenson@redhat.com) -- Forgot to add aux to MANIFEST.in (akesling@redhat.com) -- Fixed naming scheme for web UI to make it more uniform, what was Puppet - Parameters is now Management Parameters. (akesling@redhat.com) -- Removed unnecessary cruft. (akesling@redhat.com) -- Reconfigured setup.py to now place config files and web ui content in the - right places. The paths are configurable like they were in the previous - setup.py, but everything is much cleaner. (akesling@redhat.com) -- Removed unnecessary templating functionality from configuration generation - (and setup.py) (akesling@redhat.com) -- Added more useful files to setup.py and MANIFEST.in as well as extra - functionality which setup.py should contain. (akesling@redhat.com) -- Massive overhaul of setup.py . Moved things around a little to clean up - building/packaging/distributing. The new setup.py is still incomplete. - (akesling@redhat.com) -- RPM specific changes to setup.cfg. (akesling@redhat.com) -- Currently working through making setup.py functional for generating rpms - dynamically. setup.py is just cobbler-web at the moment... and it appears to - work. The next things to do are test the current RPM and add in - functionality for reducing repetitive setup.py configuration lines. - (akesling@redhat.com) -- Changed list-view edit link from a javascript onclick event to an actual - link... so that you can now just open it in a new tab. (akesling@redhat.com) -- Added tip for random MAC Address functionality to System MAC Address field. - (akesling@redhat.com) -- Added "Puppet Parameters" attribute to Profile and System items. The new - input field is a textarea which takes proper a YAML formatted dictionary. - This data is used for the Puppet External Nodes api call (found in - services.py). (akesling@croissant.usersys.redhat.com) -- Resume apitesting assuming against local Cobbler server. (dgoodwin@rm-rf.ca) -- Replace rogue tab with whitespace. (dgoodwin@rm-rf.ca) -- Open all log files in append mode. Tasks should not be special. This - simplifies the handling of logging for selinux. (shenson@redhat.com) -- Add rendered dir to cobbler.spec. (dgoodwin@rm-rf.ca) -- Re-add mod_python dep only for cobbler-web. (dgoodwin@rm-rf.ca) -- initializing variable that is not always initialized but is always accessed - (jsherril@redhat.com) -- Merge remote branch 'pvreman/master' (shenson@redhat.com) -- add logging of triggers (peter.vreman@acision.com) -- add logging of triggers (peter.vreman@acision.com) -- cobbler-ext-nodes needs also to use http_port (peter.vreman@acision.com) -- Adding VMware ESX specific boot options (jonathan.sabo@gmail.com) -- Merge stable into master (shenson@redhat.com) -- Fix cobbler_web authentication in a way that doesn't break previously working - stuff (shenson@redhat.com) -- Allow qemu disk type to be specified. Contributed by Galia Lisovskaya - (shenson@redhat.com) -- Merge remote branch 'jsabo/esx' (shenson@redhat.com) -- Fix a bug where we were not looking for the syslinux provided menu.c32 before - going after the getloaders one (shenson@redhat.com) -- Fix cobbler_web authentication in a way that doesn't break previously working - stuff (shenson@redhat.com) -- More preparation for the release (shenson@redhat.com) -- Update spec file for release (shenson@redhat.com) -- Update changelog for release (shenson@redhat.com) -- Bugfix: fetch extra metadata from upstream repositories more safely - (icomfort@stanford.edu) -- Bugfix: allow the creation of subprofiles again (icomfort@stanford.edu) -- Don't warn needlessly when repo rpm_list is empty (icomfort@stanford.edu) -- Bugfix: run createrepo on partial yum mirrors (icomfort@stanford.edu) -- Change default mode for new directories from 0777 to 0755 - (icomfort@stanford.edu) -- Fix replication when prune is specified and no systems are specified. This - prevents us from killing systems on a slave that keeps its own systems. To - get the old behavior, just specify a systems list that won't match anything. - (shenson@redhat.com) -- Always authorize the CLI (shenson@redhat.com) -- Bugfix: fetch extra metadata from upstream repositories more safely - (icomfort@stanford.edu) -- Bugfix: allow the creation of subprofiles again (icomfort@stanford.edu) -- Don't warn needlessly when repo rpm_list is empty (icomfort@stanford.edu) -- Bugfix: run createrepo on partial yum mirrors (icomfort@stanford.edu) -- Change default mode for new directories from 0777 to 0755 - (icomfort@stanford.edu) -- Fix replication when prune is specified and no systems are specified. This - prevents us from killing systems on a slave that keeps its own systems. To - get the old behavior, just specify a systems list that won't match anything. - (shenson@redhat.com) -- Always authorize the CLI (shenson@redhat.com) -- Merge branch 'wsgi' (dgoodwin@rm-rf.ca) -- Adding VMware ESX 4 update 1 support (jonathan.sabo@gmail.com) -- remove references to apt support from the man page (jeckersb@redhat.com) -- wsgi: Service cleanup. (dgoodwin@rm-rf.ca) -- wsgi: Revert to old error handling. (dgoodwin@rm-rf.ca) -- wsgi: Switch Cobbler packaging/config from mod_python to mod_wsgi. (dgoodwin - @rm-rf.ca) -- wsgi: Return 404 when hitting svc URLs for missing objects. (dgoodwin@rm- - rf.ca) -- Merge branch 'master' into wsgi (dgoodwin@rm-rf.ca) -- wsgi: First cut of port to mod_wsgi. (dgoodwin@rm-rf.ca) - -* Thu Jun 17 2010 Scott Henson - 2.1.0-1 -- Bump upstream release - -* Tue Apr 27 2010 Scott Henson - 2.0.4-1 -- Bug fix release, see Changelog for details - -* Thu Apr 15 2010 Devan Goodwin 2.0.3.2-1 -- Tagging for new build tools. - -* Mon Mar 1 2010 Scott Henson - 2.0.3.1-3 -- Bump release because I forgot cobbler-web - -* Mon Mar 1 2010 Scott Henson - 2.0.3.1-2 -- Remove requires on mkinitrd as it is not used - -* Mon Feb 15 2010 Scott Henson - 2.0.3.1-1 -- Upstream Brown Paper Bag Release (see CHANGELOG) - -* Thu Feb 11 2010 Scott Henson - 2.0.3-1 -- Upstream changes (see CHANGELOG) - -* Mon Nov 23 2009 John Eckersberg - 2.0.2-1 -- Upstream changes (see CHANGELOG) - -* Tue Sep 15 2009 Michael DeHaan - 2.0.0-1 -- First release with unified spec files diff --git a/sources b/sources index 08e9301..719ad6e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.1.1.tar.gz) = b4df95de2f57185375c00c6fbcd9d80a9b2e796477956f9b4988c63b20b369fe388372a37a33e0302d27f6a4f2fdfc086765fd8cf645d334d56e7fd7fc4c8780 +SHA512 (cobbler-3.1.2.tar.gz) = 951bf4df70dfb7dda0dc8b5e305e3070e0172302dbcd2c75078a1ff0e20a8f14c6bd617379b14ce9177a5d44f3e3710c800b003744512aaec72410bbf862e721 From fe6ff07988030e772cd7d2419c623ab48023d675 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 7 Jul 2020 21:22:20 -0600 Subject: [PATCH 23/89] Fix apache configuration --- cobbler-httpd.patch | 18 ++++++++++++++++++ cobbler.spec | 8 +++++++- 2 files changed, 25 insertions(+), 1 deletion(-) create mode 100644 cobbler-httpd.patch diff --git a/cobbler-httpd.patch b/cobbler-httpd.patch new file mode 100644 index 0000000..2464a8c --- /dev/null +++ b/cobbler-httpd.patch @@ -0,0 +1,18 @@ +diff -up cobbler-3.1.2/config/apache/cobbler_web.conf.httpd cobbler-3.1.2/config/apache/cobbler_web.conf +--- cobbler-3.1.2/config/apache/cobbler_web.conf.httpd 2020-05-27 02:26:44.000000000 -0600 ++++ cobbler-3.1.2/config/apache/cobbler_web.conf 2020-07-07 21:12:53.942577055 -0600 +@@ -16,8 +16,6 @@ WSGIDaemonProcess cobbler_web display-na + WSGIProcessGroup cobbler_web + WSGIPassAuthorization On + +- +- + + + SSLRequireSSL +@@ -42,5 +40,3 @@ WSGIPassAuthorization On + AllowOverride None + Require all granted + +- +- diff --git a/cobbler.spec b/cobbler.spec index 537f73b..03b65ec 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,12 +5,15 @@ Name: cobbler Version: 3.1.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz #Source0: https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz +# Revert upstream's VirtualHost addition +# https://github.com/cobbler/cobbler/issues/2286 +Patch0: cobbler-httpd.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -190,6 +193,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Wed Jul 08 2020 Orion Poplawski - 3.1.2-2 +- Fix apache configuration + * Fri May 29 2020 Orion Poplawski - 3.1.2-1 - Update to 3.1.2 From f40bf31101ea69f0d6c96eea82473ece751c7651 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Mon, 27 Jul 2020 14:13:13 +0000 Subject: [PATCH 24/89] - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 03b65ec..385961a 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.1.2 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -193,6 +193,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Mon Jul 27 2020 Fedora Release Engineering - 3.1.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + * Wed Jul 08 2020 Orion Poplawski - 3.1.2-2 - Fix apache configuration From a25d0bee4f9253e1c35f86a6452de9d7d0d9d5b5 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 17 Sep 2020 19:45:53 -0600 Subject: [PATCH 25/89] Add requires on python-distro and file --- cobbler.spec | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 385961a..44f7769 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.1.2 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -36,9 +36,11 @@ BuildRequires: python%{python3_pkgversion}-sphinx Requires: httpd Requires: tftp-server Requires: createrepo_c +Requires: file Requires: rsync Requires: xorriso Requires: python%{python3_pkgversion}-cheetah +Requires: python%{python3_pkgversion}-distro Requires: python%{python3_pkgversion}-dns Requires: python%{python3_pkgversion}-future Requires: python%{python3_pkgversion}-mod_wsgi @@ -77,7 +79,7 @@ The last two modes use a helper tool, 'koan', that integrates with cobbler. There is also a web interface 'cobbler-web'. Cobbler's advanced features include importing distributions from DVDs and rsync mirrors, kickstart templating, integrated yum mirroring, and built-in -DHCP/DNS Management. Cobbler has a XMLRPC API for integration with +DHCP/DNS Management. Cobbler has a XML-RPC API for integration with other applications. @@ -193,6 +195,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Thu Sep 17 2020 Orion Poplawski - 3.1.2-4 +- Add requires on python-distro and file + * Mon Jul 27 2020 Fedora Release Engineering - 3.1.2-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild From af4d6648c7c95ec8202d204214c8bf75e42c78fd Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 11 Jul 2020 15:59:12 -0600 Subject: [PATCH 26/89] Update to 3.2.0 --- cobbler.spec | 25 +++++++++++++++++++++---- sources | 2 +- 2 files changed, 22 insertions(+), 5 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 44f7769..2e11bfe 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -1,11 +1,11 @@ %global tftpboot_dir %{_sharedstatedir}/tftpboot/ -%global commit0 c46abca11dca886411fc95802a2cbaa66fdb691b +%global commit0 172b8a0f79d110dcac1f50acfe412e0a01ff20ab %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.1.2 -Release: 4%{?dist} +Version: 3.2.0 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -97,13 +97,23 @@ Web interface for Cobbler that allows visiting http://server/cobbler_web to configure the install server. +%package tests +Summary: Unit tests for cobbler +Requires: cobbler = %{version}-%{release} + +%description tests +Unit test files from the Cobbler project + + %prep %autosetup -p1 %build +. ./distro_build_configs.sh %py3_build %install +. ./distro_build_configs.sh # bypass install errors ( don't chown in install step) %py3_install ||: @@ -116,7 +126,7 @@ mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd_rotate %{buildroot}%{_sysconfdir} # Create data directories in tftpboot_dir mkdir -p %{buildroot}%{tftpboot_dir}/{boot,etc,grub/system{,_link},images{,2},ppc,pxelinux.cfg,s390x} -# systemd +# systemd - move to proper location mkdir -p %{buildroot}%{_unitdir} mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd.service %{buildroot}%{_unitdir} @@ -193,8 +203,15 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %dir %attr(700,apache,root) %{_sharedstatedir}/cobbler/webui_sessions %attr(-,apache,apache) /var/www/cobbler_webui_content/ +%files tests +%dir %{_datadir}/cobbler/tests +%{_datadir}/cobbler/tests/* + %changelog +* Sat Oct 24 2020 Orion Poplawski - 3.2.0-1 +- Update to 3.2.0 + * Thu Sep 17 2020 Orion Poplawski - 3.1.2-4 - Add requires on python-distro and file diff --git a/sources b/sources index 719ad6e..f6217d2 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.1.2.tar.gz) = 951bf4df70dfb7dda0dc8b5e305e3070e0172302dbcd2c75078a1ff0e20a8f14c6bd617379b14ce9177a5d44f3e3710c800b003744512aaec72410bbf862e721 +SHA512 (cobbler-3.2.0.tar.gz) = efbd3dba2b12aae46cc624aaa22ea8214f8d71df2d591be8c9b350c960df60daf7e5ee91b1316ddbb3334072f5f59355d3c0618d9bb465a2250f3bf829d5b9eb From b4e6cfc1e8d5f46b23f73834787d69c1cad49938 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 25 Oct 2020 11:19:51 -0600 Subject: [PATCH 27/89] Add patch to support RHEL --- cobbler-rhel.patch | 13 +++++++++++++ cobbler.spec | 3 +++ 2 files changed, 16 insertions(+) create mode 100644 cobbler-rhel.patch diff --git a/cobbler-rhel.patch b/cobbler-rhel.patch new file mode 100644 index 0000000..021f46c --- /dev/null +++ b/cobbler-rhel.patch @@ -0,0 +1,13 @@ +diff --git a/distro_build_configs.sh b/distro_build_configs.sh +index bad43e3c..52eb1136 100644 +--- a/distro_build_configs.sh ++++ b/distro_build_configs.sh +@@ -24,7 +24,7 @@ if [ "$DISTRO" = "" ] && [ -r /etc/os-release ];then + sle*|*suse*) + DISTRO="SUSE" + ;; +- fedora*|centos*) ++ fedora*|centos*|rhel*) + DISTRO="FEDORA" + ;; + ubuntu*|debian*) diff --git a/cobbler.spec b/cobbler.spec index 2e11bfe..e32da88 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -14,6 +14,9 @@ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-% # Revert upstream's VirtualHost addition # https://github.com/cobbler/cobbler/issues/2286 Patch0: cobbler-httpd.patch +# Support RHEL +# https://github.com/cobbler/cobbler/pull/2438 +Patch1: cobbler-rhel.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel From 54c6b868614067642c4b9c8ca15e5ac05572f5be Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 25 Oct 2020 14:46:31 -0600 Subject: [PATCH 28/89] Give root RW permission to /var/lib/cobbler/web.ss Fix SELinux cobbler logging issue --- ...ermissions-to-var-lib-cobbler-web.ss.patch | 25 ++++++++++++++++ 2441.patch | 30 +++++++++++++++++++ cobbler.spec | 16 +++++++++- 3 files changed, 70 insertions(+), 1 deletion(-) create mode 100644 0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch create mode 100644 2441.patch diff --git a/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch b/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch new file mode 100644 index 0000000..bf55655 --- /dev/null +++ b/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch @@ -0,0 +1,25 @@ +From 782dd7a1deacfcaa4318519f1cae2c0b4748661b Mon Sep 17 00:00:00 2001 +From: Orion Poplawski +Date: Sun, 25 Oct 2020 11:43:25 -0600 +Subject: [PATCH] Give root RW permissions to /var/lib/cobbler/web.ss + +--- + cobbler/cobblerd.py | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/cobbler/cobblerd.py b/cobbler/cobblerd.py +index fe1cf889..34aedf97 100644 +--- a/cobbler/cobblerd.py ++++ b/cobbler/cobblerd.py +@@ -57,7 +57,7 @@ def regen_ss_file(): + data = fd.read(512) + fd.close() + +- fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o600) ++ fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o660) + os.write(fd, binascii.hexlify(data)) + os.close(fd) + +-- +2.29.0 + diff --git a/2441.patch b/2441.patch new file mode 100644 index 0000000..fb1f0f4 --- /dev/null +++ b/2441.patch @@ -0,0 +1,30 @@ +From 8c04ef7d81f33900fda1ad3c4efa710827e22064 Mon Sep 17 00:00:00 2001 +From: Orion Poplawski +Date: Sun, 25 Oct 2020 13:49:25 -0600 +Subject: [PATCH] Do not try to access log file if we are not running as root + +--- + cobbler/clogger.py | 10 ++-------- + 1 file changed, 2 insertions(+), 8 deletions(-) + +diff --git a/cobbler/clogger.py b/cobbler/clogger.py +index 191455113..635865dc1 100644 +--- a/cobbler/clogger.py ++++ b/cobbler/clogger.py +@@ -30,14 +30,8 @@ + # Cobbler. + + # This is necessary to prevent apache to try to access the file +-LOG_FILE = "/var/log/cobbler/cobbler.log" +-try: +- if not os.path.isfile(LOG_FILE): +- open(LOG_FILE, 'a').close() +- if os.access(LOG_FILE, os.W_OK): +- logging.config.fileConfig('/etc/cobbler/logging_config.conf') +-except Exception: +- pass ++if os.geteuid() == 0: ++ logging.config.fileConfig('/etc/cobbler/logging_config.conf') + + + class Logger(object): diff --git a/cobbler.spec b/cobbler.spec index e32da88..9fc8b3a 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.0 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -17,6 +17,11 @@ Patch0: cobbler-httpd.patch # Support RHEL # https://github.com/cobbler/cobbler/pull/2438 Patch1: cobbler-rhel.patch +# Give root write permissions to /var/lib/cobbler/web.ss +# https://github.com/cobbler/cobbler/pull/2439 +Patch2: 0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch +# Fix SELinux logging issue +Patch3: https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pull/2441.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -136,6 +141,9 @@ mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd.service %{buildroot}%{_unitdir} # cobbler-web rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf +# ghosted files +touch %{buildroot}%{_sharedstatedir}/cobbler/web.ss + %pre if [ $1 -ge 2 ]; then @@ -195,6 +203,7 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %{tftpboot_dir}/* /var/www/cobbler %config(noreplace) %{_sharedstatedir}/cobbler +%exclude %{_sharedstatedir}/cobbler/web.ss %exclude %{_sharedstatedir}/cobbler/webui_sessions /var/log/cobbler @@ -203,6 +212,7 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %doc AUTHORS.in README.md %config(noreplace) /etc/httpd/conf.d/cobbler_web.conf %attr(-,apache,apache) %{_datadir}/cobbler/web +%ghost %attr(0660,apache,root) %{_sharedstatedir}/cobbler/web.ss %dir %attr(700,apache,root) %{_sharedstatedir}/cobbler/webui_sessions %attr(-,apache,apache) /var/www/cobbler_webui_content/ @@ -212,6 +222,10 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Sun Oct 25 2020 Orion Poplawski - 3.2.0-2 +- Give root RW permission to /var/lib/cobbler/web.ss +- Fix SELinux cobbler logging issue + * Sat Oct 24 2020 Orion Poplawski - 3.2.0-1 - Update to 3.2.0 From 300d4bdffb800fc84b1f4dfa2a9d363454ff94c2 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Tue, 26 Jan 2021 02:13:12 +0000 Subject: [PATCH 29/89] - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 9fc8b3a..0ca5e1c 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.0 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -222,6 +222,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Tue Jan 26 2021 Fedora Release Engineering - 3.2.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + * Sun Oct 25 2020 Orion Poplawski - 3.2.0-2 - Give root RW permission to /var/lib/cobbler/web.ss - Fix SELinux cobbler logging issue From 462fed2ca9afa844f18c080c7c9e9676d2305ae6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Tue, 2 Mar 2021 16:14:04 +0100 Subject: [PATCH 30/89] Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. --- cobbler.spec | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 0ca5e1c..6bd4e8f 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.0 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -222,6 +222,10 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.2.0-4 +- Rebuilt for updated systemd-rpm-macros + See https://pagure.io/fesco/issue/2583. + * Tue Jan 26 2021 Fedora Release Engineering - 3.2.0-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild From ed73b55b2ada63760643bbca5fc66a5d5caabfa4 Mon Sep 17 00:00:00 2001 From: Python Maint Date: Fri, 4 Jun 2021 20:01:43 +0200 Subject: [PATCH 31/89] Rebuilt for Python 3.10 --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 6bd4e8f..c1f3dd8 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.0 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -222,6 +222,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Fri Jun 04 2021 Python Maint - 3.2.0-5 +- Rebuilt for Python 3.10 + * Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.2.0-4 - Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583. From ec0b8b57f3a7507883b8a4495b4d10e0a155d082 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 21 Jul 2021 14:44:55 +0000 Subject: [PATCH 32/89] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering From 709edc8c43878d66892d2a224e5319615b06ce1f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 21 Jul 2021 19:42:42 +0000 Subject: [PATCH 33/89] - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index c1f3dd8..dd6fc56 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.0 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -222,6 +222,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Wed Jul 21 2021 Fedora Release Engineering - 3.2.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + * Fri Jun 04 2021 Python Maint - 3.2.0-5 - Rebuilt for Python 3.10 From 2648f0332c726c7afa69b2d0b52e88a78c570078 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 22 Sep 2021 21:52:50 -0600 Subject: [PATCH 34/89] Update to 3.2.1 --- cobbler.spec | 23 +++++++++-------------- sources | 2 +- 2 files changed, 10 insertions(+), 15 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index dd6fc56..3a3c5cd 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -4,8 +4,8 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.2.0 -Release: 6%{?dist} +Version: 3.2.1 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -14,14 +14,6 @@ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-% # Revert upstream's VirtualHost addition # https://github.com/cobbler/cobbler/issues/2286 Patch0: cobbler-httpd.patch -# Support RHEL -# https://github.com/cobbler/cobbler/pull/2438 -Patch1: cobbler-rhel.patch -# Give root write permissions to /var/lib/cobbler/web.ss -# https://github.com/cobbler/cobbler/pull/2439 -Patch2: 0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch -# Fix SELinux logging issue -Patch3: https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pull/2441.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -32,10 +24,10 @@ BuildRequires: %{py3_dist coverage} BuildRequires: python%{python3_pkgversion}-coverage %endif BuildRequires: python%{python3_pkgversion}-distro -BuildRequires: python%{python3_pkgversion}-future BuildRequires: python%{python3_pkgversion}-netaddr BuildRequires: python%{python3_pkgversion}-PyYAML BuildRequires: python%{python3_pkgversion}-requests +BuildRequires: python%{python3_pkgversion}-schema BuildRequires: python%{python3_pkgversion}-setuptools BuildRequires: python%{python3_pkgversion}-simplejson # For docs @@ -44,17 +36,17 @@ BuildRequires: python%{python3_pkgversion}-sphinx Requires: httpd Requires: tftp-server Requires: createrepo_c -Requires: file Requires: rsync Requires: xorriso Requires: python%{python3_pkgversion}-cheetah Requires: python%{python3_pkgversion}-distro Requires: python%{python3_pkgversion}-dns -Requires: python%{python3_pkgversion}-future +Requires: python%{python3_pkgversion}-file-magic Requires: python%{python3_pkgversion}-mod_wsgi Requires: python%{python3_pkgversion}-netaddr Requires: python%{python3_pkgversion}-PyYAML Requires: python%{python3_pkgversion}-requests +Requires: python%{python3_pkgversion}-schema Requires: python%{python3_pkgversion}-simplejson Requires: python%{python3_pkgversion}-tornado @@ -69,6 +61,7 @@ Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) Recommends: grub2-efi-ia32 Recommends: grub2-efi-x64 Recommends: logrotate +Recommends: python%{python3_pkgversion}-librepo %else Requires: yum-utils %endif @@ -189,7 +182,6 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %{_bindir}/cobbler %{_bindir}/cobbler-ext-nodes %{_bindir}/cobblerd -%{_sbindir}/fence_ipmitool %{_sbindir}/tftpd.py %{_datadir}/bash-completion/ %dir %{_datadir}/cobbler @@ -222,6 +214,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Wed Sep 22 2021 Orion Poplawski - 3.2.1-1 +- Update to 3.2.1 + * Wed Jul 21 2021 Fedora Release Engineering - 3.2.0-6 - Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild diff --git a/sources b/sources index f6217d2..754f574 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.2.0.tar.gz) = efbd3dba2b12aae46cc624aaa22ea8214f8d71df2d591be8c9b350c960df60daf7e5ee91b1316ddbb3334072f5f59355d3c0618d9bb465a2250f3bf829d5b9eb +SHA512 (cobbler-3.2.1.tar.gz) = 6ee0ad1e8c0eb20980693684db926b1d44be492099e0344bea917ca7c9233afa60a764b7aaf74b31a6d169d16e8fb0651795b584f940b75fa56ce6956df2dc8f From eaa83c65912fdb3f0ddbcf31f1c3aa51dc14e035 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 22 Sep 2021 21:59:49 -0600 Subject: [PATCH 35/89] Update to 3.2.2 bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings --- cobbler.spec | 8 +++++++- sources | 2 +- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 3a3c5cd..a69e56f 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -4,7 +4,7 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.2.1 +Version: 3.2.2 Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ @@ -214,6 +214,12 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Thu Sep 23 2021 Orion Poplawski - 3.2.2-1 +- Update to 3.2.2 +- bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection +- bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function +- bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings + * Wed Sep 22 2021 Orion Poplawski - 3.2.1-1 - Update to 3.2.1 diff --git a/sources b/sources index 754f574..e8eac50 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.2.1.tar.gz) = 6ee0ad1e8c0eb20980693684db926b1d44be492099e0344bea917ca7c9233afa60a764b7aaf74b31a6d169d16e8fb0651795b584f940b75fa56ce6956df2dc8f +SHA512 (cobbler-3.2.2.tar.gz) = 65f3bf3bb43d1b1a6631ab299cd5a9a807c8e20ea07a61f89edc425b4833be5f2ddf0ac473010906bbcaaa5edfad577378185290bd2db01d9d64f276c2ad6be9 From aa1eab6b0f23be3c5270719a5e6cbc69931e9c87 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 23 Sep 2021 21:59:20 -0600 Subject: [PATCH 36/89] Migrate settings to settings.yaml Migrate pre-cobbler 3 data if needed Fix autoinstall_templates -> templates --- 2590.patch | 92 +++++++++++++++++++++++++++++++++++++++++++ cobbler-scripts.patch | 12 ++++++ cobbler.spec | 29 +++++++++++++- migrate-settings.sh | 3 ++ 4 files changed, 135 insertions(+), 1 deletion(-) create mode 100644 2590.patch create mode 100644 cobbler-scripts.patch create mode 100644 migrate-settings.sh diff --git a/2590.patch b/2590.patch new file mode 100644 index 0000000..5e7221b --- /dev/null +++ b/2590.patch @@ -0,0 +1,92 @@ +From 4b5025e9e30db30d6e264fabeb860a7758d7d7ad Mon Sep 17 00:00:00 2001 +From: Orion Poplawski +Date: Mon, 8 Mar 2021 22:04:52 -0700 +Subject: [PATCH] autoinstall_templates are installed into + /var/lib/cobbler/templates + +--- + cobbler/actions/sync.py | 2 +- + config/cobbler/settings.yaml | 4 ++-- + docs/cobbler-conf.rst | 4 ++-- + tests/test_data/settings_old | 4 ++-- + 4 files changed, 7 insertions(+), 7 deletions(-) + +diff --git a/cobbler/actions/sync.py b/cobbler/actions/sync.py +index 2667edb56..302c81de7 100644 +--- a/cobbler/actions/sync.py ++++ b/cobbler/actions/sync.py +@@ -179,7 +179,7 @@ def clean_trees(self): + if x not in self.settings.webdir_whitelist: + # delete directories that shouldn't exist + utils.rmtree(path, logger=self.logger) +- if x in ["autoinstall_templates", "autoinstall_templates_sys", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]: ++ if x in ["templates", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]: + # clean out directory contents + utils.rmtree_contents(path, logger=self.logger) + # +diff --git a/config/cobbler/settings.yaml b/config/cobbler/settings.yaml +index b2e05a7bf..ac8edccbf 100644 +--- a/config/cobbler/settings.yaml ++++ b/config/cobbler/settings.yaml +@@ -77,7 +77,7 @@ cheetah_import_whitelist: + createrepo_flags: "-c cache -s sha" + + # if no autoinstall template is specified to profile add, use this template +-default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks ++default_autoinstall: /var/lib/cobbler/templates/default.ks + + # configure all installed systems to use these nameservers by default + # unless defined differently in the profile. For DHCP configurations +@@ -92,7 +92,7 @@ default_ownership: + - "admin" + + # Cobbler has various sample automatic installation templates stored +-# in /var/lib/cobbler/autoinstall_templates/. This controls ++# in /var/lib/cobbler/templates/. This controls + # what install (root) password is set up for those + # systems that reference this variable. The factory + # default is "cobbler" and Cobbler check will warn if +diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst +index 52621e278..ef65acc0b 100644 +--- a/docs/cobbler-conf.rst ++++ b/docs/cobbler-conf.rst +@@ -257,7 +257,7 @@ default_autoinstall + + If no autoinstall template is specified to profile add, use this template. + +-default: ``/var/lib/cobbler/autoinstall_templates/default.ks`` ++default: ``/var/lib/cobbler/templates/default.ks`` + + default_name_* + ============== +@@ -284,7 +284,7 @@ default: + default_password_crypted + ======================== + +-Cobbler has various sample automatic installation templates stored in ``/var/lib/cobbler/autoinstall_templates/``. This ++Cobbler has various sample automatic installation templates stored in ``/var/lib/cobbler/templates/``. This + controls what install (root) password is set up for those systems that reference this variable. The factory default is + "cobbler" and Cobbler check will warn if this is not changed. The simplest way to change the password is to run + ``openssl passwd -1`` and put the output between the ``""``. +diff --git a/tests/test_data/settings_old b/tests/test_data/settings_old +index acbe8cdc9..1b531d21d 100644 +--- a/tests/test_data/settings_old ++++ b/tests/test_data/settings_old +@@ -92,7 +92,7 @@ cheetah_import_whitelist: + createrepo_flags: "-c cache -s sha" + + # if no autoinstall template is specified to profile add, use this template +-default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks ++default_autoinstall: /var/lib/cobbler/templates/default.ks + + # configure all installed systems to use these nameservers by default + # unless defined differently in the profile. For DHCP configurations +@@ -107,7 +107,7 @@ default_ownership: + - "admin" + + # cobbler has various sample automatic installation templates stored +-# in /var/lib/cobbler/autoinstall_templates/. This controls ++# in /var/lib/cobbler/templates/. This controls + # what install (root) password is set up for those + # systems that reference this variable. The factory + # default is "cobbler" and cobbler check will warn if diff --git a/cobbler-scripts.patch b/cobbler-scripts.patch new file mode 100644 index 0000000..97f3058 --- /dev/null +++ b/cobbler-scripts.patch @@ -0,0 +1,12 @@ +diff -up cobbler-3.2.1/setup.py.orig cobbler-3.2.1/setup.py +--- cobbler-3.2.1/setup.py.orig 2021-03-04 12:07:10.000000000 -0700 ++++ cobbler-3.2.1/setup.py 2021-03-08 22:25:15.239563778 -0700 +@@ -566,7 +566,7 @@ if __name__ == "__main__": + ("share/cobbler/web", glob("web/*.*")), + ("%s" % webcontent, glob("web/static/*")), + ("%s" % webimages, glob("web/static/images/*")), +- ("share/cobbler/bin", glob("scripts/*.sh")), ++ ("share/cobbler/bin", glob("scripts/*")), + ("share/cobbler/web/templates", glob("web/templates/*")), + ("%s/webui_sessions" % libpath, []), + ("%s/loaders" % libpath, []), diff --git a/cobbler.spec b/cobbler.spec index a69e56f..32f6f29 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,15 +5,20 @@ Name: cobbler Version: 3.2.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz #Source0: https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz +Source1: migrate-settings.sh # Revert upstream's VirtualHost addition # https://github.com/cobbler/cobbler/issues/2286 Patch0: cobbler-httpd.patch +# Fix autoinstall_templates -> templates +Patch1: https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pull/2590.patch +# Install migrate-data-v2-to-v3.py - https://github.com/cobbler/cobbler/pull/2591 +Patch2: cobbler-scripts.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -137,6 +142,9 @@ rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf # ghosted files touch %{buildroot}%{_sharedstatedir}/cobbler/web.ss +# migrate-settings.sh +install -p -m0755 %SOURCE1 %{buildroot}%{_datadir}/cobbler/bin/migrate-settings.sh + %pre if [ $1 -ge 2 ]; then @@ -158,6 +166,20 @@ fi %post %systemd_post cobblerd.service +%posttrans +# Migrate pre-3.2.1 settings to settings.yaml +if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then + echo warning: migrating old settings to settings.yaml + mv %{_sysconfdir}/cobbler/settings.yaml{,.rpmnew} + mv %{_sysconfdir}/cobbler/settings.{rpmsave,yaml} + %{_datadir}/cobbler/bin/migrate-settings.sh +fi +# Migrate pre-3 configuration data if needed +if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0 ]; then + echo warning: migrating pre cobbler 3 configuration data + %{_datadir}/cobbler/bin/migrate-data-v2-to-v3.py +fi + %preun %systemd_preun cobblerd.service @@ -214,6 +236,11 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Thu Sep 23 2021 Orion Poplawski - 3.2.2-2 +- Migrate settings to settings.yaml +- Migrate pre-cobbler 3 data if needed +- Fix autoinstall_templates -> templates + * Thu Sep 23 2021 Orion Poplawski - 3.2.2-1 - Update to 3.2.2 - bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection diff --git a/migrate-settings.sh b/migrate-settings.sh new file mode 100644 index 0000000..6471f30 --- /dev/null +++ b/migrate-settings.sh @@ -0,0 +1,3 @@ +#!/bin/bash +sed -i -e 's,^default_kickstart: */var/lib/cobbler/kickstarts,default_autoinstall: /var/lib/cobbler/templates,' \ + -e '/^\(consoles\|func_\|kernel_options_s390x\|power_template_dir\|pxe_template_dir\|redhat_management_type\|snippetsdir\|template_remote_kickstarts\):/s/^/# REMOVED: /' /etc/cobbler/settings.yaml From 478eae1835b3ccd2fc2541f52992a3f1997779bb Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 7 Oct 2021 22:27:46 -0600 Subject: [PATCH 37/89] Fix dependencies (bz#2010567) --- cobbler.spec | 47 ++++++++++++++++++++++++++++++----------------- 1 file changed, 30 insertions(+), 17 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 32f6f29..4dcb8b5 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -22,12 +22,21 @@ Patch2: cobbler-scripts.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel -BuildRequires: python%{python3_pkgversion}-cheetah %if 0%{?fedora} || 0%{?rhel} >= 8 +BuildRequires: %{py3_dist cheetah3} BuildRequires: %{py3_dist coverage} +BuildRequires: %{py3_dist distro} +BuildRequires: %{py3_dist netaddr} +BuildRequires: %{py3_dist pyyaml} +BuildRequires: %{py3_dist requests} +BuildRequires: %{py3_dist schema} +BuildRequires: %{py3_dist setuptools} +BuildRequires: %{py3_dist simplejson} +# For docs +BuildRequires: %{py3_dist sphinx} %else +BuildRequires: python%{python3_pkgversion}-cheetah BuildRequires: python%{python3_pkgversion}-coverage -%endif BuildRequires: python%{python3_pkgversion}-distro BuildRequires: python%{python3_pkgversion}-netaddr BuildRequires: python%{python3_pkgversion}-PyYAML @@ -37,23 +46,24 @@ BuildRequires: python%{python3_pkgversion}-setuptools BuildRequires: python%{python3_pkgversion}-simplejson # For docs BuildRequires: python%{python3_pkgversion}-sphinx +%endif Requires: httpd Requires: tftp-server Requires: createrepo_c Requires: rsync Requires: xorriso -Requires: python%{python3_pkgversion}-cheetah -Requires: python%{python3_pkgversion}-distro -Requires: python%{python3_pkgversion}-dns -Requires: python%{python3_pkgversion}-file-magic -Requires: python%{python3_pkgversion}-mod_wsgi -Requires: python%{python3_pkgversion}-netaddr -Requires: python%{python3_pkgversion}-PyYAML -Requires: python%{python3_pkgversion}-requests -Requires: python%{python3_pkgversion}-schema -Requires: python%{python3_pkgversion}-simplejson -Requires: python%{python3_pkgversion}-tornado +Requires: %{py3_dist cheetah3} +Requires: %{py3_dist distro} +Requires: %{py3_dist dnspython} +Requires: %{py3_dist file-magic} +Requires: %{py3_dist mod_wsgi} +Requires: %{py3_dist netaddr} +Requires: %{py3_dist pyyaml} +Requires: %{py3_dist requests} +Requires: %{py3_dist schema} +Requires: %{py3_dist simplejson} +Requires: %{py3_dist tornado} Requires: genisoimage %if 0%{?fedora} || 0%{?rhel} >= 8 @@ -66,7 +76,7 @@ Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) Recommends: grub2-efi-ia32 Recommends: grub2-efi-x64 Recommends: logrotate -Recommends: python%{python3_pkgversion}-librepo +Recommends: %{py3_dist librepo} %else Requires: yum-utils %endif @@ -92,8 +102,8 @@ other applications. %package -n cobbler-web Summary: Web interface for Cobbler Requires: cobbler = %{version}-%{release} -Requires: python%{python3_pkgversion}-django -Requires: python%{python3_pkgversion}-mod_wsgi +Requires: %{py3_dist django} +Requires: %{py3_dist mod_wsgi} Requires: mod_ssl Requires(post): coreutils Requires(post): sed @@ -236,6 +246,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Fri Oct 07 2021 Orion Poplawski - 3.2.2-3 +- Fix dependencies (bz#2010567) + * Thu Sep 23 2021 Orion Poplawski - 3.2.2-2 - Migrate settings to settings.yaml - Migrate pre-cobbler 3 data if needed From 6cbc1cbb46474a5f985b8581ca2497304372514e Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 22 Nov 2021 19:50:41 -0700 Subject: [PATCH 38/89] Add new keys to settings.yaml on migration or if missing Save original settings to settings.rpmorig --- cobbler.spec | 12 ++++++++++-- migrate-settings.sh | 3 ++- 2 files changed, 12 insertions(+), 3 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 4dcb8b5..61414b1 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -181,9 +181,13 @@ fi if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then echo warning: migrating old settings to settings.yaml mv %{_sysconfdir}/cobbler/settings.yaml{,.rpmnew} + cp -a %{_sysconfdir}/cobbler/settings.{rpmsave,rpmorig} mv %{_sysconfdir}/cobbler/settings.{rpmsave,yaml} %{_datadir}/cobbler/bin/migrate-settings.sh fi +# Add some missing options if needed +sed -i -e '/^cache_enabled:/q' -e '$a#ADDED:' -e '$acache_enabled: true' settings.yaml +sed -i -e '/^reposync_rsync_flags:/q' -e '$a#ADDED:' -e '$areposync_rsync_flags: "-rltDv --copy-unsafe-links"' settings.yaml # Migrate pre-3 configuration data if needed if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0 ]; then echo warning: migrating pre cobbler 3 configuration data @@ -246,7 +250,11 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog -* Fri Oct 07 2021 Orion Poplawski - 3.2.2-3 +* Mon Nov 22 2021 Orion Poplawski - 3.2.2-4 +- Add new keys to settings.yaml on migration or if missing +- Save original settings to settings.rpmorig + +* Fri Oct 08 2021 Orion Poplawski - 3.2.2-3 - Fix dependencies (bz#2010567) * Thu Sep 23 2021 Orion Poplawski - 3.2.2-2 diff --git a/migrate-settings.sh b/migrate-settings.sh index 6471f30..6ef3c1a 100644 --- a/migrate-settings.sh +++ b/migrate-settings.sh @@ -1,3 +1,4 @@ #!/bin/bash sed -i -e 's,^default_kickstart: */var/lib/cobbler/kickstarts,default_autoinstall: /var/lib/cobbler/templates,' \ - -e '/^\(consoles\|func_\|kernel_options_s390x\|power_template_dir\|pxe_template_dir\|redhat_management_type\|snippetsdir\|template_remote_kickstarts\):/s/^/# REMOVED: /' /etc/cobbler/settings.yaml + -e '/^\(consoles\|func_\|kernel_options_s390x\|power_template_dir\|pxe_template_dir\|redhat_management_type\|snippetsdir\|template_remote_kickstarts\):/s/^/# REMOVED: /' \ + -e '$a#ADDED:' -e '$acache_enabled: true' -e '$areposync_rsync_flags: "-rltDv --copy-unsafe-links"' /etc/cobbler/settings.yaml From 8e9ce1e0db7ca8bcd962adc79c2618d7b5cc42a5 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Wed, 8 Dec 2021 19:57:06 -0700 Subject: [PATCH 39/89] Remove defunct get-loaders command --- cobbler-remove-get-loaders.patch | 316 +++++++++++++++++++++++++++++++ cobbler.spec | 7 +- 2 files changed, 322 insertions(+), 1 deletion(-) create mode 100644 cobbler-remove-get-loaders.patch diff --git a/cobbler-remove-get-loaders.patch b/cobbler-remove-get-loaders.patch new file mode 100644 index 0000000..d2f1981 --- /dev/null +++ b/cobbler-remove-get-loaders.patch @@ -0,0 +1,316 @@ +commit a798eabd9b9e3e7d4cb8a828a5aa2273c69cec48 +Author: Dominik Gedon +Date: Fri Mar 5 16:25:05 2021 +0100 + + Remove get-loader code + +diff --git a/cobbler/actions/check.py b/cobbler/actions/check.py +index e034071e..4fadab53 100644 +--- a/cobbler/actions/check.py ++++ b/cobbler/actions/check.py +@@ -386,12 +386,11 @@ class CobblerCheck: + not_found.append(loader_name) + + if len(not_found) > 0: +- status.append("some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler " +- "get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, " +- "you may ensure that you have installed a *recent* version of the syslinux package " +- "installed and can ignore this message entirely. Files in this directory, should you want " +- "to support all architectures, should include pxelinux.0, menu.c32, and yaboot. The " +- "'cobbler get-loaders' command is the easiest way to resolve these requirements.") ++ status.append("some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to " ++ "handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version " ++ "of the syslinux package installed and can ignore this message entirely. Files in this " ++ "directory, should you want to support all architectures, should include pxelinux.0, " ++ "menu.c32, and yaboot.") + + def check_tftpd_dir(self, status): + """ +diff --git a/cobbler/actions/dlcontent.py b/cobbler/actions/dlcontent.py +deleted file mode 100644 +index 84d73b8d..00000000 +--- a/cobbler/actions/dlcontent.py ++++ /dev/null +@@ -1,77 +0,0 @@ +-""" +-Downloads bootloader content for all arches for when the user doesn't want to supply their own. +- +-Copyright 2009, Red Hat, Inc and Others +-Michael DeHaan +- +-This program is free software; you can redistribute it and/or modify +-it under the terms of the GNU General Public License as published by +-the Free Software Foundation; either version 2 of the License, or +-(at your option) any later version. +- +-This program is distributed in the hope that it will be useful, +-but WITHOUT ANY WARRANTY; without even the implied warranty of +-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +-GNU General Public License for more details. +- +-You should have received a copy of the GNU General Public License +-along with this program; if not, write to the Free Software +-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA +-02110-1301 USA +-""" +- +-import os +- +-from cobbler import clogger +-from cobbler import download_manager +- +- +-class ContentDownloader: +- +- def __init__(self, collection_mgr, logger=None): +- """ +- Constructor +- +- :param collection_mgr: The main collection manager instance which is used by the current running server. +- :param logger: The logger object which logs to the desired target. +- """ +- self.collection_mgr = collection_mgr +- self.settings = collection_mgr.settings() +- if logger is None: +- logger = clogger.Logger() +- self.logger = logger +- +- def run(self, force: bool = False): +- """ +- Download bootloader content for all of the latest bootloaders, since the user has chosen to not supply their +- own. You may ask "why not get this from yum", we also want this to be able to work on Debian and further do not +- want folks to have to install a cross compiler. For those that don't like this approach they can still source +- their cross-arch bootloader content manually. +- +- :param force: If the target path should be overwritten, even if there are already files present. +- """ +- +- content_server = "https://cobbler.github.io/loaders" +- dest = "/var/lib/cobbler/loaders" +- +- files = ( +- ("%s/README" % content_server, "%s/README" % dest), +- ("%s/COPYING.yaboot" % content_server, "%s/COPYING.yaboot" % dest), +- ("%s/COPYING.syslinux" % content_server, "%s/COPYING.syslinux" % dest), +- ("%s/yaboot-1.3.17" % content_server, "%s/yaboot" % dest), +- ("%s/pxelinux.0-3.86" % content_server, "%s/pxelinux.0" % dest), +- ("%s/menu.c32-3.86" % content_server, "%s/menu.c32" % dest), +- ("%s/grub-0.97-x86.efi" % content_server, "%s/grub-x86.efi" % dest), +- ("%s/grub-0.97-x86_64.efi" % content_server, "%s/grub-x86_64.efi" % dest), +- ) +- +- dlmgr = download_manager.DownloadManager(self.collection_mgr, self.logger) +- for src, dst in files: +- if os.path.exists(dst) and not force: +- self.logger.info("path %s already exists, not overwriting existing content, use --force if you wish " +- "to update" % dst) +- continue +- self.logger.info("downloading %s to %s" % (src, dst)) +- dlmgr.download_file(src, dst) +- +-# EOF +diff --git a/cobbler/api.py b/cobbler/api.py +index bdf18391..9c52015e 100644 +--- a/cobbler/api.py ++++ b/cobbler/api.py +@@ -25,7 +25,7 @@ import random + import tempfile + from typing import Optional + +-from cobbler.actions import status, dlcontent, hardlink, sync, buildiso, replicate, report, log, acl, check, reposync ++from cobbler.actions import status, hardlink, sync, buildiso, replicate, report, log, acl, check, reposync + from cobbler import autoinstall_manager + from cobbler import clogger + from cobbler.cobbler_collections import manager +@@ -1276,21 +1276,6 @@ class CobblerAPI: + + # ========================================================================== + +- def dlcontent(self, force=False, logger=None): +- """ +- Downloads bootloader content that may not be avialable in packages for the given arch, ex: if installing on PPC, +- get syslinux. If installing on x86_64, get elilo, etc. +- +- :param force: Force the download, although the content may be already downloaded. +- :param logger: The logger to audit the removal with. +- """ +- # FIXME: teach code that copies it to grab from the right place +- self.log("dlcontent") +- grabber = dlcontent.ContentDownloader(self._collection_mgr, logger=logger) +- return grabber.run(force) +- +- # ========================================================================== +- + def validate_autoinstall_files(self, logger=None): + """ + Validate if any of the autoinstallation files are invalid and if yes report this. +diff --git a/cobbler/cli.py b/cobbler/cli.py +index 5441ce0a..9a6c4fff 100644 +--- a/cobbler/cli.py ++++ b/cobbler/cli.py +@@ -55,7 +55,7 @@ OBJECT_ACTIONS = [] + for actions in list(OBJECT_ACTIONS_MAP.values()): + OBJECT_ACTIONS += actions + DIRECT_ACTIONS = "aclsetup buildiso import list replicate report reposync sync validate-autoinstalls version " \ +- "signature get-loaders hardlink".split() ++ "signature hardlink".split() + + #################################################### + +@@ -687,10 +687,6 @@ class CobblerCLI: + elif action_name == "validate-autoinstalls": + (options, args) = self.parser.parse_args(self.args) + task_id = self.start_task("validate_autoinstall_files", options) +- elif action_name == "get-loaders": +- self.parser.add_option("--force", dest="force", action="store_true", help="overwrite any existing content in /var/lib/cobbler/loaders") +- (options, args) = self.parser.parse_args(self.args) +- task_id = self.start_task("dlcontent", options) + elif action_name == "import": + self.parser.add_option("--arch", dest="arch", help="OS architecture being imported") + self.parser.add_option("--breed", dest="breed", help="the breed being imported") +diff --git a/cobbler/remote.py b/cobbler/remote.py +index 759879a8..ac788752 100644 +--- a/cobbler/remote.py ++++ b/cobbler/remote.py +@@ -200,18 +200,6 @@ class CobblerXMLRPCInterface: + ) + return self.__start_task(runner, token, "aclsetup", "(CLI) ACL Configuration", options) + +- def background_dlcontent(self, options, token) -> str: +- """ +- Download bootloaders and other support files. +- +- :param options: Unknown what this parameter is doing at the moment. +- :param token: The API-token obtained via the login() method. The API-token obtained via the login() method. +- :return: The id of the task which was started. +- """ +- def runner(self): +- self.remote.api.dlcontent(self.options.get("force", False), self.logger) +- return self.__start_task(runner, token, "get_loaders", "Download Bootloader Content", options) +- + def background_sync(self, options, token) -> str: + """ + Run a full Cobbler sync in the background. +diff --git a/config/bash/completion/cobbler b/config/bash/completion/cobbler +index f2d5bd59..169dbaec 100755 +--- a/config/bash/completion/cobbler ++++ b/config/bash/completion/cobbler +@@ -9,7 +9,7 @@ _cobbler_completions() + prev="${COMP_WORDS[COMP_CWORD-1]}" + cobbler_type=${COMP_WORDS[1]} + COMPREPLY=() +- TYPE="distro profile system repo image mgmtclass package file aclsetup buildiso import list replicate report reposync sync validateks version signature get-loaders hardlink" ++ TYPE="distro profile system repo image mgmtclass package file aclsetup buildiso import list replicate report reposync sync validateks version signature hardlink" + ACTION="add edit copy list remove rename report" + opts=( + [distro]="--ctime --depth --mtime --source-repos --tree-build-time --uid --arch --autoinstall-meta --boot-files --boot-loader --breed --comment --fetchable-files --initrd --kernel --kernel-options --kernel-options-post --mgmt-classes --name --os-version --owners --redhat-management-key --template-files --in-place --help" +diff --git a/config/cobbler/settings.yaml b/config/cobbler/settings.yaml +index 82b8c11f..b2e05a7b 100644 +--- a/config/cobbler/settings.yaml ++++ b/config/cobbler/settings.yaml +@@ -426,7 +426,7 @@ replicate_repo_rsync_options: "-avzH" + # always write DHCP entries, regardless if netboot is enabled + always_write_dhcp_entries: false + +-# External proxy - used by: "get-loaders", "reposync", "signature update" ++# External proxy - used by: reposync", "signature update" + # Eg: "http://192.168.1.1:8080" (HTTP), "https://192.168.1.1:8443" (HTTPS) + proxy_url_ext: "" + +diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst +index 673beffd..808d7738 100644 +--- a/docs/cobbler-conf.rst ++++ b/docs/cobbler-conf.rst +@@ -577,7 +577,7 @@ default: ``ipmilanplus`` + proxy_url_ext + ============= + +-External proxy which is used by the following commands: ``get-loaders``, ``reposync``, ``signature update`` ++External proxy which is used by the following commands: ``reposync``, ``signature update`` + + defaults: + +diff --git a/docs/cobbler.rst b/docs/cobbler.rst +index 1fffc41e..6332a662 100644 +--- a/docs/cobbler.rst ++++ b/docs/cobbler.rst +@@ -74,7 +74,7 @@ Long Usage: + .. code-block:: shell + + cobbler ... [add|edit|copy|get-autoinstall*|list|remove|rename|report] [options|--help] +- cobbler [options|--help] ++ cobbler [options|--help] + + Cobbler distro + ============== +@@ -1071,15 +1071,6 @@ Example: + + $ cobbler signature + +-Cobbler get-loaders +-=================== +- +-Example: +- +-.. code-block:: shell +- +- $ cobbler get-loaders +- + Cobbler hardlink + ================ + +diff --git a/docs/code-autodoc/cobbler.actions.rst b/docs/code-autodoc/cobbler.actions.rst +index 44f7e1a4..a5845996 100644 +--- a/docs/code-autodoc/cobbler.actions.rst ++++ b/docs/code-autodoc/cobbler.actions.rst +@@ -28,14 +28,6 @@ cobbler.actions.check module + :undoc-members: + :show-inheritance: + +-cobbler.actions.dlcontent module +--------------------------------- +- +-.. automodule:: cobbler.actions.dlcontent +- :members: +- :undoc-members: +- :show-inheritance: +- + cobbler.actions.hardlink module + ------------------------------- + +diff --git a/tests/cli/cobbler_cli_direct_test.py b/tests/cli/cobbler_cli_direct_test.py +index 7cd6729c..01d42d6d 100644 +--- a/tests/cli/cobbler_cli_direct_test.py ++++ b/tests/cli/cobbler_cli_direct_test.py +@@ -148,11 +148,6 @@ class TestCobblerCliTestDirect: + i = assert_report_section(lines, i, "packages") + i = assert_report_section(lines, i, "files") + +- def test_cobbler_getloaders(self, run_cmd, get_last_line): +- (outputstd, outputerr) = run_cmd(cmd=["get-loaders"]) +- lines = outputstd.split("\n") +- assert "*** TASK COMPLETE ***" == get_last_line(lines) +- + def test_cobbler_hardlink(self, run_cmd, get_last_line): + (outputstd, outputerr) = run_cmd(cmd=["hardlink"]) + lines = outputstd.split("\n") +diff --git a/tests/xmlrpcapi/background_test.py b/tests/xmlrpcapi/background_test.py +index 36c03b01..64e219ca 100644 +--- a/tests/xmlrpcapi/background_test.py ++++ b/tests/xmlrpcapi/background_test.py +@@ -25,15 +25,6 @@ class TestBackground: + # Assert + assert result + +- def test_background_dlccontent(self, remote, token): +- # Arrange +- +- # Act +- result = remote.background_dlcontent({}, token) +- +- # Assert +- assert result +- + def test_background_hardlink(self, remote, token): + # Arrange + diff --git a/cobbler.spec b/cobbler.spec index 61414b1..6b31076 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -19,6 +19,8 @@ Patch0: cobbler-httpd.patch Patch1: https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pull/2590.patch # Install migrate-data-v2-to-v3.py - https://github.com/cobbler/cobbler/pull/2591 Patch2: cobbler-scripts.patch +# Remove get-loaders command +Patch3: cobbler-remove-get-loaders.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -250,6 +252,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Thu Dec 09 2021 Orion Poplawski - 3.2.2-5 +- Remove defunct get-loaders command + * Mon Nov 22 2021 Orion Poplawski - 3.2.2-4 - Add new keys to settings.yaml on migration or if missing - Save original settings to settings.rpmorig From f610a3843e05e9fb45c7eb08ee09181f6d5b56c0 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 23 Dec 2021 13:17:34 -0700 Subject: [PATCH 40/89] Fix path to settings.yaml in scriptlet --- cobbler.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 6b31076..909dfeb 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -188,8 +188,8 @@ if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then %{_datadir}/cobbler/bin/migrate-settings.sh fi # Add some missing options if needed -sed -i -e '/^cache_enabled:/q' -e '$a#ADDED:' -e '$acache_enabled: true' settings.yaml -sed -i -e '/^reposync_rsync_flags:/q' -e '$a#ADDED:' -e '$areposync_rsync_flags: "-rltDv --copy-unsafe-links"' settings.yaml +sed -i -e '/^cache_enabled:/q' -e '$a#ADDED:' -e '$acache_enabled: true' %{_sysconfdir}/cobbler/settings.yaml +sed -i -e '/^reposync_rsync_flags:/q' -e '$a#ADDED:' -e '$areposync_rsync_flags: "-rltDv --copy-unsafe-links"' %{_sysconfdir}/cobbler/settings.yaml # Migrate pre-3 configuration data if needed if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0 ]; then echo warning: migrating pre cobbler 3 configuration data @@ -252,6 +252,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Thu Dec 23 2021 Orion Poplawski - 3.2.2-6 +- Fix path to settings.yaml in scriptlet + * Thu Dec 09 2021 Orion Poplawski - 3.2.2-5 - Remove defunct get-loaders command From b10b6d5001b503d6af23703969c0847ba9463305 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jan 2022 23:28:52 +0000 Subject: [PATCH 41/89] - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 909dfeb..a447134 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -252,6 +252,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Wed Jan 19 2022 Fedora Release Engineering - 3.2.2-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + * Thu Dec 23 2021 Orion Poplawski - 3.2.2-6 - Fix path to settings.yaml in scriptlet From cf0d310ec17e11e893a08731081ca3d70f9b4d43 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 23 Jan 2022 19:07:14 -0700 Subject: [PATCH 42/89] Fix posttrans script --- cobbler.spec | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index a447134..76b0dcc 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -188,8 +188,8 @@ if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then %{_datadir}/cobbler/bin/migrate-settings.sh fi # Add some missing options if needed -sed -i -e '/^cache_enabled:/q' -e '$a#ADDED:' -e '$acache_enabled: true' %{_sysconfdir}/cobbler/settings.yaml -sed -i -e '/^reposync_rsync_flags:/q' -e '$a#ADDED:' -e '$areposync_rsync_flags: "-rltDv --copy-unsafe-links"' %{_sysconfdir}/cobbler/settings.yaml +grep -q '^cache_enabled:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\ncache_enabled: true' >> %{_sysconfdir}/cobbler/settings.yaml +grep -q '^reposync_rsync_flags:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\nreposync_rsync_flags: "-rltDv --copy-unsafe-links"' >> %{_sysconfdir}/cobbler/settings.yaml # Migrate pre-3 configuration data if needed if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0 ]; then echo warning: migrating pre cobbler 3 configuration data @@ -252,6 +252,9 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Mon Jan 24 2022 Orion Poplawski - 3.2.2-8 +- Fix posttrans script + * Wed Jan 19 2022 Fedora Release Engineering - 3.2.2-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild From 65bb1a43d68e39c8690514a296ca67a908cde03c Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 28 Feb 2022 21:03:09 -0700 Subject: [PATCH 43/89] Apply fixes for CVE-2021-45082/3 Remove BR on python3-coverage --- cobbler-CVE-2021-45082.patch | 75 ++++++++++++++++++++++++++++++++++++ cobbler-nocov.patch | 11 ++++++ cobbler.spec | 41 ++++++++++++++++++-- 3 files changed, 123 insertions(+), 4 deletions(-) create mode 100644 cobbler-CVE-2021-45082.patch create mode 100644 cobbler-nocov.patch diff --git a/cobbler-CVE-2021-45082.patch b/cobbler-CVE-2021-45082.patch new file mode 100644 index 0000000..022f15a --- /dev/null +++ b/cobbler-CVE-2021-45082.patch @@ -0,0 +1,75 @@ +diff --git a/cobbler.spec b/cobbler.spec +index bbbbae37..1f81456a 100644 +--- a/cobbler.spec ++++ b/cobbler.spec +@@ -382,6 +382,20 @@ fi + %{_datadir}/%{name}/bin/mkgrub.sh >/dev/null 2>&1 + %endif + %systemd_post cobblerd.service ++# Fixup permission for world readable settings files ++chmod 640 %{_sysconfdir}/cobbler/settings.yaml ++chmod 600 %{_sysconfdir}/cobbler/mongodb.conf ++chmod 600 %{_sysconfdir}/cobbler/modules.conf ++chmod 640 %{_sysconfdir}/cobbler/users.conf ++chmod 640 %{_sysconfdir}/cobbler/users.digest ++chmod 750 %{_sysconfdir}/cobbler/settings.d ++chmod 640 %{_sysconfdir}/cobbler/settings.d/* ++chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.yaml ++chgrp %{apache_group} %{_sysconfdir}/cobbler/users.conf ++chgrp %{apache_group} %{_sysconfdir}/cobbler/users.digest ++chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.d ++chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.d/* ++ + + %preun + %systemd_preun cobblerd.service +@@ -461,8 +475,8 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler + %dir %{_sysconfdir}/cobbler/iso + %config(noreplace) %{_sysconfdir}/cobbler/iso/buildiso.template + %config(noreplace) %{_sysconfdir}/cobbler/logging_config.conf +-%config(noreplace) %{_sysconfdir}/cobbler/modules.conf +-%config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf ++%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/modules.conf ++%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf + %config(noreplace) %{_sysconfdir}/cobbler/named.template + %config(noreplace) %{_sysconfdir}/cobbler/ndjbdns.template + %dir %{_sysconfdir}/cobbler/reporting +@@ -470,13 +484,13 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler + %config(noreplace) %{_sysconfdir}/cobbler/rsync.exclude + %config(noreplace) %{_sysconfdir}/cobbler/rsync.template + %config(noreplace) %{_sysconfdir}/cobbler/secondary.template +-%config(noreplace) %{_sysconfdir}/cobbler/settings.yaml +-%dir %{_sysconfdir}/cobbler/settings.d +-%config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings +-%config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings +-%config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings +-%config(noreplace) %{_sysconfdir}/cobbler/users.conf +-%config(noreplace) %{_sysconfdir}/cobbler/users.digest ++%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.yaml ++%attr(750, root, %{apache_group}) %dir %{_sysconfdir}/cobbler/settings.d ++%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings ++%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings ++%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings ++%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/users.conf ++%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/users.digest + %config(noreplace) %{_sysconfdir}/cobbler/version + %config(noreplace) %{_sysconfdir}/cobbler/zone.template + %dir %{_sysconfdir}/cobbler/zone_templates +diff --git a/cobbler/templar.py b/cobbler/templar.py +index 7321e2d5..58ef16de 100644 +--- a/cobbler/templar.py ++++ b/cobbler/templar.py +@@ -77,10 +77,10 @@ class Templar: + """ + lines = data.split("\n") + for line in lines: +- if line.find("#import") != -1: +- rest = line.replace("#import", "").replace(" ", "").strip() ++ if "#import" in line or "#from" in line: ++ rest = line.replace("#import", "").replace("#from", "").replace("import", ".").replace(" ", "").strip() + if self.settings and rest not in self.settings.cheetah_import_whitelist: +- raise CX("potentially insecure import in template: %s" % rest) ++ raise CX(f"Potentially insecure import in template: {rest}") + + def render(self, data_input: Union[TextIO, str], search_table: dict, out_path: Optional[str], + template_type="default") -> str: diff --git a/cobbler-nocov.patch b/cobbler-nocov.patch new file mode 100644 index 0000000..e701455 --- /dev/null +++ b/cobbler-nocov.patch @@ -0,0 +1,11 @@ +diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py +--- cobbler-3.2.2/setup.py.nocov 2022-02-28 20:05:35.388747435 -0700 ++++ cobbler-3.2.2/setup.py 2022-02-28 20:06:31.743251279 -0700 +@@ -18,7 +18,6 @@ from setuptools import find_packages + from sphinx.setup_command import BuildDoc + + import codecs +-from coverage import Coverage + import pwd + import shutil + import subprocess diff --git a/cobbler.spec b/cobbler.spec index 76b0dcc..86073a8 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.2.2 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -21,12 +21,15 @@ Patch1: https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pul Patch2: cobbler-scripts.patch # Remove get-loaders command Patch3: cobbler-remove-get-loaders.patch +# Upstream fix for CVE-2021-45082 +Patch4: cobbler-CVE-2021-45082.patch +# Do not run coverage tests +Patch5: cobbler-nocov.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel %if 0%{?fedora} || 0%{?rhel} >= 8 BuildRequires: %{py3_dist cheetah3} -BuildRequires: %{py3_dist coverage} BuildRequires: %{py3_dist distro} BuildRequires: %{py3_dist netaddr} BuildRequires: %{py3_dist pyyaml} @@ -38,7 +41,6 @@ BuildRequires: %{py3_dist simplejson} BuildRequires: %{py3_dist sphinx} %else BuildRequires: python%{python3_pkgversion}-cheetah -BuildRequires: python%{python3_pkgversion}-coverage BuildRequires: python%{python3_pkgversion}-distro BuildRequires: python%{python3_pkgversion}-netaddr BuildRequires: python%{python3_pkgversion}-PyYAML @@ -214,7 +216,34 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %license COPYING %doc AUTHORS.in README.md %doc docs/developer-guide.rst docs/quickstart-guide.rst docs/installation-guide.rst -%config(noreplace) %{_sysconfdir}/cobbler +%dir %{_sysconfdir}/cobbler +%config(noreplace) %{_sysconfdir}/cobbler/auth.conf +%config(noreplace) %{_sysconfdir}/cobbler/boot_loader_conf/ +%config(noreplace) %{_sysconfdir}/cobbler/cheetah_macros +%config(noreplace) %{_sysconfdir}/cobbler/dhcp.template +%config(noreplace) %{_sysconfdir}/cobbler/dnsmasq.template +%config(noreplace) %{_sysconfdir}/cobbler/genders.template +%config(noreplace) %{_sysconfdir}/cobbler/import_rsync_whitelist +%config(noreplace) %{_sysconfdir}/cobbler/iso/ +%config(noreplace) %{_sysconfdir}/cobbler/logging_config.conf +%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/modules.conf +%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf +%config(noreplace) %{_sysconfdir}/cobbler/named.template +%config(noreplace) %{_sysconfdir}/cobbler/ndjbdns.template +%config(noreplace) %{_sysconfdir}/cobbler/reporting/ +%config(noreplace) %{_sysconfdir}/cobbler/rsync.exclude +%config(noreplace) %{_sysconfdir}/cobbler/rsync.template +%config(noreplace) %{_sysconfdir}/cobbler/secondary.template +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.yaml +%attr(750, root, apache) %dir %{_sysconfdir}/cobbler/settings.d +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/users.conf +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/users.digest +%config(noreplace) %{_sysconfdir}/cobbler/version +%config(noreplace) %{_sysconfdir}/cobbler/zone.template +%config(noreplace) %{_sysconfdir}/cobbler/zone_templates/ %config(noreplace) %{_sysconfdir}/logrotate.d/cobblerd %config(noreplace) /etc/httpd/conf.d/cobbler.conf %{_bindir}/cobbler @@ -252,6 +281,10 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %changelog +* Tue Mar 01 2022 Orion Poplawski - 3.2.2-9 +- Apply fixes for CVE-2021-45082/3 +- Remove BR on python3-coverage + * Mon Jan 24 2022 Orion Poplawski - 3.2.2-8 - Fix posttrans script From c2e0a09f15768625bc2766c9d62e2822f8ee9eb7 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 28 Feb 2022 21:42:21 -0700 Subject: [PATCH 44/89] More complete coverage removal --- cobbler-nocov.patch | 35 +++++++++++++++++++++++++++++++++++ 1 file changed, 35 insertions(+) diff --git a/cobbler-nocov.patch b/cobbler-nocov.patch index e701455..fe6aa76 100644 --- a/cobbler-nocov.patch +++ b/cobbler-nocov.patch @@ -9,3 +9,38 @@ diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py import pwd import shutil import subprocess +--- cobbler-3.2.2/setup.py.nocov 2022-02-28 21:34:34.996746220 -0700 ++++ cobbler-3.2.2/setup.py 2022-02-28 21:35:51.598440218 -0700 +@@ -373,15 +373,8 @@ + def run(self): + import pytest + +- cov = Coverage() +- cov.erase() +- cov.start() +- + result = pytest.main() + +- cov.stop() +- cov.save() +- cov.html_report(directory="covhtml") + sys.exit(int(bool(len(result.failures) > 0 or len(result.errors) > 0))) + + +@@ -505,7 +498,6 @@ + url="https://cobbler.github.io", + license="GPLv2+", + setup_requires=[ +- "coverage", + "distro", + "setuptools", + "sphinx", +@@ -528,7 +520,7 @@ + ], + extras_require={ + "lint": ["pyflakes", "pycodestyle"], +- "test": ["pytest", "pytest-cov", "codecov", "pytest-mock"] ++ "test": ["pytest", "pytest-mock"] + }, + packages=find_packages(exclude=["*tests*"]), + scripts=[ From a4bb4acfa1d3c4d9e5b27d6bef5c5ef48207bc4f Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 28 Feb 2022 22:13:35 -0700 Subject: [PATCH 45/89] Update to 3.3.1, removes web interface --- 2590.patch | 92 --------- cobbler-CVE-2021-45082.patch | 75 -------- cobbler-httpd.patch | 18 -- cobbler-nocov.patch | 16 +- cobbler-remove-get-loaders.patch | 316 ------------------------------- cobbler-scripts.patch | 12 -- cobbler.spec | 92 ++++----- sources | 2 +- 8 files changed, 41 insertions(+), 582 deletions(-) delete mode 100644 2590.patch delete mode 100644 cobbler-CVE-2021-45082.patch delete mode 100644 cobbler-httpd.patch delete mode 100644 cobbler-remove-get-loaders.patch delete mode 100644 cobbler-scripts.patch diff --git a/2590.patch b/2590.patch deleted file mode 100644 index 5e7221b..0000000 --- a/2590.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 4b5025e9e30db30d6e264fabeb860a7758d7d7ad Mon Sep 17 00:00:00 2001 -From: Orion Poplawski -Date: Mon, 8 Mar 2021 22:04:52 -0700 -Subject: [PATCH] autoinstall_templates are installed into - /var/lib/cobbler/templates - ---- - cobbler/actions/sync.py | 2 +- - config/cobbler/settings.yaml | 4 ++-- - docs/cobbler-conf.rst | 4 ++-- - tests/test_data/settings_old | 4 ++-- - 4 files changed, 7 insertions(+), 7 deletions(-) - -diff --git a/cobbler/actions/sync.py b/cobbler/actions/sync.py -index 2667edb56..302c81de7 100644 ---- a/cobbler/actions/sync.py -+++ b/cobbler/actions/sync.py -@@ -179,7 +179,7 @@ def clean_trees(self): - if x not in self.settings.webdir_whitelist: - # delete directories that shouldn't exist - utils.rmtree(path, logger=self.logger) -- if x in ["autoinstall_templates", "autoinstall_templates_sys", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]: -+ if x in ["templates", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]: - # clean out directory contents - utils.rmtree_contents(path, logger=self.logger) - # -diff --git a/config/cobbler/settings.yaml b/config/cobbler/settings.yaml -index b2e05a7bf..ac8edccbf 100644 ---- a/config/cobbler/settings.yaml -+++ b/config/cobbler/settings.yaml -@@ -77,7 +77,7 @@ cheetah_import_whitelist: - createrepo_flags: "-c cache -s sha" - - # if no autoinstall template is specified to profile add, use this template --default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks -+default_autoinstall: /var/lib/cobbler/templates/default.ks - - # configure all installed systems to use these nameservers by default - # unless defined differently in the profile. For DHCP configurations -@@ -92,7 +92,7 @@ default_ownership: - - "admin" - - # Cobbler has various sample automatic installation templates stored --# in /var/lib/cobbler/autoinstall_templates/. This controls -+# in /var/lib/cobbler/templates/. This controls - # what install (root) password is set up for those - # systems that reference this variable. The factory - # default is "cobbler" and Cobbler check will warn if -diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst -index 52621e278..ef65acc0b 100644 ---- a/docs/cobbler-conf.rst -+++ b/docs/cobbler-conf.rst -@@ -257,7 +257,7 @@ default_autoinstall - - If no autoinstall template is specified to profile add, use this template. - --default: ``/var/lib/cobbler/autoinstall_templates/default.ks`` -+default: ``/var/lib/cobbler/templates/default.ks`` - - default_name_* - ============== -@@ -284,7 +284,7 @@ default: - default_password_crypted - ======================== - --Cobbler has various sample automatic installation templates stored in ``/var/lib/cobbler/autoinstall_templates/``. This -+Cobbler has various sample automatic installation templates stored in ``/var/lib/cobbler/templates/``. This - controls what install (root) password is set up for those systems that reference this variable. The factory default is - "cobbler" and Cobbler check will warn if this is not changed. The simplest way to change the password is to run - ``openssl passwd -1`` and put the output between the ``""``. -diff --git a/tests/test_data/settings_old b/tests/test_data/settings_old -index acbe8cdc9..1b531d21d 100644 ---- a/tests/test_data/settings_old -+++ b/tests/test_data/settings_old -@@ -92,7 +92,7 @@ cheetah_import_whitelist: - createrepo_flags: "-c cache -s sha" - - # if no autoinstall template is specified to profile add, use this template --default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks -+default_autoinstall: /var/lib/cobbler/templates/default.ks - - # configure all installed systems to use these nameservers by default - # unless defined differently in the profile. For DHCP configurations -@@ -107,7 +107,7 @@ default_ownership: - - "admin" - - # cobbler has various sample automatic installation templates stored --# in /var/lib/cobbler/autoinstall_templates/. This controls -+# in /var/lib/cobbler/templates/. This controls - # what install (root) password is set up for those - # systems that reference this variable. The factory - # default is "cobbler" and cobbler check will warn if diff --git a/cobbler-CVE-2021-45082.patch b/cobbler-CVE-2021-45082.patch deleted file mode 100644 index 022f15a..0000000 --- a/cobbler-CVE-2021-45082.patch +++ /dev/null @@ -1,75 +0,0 @@ -diff --git a/cobbler.spec b/cobbler.spec -index bbbbae37..1f81456a 100644 ---- a/cobbler.spec -+++ b/cobbler.spec -@@ -382,6 +382,20 @@ fi - %{_datadir}/%{name}/bin/mkgrub.sh >/dev/null 2>&1 - %endif - %systemd_post cobblerd.service -+# Fixup permission for world readable settings files -+chmod 640 %{_sysconfdir}/cobbler/settings.yaml -+chmod 600 %{_sysconfdir}/cobbler/mongodb.conf -+chmod 600 %{_sysconfdir}/cobbler/modules.conf -+chmod 640 %{_sysconfdir}/cobbler/users.conf -+chmod 640 %{_sysconfdir}/cobbler/users.digest -+chmod 750 %{_sysconfdir}/cobbler/settings.d -+chmod 640 %{_sysconfdir}/cobbler/settings.d/* -+chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.yaml -+chgrp %{apache_group} %{_sysconfdir}/cobbler/users.conf -+chgrp %{apache_group} %{_sysconfdir}/cobbler/users.digest -+chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.d -+chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.d/* -+ - - %preun - %systemd_preun cobblerd.service -@@ -461,8 +475,8 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler - %dir %{_sysconfdir}/cobbler/iso - %config(noreplace) %{_sysconfdir}/cobbler/iso/buildiso.template - %config(noreplace) %{_sysconfdir}/cobbler/logging_config.conf --%config(noreplace) %{_sysconfdir}/cobbler/modules.conf --%config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf -+%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/modules.conf -+%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf - %config(noreplace) %{_sysconfdir}/cobbler/named.template - %config(noreplace) %{_sysconfdir}/cobbler/ndjbdns.template - %dir %{_sysconfdir}/cobbler/reporting -@@ -470,13 +484,13 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler - %config(noreplace) %{_sysconfdir}/cobbler/rsync.exclude - %config(noreplace) %{_sysconfdir}/cobbler/rsync.template - %config(noreplace) %{_sysconfdir}/cobbler/secondary.template --%config(noreplace) %{_sysconfdir}/cobbler/settings.yaml --%dir %{_sysconfdir}/cobbler/settings.d --%config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings --%config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings --%config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings --%config(noreplace) %{_sysconfdir}/cobbler/users.conf --%config(noreplace) %{_sysconfdir}/cobbler/users.digest -+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.yaml -+%attr(750, root, %{apache_group}) %dir %{_sysconfdir}/cobbler/settings.d -+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings -+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings -+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings -+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/users.conf -+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/users.digest - %config(noreplace) %{_sysconfdir}/cobbler/version - %config(noreplace) %{_sysconfdir}/cobbler/zone.template - %dir %{_sysconfdir}/cobbler/zone_templates -diff --git a/cobbler/templar.py b/cobbler/templar.py -index 7321e2d5..58ef16de 100644 ---- a/cobbler/templar.py -+++ b/cobbler/templar.py -@@ -77,10 +77,10 @@ class Templar: - """ - lines = data.split("\n") - for line in lines: -- if line.find("#import") != -1: -- rest = line.replace("#import", "").replace(" ", "").strip() -+ if "#import" in line or "#from" in line: -+ rest = line.replace("#import", "").replace("#from", "").replace("import", ".").replace(" ", "").strip() - if self.settings and rest not in self.settings.cheetah_import_whitelist: -- raise CX("potentially insecure import in template: %s" % rest) -+ raise CX(f"Potentially insecure import in template: {rest}") - - def render(self, data_input: Union[TextIO, str], search_table: dict, out_path: Optional[str], - template_type="default") -> str: diff --git a/cobbler-httpd.patch b/cobbler-httpd.patch deleted file mode 100644 index 2464a8c..0000000 --- a/cobbler-httpd.patch +++ /dev/null @@ -1,18 +0,0 @@ -diff -up cobbler-3.1.2/config/apache/cobbler_web.conf.httpd cobbler-3.1.2/config/apache/cobbler_web.conf ---- cobbler-3.1.2/config/apache/cobbler_web.conf.httpd 2020-05-27 02:26:44.000000000 -0600 -+++ cobbler-3.1.2/config/apache/cobbler_web.conf 2020-07-07 21:12:53.942577055 -0600 -@@ -16,8 +16,6 @@ WSGIDaemonProcess cobbler_web display-na - WSGIProcessGroup cobbler_web - WSGIPassAuthorization On - -- -- - - - SSLRequireSSL -@@ -42,5 +40,3 @@ WSGIPassAuthorization On - AllowOverride None - Require all granted - -- -- diff --git a/cobbler-nocov.patch b/cobbler-nocov.patch index fe6aa76..5bce76e 100644 --- a/cobbler-nocov.patch +++ b/cobbler-nocov.patch @@ -1,6 +1,6 @@ -diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py ---- cobbler-3.2.2/setup.py.nocov 2022-02-28 20:05:35.388747435 -0700 -+++ cobbler-3.2.2/setup.py 2022-02-28 20:06:31.743251279 -0700 +diff -up cobbler-3.3.1/setup.py.nocov cobbler-3.3.1/setup.py +--- cobbler-3.3.1/setup.py.nocov 2022-02-18 04:55:15.000000000 -0700 ++++ cobbler-3.3.1/setup.py 2022-02-28 21:51:44.969184938 -0700 @@ -18,7 +18,6 @@ from setuptools import find_packages from sphinx.setup_command import BuildDoc @@ -9,9 +9,7 @@ diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py import pwd import shutil import subprocess ---- cobbler-3.2.2/setup.py.nocov 2022-02-28 21:34:34.996746220 -0700 -+++ cobbler-3.2.2/setup.py 2022-02-28 21:35:51.598440218 -0700 -@@ -373,15 +373,8 @@ +@@ -360,15 +359,8 @@ class test_command(Command): def run(self): import pytest @@ -27,15 +25,15 @@ diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py sys.exit(int(bool(len(result.failures) > 0 or len(result.errors) > 0))) -@@ -505,7 +498,6 @@ - url="https://cobbler.github.io", +@@ -497,7 +489,6 @@ if __name__ == "__main__": + }, license="GPLv2+", setup_requires=[ - "coverage", "distro", "setuptools", "sphinx", -@@ -528,7 +520,7 @@ +@@ -517,7 +508,7 @@ if __name__ == "__main__": ], extras_require={ "lint": ["pyflakes", "pycodestyle"], diff --git a/cobbler-remove-get-loaders.patch b/cobbler-remove-get-loaders.patch deleted file mode 100644 index d2f1981..0000000 --- a/cobbler-remove-get-loaders.patch +++ /dev/null @@ -1,316 +0,0 @@ -commit a798eabd9b9e3e7d4cb8a828a5aa2273c69cec48 -Author: Dominik Gedon -Date: Fri Mar 5 16:25:05 2021 +0100 - - Remove get-loader code - -diff --git a/cobbler/actions/check.py b/cobbler/actions/check.py -index e034071e..4fadab53 100644 ---- a/cobbler/actions/check.py -+++ b/cobbler/actions/check.py -@@ -386,12 +386,11 @@ class CobblerCheck: - not_found.append(loader_name) - - if len(not_found) > 0: -- status.append("some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler " -- "get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, " -- "you may ensure that you have installed a *recent* version of the syslinux package " -- "installed and can ignore this message entirely. Files in this directory, should you want " -- "to support all architectures, should include pxelinux.0, menu.c32, and yaboot. The " -- "'cobbler get-loaders' command is the easiest way to resolve these requirements.") -+ status.append("some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to " -+ "handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version " -+ "of the syslinux package installed and can ignore this message entirely. Files in this " -+ "directory, should you want to support all architectures, should include pxelinux.0, " -+ "menu.c32, and yaboot.") - - def check_tftpd_dir(self, status): - """ -diff --git a/cobbler/actions/dlcontent.py b/cobbler/actions/dlcontent.py -deleted file mode 100644 -index 84d73b8d..00000000 ---- a/cobbler/actions/dlcontent.py -+++ /dev/null -@@ -1,77 +0,0 @@ --""" --Downloads bootloader content for all arches for when the user doesn't want to supply their own. -- --Copyright 2009, Red Hat, Inc and Others --Michael DeHaan -- --This program is free software; you can redistribute it and/or modify --it under the terms of the GNU General Public License as published by --the Free Software Foundation; either version 2 of the License, or --(at your option) any later version. -- --This program is distributed in the hope that it will be useful, --but WITHOUT ANY WARRANTY; without even the implied warranty of --MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the --GNU General Public License for more details. -- --You should have received a copy of the GNU General Public License --along with this program; if not, write to the Free Software --Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA --02110-1301 USA --""" -- --import os -- --from cobbler import clogger --from cobbler import download_manager -- -- --class ContentDownloader: -- -- def __init__(self, collection_mgr, logger=None): -- """ -- Constructor -- -- :param collection_mgr: The main collection manager instance which is used by the current running server. -- :param logger: The logger object which logs to the desired target. -- """ -- self.collection_mgr = collection_mgr -- self.settings = collection_mgr.settings() -- if logger is None: -- logger = clogger.Logger() -- self.logger = logger -- -- def run(self, force: bool = False): -- """ -- Download bootloader content for all of the latest bootloaders, since the user has chosen to not supply their -- own. You may ask "why not get this from yum", we also want this to be able to work on Debian and further do not -- want folks to have to install a cross compiler. For those that don't like this approach they can still source -- their cross-arch bootloader content manually. -- -- :param force: If the target path should be overwritten, even if there are already files present. -- """ -- -- content_server = "https://cobbler.github.io/loaders" -- dest = "/var/lib/cobbler/loaders" -- -- files = ( -- ("%s/README" % content_server, "%s/README" % dest), -- ("%s/COPYING.yaboot" % content_server, "%s/COPYING.yaboot" % dest), -- ("%s/COPYING.syslinux" % content_server, "%s/COPYING.syslinux" % dest), -- ("%s/yaboot-1.3.17" % content_server, "%s/yaboot" % dest), -- ("%s/pxelinux.0-3.86" % content_server, "%s/pxelinux.0" % dest), -- ("%s/menu.c32-3.86" % content_server, "%s/menu.c32" % dest), -- ("%s/grub-0.97-x86.efi" % content_server, "%s/grub-x86.efi" % dest), -- ("%s/grub-0.97-x86_64.efi" % content_server, "%s/grub-x86_64.efi" % dest), -- ) -- -- dlmgr = download_manager.DownloadManager(self.collection_mgr, self.logger) -- for src, dst in files: -- if os.path.exists(dst) and not force: -- self.logger.info("path %s already exists, not overwriting existing content, use --force if you wish " -- "to update" % dst) -- continue -- self.logger.info("downloading %s to %s" % (src, dst)) -- dlmgr.download_file(src, dst) -- --# EOF -diff --git a/cobbler/api.py b/cobbler/api.py -index bdf18391..9c52015e 100644 ---- a/cobbler/api.py -+++ b/cobbler/api.py -@@ -25,7 +25,7 @@ import random - import tempfile - from typing import Optional - --from cobbler.actions import status, dlcontent, hardlink, sync, buildiso, replicate, report, log, acl, check, reposync -+from cobbler.actions import status, hardlink, sync, buildiso, replicate, report, log, acl, check, reposync - from cobbler import autoinstall_manager - from cobbler import clogger - from cobbler.cobbler_collections import manager -@@ -1276,21 +1276,6 @@ class CobblerAPI: - - # ========================================================================== - -- def dlcontent(self, force=False, logger=None): -- """ -- Downloads bootloader content that may not be avialable in packages for the given arch, ex: if installing on PPC, -- get syslinux. If installing on x86_64, get elilo, etc. -- -- :param force: Force the download, although the content may be already downloaded. -- :param logger: The logger to audit the removal with. -- """ -- # FIXME: teach code that copies it to grab from the right place -- self.log("dlcontent") -- grabber = dlcontent.ContentDownloader(self._collection_mgr, logger=logger) -- return grabber.run(force) -- -- # ========================================================================== -- - def validate_autoinstall_files(self, logger=None): - """ - Validate if any of the autoinstallation files are invalid and if yes report this. -diff --git a/cobbler/cli.py b/cobbler/cli.py -index 5441ce0a..9a6c4fff 100644 ---- a/cobbler/cli.py -+++ b/cobbler/cli.py -@@ -55,7 +55,7 @@ OBJECT_ACTIONS = [] - for actions in list(OBJECT_ACTIONS_MAP.values()): - OBJECT_ACTIONS += actions - DIRECT_ACTIONS = "aclsetup buildiso import list replicate report reposync sync validate-autoinstalls version " \ -- "signature get-loaders hardlink".split() -+ "signature hardlink".split() - - #################################################### - -@@ -687,10 +687,6 @@ class CobblerCLI: - elif action_name == "validate-autoinstalls": - (options, args) = self.parser.parse_args(self.args) - task_id = self.start_task("validate_autoinstall_files", options) -- elif action_name == "get-loaders": -- self.parser.add_option("--force", dest="force", action="store_true", help="overwrite any existing content in /var/lib/cobbler/loaders") -- (options, args) = self.parser.parse_args(self.args) -- task_id = self.start_task("dlcontent", options) - elif action_name == "import": - self.parser.add_option("--arch", dest="arch", help="OS architecture being imported") - self.parser.add_option("--breed", dest="breed", help="the breed being imported") -diff --git a/cobbler/remote.py b/cobbler/remote.py -index 759879a8..ac788752 100644 ---- a/cobbler/remote.py -+++ b/cobbler/remote.py -@@ -200,18 +200,6 @@ class CobblerXMLRPCInterface: - ) - return self.__start_task(runner, token, "aclsetup", "(CLI) ACL Configuration", options) - -- def background_dlcontent(self, options, token) -> str: -- """ -- Download bootloaders and other support files. -- -- :param options: Unknown what this parameter is doing at the moment. -- :param token: The API-token obtained via the login() method. The API-token obtained via the login() method. -- :return: The id of the task which was started. -- """ -- def runner(self): -- self.remote.api.dlcontent(self.options.get("force", False), self.logger) -- return self.__start_task(runner, token, "get_loaders", "Download Bootloader Content", options) -- - def background_sync(self, options, token) -> str: - """ - Run a full Cobbler sync in the background. -diff --git a/config/bash/completion/cobbler b/config/bash/completion/cobbler -index f2d5bd59..169dbaec 100755 ---- a/config/bash/completion/cobbler -+++ b/config/bash/completion/cobbler -@@ -9,7 +9,7 @@ _cobbler_completions() - prev="${COMP_WORDS[COMP_CWORD-1]}" - cobbler_type=${COMP_WORDS[1]} - COMPREPLY=() -- TYPE="distro profile system repo image mgmtclass package file aclsetup buildiso import list replicate report reposync sync validateks version signature get-loaders hardlink" -+ TYPE="distro profile system repo image mgmtclass package file aclsetup buildiso import list replicate report reposync sync validateks version signature hardlink" - ACTION="add edit copy list remove rename report" - opts=( - [distro]="--ctime --depth --mtime --source-repos --tree-build-time --uid --arch --autoinstall-meta --boot-files --boot-loader --breed --comment --fetchable-files --initrd --kernel --kernel-options --kernel-options-post --mgmt-classes --name --os-version --owners --redhat-management-key --template-files --in-place --help" -diff --git a/config/cobbler/settings.yaml b/config/cobbler/settings.yaml -index 82b8c11f..b2e05a7b 100644 ---- a/config/cobbler/settings.yaml -+++ b/config/cobbler/settings.yaml -@@ -426,7 +426,7 @@ replicate_repo_rsync_options: "-avzH" - # always write DHCP entries, regardless if netboot is enabled - always_write_dhcp_entries: false - --# External proxy - used by: "get-loaders", "reposync", "signature update" -+# External proxy - used by: reposync", "signature update" - # Eg: "http://192.168.1.1:8080" (HTTP), "https://192.168.1.1:8443" (HTTPS) - proxy_url_ext: "" - -diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst -index 673beffd..808d7738 100644 ---- a/docs/cobbler-conf.rst -+++ b/docs/cobbler-conf.rst -@@ -577,7 +577,7 @@ default: ``ipmilanplus`` - proxy_url_ext - ============= - --External proxy which is used by the following commands: ``get-loaders``, ``reposync``, ``signature update`` -+External proxy which is used by the following commands: ``reposync``, ``signature update`` - - defaults: - -diff --git a/docs/cobbler.rst b/docs/cobbler.rst -index 1fffc41e..6332a662 100644 ---- a/docs/cobbler.rst -+++ b/docs/cobbler.rst -@@ -74,7 +74,7 @@ Long Usage: - .. code-block:: shell - - cobbler ... [add|edit|copy|get-autoinstall*|list|remove|rename|report] [options|--help] -- cobbler [options|--help] -+ cobbler [options|--help] - - Cobbler distro - ============== -@@ -1071,15 +1071,6 @@ Example: - - $ cobbler signature - --Cobbler get-loaders --=================== -- --Example: -- --.. code-block:: shell -- -- $ cobbler get-loaders -- - Cobbler hardlink - ================ - -diff --git a/docs/code-autodoc/cobbler.actions.rst b/docs/code-autodoc/cobbler.actions.rst -index 44f7e1a4..a5845996 100644 ---- a/docs/code-autodoc/cobbler.actions.rst -+++ b/docs/code-autodoc/cobbler.actions.rst -@@ -28,14 +28,6 @@ cobbler.actions.check module - :undoc-members: - :show-inheritance: - --cobbler.actions.dlcontent module ---------------------------------- -- --.. automodule:: cobbler.actions.dlcontent -- :members: -- :undoc-members: -- :show-inheritance: -- - cobbler.actions.hardlink module - ------------------------------- - -diff --git a/tests/cli/cobbler_cli_direct_test.py b/tests/cli/cobbler_cli_direct_test.py -index 7cd6729c..01d42d6d 100644 ---- a/tests/cli/cobbler_cli_direct_test.py -+++ b/tests/cli/cobbler_cli_direct_test.py -@@ -148,11 +148,6 @@ class TestCobblerCliTestDirect: - i = assert_report_section(lines, i, "packages") - i = assert_report_section(lines, i, "files") - -- def test_cobbler_getloaders(self, run_cmd, get_last_line): -- (outputstd, outputerr) = run_cmd(cmd=["get-loaders"]) -- lines = outputstd.split("\n") -- assert "*** TASK COMPLETE ***" == get_last_line(lines) -- - def test_cobbler_hardlink(self, run_cmd, get_last_line): - (outputstd, outputerr) = run_cmd(cmd=["hardlink"]) - lines = outputstd.split("\n") -diff --git a/tests/xmlrpcapi/background_test.py b/tests/xmlrpcapi/background_test.py -index 36c03b01..64e219ca 100644 ---- a/tests/xmlrpcapi/background_test.py -+++ b/tests/xmlrpcapi/background_test.py -@@ -25,15 +25,6 @@ class TestBackground: - # Assert - assert result - -- def test_background_dlccontent(self, remote, token): -- # Arrange -- -- # Act -- result = remote.background_dlcontent({}, token) -- -- # Assert -- assert result -- - def test_background_hardlink(self, remote, token): - # Arrange - diff --git a/cobbler-scripts.patch b/cobbler-scripts.patch deleted file mode 100644 index 97f3058..0000000 --- a/cobbler-scripts.patch +++ /dev/null @@ -1,12 +0,0 @@ -diff -up cobbler-3.2.1/setup.py.orig cobbler-3.2.1/setup.py ---- cobbler-3.2.1/setup.py.orig 2021-03-04 12:07:10.000000000 -0700 -+++ cobbler-3.2.1/setup.py 2021-03-08 22:25:15.239563778 -0700 -@@ -566,7 +566,7 @@ if __name__ == "__main__": - ("share/cobbler/web", glob("web/*.*")), - ("%s" % webcontent, glob("web/static/*")), - ("%s" % webimages, glob("web/static/images/*")), -- ("share/cobbler/bin", glob("scripts/*.sh")), -+ ("share/cobbler/bin", glob("scripts/*")), - ("share/cobbler/web/templates", glob("web/templates/*")), - ("%s/webui_sessions" % libpath, []), - ("%s/loaders" % libpath, []), diff --git a/cobbler.spec b/cobbler.spec index 86073a8..6cebfa6 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -4,27 +4,16 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.2.2 -Release: 9%{?dist} +Version: 3.3.1 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz #Source0: https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz Source1: migrate-settings.sh -# Revert upstream's VirtualHost addition -# https://github.com/cobbler/cobbler/issues/2286 -Patch0: cobbler-httpd.patch -# Fix autoinstall_templates -> templates -Patch1: https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pull/2590.patch -# Install migrate-data-v2-to-v3.py - https://github.com/cobbler/cobbler/pull/2591 -Patch2: cobbler-scripts.patch -# Remove get-loaders command -Patch3: cobbler-remove-get-loaders.patch -# Upstream fix for CVE-2021-45082 -Patch4: cobbler-CVE-2021-45082.patch # Do not run coverage tests -Patch5: cobbler-nocov.patch +Patch0: cobbler-nocov.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -67,7 +56,6 @@ Requires: %{py3_dist pyyaml} Requires: %{py3_dist requests} Requires: %{py3_dist schema} Requires: %{py3_dist simplejson} -Requires: %{py3_dist tornado} Requires: genisoimage %if 0%{?fedora} || 0%{?rhel} >= 8 @@ -80,12 +68,15 @@ Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) Recommends: grub2-efi-ia32 Recommends: grub2-efi-x64 Recommends: logrotate +Recommends: %{py3_dist ldap} Recommends: %{py3_dist librepo} %else +Requires: %{py3_dist ldap} Requires: yum-utils %endif # https://github.com/cobbler/cobbler/issues/1685 Requires: /sbin/service +Obsoletes: cobbler-web < 3.3 BuildRequires: systemd Requires(post): systemd @@ -93,28 +84,13 @@ Requires(preun): systemd Requires(postun): systemd %description -Cobbler is a network install server. Cobbler supports PXE, ISO -virtualized installs, and re-installing existing Linux machines. -The last two modes use a helper tool, 'koan', that integrates with -cobbler. There is also a web interface 'cobbler-web'. Cobbler's -advanced features include importing distributions from DVDs and rsync -mirrors, kickstart templating, integrated yum mirroring, and built-in -DHCP/DNS Management. Cobbler has a XML-RPC API for integration with -other applications. - - -%package -n cobbler-web -Summary: Web interface for Cobbler -Requires: cobbler = %{version}-%{release} -Requires: %{py3_dist django} -Requires: %{py3_dist mod_wsgi} -Requires: mod_ssl -Requires(post): coreutils -Requires(post): sed - -%description -n cobbler-web -Web interface for Cobbler that allows visiting -http://server/cobbler_web to configure the install server. +Cobbler is a network install server. Cobbler supports PXE, ISO +virtualized installs, and re-installing existing Linux machines. The +last two modes use a helper tool, 'koan', that integrates with cobbler. +Cobbler's advanced features include importing distributions from DVDs +and rsync mirrors, kickstart templating, integrated yum mirroring, and +built-in DHCP/DNS Management. Cobbler has a XML-RPC API for integration +with other applications. %package tests @@ -150,9 +126,6 @@ mkdir -p %{buildroot}%{tftpboot_dir}/{boot,etc,grub/system{,_link},images{,2},pp mkdir -p %{buildroot}%{_unitdir} mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd.service %{buildroot}%{_unitdir} -# cobbler-web -rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf - # ghosted files touch %{buildroot}%{_sharedstatedir}/cobbler/web.ss @@ -179,6 +152,19 @@ fi %post %systemd_post cobblerd.service +# Fixup permission for world readable settings files +chmod 640 %{_sysconfdir}/cobbler/settings.yaml +chmod 600 %{_sysconfdir}/cobbler/mongodb.conf +chmod 600 %{_sysconfdir}/cobbler/modules.conf +chmod 640 %{_sysconfdir}/cobbler/users.conf +chmod 640 %{_sysconfdir}/cobbler/users.digest +chmod 750 %{_sysconfdir}/cobbler/settings.d +chmod 640 %{_sysconfdir}/cobbler/settings.d/* +chgrp apache %{_sysconfdir}/cobbler/settings.yaml +chgrp apache %{_sysconfdir}/cobbler/users.conf +chgrp apache %{_sysconfdir}/cobbler/users.digest +chgrp apache %{_sysconfdir}/cobbler/settings.d +chgrp apache %{_sysconfdir}/cobbler/settings.d/* %posttrans # Migrate pre-3.2.1 settings to settings.yaml @@ -204,13 +190,6 @@ fi %postun %systemd_postun_with_restart cobblerd.service -%post -n cobbler-web -# Change the SECRET_KEY option in the Django settings.py file -# required for security reasons, should be unique on all systems -# Choose from letters and numbers only, so no special chars like ampersand (&). -RAND_SECRET=$(head /dev/urandom | tr -dc 'A-Za-z0-9!' | head -c 50 ; echo '') -sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler/web/settings.py - %files %license COPYING @@ -221,6 +200,7 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %config(noreplace) %{_sysconfdir}/cobbler/boot_loader_conf/ %config(noreplace) %{_sysconfdir}/cobbler/cheetah_macros %config(noreplace) %{_sysconfdir}/cobbler/dhcp.template +%config(noreplace) %{_sysconfdir}/cobbler/dhcp6.template %config(noreplace) %{_sysconfdir}/cobbler/dnsmasq.template %config(noreplace) %{_sysconfdir}/cobbler/genders.template %config(noreplace) %{_sysconfdir}/cobbler/import_rsync_whitelist @@ -239,17 +219,19 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings +%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/windows.settings %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/users.conf %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/users.digest %config(noreplace) %{_sysconfdir}/cobbler/version +%config(noreplace) %{_sysconfdir}/cobbler/windows/ %config(noreplace) %{_sysconfdir}/cobbler/zone.template %config(noreplace) %{_sysconfdir}/cobbler/zone_templates/ %config(noreplace) %{_sysconfdir}/logrotate.d/cobblerd %config(noreplace) /etc/httpd/conf.d/cobbler.conf %{_bindir}/cobbler +%{_bindir}/cobbler-settings %{_bindir}/cobbler-ext-nodes %{_bindir}/cobblerd -%{_sbindir}/tftpd.py %{_datadir}/bash-completion/ %dir %{_datadir}/cobbler %{_datadir}/cobbler/bin @@ -262,25 +244,17 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler %{tftpboot_dir}/* /var/www/cobbler %config(noreplace) %{_sharedstatedir}/cobbler -%exclude %{_sharedstatedir}/cobbler/web.ss -%exclude %{_sharedstatedir}/cobbler/webui_sessions /var/log/cobbler -%files -n cobbler-web -%license COPYING -%doc AUTHORS.in README.md -%config(noreplace) /etc/httpd/conf.d/cobbler_web.conf -%attr(-,apache,apache) %{_datadir}/cobbler/web -%ghost %attr(0660,apache,root) %{_sharedstatedir}/cobbler/web.ss -%dir %attr(700,apache,root) %{_sharedstatedir}/cobbler/webui_sessions -%attr(-,apache,apache) /var/www/cobbler_webui_content/ - %files tests %dir %{_datadir}/cobbler/tests %{_datadir}/cobbler/tests/* %changelog +* Tue Mar 01 2022 Orion Poplawski - 3.3.1-1 +- Update to 3.3.1, removes web interface + * Tue Mar 01 2022 Orion Poplawski - 3.2.2-9 - Apply fixes for CVE-2021-45082/3 - Remove BR on python3-coverage diff --git a/sources b/sources index e8eac50..f8efb80 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.2.2.tar.gz) = 65f3bf3bb43d1b1a6631ab299cd5a9a807c8e20ea07a61f89edc425b4833be5f2ddf0ac473010906bbcaaa5edfad577378185290bd2db01d9d64f276c2ad6be9 +SHA512 (cobbler-3.3.1.tar.gz) = 0ffbb67608c01447c51076780982b16e173ec3c0a22733654ad9522a17ade1a60da095ab8e77d5ae10f9d958050d4bcda61965d3aec37bb364fd3ee6666580ea From fed0a69bb7ea5d4bd4ee79463ecfdaeb62bc852f Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 12 Mar 2022 09:53:49 -0700 Subject: [PATCH 46/89] Update to 3.3.2 --- cobbler.spec | 5 ++++- sources | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 6cebfa6..70f67c8 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -4,7 +4,7 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.3.1 +Version: 3.3.2 Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ @@ -252,6 +252,9 @@ fi %changelog +* Sat Mar 12 2022 Orion Poplawski - 3.3.2-1 +- Update to 3.3.2 + * Tue Mar 01 2022 Orion Poplawski - 3.3.1-1 - Update to 3.3.1, removes web interface diff --git a/sources b/sources index f8efb80..002bd94 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.3.1.tar.gz) = 0ffbb67608c01447c51076780982b16e173ec3c0a22733654ad9522a17ade1a60da095ab8e77d5ae10f9d958050d4bcda61965d3aec37bb364fd3ee6666580ea +SHA512 (cobbler-3.3.2.tar.gz) = 77a2d6c468366178952d68ca67dc8cbb5eb396f2a69f5b2fc1b3a1d38ac186046516d51d891c59e6605e92d31453c947de107ac859500625e029ce5d1f59db60 From a8fe6f7f139d4acef41f510fbb3a49a42615c1d9 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 3 May 2022 19:24:48 -0600 Subject: [PATCH 47/89] Drop setting cache_enabled no longer present in 3.3 --- cobbler.spec | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 70f67c8..fb23430 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.2 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -176,7 +176,6 @@ if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then %{_datadir}/cobbler/bin/migrate-settings.sh fi # Add some missing options if needed -grep -q '^cache_enabled:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\ncache_enabled: true' >> %{_sysconfdir}/cobbler/settings.yaml grep -q '^reposync_rsync_flags:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\nreposync_rsync_flags: "-rltDv --copy-unsafe-links"' >> %{_sysconfdir}/cobbler/settings.yaml # Migrate pre-3 configuration data if needed if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0 ]; then @@ -252,6 +251,9 @@ fi %changelog +* Wed May 04 2022 Orion Poplawski - 3.3.2-2 +- Drop setting cache_enabled no longer present in 3.3 + * Sat Mar 12 2022 Orion Poplawski - 3.3.2-1 - Update to 3.3.2 From 46bf3c8f18c14378071032591223057963d2b197 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 13 Jun 2022 19:37:43 -0600 Subject: [PATCH 48/89] Update to 3.3.3 --- cobbler.spec | 7 +++++-- sources | 2 +- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index fb23430..6c4969a 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -4,8 +4,8 @@ %global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) Name: cobbler -Version: 3.3.2 -Release: 2%{?dist} +Version: 3.3.3 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -251,6 +251,9 @@ fi %changelog +* Tue Jun 14 2022 Orion Poplawski - 3.3.3-1 +- Update to 3.3.3 + * Wed May 04 2022 Orion Poplawski - 3.3.2-2 - Drop setting cache_enabled no longer present in 3.3 diff --git a/sources b/sources index 002bd94..52973e0 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.3.2.tar.gz) = 77a2d6c468366178952d68ca67dc8cbb5eb396f2a69f5b2fc1b3a1d38ac186046516d51d891c59e6605e92d31453c947de107ac859500625e029ce5d1f59db60 +SHA512 (cobbler-3.3.3.tar.gz) = 9011ae3407a3418f476f4d7b76f7b4978904a612f455e31acf44c3e9c223e4aba9bfbc17b7a12b5aedd4f380b6e8f87e0bc57dd826c945adff4fef34857c917f From 017b778961cc6d3c8e0045bdee1a2105ed1366ff Mon Sep 17 00:00:00 2001 From: Python Maint Date: Thu, 23 Jun 2022 17:45:59 +0200 Subject: [PATCH 49/89] Rebuilt for Python 3.11 --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 6c4969a..ec08d8c 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -251,6 +251,9 @@ fi %changelog +* Thu Jun 23 2022 Python Maint - 3.3.3-2 +- Rebuilt for Python 3.11 + * Tue Jun 14 2022 Orion Poplawski - 3.3.3-1 - Update to 3.3.3 From 5c3c68319dafcbc0602892c376bca6ce7eec8b75 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 20 Jul 2022 23:13:07 +0000 Subject: [PATCH 50/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index ec08d8c..d5dad58 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -251,6 +251,9 @@ fi %changelog +* Wed Jul 20 2022 Fedora Release Engineering - 3.3.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + * Thu Jun 23 2022 Python Maint - 3.3.3-2 - Rebuilt for Python 3.11 From c8fb82f394820f7036dc21f8faf320ffd8ca99fd Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 19 Jan 2023 00:08:59 +0000 Subject: [PATCH 51/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index d5dad58..066f120 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -251,6 +251,9 @@ fi %changelog +* Thu Jan 19 2023 Fedora Release Engineering - 3.3.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + * Wed Jul 20 2022 Fedora Release Engineering - 3.3.3-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild From 375a43720ee461d991f0a63ffb3a020c9e656c45 Mon Sep 17 00:00:00 2001 From: Python Maint Date: Wed, 14 Jun 2023 20:21:15 +0200 Subject: [PATCH 52/89] Rebuilt for Python 3.12 --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 066f120..9fe1c64 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -251,6 +251,9 @@ fi %changelog +* Wed Jun 14 2023 Python Maint - 3.3.3-5 +- Rebuilt for Python 3.12 + * Thu Jan 19 2023 Fedora Release Engineering - 3.3.3-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild From 218561053551de5a62d6236df06110aa759343ef Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 16 Jul 2023 22:29:22 -0600 Subject: [PATCH 53/89] Add patch to fix build with Sphinx 7 --- cobbler-sphinx7.patch | 92 +++++++++++++++++++++++++++++++++++++++++++ cobbler.spec | 8 +++- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 cobbler-sphinx7.patch diff --git a/cobbler-sphinx7.patch b/cobbler-sphinx7.patch new file mode 100644 index 0000000..55cc655 --- /dev/null +++ b/cobbler-sphinx7.patch @@ -0,0 +1,92 @@ +diff --git a/MANIFEST.in b/MANIFEST.in +index 7554c69..95c5b48 100644 +--- a/MANIFEST.in ++++ b/MANIFEST.in +@@ -2,6 +2,7 @@ include COPYING AUTHORS + include cobbler.spec config/service/cobblerd.service + include AUTHORS.in README.md + include distro_build_configs.sh ++include Makefile + recursive-include misc * + recursive-include bin * + recursive-include config * +diff --git a/Makefile b/Makefile +index 1c41ba4..ff9ff67 100644 +--- a/Makefile ++++ b/Makefile +@@ -55,6 +55,9 @@ doc: ## Creates the documentation with sphinx in html form. + @echo "creating: documentation" + @cd docs; make html > /dev/null 2>&1 + ++man: ## Creates documentation and man pages using Sphinx ++ @${PYTHON} -m sphinx -b man -j auto ./docs ./build/sphinx/man ++ + qa: ## If pyflakes and/or pycodestyle is found then they are run. + ifeq ($(strip $(PYFLAKES)),) + @echo "No pyflakes found" +diff --git a/cobbler.spec b/cobbler.spec +index fb17d8c..01f71e2 100644 +--- a/cobbler.spec ++++ b/cobbler.spec +@@ -304,6 +304,7 @@ sed -e "s|/var/lib/tftpboot|%{tftpboot_dir}|g" -i config/cobbler/settings.yaml + [ "${TFTPROOT}" != %{tftpboot_dir} ] && echo "ERROR: TFTPROOT: ${TFTPROOT} does not match %{tftpboot_dir}" + + %py3_build ++make man + + %install + . distro_build_configs.sh +diff --git a/setup.py b/setup.py +index 502bf2d..cb57be2 100644 +--- a/setup.py ++++ b/setup.py +@@ -14,7 +14,6 @@ from setuptools import dep_util + from distutils.command.build import build as _build + from configparser import ConfigParser + from setuptools import find_packages +-from sphinx.setup_command import BuildDoc + + import codecs + import pwd +@@ -148,16 +147,6 @@ class build(_build): + def run(self): + _build.run(self) + +-##################################################################### +-# # Build man pages using Sphinx ################################### +-##################################################################### +- +- +-class build_man(BuildDoc): +- def initialize_options(self): +- BuildDoc.initialize_options(self) +- self.builder = 'man' +- + ##################################################################### + # # Configure files ################################################## + ##################################################################### +@@ -284,15 +273,7 @@ def has_configure_files(build): + return bool(build.distribution.configure_files) + + +-def has_man_pages(build): +- """Check if the distribution has configuration files to work on.""" +- return bool(build.distribution.man_pages) +- +- +-build.sub_commands.extend(( +- ('build_man', has_man_pages), +- ('build_cfg', has_configure_files) +-)) ++_build.sub_commands.extend((("build_cfg", has_configure_files),)) + + + ##################################################################### +@@ -468,7 +449,6 @@ if __name__ == "__main__": + 'savestate': savestate, + 'restorestate': restorestate, + 'build_cfg': build_cfg, +- 'build_man': build_man + }, + name="cobbler", + version=VERSION, diff --git a/cobbler.spec b/cobbler.spec index 9fe1c64..9b39696 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 5%{?dist} +Release: 6%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -14,6 +14,9 @@ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-% Source1: migrate-settings.sh # Do not run coverage tests Patch0: cobbler-nocov.patch +# Fix build with Sphinx 7 +# Backport of https://github.com/cobbler/cobbler/pull/3465.patch +Patch1: cobbler-sphinx7.patch BuildArch: noarch BuildRequires: python%{python3_pkgversion}-devel @@ -251,6 +254,9 @@ fi %changelog +* Mon Jul 17 2023 Orion Poplawski - 3.3.3-6 +- Add patch to fix build with Sphinx 7 + * Wed Jun 14 2023 Python Maint - 3.3.3-5 - Rebuilt for Python 3.12 From d54231a40ce6c4b1331603816cb64c8ad4ad23e0 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 17 Jul 2023 07:34:17 -0600 Subject: [PATCH 54/89] Manually make man pages --- cobbler.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/cobbler.spec b/cobbler.spec index 9b39696..d6988dc 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -110,6 +110,7 @@ Unit test files from the Cobbler project %build . ./distro_build_configs.sh %py3_build +make man %install . ./distro_build_configs.sh From 762bc499517deeff64aedb0189aa8ecd961287f0 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 17 Jul 2023 07:53:50 -0600 Subject: [PATCH 55/89] Add BR on make --- cobbler.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/cobbler.spec b/cobbler.spec index d6988dc..2faf7e9 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -19,6 +19,7 @@ Patch0: cobbler-nocov.patch Patch1: cobbler-sphinx7.patch BuildArch: noarch +BuildRequires: make BuildRequires: python%{python3_pkgversion}-devel %if 0%{?fedora} || 0%{?rhel} >= 8 BuildRequires: %{py3_dist cheetah3} From 1e0ee4450a73ab8c49600fd9c09c733d7154b4c1 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 19 Jul 2023 15:59:35 +0000 Subject: [PATCH 56/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 2faf7e9..e96c710 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 6%{?dist} +Release: 7%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -256,6 +256,9 @@ fi %changelog +* Wed Jul 19 2023 Fedora Release Engineering - 3.3.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + * Mon Jul 17 2023 Orion Poplawski - 3.3.3-6 - Add patch to fix build with Sphinx 7 From 00d12f25d0c2c34e153129399a62ec044335cb2d Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Fri, 19 Jan 2024 15:46:52 +0000 Subject: [PATCH 57/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index e96c710..6079455 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 7%{?dist} +Release: 8%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -256,6 +256,9 @@ fi %changelog +* Fri Jan 19 2024 Fedora Release Engineering - 3.3.3-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Wed Jul 19 2023 Fedora Release Engineering - 3.3.3-7 - Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild From 0fc9b61b9b0bdfbbb85b80b32d8d4eb395e7f99f Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 24 Jan 2024 07:36:17 +0000 Subject: [PATCH 58/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 6079455..51f9ce1 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,7 +5,7 @@ Name: cobbler Version: 3.3.3 -Release: 8%{?dist} +Release: 9%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -256,6 +256,9 @@ fi %changelog +* Wed Jan 24 2024 Fedora Release Engineering - 3.3.3-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + * Fri Jan 19 2024 Fedora Release Engineering - 3.3.3-8 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 40e914ee2905c602bbcbe0209386cee2dc09d766 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 26 Feb 2024 21:43:13 -0700 Subject: [PATCH 59/89] Update to 3.3.4 Add local SELinux policy and allow cobbler to check service statuses, run mkfs.fat, and check for reposync and yumdownloader (bz#225122) Change owndership of web.ss to root (bz#2247652) --- cobbler-nocov.patch | 27 ++--- cobbler-sphinx7.patch | 92 ---------------- cobbler.fc | 28 +++++ cobbler.if | 251 ++++++++++++++++++++++++++++++++++++++++++ cobbler.spec | 113 +++++++++++++++++-- cobbler.te | 243 ++++++++++++++++++++++++++++++++++++++++ sources | 2 +- 7 files changed, 638 insertions(+), 118 deletions(-) delete mode 100644 cobbler-sphinx7.patch create mode 100644 cobbler.fc create mode 100644 cobbler.if create mode 100644 cobbler.te diff --git a/cobbler-nocov.patch b/cobbler-nocov.patch index 5bce76e..40efcf5 100644 --- a/cobbler-nocov.patch +++ b/cobbler-nocov.patch @@ -1,15 +1,16 @@ -diff -up cobbler-3.3.1/setup.py.nocov cobbler-3.3.1/setup.py ---- cobbler-3.3.1/setup.py.nocov 2022-02-18 04:55:15.000000000 -0700 -+++ cobbler-3.3.1/setup.py 2022-02-28 21:51:44.969184938 -0700 -@@ -18,7 +18,6 @@ from setuptools import find_packages - from sphinx.setup_command import BuildDoc +diff --git a/setup.py b/setup.py +index 4b21af3..145bdab 100644 +--- a/setup.py ++++ b/setup.py +@@ -16,7 +16,6 @@ from configparser import ConfigParser + from setuptools import find_packages import codecs -from coverage import Coverage import pwd import shutil import subprocess -@@ -360,15 +359,8 @@ class test_command(Command): +@@ -338,15 +337,8 @@ class test_command(Command): def run(self): import pytest @@ -25,7 +26,7 @@ diff -up cobbler-3.3.1/setup.py.nocov cobbler-3.3.1/setup.py sys.exit(int(bool(len(result.failures) > 0 or len(result.errors) > 0))) -@@ -497,7 +489,6 @@ if __name__ == "__main__": +@@ -474,7 +466,6 @@ if __name__ == "__main__": }, license="GPLv2+", setup_requires=[ @@ -33,12 +34,12 @@ diff -up cobbler-3.3.1/setup.py.nocov cobbler-3.3.1/setup.py "distro", "setuptools", "sphinx", -@@ -517,7 +508,7 @@ if __name__ == "__main__": +@@ -494,7 +485,7 @@ if __name__ == "__main__": ], extras_require={ "lint": ["pyflakes", "pycodestyle"], -- "test": ["pytest", "pytest-cov", "codecov", "pytest-mock"] -+ "test": ["pytest", "pytest-mock"] - }, - packages=find_packages(exclude=["*tests*"]), - scripts=[ +- "test": ["pytest", "pytest-cov", "codecov", "pytest-mock"], ++ "test": ["pytest", "pytest-mock"], + # We require the current version to properly detect duplicate issues + # See: https://github.com/twisted/towncrier/releases/tag/22.8.0 + "changelog": ["towncrier>=22.8.0"], diff --git a/cobbler-sphinx7.patch b/cobbler-sphinx7.patch deleted file mode 100644 index 55cc655..0000000 --- a/cobbler-sphinx7.patch +++ /dev/null @@ -1,92 +0,0 @@ -diff --git a/MANIFEST.in b/MANIFEST.in -index 7554c69..95c5b48 100644 ---- a/MANIFEST.in -+++ b/MANIFEST.in -@@ -2,6 +2,7 @@ include COPYING AUTHORS - include cobbler.spec config/service/cobblerd.service - include AUTHORS.in README.md - include distro_build_configs.sh -+include Makefile - recursive-include misc * - recursive-include bin * - recursive-include config * -diff --git a/Makefile b/Makefile -index 1c41ba4..ff9ff67 100644 ---- a/Makefile -+++ b/Makefile -@@ -55,6 +55,9 @@ doc: ## Creates the documentation with sphinx in html form. - @echo "creating: documentation" - @cd docs; make html > /dev/null 2>&1 - -+man: ## Creates documentation and man pages using Sphinx -+ @${PYTHON} -m sphinx -b man -j auto ./docs ./build/sphinx/man -+ - qa: ## If pyflakes and/or pycodestyle is found then they are run. - ifeq ($(strip $(PYFLAKES)),) - @echo "No pyflakes found" -diff --git a/cobbler.spec b/cobbler.spec -index fb17d8c..01f71e2 100644 ---- a/cobbler.spec -+++ b/cobbler.spec -@@ -304,6 +304,7 @@ sed -e "s|/var/lib/tftpboot|%{tftpboot_dir}|g" -i config/cobbler/settings.yaml - [ "${TFTPROOT}" != %{tftpboot_dir} ] && echo "ERROR: TFTPROOT: ${TFTPROOT} does not match %{tftpboot_dir}" - - %py3_build -+make man - - %install - . distro_build_configs.sh -diff --git a/setup.py b/setup.py -index 502bf2d..cb57be2 100644 ---- a/setup.py -+++ b/setup.py -@@ -14,7 +14,6 @@ from setuptools import dep_util - from distutils.command.build import build as _build - from configparser import ConfigParser - from setuptools import find_packages --from sphinx.setup_command import BuildDoc - - import codecs - import pwd -@@ -148,16 +147,6 @@ class build(_build): - def run(self): - _build.run(self) - --##################################################################### --# # Build man pages using Sphinx ################################### --##################################################################### -- -- --class build_man(BuildDoc): -- def initialize_options(self): -- BuildDoc.initialize_options(self) -- self.builder = 'man' -- - ##################################################################### - # # Configure files ################################################## - ##################################################################### -@@ -284,15 +273,7 @@ def has_configure_files(build): - return bool(build.distribution.configure_files) - - --def has_man_pages(build): -- """Check if the distribution has configuration files to work on.""" -- return bool(build.distribution.man_pages) -- -- --build.sub_commands.extend(( -- ('build_man', has_man_pages), -- ('build_cfg', has_configure_files) --)) -+_build.sub_commands.extend((("build_cfg", has_configure_files),)) - - - ##################################################################### -@@ -468,7 +449,6 @@ if __name__ == "__main__": - 'savestate': savestate, - 'restorestate': restorestate, - 'build_cfg': build_cfg, -- 'build_man': build_man - }, - name="cobbler", - version=VERSION, diff --git a/cobbler.fc b/cobbler.fc new file mode 100644 index 0000000..568bf88 --- /dev/null +++ b/cobbler.fc @@ -0,0 +1,28 @@ +/etc/cobbler(/.*)? gen_context(system_u:object_r:cobbler_etc_t,s0) + +/etc/rc\.d/init\.d/cobblerd -- gen_context(system_u:object_r:cobblerd_initrc_exec_t,s0) + +/usr/bin/cobblerd -- gen_context(system_u:object_r:cobblerd_exec_t,s0) + +/usr/lib/systemd/system/cobblerd.* -- gen_context(system_u:object_r:cobblerd_unit_file_t,s0) + +/var/cache/cobbler(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/cobbler(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) + +/var/lib/tftpboot/aarch64(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/boot(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/etc(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/grub(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/images(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/images2(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/memdisk -- gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/menu\.c32 -- gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/ppc(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/pxelinux\.0 -- gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/pxelinux\.cfg(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/s390x(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) +/var/lib/tftpboot/yaboot -- gen_context(system_u:object_r:cobbler_var_lib_t,s0) + +/var/log/cobbler(/.*)? gen_context(system_u:object_r:cobbler_var_log_t,s0) + +/var/www/cobbler(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0) diff --git a/cobbler.if b/cobbler.if new file mode 100644 index 0000000..4054eab --- /dev/null +++ b/cobbler.if @@ -0,0 +1,251 @@ +## Cobbler installation server. + +######################################## +## +## Execute a domain transition to run cobblerd. +## +## +## +## Domain allowed to transition. +## +## +# +interface(`cobblerd_domtrans',` + gen_require(` + type cobblerd_t, cobblerd_exec_t; + ') + + corecmd_search_bin($1) + domtrans_pattern($1, cobblerd_exec_t, cobblerd_t) +') + +######################################## +## +## Execute cobblerd server in the cobblerd domain. +## +## +## +## Domain allowed to transition. +## +## +# +interface(`cobblerd_systemctl',` + gen_require(` + type named_unit_file_t; + type named_t; + ') + + systemd_exec_systemctl($1) + init_reload_services($1) + allow $1 named_unit_file_t:file read_file_perms; + allow $1 named_unit_file_t:service manage_service_perms; + + ps_process_pattern($1, named_t) +') + +######################################## +## +## Execute cobblerd init scripts in +## the init script domain. +## +## +## +## Domain allowed to transition. +## +## +# +interface(`cobblerd_initrc_domtrans',` + gen_require(` + type cobblerd_initrc_exec_t; + ') + + init_labeled_script_domtrans($1, cobblerd_initrc_exec_t) +') + + + +######################################## +## +## Read cobbler configuration dirs. +## +## +## +## Domain allowed access. +## +## +# +interface(`cobbler_list_config',` + gen_require(` + type cobbler_etc_t; + ') + + list_dirs_pattern($1, cobbler_etc_t, cobbler_etc_t) + files_search_etc($1) +') + + +######################################## +## +## Read cobbler configuration files. +## +## +## +## Domain allowed access. +## +## +# +interface(`cobbler_read_config',` + gen_require(` + type cobbler_etc_t; + ') + + read_files_pattern($1, cobbler_etc_t, cobbler_etc_t) + files_search_etc($1) +') + +######################################## +## +## Do not audit attempts to read and write +## cobbler log files. +## +## +## +## Domain to not audit. +## +## +# +interface(`cobbler_dontaudit_rw_log',` + gen_require(` + type cobbler_var_log_t; + ') + + dontaudit $1 cobbler_var_log_t:file rw_file_perms; +') + +######################################## +## +## Search cobbler lib directories. +## +## +## +## Domain allowed access. +## +## +# +interface(`cobbler_search_lib',` + gen_require(` + type cobbler_var_lib_t; + ') + + files_search_var_lib($1) + search_dirs_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t) +') + +######################################## +## +## Read cobbler lib files. +## +## +## +## Domain allowed access. +## +## +# +interface(`cobbler_read_lib_files',` + gen_require(` + type cobbler_var_lib_t; + ') + + files_search_var_lib($1) + read_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t) + read_lnk_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t) +') + +######################################## +## +## Create, read, write, and delete +## cobbler lib files. +## +## +## +## Domain allowed access. +## +## +# +interface(`cobbler_manage_lib_files',` + gen_require(` + type cobbler_var_lib_t; + ') + + files_search_var_lib($1) + manage_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t) + manage_lnk_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t) + manage_dirs_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t) +') + +######################################## +## +## All of the rules required to +## administrate an cobbler environment. +## +## +## +## Domain allowed access. +## +## +## +## +## Role allowed access. +## +## +## +# +interface(`cobblerd_admin',` + refpolicywarn(`$0($*) has been deprecated, use cobbler_admin() instead.') + cobbler_admin($1, $2) +') + +######################################## +## +## All of the rules required to +## administrate an cobbler environment. +## +## +## +## Domain allowed access. +## +## +## +## +## Role allowed access. +## +## +## +# +interface(`cobbler_admin',` + gen_require(` + type cobblerd_t, cobbler_var_lib_t, cobbler_var_log_t; + type cobbler_etc_t, cobblerd_initrc_exec_t; + type cobbler_tmp_t; + ') + + allow $1 cobblerd_t:process { ptrace signal_perms }; + ps_process_pattern($1, cobblerd_t) + + cobblerd_initrc_domtrans($1) + domain_system_change_exemption($1) + role_transition $2 cobblerd_initrc_exec_t system_r; + allow $2 system_r; + + files_search_etc($1) + admin_pattern($1, cobbler_etc_t) + + files_search_tmp($1) + admin_pattern($1, cobbler_tmp_t) + + files_search_var_lib($1) + admin_pattern($1, cobbler_var_lib_t) + + logging_search_logs($1) + admin_pattern($1, cobbler_var_log_t) +') diff --git a/cobbler.spec b/cobbler.spec index 51f9ce1..a0ee626 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -1,22 +1,23 @@ %global tftpboot_dir %{_sharedstatedir}/tftpboot/ -%global commit0 172b8a0f79d110dcac1f50acfe412e0a01ff20ab -%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) +%global commit 700eb5bdfb28baba4de5e4083bec9e132a763bcb +%global shortcommit %(c=%{commit}; echo ${c:0:7}) +%global selinuxtype targeted Name: cobbler -Version: 3.3.3 -Release: 9%{?dist} +Version: 3.3.4 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz -#Source0: https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz Source1: migrate-settings.sh +Source2: %{name}.te +Source3: %{name}.if +Source4: %{name}.fc + # Do not run coverage tests Patch0: cobbler-nocov.patch -# Fix build with Sphinx 7 -# Backport of https://github.com/cobbler/cobbler/pull/3465.patch -Patch1: cobbler-sphinx7.patch BuildArch: noarch BuildRequires: make @@ -45,6 +46,10 @@ BuildRequires: python%{python3_pkgversion}-simplejson BuildRequires: python%{python3_pkgversion}-sphinx %endif +# This ensures that the *-selinux package and all it’s dependencies are not pulled +# into containers and other systems that do not use SELinux +Requires: (%{name}-selinux if selinux-policy-%{selinuxtype}) + Requires: httpd Requires: tftp-server Requires: createrepo_c @@ -97,22 +102,51 @@ built-in DHCP/DNS Management. Cobbler has a XML-RPC API for integration with other applications. +%package selinux +Summary: SELinux policies for %{name} +Requires: selinux-policy-%{selinuxtype} +Requires(post): selinux-policy-%{selinuxtype} +BuildRequires: selinux-policy-devel +BuildArch: noarch +%{?selinux_requires} + + +%description selinux +SELinux policies for %{name}. + + %package tests Summary: Unit tests for cobbler Requires: cobbler = %{version}-%{release} %description tests -Unit test files from the Cobbler project +Unit test files from the Cobbler project. + + +%package tests-containers +Summary: Dockerfiles and scripts to setup testing containers +Requires: cobbler = %{version}-%{release} + +%description tests-containers +Dockerfiles and scripts to setup testing containers. %prep %autosetup -p1 +mkdir -p selinux +cp -p %{SOURCE2} %{SOURCE3} %{SOURCE4} selinux/ + %build . ./distro_build_configs.sh %py3_build make man +# SELinux +make -f %{_datadir}/selinux/devel/Makefile %{name}.pp +bzip2 -9 %{name}.pp + + %install . ./distro_build_configs.sh # bypass install errors ( don't chown in install step) @@ -137,6 +171,15 @@ touch %{buildroot}%{_sharedstatedir}/cobbler/web.ss # migrate-settings.sh install -p -m0755 %SOURCE1 %{buildroot}%{_datadir}/cobbler/bin/migrate-settings.sh +# SELinux +install -D -m 0644 %{name}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2 +install -D -p -m 0644 selinux/%{name}.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/%{name}.if + + +%check +# These require an installed system with root access +#pytest -v + %pre if [ $1 -ge 2 ]; then @@ -170,6 +213,8 @@ chgrp apache %{_sysconfdir}/cobbler/users.conf chgrp apache %{_sysconfdir}/cobbler/users.digest chgrp apache %{_sysconfdir}/cobbler/settings.d chgrp apache %{_sysconfdir}/cobbler/settings.d/* +# Change from apache +chown root %{_sharedstatedir}/cobbler/web.ss %posttrans # Migrate pre-3.2.1 settings to settings.yaml @@ -195,6 +240,25 @@ fi %systemd_postun_with_restart cobblerd.service +%pre selinux +%selinux_relabel_pre -s %{selinuxtype} + +%post selinux +%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2 +%selinux_relabel_post -s %{selinuxtype} + +if [ "$1" -le "1" ]; then # First install + # the daemon needs to be restarted for the custom label to be applied + %systemd_postun_with_restart %{name}.service +fi + +%postun selinux +if [ $1 -eq 0 ]; then + %selinux_modules_uninstall -s %{selinuxtype} %{name} + %selinux_relabel_post -s %{selinuxtype} +fi + + %files %license COPYING %doc AUTHORS.in README.md @@ -247,15 +311,40 @@ fi %{_unitdir}/cobblerd.service %{tftpboot_dir}/* /var/www/cobbler -%config(noreplace) %{_sharedstatedir}/cobbler +%dir %{_sharedstatedir}/cobbler +%ghost %attr(0755,root,root) %{_sharedstatedir}/cobbler/backup/ +%config(noreplace) %{_sharedstatedir}/cobbler/collections/ +%config(noreplace) %{_sharedstatedir}/cobbler/distro_signatures.json +%config(noreplace) %{_sharedstatedir}/cobbler/grub_config/ +%config(noreplace) %{_sharedstatedir}/cobbler/loaders/ +%config(noreplace) %{_sharedstatedir}/cobbler/scripts/ +%config(noreplace) %{_sharedstatedir}/cobbler/snippets/ +%config(noreplace) %{_sharedstatedir}/cobbler/templates/ +%config(noreplace) %{_sharedstatedir}/cobbler/triggers/ +%ghost %attr(0644,root,root) %{_sharedstatedir}/cobbler/lock +# Currently used for cli auth +%ghost %attr(0644,root,root) %{_sharedstatedir}/cobbler/web.ss /var/log/cobbler +%files selinux +%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.* +%{_datadir}/selinux/devel/include/distributed/%{name}.if +%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name} + %files tests -%dir %{_datadir}/cobbler/tests -%{_datadir}/cobbler/tests/* +%{_datadir}/cobbler/tests/ + +%files tests-containers +%{_datadir}/cobbler/docker/ %changelog +* Mon Feb 26 2024 Orion Poplawski - 3.3.4-1 +- Update to 3.3.4 +- Add local SELinux policy and allow cobbler to check service statuses, + run mkfs.fat, and check for reposync and yumdownloader (bz#225122) +- Change owndership of web.ss to root (bz#2247652) + * Wed Jan 24 2024 Fedora Release Engineering - 3.3.3-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild diff --git a/cobbler.te b/cobbler.te new file mode 100644 index 0000000..96bdec4 --- /dev/null +++ b/cobbler.te @@ -0,0 +1,243 @@ +policy_module(cobbler, 1.3.0) + +######################################## +# +# Declarations +# + +## +##

+## Determine whether Cobbler can modify +## public files used for public file +## transfer services. +##

+## +gen_tunable(cobbler_anon_write, false) + +## +##

+## Determine whether Cobbler can connect +## to the network using TCP. +##

+## +gen_tunable(cobbler_can_network_connect, false) + +## +##

+## Determine whether Cobbler can access +## cifs file systems. +##

+## +gen_tunable(cobbler_use_cifs, false) + +## +##

+## Determine whether Cobbler can access +## nfs file systems. +##

+## +gen_tunable(cobbler_use_nfs, false) + +gen_require(` + type debuginfo_exec_t; + type init_exec_t; + class file getattr; +') + +type cobblerd_t; +type cobblerd_exec_t; +init_daemon_domain(cobblerd_t, cobblerd_exec_t) + +type cobblerd_initrc_exec_t; +init_script_file(cobblerd_initrc_exec_t) + +type cobbler_etc_t; +files_config_file(cobbler_etc_t) + +type cobbler_var_log_t; +logging_log_file(cobbler_var_log_t) + +type cobbler_var_lib_t alias cobbler_content_t; +files_type(cobbler_var_lib_t) + +type cobbler_tmp_t; +files_tmp_file(cobbler_tmp_t) + +type cobblerd_unit_file_t; +systemd_unit_file(cobblerd_unit_file_t) + +######################################## +# +# Local policy +# + +allow cobblerd_t self:capability { chown dac_read_search fowner fsetid sys_nice }; +dontaudit cobblerd_t self:capability sys_tty_config; +allow cobblerd_t self:process { getsched setsched signal }; +allow cobblerd_t self:fifo_file rw_fifo_file_perms; +allow cobblerd_t self:tcp_socket { accept listen }; +allow cobblerd_t self:netlink_audit_socket create_socket_perms; + +allow cobblerd_t cobbler_etc_t:dir list_dir_perms; +allow cobblerd_t cobbler_etc_t:file read_file_perms; +allow cobblerd_t cobbler_etc_t:lnk_file read_lnk_file_perms; + +allow cobblerd_t cobbler_tmp_t:file mmap_file_perms; +# Allow cobbler to stat /usr/libexec/dnf-utils (aka reposync/yumdownloader) +allow cobblerd_t debuginfo_exec_t:file getattr; +# Allow cobbler to stat /usr/lib/systemd/systemd +allow cobblerd_t init_exec_t:file getattr; +# Allow cobbler to check status of itself +allow cobblerd_t cobblerd_unit_file_t:service status; + +manage_dirs_pattern(cobblerd_t, cobbler_tmp_t, cobbler_tmp_t) +manage_files_pattern(cobblerd_t, cobbler_tmp_t, cobbler_tmp_t) +files_tmp_filetrans(cobblerd_t, cobbler_tmp_t, { dir file }) + +manage_dirs_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t) +manage_files_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t) +manage_lnk_files_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t) +files_var_lib_filetrans(cobblerd_t, cobbler_var_lib_t, dir) +files_var_filetrans(cobblerd_t, cobbler_var_lib_t, dir, "cobbler") + +append_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t) +create_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t) +read_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t) +setattr_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t) +logging_log_filetrans(cobblerd_t, cobbler_var_log_t, file) + +kernel_read_system_state(cobblerd_t) +kernel_read_network_state(cobblerd_t) + +corecmd_exec_bin(cobblerd_t) +corecmd_exec_shell(cobblerd_t) + +corenet_all_recvfrom_netlabel(cobblerd_t) +corenet_all_recvfrom_unlabeled(cobblerd_t) +corenet_tcp_sendrecv_generic_if(cobblerd_t) +corenet_tcp_sendrecv_generic_node(cobblerd_t) +corenet_tcp_bind_generic_node(cobblerd_t) + +corenet_sendrecv_cobbler_server_packets(cobblerd_t) +corenet_tcp_bind_cobbler_port(cobblerd_t) +corenet_tcp_sendrecv_cobbler_port(cobblerd_t) + +corenet_sendrecv_ftp_client_packets(cobblerd_t) +corenet_tcp_connect_ftp_port(cobblerd_t) +corenet_tcp_sendrecv_ftp_port(cobblerd_t) + +corenet_tcp_sendrecv_http_port(cobblerd_t) +corenet_tcp_connect_http_port(cobblerd_t) +corenet_sendrecv_http_client_packets(cobblerd_t) + +dev_read_sysfs(cobblerd_t) +dev_read_urand(cobblerd_t) + +files_list_boot(cobblerd_t) +files_list_tmp(cobblerd_t) +files_read_boot_files(cobblerd_t) +files_read_etc_runtime_files(cobblerd_t) + +fs_getattr_all_fs(cobblerd_t) +fs_read_iso9660_files(cobblerd_t) + +selinux_get_enforce_mode(cobblerd_t) + +term_use_console(cobblerd_t) + +auth_use_nsswitch(cobblerd_t) + +logging_send_syslog_msg(cobblerd_t) + +miscfiles_read_localization(cobblerd_t) +miscfiles_read_public_files(cobblerd_t) + +sysnet_dns_name_resolve(cobblerd_t) +sysnet_rw_dhcp_config(cobblerd_t) +sysnet_write_config(cobblerd_t) + +tunable_policy(`cobbler_anon_write',` + miscfiles_manage_public_files(cobblerd_t) +') + +tunable_policy(`cobbler_can_network_connect',` + corenet_sendrecv_all_client_packets(cobblerd_t) + corenet_tcp_connect_all_ports(cobblerd_t) + corenet_tcp_sendrecv_all_ports(cobblerd_t) +') + +tunable_policy(`cobbler_use_cifs',` + fs_manage_cifs_dirs(cobblerd_t) + fs_manage_cifs_files(cobblerd_t) + fs_manage_cifs_symlinks(cobblerd_t) +') + +tunable_policy(`cobbler_use_nfs',` + fs_manage_nfs_dirs(cobblerd_t) + fs_manage_nfs_files(cobblerd_t) + fs_manage_nfs_symlinks(cobblerd_t) +') + +optional_policy(` + apache_search_config(cobblerd_t) + apache_domtrans(cobblerd_t) + apache_search_sys_content(cobblerd_t) +') + +optional_policy(` + bind_read_config(cobblerd_t) + bind_write_config(cobblerd_t) + bind_domtrans_ndc(cobblerd_t) + bind_domtrans(cobblerd_t) + bind_initrc_domtrans(cobblerd_t) + bind_manage_zone(cobblerd_t) + bind_systemctl(cobblerd_t) +') + +optional_policy(` + certmaster_exec(cobblerd_t) +') + +optional_policy(` + dhcpd_domtrans(cobblerd_t) + dhcpd_initrc_domtrans(cobblerd_t) + dhcpd_systemctl(cobblerd_t) +') + +optional_policy(` + dnsmasq_domtrans(cobblerd_t) + dnsmasq_initrc_domtrans(cobblerd_t) + dnsmasq_write_config(cobblerd_t) + dnsmasq_systemctl(cobblerd_t) +') + +# To run mkfs.fat when generating ISO +optional_policy(` + fstools_exec(cobblerd_t) +') + +optional_policy(` + libs_exec_ldconfig(cobblerd_t) +') + +optional_policy(` + mysql_stream_connect(cobblerd_t) +') + +optional_policy(` + rpm_exec(cobblerd_t) +') + +optional_policy(` + rsync_exec(cobblerd_t) + rsync_read_config(cobblerd_t) + rsync_manage_config(cobblerd_t) + rsync_etc_filetrans_config(cobblerd_t, file, "rsync.conf") +') + +optional_policy(` + tftp_manage_config(cobblerd_t) + tftp_manage_rw_content(cobblerd_t) + tftp_delete_content_dirs(cobblerd_t) + tftp_filetrans_tftpdir(cobblerd_t, cobbler_var_lib_t, { dir file }) +') diff --git a/sources b/sources index 52973e0..36c8a40 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.3.3.tar.gz) = 9011ae3407a3418f476f4d7b76f7b4978904a612f455e31acf44c3e9c223e4aba9bfbc17b7a12b5aedd4f380b6e8f87e0bc57dd826c945adff4fef34857c917f +SHA512 (cobbler-3.3.4.tar.gz) = 931dc6e2927d3177a7aa6e83cc15defc77aa624059284e44fb941ff3fa7b78e1d5729af7b819faa3573558e1b5ee8e068378559b67069c7f02ea5c0ed947ab9e From 4411debad78426562945b9400aaa2b3d8209206c Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Mon, 26 Feb 2024 21:54:57 -0700 Subject: [PATCH 60/89] Fix BZ#s --- cobbler.spec | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index a0ee626..31d6752 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -342,8 +342,8 @@ fi * Mon Feb 26 2024 Orion Poplawski - 3.3.4-1 - Update to 3.3.4 - Add local SELinux policy and allow cobbler to check service statuses, - run mkfs.fat, and check for reposync and yumdownloader (bz#225122) -- Change owndership of web.ss to root (bz#2247652) + run mkfs.fat, and check for reposync and yumdownloader (bz#2251220) +- Change owndership of web.ss to root (bz#2247653) * Wed Jan 24 2024 Fedora Release Engineering - 3.3.3-9 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild From 6428fa3761bb6f014eee44415a90f19fdf0c929e Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 25 Apr 2024 19:30:42 -0600 Subject: [PATCH 61/89] Test for existence of web.ss before chowning it (bz#2276860) --- cobbler.spec | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 31d6752..fed4e21 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ Name: cobbler Version: 3.3.4 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -214,7 +214,9 @@ chgrp apache %{_sysconfdir}/cobbler/users.digest chgrp apache %{_sysconfdir}/cobbler/settings.d chgrp apache %{_sysconfdir}/cobbler/settings.d/* # Change from apache -chown root %{_sharedstatedir}/cobbler/web.ss +if [ -f %{_sharedstatedir}/cobbler/web.ss ]; then + chown root %{_sharedstatedir}/cobbler/web.ss +fi %posttrans # Migrate pre-3.2.1 settings to settings.yaml @@ -339,6 +341,9 @@ fi %changelog +* Fri Apr 26 2024 Orion Poplawski - 3.3.4-2 +- Test for existence of web.ss before chowning it (bz#2276860) + * Mon Feb 26 2024 Orion Poplawski - 3.3.4-1 - Update to 3.3.4 - Add local SELinux policy and allow cobbler to check service statuses, From 65c2b1ba5d2a2cb9326634b2b53ede9b4bace15d Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 27 Apr 2024 10:49:25 -0600 Subject: [PATCH 62/89] Fix service name in selinux post install script --- cobbler.spec | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index fed4e21..514a585 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ Name: cobbler Version: 3.3.4 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -251,7 +251,7 @@ fi if [ "$1" -le "1" ]; then # First install # the daemon needs to be restarted for the custom label to be applied - %systemd_postun_with_restart %{name}.service + %systemd_postun_with_restart cobblerd.service fi %postun selinux @@ -341,6 +341,9 @@ fi %changelog +* Sat Apr 27 2024 Orion Poplawski - 3.3.4-3 +- Fix service name in selinux post install script + * Fri Apr 26 2024 Orion Poplawski - 3.3.4-2 - Test for existence of web.ss before chowning it (bz#2276860) From ca7ccfbefd0df627e3c4e8139faf2ca01ab1d8e0 Mon Sep 17 00:00:00 2001 From: Python Maint Date: Fri, 7 Jun 2024 18:57:18 +0200 Subject: [PATCH 63/89] Rebuilt for Python 3.13 --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 514a585..6c122a3 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ Name: cobbler Version: 3.3.4 -Release: 3%{?dist} +Release: 4%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -341,6 +341,9 @@ fi %changelog +* Fri Jun 07 2024 Python Maint - 3.3.4-4 +- Rebuilt for Python 3.13 + * Sat Apr 27 2024 Orion Poplawski - 3.3.4-3 - Fix service name in selinux post install script From ba39bd45a2da975236348a41671fc6e3155ae10d Mon Sep 17 00:00:00 2001 From: Python Maint Date: Fri, 7 Jun 2024 23:19:34 +0200 Subject: [PATCH 64/89] Rebuilt for Python 3.13 --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 6c122a3..3a50858 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ Name: cobbler Version: 3.3.4 -Release: 4%{?dist} +Release: 5%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -341,6 +341,9 @@ fi %changelog +* Fri Jun 07 2024 Python Maint - 3.3.4-5 +- Rebuilt for Python 3.13 + * Fri Jun 07 2024 Python Maint - 3.3.4-4 - Rebuilt for Python 3.13 From 0bca026fd8182ab9578945aa1a00463574b43176 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Thu, 11 Jul 2024 21:38:48 -0600 Subject: [PATCH 65/89] Update to 3.3.5 Update to 3.3.5 Update to 3.3.5 Update to 3.3.5 --- cobbler-nocov.patch | 26 ++++++++++++++------------ cobbler.spec | 7 +++++-- sources | 2 +- 3 files changed, 20 insertions(+), 15 deletions(-) diff --git a/cobbler-nocov.patch b/cobbler-nocov.patch index 40efcf5..0f36417 100644 --- a/cobbler-nocov.patch +++ b/cobbler-nocov.patch @@ -1,8 +1,8 @@ diff --git a/setup.py b/setup.py -index 4b21af3..145bdab 100644 +index 587a50a..8eff4a3 100644 --- a/setup.py +++ b/setup.py -@@ -16,7 +16,6 @@ from configparser import ConfigParser +@@ -15,7 +15,6 @@ from configparser import ConfigParser from setuptools import find_packages import codecs @@ -10,7 +10,7 @@ index 4b21af3..145bdab 100644 import pwd import shutil import subprocess -@@ -338,15 +337,8 @@ class test_command(Command): +@@ -343,15 +342,8 @@ class test_command(Command): def run(self): import pytest @@ -26,7 +26,7 @@ index 4b21af3..145bdab 100644 sys.exit(int(bool(len(result.failures) > 0 or len(result.errors) > 0))) -@@ -474,7 +466,6 @@ if __name__ == "__main__": +@@ -479,7 +471,6 @@ if __name__ == "__main__": }, license="GPLv2+", setup_requires=[ @@ -34,12 +34,14 @@ index 4b21af3..145bdab 100644 "distro", "setuptools", "sphinx", -@@ -494,7 +485,7 @@ if __name__ == "__main__": - ], - extras_require={ - "lint": ["pyflakes", "pycodestyle"], -- "test": ["pytest", "pytest-cov", "codecov", "pytest-mock"], -+ "test": ["pytest", "pytest-mock"], +@@ -501,10 +492,7 @@ if __name__ == "__main__": + "lint": ["pyflakes", "pycodestyle", "pylint", "black", "mypy"], + "test": [ + "pytest>6", +- "pytest-cov", +- "codecov", + "pytest-mock", +- "pytest-benchmark", + ], + "docs": ["sphinx", "sphinx-rtd-theme", "sphinxcontrib-apidoc"], # We require the current version to properly detect duplicate issues - # See: https://github.com/twisted/towncrier/releases/tag/22.8.0 - "changelog": ["towncrier>=22.8.0"], diff --git a/cobbler.spec b/cobbler.spec index 3a50858..a7fb66f 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,8 +5,8 @@ %global selinuxtype targeted Name: cobbler -Version: 3.3.4 -Release: 5%{?dist} +Version: 3.3.5 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -341,6 +341,9 @@ fi %changelog +* Fri Jul 12 2024 Orion Poplawski - 3.3.5-1 +- Update to 3.3.5 + * Fri Jun 07 2024 Python Maint - 3.3.4-5 - Rebuilt for Python 3.13 diff --git a/sources b/sources index 36c8a40..1177e27 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.3.4.tar.gz) = 931dc6e2927d3177a7aa6e83cc15defc77aa624059284e44fb941ff3fa7b78e1d5729af7b819faa3573558e1b5ee8e068378559b67069c7f02ea5c0ed947ab9e +SHA512 (cobbler-3.3.5.tar.gz) = 4290e92fc4fdd85a53086c287b83f70e1077a7b76d4b25efcbadb1de6f22b1f5d8f7625243abf79d3832e98678d0290d9413e528ab0d05aacde7bc0c8f9a8d14 From da3242e6879d52bd9f794e78b2710f41c691819c Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 17 Jul 2024 19:36:15 +0000 Subject: [PATCH 66/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index a7fb66f..26561a0 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ Name: cobbler Version: 3.3.5 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ License: GPLv2+ @@ -341,6 +341,9 @@ fi %changelog +* Wed Jul 17 2024 Fedora Release Engineering - 3.3.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + * Fri Jul 12 2024 Orion Poplawski - 3.3.5-1 - Update to 3.3.5 From 4f2da8b22a11f8e54a1150a9eb8cffab87c460f4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miroslav=20Such=C3=BD?= Date: Thu, 25 Jul 2024 23:19:59 +0200 Subject: [PATCH 67/89] convert GPLv2+ license to SPDX This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4 --- cobbler.spec | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 26561a0..24d6846 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,10 +6,11 @@ Name: cobbler Version: 3.3.5 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ -License: GPLv2+ +# Automatically converted from old format: GPLv2+ - review is highly recommended. +License: GPL-2.0-or-later Source0: https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz Source1: migrate-settings.sh Source2: %{name}.te @@ -341,6 +342,9 @@ fi %changelog +* Thu Jul 25 2024 Miroslav Suchý - 3.3.5-3 +- convert license to SPDX + * Wed Jul 17 2024 Fedora Release Engineering - 3.3.5-2 - Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild From e4ad2811c560a929f27b3e764a58ea85c2d9b6ce Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 30 Jul 2024 19:58:58 -0600 Subject: [PATCH 68/89] Update to 3.3.6 Update to 3.3.6 Update to 3.3.6 Update to 3.3.6 --- cobbler.spec | 8 ++++++-- sources | 2 +- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 24d6846..f53ac71 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,8 +5,8 @@ %global selinuxtype targeted Name: cobbler -Version: 3.3.5 -Release: 3%{?dist} +Version: 3.3.6 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ # Automatically converted from old format: GPLv2+ - review is highly recommended. @@ -53,6 +53,7 @@ Requires: (%{name}-selinux if selinux-policy-%{selinuxtype}) Requires: httpd Requires: tftp-server +Requires: dosfstools Requires: createrepo_c Requires: rsync Requires: xorriso @@ -342,6 +343,9 @@ fi %changelog +* Wed Jul 31 2024 Orion Poplawski - 3.3.6-1 +- Update to 3.3.6 + * Thu Jul 25 2024 Miroslav Suchý - 3.3.5-3 - convert license to SPDX diff --git a/sources b/sources index 1177e27..518b62e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.3.5.tar.gz) = 4290e92fc4fdd85a53086c287b83f70e1077a7b76d4b25efcbadb1de6f22b1f5d8f7625243abf79d3832e98678d0290d9413e528ab0d05aacde7bc0c8f9a8d14 +SHA512 (cobbler-3.3.6.tar.gz) = 0cb19f7479845861b9d08f491eb735acdce02d9a0eea38439e8abd2678fd2c5ff895766df148a0d7bee8c88b5f6c05a24168529f5a1e3993d137b525d31f1ba7 From a8bdaff8349854324a8f30d23ff84efaa8cf85d7 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Tue, 30 Jul 2024 19:59:46 -0600 Subject: [PATCH 69/89] Drop old conditionals --- cobbler.spec | 18 ------------------ 1 file changed, 18 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index f53ac71..bd3658a 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -23,7 +23,6 @@ BuildArch: noarch BuildRequires: make BuildRequires: python%{python3_pkgversion}-devel -%if 0%{?fedora} || 0%{?rhel} >= 8 BuildRequires: %{py3_dist cheetah3} BuildRequires: %{py3_dist distro} BuildRequires: %{py3_dist netaddr} @@ -34,18 +33,6 @@ BuildRequires: %{py3_dist setuptools} BuildRequires: %{py3_dist simplejson} # For docs BuildRequires: %{py3_dist sphinx} -%else -BuildRequires: python%{python3_pkgversion}-cheetah -BuildRequires: python%{python3_pkgversion}-distro -BuildRequires: python%{python3_pkgversion}-netaddr -BuildRequires: python%{python3_pkgversion}-PyYAML -BuildRequires: python%{python3_pkgversion}-requests -BuildRequires: python%{python3_pkgversion}-schema -BuildRequires: python%{python3_pkgversion}-setuptools -BuildRequires: python%{python3_pkgversion}-simplejson -# For docs -BuildRequires: python%{python3_pkgversion}-sphinx -%endif # This ensures that the *-selinux package and all it’s dependencies are not pulled # into containers and other systems that do not use SELinux @@ -69,7 +56,6 @@ Requires: %{py3_dist schema} Requires: %{py3_dist simplejson} Requires: genisoimage -%if 0%{?fedora} || 0%{?rhel} >= 8 # Not everyone wants bash-completion...? Recommends: bash-completion Requires: dnf-plugins-core @@ -81,10 +67,6 @@ Recommends: grub2-efi-x64 Recommends: logrotate Recommends: %{py3_dist ldap} Recommends: %{py3_dist librepo} -%else -Requires: %{py3_dist ldap} -Requires: yum-utils -%endif # https://github.com/cobbler/cobbler/issues/1685 Requires: /sbin/service Obsoletes: cobbler-web < 3.3 From 0db922ecdf16ab558c554d4e13685f3f907c4a07 Mon Sep 17 00:00:00 2001 From: Carl George Date: Fri, 27 Sep 2024 01:13:58 -0500 Subject: [PATCH 70/89] Remove simplejson dependency This was removed upstream in version 3.3.0. https://github.com/cobbler/cobbler/commit/ba64e5ef76c37601c99e55179fc990e13f02a21e --- cobbler.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index bd3658a..8c27c2e 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -30,7 +30,6 @@ BuildRequires: %{py3_dist pyyaml} BuildRequires: %{py3_dist requests} BuildRequires: %{py3_dist schema} BuildRequires: %{py3_dist setuptools} -BuildRequires: %{py3_dist simplejson} # For docs BuildRequires: %{py3_dist sphinx} @@ -53,7 +52,6 @@ Requires: %{py3_dist netaddr} Requires: %{py3_dist pyyaml} Requires: %{py3_dist requests} Requires: %{py3_dist schema} -Requires: %{py3_dist simplejson} Requires: genisoimage # Not everyone wants bash-completion...? From 38e625d09c8a0ede8242f1ffa11c4b8b4b877d05 Mon Sep 17 00:00:00 2001 From: Carl George Date: Fri, 27 Sep 2024 01:18:42 -0500 Subject: [PATCH 71/89] Remove duplicate run-time dependencies The automatic run-time dependency generator already covers all of these. https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#Automatically-generated-dependencies --- cobbler.spec | 9 --------- 1 file changed, 9 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 8c27c2e..6907e56 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -43,15 +43,6 @@ Requires: dosfstools Requires: createrepo_c Requires: rsync Requires: xorriso -Requires: %{py3_dist cheetah3} -Requires: %{py3_dist distro} -Requires: %{py3_dist dnspython} -Requires: %{py3_dist file-magic} -Requires: %{py3_dist mod_wsgi} -Requires: %{py3_dist netaddr} -Requires: %{py3_dist pyyaml} -Requires: %{py3_dist requests} -Requires: %{py3_dist schema} Requires: genisoimage # Not everyone wants bash-completion...? From a67153671d690419105d6ff88e72bfb7f4755364 Mon Sep 17 00:00:00 2001 From: Carl George Date: Fri, 27 Sep 2024 01:22:24 -0500 Subject: [PATCH 72/89] Remove python3dist(ldap) weak dependency Nothing in Fedora provides python3dist(ldap), so this recommends has no effect. On PyPI ldap is an uninstallable dummy project with a description that directs people to python-ldap. Cobbler already has a run-time dependency on python-ldap from the automatic generator. --- cobbler.spec | 1 - 1 file changed, 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 6907e56..f9e41eb 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -54,7 +54,6 @@ Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) Recommends: grub2-efi-ia32 Recommends: grub2-efi-x64 Recommends: logrotate -Recommends: %{py3_dist ldap} Recommends: %{py3_dist librepo} # https://github.com/cobbler/cobbler/issues/1685 Requires: /sbin/service From 47027a0994e98fb7da00b135b93bc438d4991fe6 Mon Sep 17 00:00:00 2001 From: Carl George Date: Fri, 27 Sep 2024 01:30:16 -0500 Subject: [PATCH 73/89] Fix cheetah dependency Cheetah switched names from Cheetah3 to CT3 in its metadata in version 3.3.0. The Fedora package name is the same, but since we're using %py3_dist to specify the build-time dependency we must use the new metadata name. We also must adjust cobbler's metadata to specify the correct metadata name as a run-time dependency, because that is what the automatic Python run-time dependency generator uses. https://github.com/CheetahTemplate3/cheetah3/commit/673259b2d139b4ea970b1c2da12607b7ac39cbec Resolves: rhbz#2314630 --- cobbler.spec | 17 ++++++++++++++++- 1 file changed, 16 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index f9e41eb..f4ebdfa 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -6,7 +6,7 @@ Name: cobbler Version: 3.3.6 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ # Automatically converted from old format: GPLv2+ - review is highly recommended. @@ -23,7 +23,13 @@ BuildArch: noarch BuildRequires: make BuildRequires: python%{python3_pkgversion}-devel +# Cheetah switched names from Cheetah3 to CT3 in its metadata in version 3.3.0. +# https://github.com/CheetahTemplate3/cheetah3/commit/673259b2d139b4ea970b1c2da12607b7ac39cbec +%if 0%{?fedora} >= 42 || 0%{?rhel} >= 10 +BuildRequires: %{py3_dist ct3} +%else BuildRequires: %{py3_dist cheetah3} +%endif BuildRequires: %{py3_dist distro} BuildRequires: %{py3_dist netaddr} BuildRequires: %{py3_dist pyyaml} @@ -108,6 +114,12 @@ Dockerfiles and scripts to setup testing containers. mkdir -p selinux cp -p %{SOURCE2} %{SOURCE3} %{SOURCE4} selinux/ +# Cheetah switched names from Cheetah3 to CT3 in its metadata in version 3.3.0. +# https://github.com/CheetahTemplate3/cheetah3/commit/673259b2d139b4ea970b1c2da12607b7ac39cbec +%if 0%{?fedora} >= 42 || 0%{?rhel} >= 10 +sed -e 's/Cheetah3/CT3/' -i setup.py +%endif + %build . ./distro_build_configs.sh @@ -313,6 +325,9 @@ fi %changelog +* Fri Sep 27 2024 Carl George - 3.3.6-2 +- Fix cheetah dependency rhbz#2314630 + * Wed Jul 31 2024 Orion Poplawski - 3.3.6-1 - Update to 3.3.6 From 694275065e02a2275589f89f0cbd0c0ae479c500 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 17 Nov 2024 16:24:53 -0700 Subject: [PATCH 74/89] Update to 3.3.7 (CVE-2024-47533) --- cobbler-nocov.patch | 16 +++++----------- cobbler.spec | 7 +++++-- sources | 2 +- 3 files changed, 11 insertions(+), 14 deletions(-) diff --git a/cobbler-nocov.patch b/cobbler-nocov.patch index 0f36417..c50edfd 100644 --- a/cobbler-nocov.patch +++ b/cobbler-nocov.patch @@ -1,23 +1,17 @@ diff --git a/setup.py b/setup.py -index 587a50a..8eff4a3 100644 +index 59f7601..023d84b 100644 --- a/setup.py +++ b/setup.py -@@ -15,7 +15,6 @@ from configparser import ConfigParser - from setuptools import find_packages +@@ -341,17 +341,9 @@ class test_command(Command): - import codecs --from coverage import Coverage - import pwd - import shutil - import subprocess -@@ -343,15 +342,8 @@ class test_command(Command): def run(self): import pytest - +- from coverage import Coverage +- - cov = Coverage() - cov.erase() - cov.start() -- + result = pytest.main() - cov.stop() diff --git a/cobbler.spec b/cobbler.spec index f4ebdfa..764ad3b 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -5,8 +5,8 @@ %global selinuxtype targeted Name: cobbler -Version: 3.3.6 -Release: 2%{?dist} +Version: 3.3.7 +Release: 1%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ # Automatically converted from old format: GPLv2+ - review is highly recommended. @@ -325,6 +325,9 @@ fi %changelog +* Sun Nov 17 2024 Orion Poplawski - 3.3.7-1 +- Update to 3.3.7 (CVE-2024-47533) + * Fri Sep 27 2024 Carl George - 3.3.6-2 - Fix cheetah dependency rhbz#2314630 diff --git a/sources b/sources index 518b62e..ba2585a 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -SHA512 (cobbler-3.3.6.tar.gz) = 0cb19f7479845861b9d08f491eb735acdce02d9a0eea38439e8abd2678fd2c5ff895766df148a0d7bee8c88b5f6c05a24168529f5a1e3993d137b525d31f1ba7 +SHA512 (cobbler-3.3.7.tar.gz) = df6570dd7c6cbe50464624267df1bbecbb29e60513bba312a6c726502d4670670f3113f24b6b7e465d0b3353c0721e6fe3725dbc4569b4f624ec2b4a29682d1a From fbd4957ccbbd51db9a69b13de06bbf569bcd9fea Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 17 Nov 2024 16:56:21 -0700 Subject: [PATCH 75/89] Drop unused patches --- ...ermissions-to-var-lib-cobbler-web.ss.patch | 25 ---------------- 2441.patch | 30 ------------------- cobbler-rhel.patch | 13 -------- 3 files changed, 68 deletions(-) delete mode 100644 0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch delete mode 100644 2441.patch delete mode 100644 cobbler-rhel.patch diff --git a/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch b/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch deleted file mode 100644 index bf55655..0000000 --- a/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 782dd7a1deacfcaa4318519f1cae2c0b4748661b Mon Sep 17 00:00:00 2001 -From: Orion Poplawski -Date: Sun, 25 Oct 2020 11:43:25 -0600 -Subject: [PATCH] Give root RW permissions to /var/lib/cobbler/web.ss - ---- - cobbler/cobblerd.py | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/cobbler/cobblerd.py b/cobbler/cobblerd.py -index fe1cf889..34aedf97 100644 ---- a/cobbler/cobblerd.py -+++ b/cobbler/cobblerd.py -@@ -57,7 +57,7 @@ def regen_ss_file(): - data = fd.read(512) - fd.close() - -- fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o600) -+ fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o660) - os.write(fd, binascii.hexlify(data)) - os.close(fd) - --- -2.29.0 - diff --git a/2441.patch b/2441.patch deleted file mode 100644 index fb1f0f4..0000000 --- a/2441.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 8c04ef7d81f33900fda1ad3c4efa710827e22064 Mon Sep 17 00:00:00 2001 -From: Orion Poplawski -Date: Sun, 25 Oct 2020 13:49:25 -0600 -Subject: [PATCH] Do not try to access log file if we are not running as root - ---- - cobbler/clogger.py | 10 ++-------- - 1 file changed, 2 insertions(+), 8 deletions(-) - -diff --git a/cobbler/clogger.py b/cobbler/clogger.py -index 191455113..635865dc1 100644 ---- a/cobbler/clogger.py -+++ b/cobbler/clogger.py -@@ -30,14 +30,8 @@ - # Cobbler. - - # This is necessary to prevent apache to try to access the file --LOG_FILE = "/var/log/cobbler/cobbler.log" --try: -- if not os.path.isfile(LOG_FILE): -- open(LOG_FILE, 'a').close() -- if os.access(LOG_FILE, os.W_OK): -- logging.config.fileConfig('/etc/cobbler/logging_config.conf') --except Exception: -- pass -+if os.geteuid() == 0: -+ logging.config.fileConfig('/etc/cobbler/logging_config.conf') - - - class Logger(object): diff --git a/cobbler-rhel.patch b/cobbler-rhel.patch deleted file mode 100644 index 021f46c..0000000 --- a/cobbler-rhel.patch +++ /dev/null @@ -1,13 +0,0 @@ -diff --git a/distro_build_configs.sh b/distro_build_configs.sh -index bad43e3c..52eb1136 100644 ---- a/distro_build_configs.sh -+++ b/distro_build_configs.sh -@@ -24,7 +24,7 @@ if [ "$DISTRO" = "" ] && [ -r /etc/os-release ];then - sle*|*suse*) - DISTRO="SUSE" - ;; -- fedora*|centos*) -+ fedora*|centos*|rhel*) - DISTRO="FEDORA" - ;; - ubuntu*|debian*) From 11a217ef3c1ba065599aca1bfface305e593fc9c Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 5 Jan 2025 11:02:23 -0700 Subject: [PATCH 76/89] Backport upstream patch for Python 3.13 support (rhbz#2335620) --- cobbler-python3.13.patch | 972 +++++++++++++++++++++++++++++++++++++++ cobbler.spec | 23 +- 2 files changed, 992 insertions(+), 3 deletions(-) create mode 100644 cobbler-python3.13.patch diff --git a/cobbler-python3.13.patch b/cobbler-python3.13.patch new file mode 100644 index 0000000..78847a4 --- /dev/null +++ b/cobbler-python3.13.patch @@ -0,0 +1,972 @@ +diff --git a/changelog.d/3842.fixed b/changelog.d/3842.fixed +new file mode 100644 +index 00000000..6c6d6313 +--- /dev/null ++++ b/changelog.d/3842.fixed +@@ -0,0 +1 @@ ++Fix compatibility with Python 3.13 +diff --git a/cobbler/actions/reposync.py b/cobbler/actions/reposync.py +index c0163350..ec5745fb 100644 +--- a/cobbler/actions/reposync.py ++++ b/cobbler/actions/reposync.py +@@ -23,9 +23,9 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA + import logging + import os + import os.path +-import pipes +-import stat ++import shlex + import shutil ++import stat + from typing import Optional, Union + + from cobbler import utils +@@ -272,9 +272,9 @@ class RepoSync: + blended = utils.blender(self.api, False, repo) + flags = blended.get("createrepo_flags", "(ERROR: FLAGS)") + try: +- cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, pipes.quote(dirname)) +- utils.subprocess_call(cmd) +- except: ++ cmd = ["createrepo"] + mdoptions + flags + [shlex.quote(dirname)] ++ utils.subprocess_call(cmd, shell=False) ++ except Exception: + utils.log_exc() + self.logger.error("createrepo failed.") + del fnames[:] # we're in the right place +@@ -302,8 +302,19 @@ class RepoSync: + dest_path = os.path.join(self.settings.webdir, "repo_mirror", repo.name) + + # FIXME: wrapper for subprocess that logs to logger +- cmd = ["wget", "-N", "-np", "-r", "-l", "inf", "-nd", "-P", pipes.quote(dest_path), pipes.quote(repo.mirror)] +- rc = utils.subprocess_call(cmd) ++ cmd = [ ++ "wget", ++ "-N", ++ "-np", ++ "-r", ++ "-l", ++ "inf", ++ "-nd", ++ "-P", ++ shlex.quote(dest_path), ++ shlex.quote(repo.mirror), ++ ] ++ return_value = utils.subprocess_call(cmd, shell=False) + + if rc != 0: + raise CX("cobbler reposync failed") +@@ -347,9 +358,14 @@ class RepoSync: + if flags == '': + flags = self.settings.reposync_rsync_flags + +- cmd = "rsync %s --delete-after %s --delete --exclude-from=/etc/cobbler/rsync.exclude %s %s" \ +- % (flags, spacer, pipes.quote(repo.mirror), pipes.quote(dest_path)) +- rc = utils.subprocess_call(cmd) ++ cmd = ["rsync"] + flags + ["--delete-after"] ++ cmd += spacer + [ ++ "--delete", ++ "--exclude-from=/etc/cobbler/rsync.exclude", ++ shlex.quote(repo.mirror), ++ shlex.quote(dest_path), ++ ] ++ return_code = utils.subprocess_call(cmd, shell=False) + + if rc != 0: + raise CX("cobbler reposync failed") +@@ -386,10 +402,11 @@ class RepoSync: + if not HAS_LIBREPO: + raise CX("no librepo found, please install python3-librepo") + +- if os.path.exists("/usr/bin/dnf"): +- cmd = "/usr/bin/dnf reposync" +- elif os.path.exists("/usr/bin/reposync"): +- cmd = "/usr/bin/reposync" ++ if os.path.exists("/usr/bin/reposync"): ++ cmd = ["/usr/bin/reposync"] ++ # DNF5 does not have a reposync subcommand ++ elif os.path.exists("/usr/bin/dnf"): ++ cmd = ["/usr/bin/dnf", "reposync"] + else: + # Warn about not having yum-utils. We don't want to require it in the package because Fedora 22+ has moved + # to dnf. +@@ -451,6 +468,11 @@ class RepoSync: + # Counter-intuitive, but we want the newish kernels too + arch = "i686" + ++ cmd = self.reposync_cmd() ++ cmd += self.rflags + [ ++ f"--repo={shlex.quote(rest)}", ++ f"--download-path={shlex.quote(repos_path)}", ++ ] + if arch != "none": + cmd = "%s -a %s" % (cmd, arch) + +@@ -544,9 +566,11 @@ class RepoSync: + + if not has_rpm_list: + # If we have not requested only certain RPMs, use reposync +- cmd = "%s %s --config=%s --repoid=%s -p %s" \ +- % (cmd, self.rflags, temp_file, pipes.quote(repo.name), +- pipes.quote(repos_path)) ++ cmd += self.rflags + [ ++ f"--config={temp_file}", ++ f"--repoid={shlex.quote(repo.name)}", ++ f"--download-path={shlex.quote(repos_path)}", ++ ] + if arch != "none": + cmd = "%s -a %s" % (cmd, arch) + +@@ -557,14 +581,14 @@ class RepoSync: + + use_source = "" + if arch == "src": +- use_source = "--source" +- +- # Older yumdownloader sometimes explodes on --resolvedeps if this happens to you, upgrade yum & yum-utils +- extra_flags = self.settings.yumdownloader_flags +- cmd = "/usr/bin/dnf download" +- cmd = "%s %s %s --disablerepo=* --enablerepo=%s -c %s --destdir=%s %s" \ +- % (cmd, extra_flags, use_source, pipes.quote(repo.name), temp_file, pipes.quote(dest_path), +- " ".join(repo.rpm_list)) ++ cmd.append("--source") ++ cmd += [ ++ "--disablerepo=*", ++ f"--enablerepo={shlex.quote(repo.name)}", ++ f"-c={temp_file}", ++ f"--destdir={shlex.quote(dest_path)}", ++ ] ++ cmd += repo.rpm_list + + # Now regardless of whether we're doing yumdownloader or reposync or whether the repo was http://, ftp://, or + # rhn://, execute all queued commands here. Any failure at any point stops the operation. +@@ -669,17 +693,21 @@ class RepoSync: + dists = ",".join(repo.apt_dists) + components = ",".join(repo.apt_components) + +- mirror_data = "--method=%s --host=%s --root=%s --dist=%s --section=%s" \ +- % (pipes.quote(method), pipes.quote(host), pipes.quote(mirror), pipes.quote(dists), +- pipes.quote(components)) ++ mirror_data = [ ++ f"--method={shlex.quote(method)}", ++ f"--host={shlex.quote(host)}", ++ f"--root={shlex.quote(mirror)}", ++ f"--dist={shlex.quote(dists)}", ++ f"--section={shlex.quote(components)}", ++ ] + + rflags = "--nocleanup" + for x in repo.yumopts: + if repo.yumopts[x]: + rflags += " %s=%s" % (x, repo.yumopts[x]) + else: +- rflags += " %s" % x +- cmd = "%s %s %s %s" % (mirror_program, rflags, mirror_data, pipes.quote(dest_path)) ++ rflags.append(repo_yumoption) ++ cmd = [mirror_program] + rflags + mirror_data + [shlex.quote(dest_path)] + if repo.arch == RepoArchs.SRC: + cmd = "%s --source" % cmd + else: +diff --git a/tests/actions/reposync_test.py b/tests/actions/reposync_test.py +index 0bee772c..ee8d1549 100644 +--- a/tests/actions/reposync_test.py ++++ b/tests/actions/reposync_test.py +@@ -1,251 +1,592 @@ ++""" ++Tests that validate the functionality of the module that is responsible for repository synchronization. ++""" ++ + import os +-import glob ++from pathlib import Path ++from typing import TYPE_CHECKING, Any, Dict, List, Union + + import pytest + +-from cobbler import enums ++from cobbler import cexceptions, enums ++from cobbler.actions import reposync + from cobbler.api import CobblerAPI +-from cobbler.actions.reposync import RepoSync + from cobbler.items.repo import Repo +-from cobbler import cexceptions +-from tests.conftest import does_not_raise + ++from tests.conftest import does_not_raise + +-@pytest.fixture(scope="class") +-def api(): +- return CobblerAPI() ++if TYPE_CHECKING: ++ from pytest_mock import MockerFixture + + +-@pytest.fixture(scope="class") +-def reposync(api): +- test_reposync = RepoSync(api, tries=2, nofail=False) ++@pytest.fixture(name="reposync_object", scope="function") ++def fixture_reposync_object( ++ mocker: "MockerFixture", cobbler_api: CobblerAPI ++) -> reposync.RepoSync: ++ settings_mock = mocker.MagicMock() ++ settings_mock.webdir = "/srv/www/cobbler" ++ settings_mock.server = "localhost" ++ settings_mock.http_port = 80 ++ settings_mock.proxy_url_ext = "" ++ settings_mock.yumdownloader_flags = "--testflag" ++ settings_mock.reposync_rsync_flags = "--testflag" ++ settings_mock.reposync_flags = "--testflag" ++ mocker.patch.object(cobbler_api, "settings", return_value=settings_mock) ++ test_reposync = reposync.RepoSync(cobbler_api, tries=2, nofail=False) + return test_reposync + + +-@pytest.fixture +-def repo(api): ++@pytest.fixture(name="repo") ++def fixture_repo(cobbler_api: CobblerAPI) -> Repo: + """ + Creates a Repository "testrepo0" with a keep_updated=True and mirror_locally=True". + """ +- test_repo = Repo(api) ++ test_repo = Repo(cobbler_api) + test_repo.name = "testrepo0" + test_repo.mirror_locally = True + test_repo.keep_updated = True +- api.add_repo(test_repo) + return test_repo + + + @pytest.fixture +-def remove_repo(api): ++def remove_repo(cobbler_api: CobblerAPI): + """ + Removes the Repository "testrepo0" which can be created with repo. + """ + yield +- test_repo = api.find_repo("testrepo0") +- if test_repo is not None: +- api.remove_repo(test_repo.name) ++ test_repo = cobbler_api.find_repo("testrepo0") ++ if test_repo is not None and not isinstance(test_repo, list): ++ cobbler_api.remove_repo(test_repo.name) + + +-class TestRepoSync: +- @pytest.mark.usefixtures("remove_repo") +- @pytest.mark.parametrize( +- "input_mirror_type,input_mirror,expected_exception", +- [ +- ( +- enums.MirrorType.BASEURL, +- "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os", +- does_not_raise() +- ), +- ( +- enums.MirrorType.MIRRORLIST, +- "https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64", +- does_not_raise() +- ), +- ( +- enums.MirrorType.METALINK, +- "https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=x86_64", +- does_not_raise() +- ), +- ( +- enums.MirrorType.BASEURL, +- "http://www.example.com/path/to/some/repo", +- pytest.raises(cexceptions.CX) +- ), ++@pytest.fixture(scope="function", autouse=True) ++def reset_librepo(): ++ has_librepo = reposync.HAS_LIBREPO ++ yield ++ reposync.HAS_LIBREPO = has_librepo ++ ++ ++def test_repo_walker(mocker: "MockerFixture", tmp_path: Path): ++ # Arrange ++ def test_fun(arg: Any, top: Any, names: Any): ++ pass ++ ++ subdir1 = tmp_path / "sub1" ++ subdir2 = tmp_path / "sub2" ++ subdir1.mkdir() ++ subdir2.mkdir() ++ spy = mocker.Mock(wraps=test_fun) ++ ++ # Act ++ reposync.repo_walker(tmp_path, spy, None) # type: ignore ++ ++ # Assert ++ assert spy.mock_calls == [ ++ # settings.yaml is here because of our autouse fixture that we use to restore the settings ++ mocker.call(None, tmp_path, ["settings.yaml", "sub1", "sub2"]), ++ mocker.call(None, str(subdir1), []), ++ mocker.call(None, str(subdir2), []), ++ ] ++ ++ ++@pytest.mark.parametrize( ++ "input_has_librepo,input_path_exists_side_effect,expected_exception,expected_result", ++ [ ++ (True, [False, True], does_not_raise(), ["/usr/bin/dnf", "reposync"]), ++ (True, [True, False], does_not_raise(), ["/usr/bin/reposync"]), ++ (True, [False, False], pytest.raises(cexceptions.CX), ""), ++ (False, [False, True], pytest.raises(cexceptions.CX), ""), ++ ], ++) ++def test_reposync_cmd( ++ mocker: "MockerFixture", ++ reposync_object: reposync.RepoSync, ++ input_has_librepo: bool, ++ input_path_exists_side_effect: List[bool], ++ expected_exception: Any, ++ expected_result: Union[List[str], str], ++): ++ # Arrange ++ mocker.patch("os.path.exists", side_effect=input_path_exists_side_effect) ++ reposync.HAS_LIBREPO = input_has_librepo ++ ++ # Act ++ with expected_exception: ++ result = reposync_object.reposync_cmd() ++ ++ # Assert ++ assert result == expected_result ++ ++ ++def test_run(mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo): ++ # Arrange ++ env_vars: Dict[str, Any] = {} ++ mocker.patch("os.makedirs") ++ mocker.patch("os.path.isdir", return_value=True) ++ mocker.patch( ++ "os.path.join", ++ side_effect=[ ++ "/srv/www/cobbler/repo_mirror", ++ "/srv/www/cobbler/repo_mirror/%s" % repo.name, + ], + ) +- def test_reposync_yum( +- self, +- input_mirror_type, +- input_mirror, +- expected_exception, +- api, +- repo, +- reposync +- ): +- # Arrange +- test_repo = repo +- test_repo.breed = enums.RepoBreeds.YUM +- test_repo.mirror = input_mirror +- test_repo.mirror_type = input_mirror_type +- test_repo.rpm_list = "fedora-gpg-keys" +- test_settings = api.settings() +- repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name) +- +- # Act & Assert +- with expected_exception: +- reposync.run(test_repo.name) +- result = os.path.exists(repo_path) +- if test_repo.rpm_list and test_repo.rpm_list != []: +- for rpm in test_repo.rpm_list: +- assert glob.glob(os.path.join(repo_path, "**", rpm) + "*.rpm", recursive=True) != [] +- assert result +- # Test that re-downloading the metadata in .origin/repodata will not result in an error +- reposync.run(test_repo.name) +- +- @pytest.mark.usefixtures("remove_repo") +- @pytest.mark.parametrize( +- "input_mirror_type,input_mirror,input_arch,input_rpm_list,expected_exception", ++ mocker.patch("os.environ", return_value=env_vars) ++ mocker.patch.object(reposync_object, "repos", return_value=[repo]) ++ mocker.patch.object(reposync_object, "sync") ++ mocker.patch.object(reposync_object, "update_permissions") ++ reposync_object.repos = [repo] # type: ignore ++ ++ # Act ++ reposync_object.run() ++ ++ # Assert ++ # This has to be 0 since all env vars need to be removed after reposync has run. ++ assert len(env_vars) == 0 ++ ++ ++def test_gen_urlgrab_ssl_opts(reposync_object: reposync.RepoSync): ++ # Arrange ++ input_dict: Dict[str, Any] = {} ++ ++ # Act ++ result = reposync_object.gen_urlgrab_ssl_opts(input_dict) ++ ++ # Assert ++ assert isinstance(result, tuple) ++ assert len(result) == 2 ++ # The data of the first element is kind of flexible let's skip asserting it for now ++ assert isinstance(result[1], bool) ++ ++ ++@pytest.mark.usefixtures("remove_repo") ++@pytest.mark.parametrize( ++ "input_mirror_type,input_mirror,expected_exception", ++ [ ++ ( ++ enums.MirrorType.BASEURL, ++ "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os", ++ does_not_raise(), ++ ), ++ ( ++ enums.MirrorType.MIRRORLIST, ++ "https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64", ++ does_not_raise(), ++ ), ++ ( ++ enums.MirrorType.METALINK, ++ "https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=x86_64", ++ does_not_raise(), ++ ), ++ ], ++) ++def test_reposync_yum( ++ mocker: "MockerFixture", ++ input_mirror_type: enums.MirrorType, ++ input_mirror: str, ++ expected_exception: Any, ++ cobbler_api: CobblerAPI, ++ repo: Repo, ++ reposync_object: reposync.RepoSync, ++): ++ # Arrange ++ test_repo = repo ++ test_repo.breed = enums.RepoBreeds.YUM ++ test_repo.mirror = input_mirror ++ test_repo.mirror_type = input_mirror_type ++ test_repo.rpm_list = "fedora-gpg-keys" ++ test_settings = cobbler_api.settings() ++ repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name) ++ mocked_subprocess = mocker.patch( ++ "cobbler.utils.subprocess_call", autospec=True, return_value=0 ++ ) ++ mocker.patch.object( ++ reposync_object, "create_local_file", return_value="/create/local/file" ++ ) ++ mocker.patch.object( ++ reposync_object, "reposync_cmd", return_value=["/my/fake/dnf", "reposync"] ++ ) ++ mocker.patch.object(reposync_object, "rflags", return_value="--fake-r-flakg") ++ mocker.patch.object( ++ reposync_object, ++ "gen_urlgrab_ssl_opts", ++ return_value=(("TODO", "TODO", "TODO"), False), ++ ) ++ mocker.patch("os.path.exists", return_value=True) ++ mocker.patch("shutil.rmtree") ++ mocker.patch("os.makedirs") ++ mocked_repo_walker = mocker.patch("cobbler.actions.reposync.repo_walker") ++ handle_mock = mocker.MagicMock() ++ result_mock = mocker.MagicMock() ++ mocker.patch("librepo.Handle", return_value=handle_mock) ++ mocker.patch("librepo.Result", return_value=result_mock) ++ ++ # Act & Assert ++ with expected_exception: ++ reposync_object.yum_sync(repo) ++ ++ mocked_subprocess.assert_called_with( ++ [ ++ "/usr/bin/dnf", ++ "download", ++ "--testflag", ++ "--disablerepo=*", ++ f"--enablerepo={repo.name}", ++ "-c=/create/local/file", ++ f"--destdir={repo_path}", ++ "fedora-gpg-keys", ++ ], ++ shell=False, ++ ) ++ handle_mock.perform.assert_called_with(result_mock) ++ assert mocked_repo_walker.call_count == 1 ++ ++ ++@pytest.mark.usefixtures("remove_repo") ++@pytest.mark.parametrize( ++ "input_mirror_type,input_mirror,input_arch,input_rpm_list,expected_exception", ++ [ ++ ( ++ enums.MirrorType.BASEURL, ++ "http://ftp.debian.org/debian", ++ enums.RepoArchs.X86_64, ++ "", ++ does_not_raise(), ++ ), ++ ( ++ enums.MirrorType.MIRRORLIST, ++ "http://ftp.debian.org/debian", ++ enums.RepoArchs.X86_64, ++ "", ++ pytest.raises(cexceptions.CX), ++ ), ++ ( ++ enums.MirrorType.METALINK, ++ "http://ftp.debian.org/debian", ++ enums.RepoArchs.X86_64, ++ "", ++ pytest.raises(cexceptions.CX), ++ ), ++ ( ++ enums.MirrorType.BASEURL, ++ "http://ftp.debian.org/debian", ++ enums.RepoArchs.NONE, ++ "", ++ pytest.raises(cexceptions.CX), ++ ), ++ ( ++ enums.MirrorType.BASEURL, ++ "http://ftp.debian.org/debian", ++ enums.RepoArchs.X86_64, ++ "dpkg", ++ pytest.raises(cexceptions.CX), ++ ), ++ ], ++) ++def test_reposync_apt( ++ mocker: "MockerFixture", ++ input_mirror_type: enums.MirrorType, ++ input_mirror: str, ++ input_arch: enums.RepoArchs, ++ input_rpm_list: str, ++ expected_exception: Any, ++ cobbler_api: CobblerAPI, ++ repo: Repo, ++ reposync_object: reposync.RepoSync, ++): ++ # Arrange ++ test_repo = repo ++ test_repo.breed = enums.RepoBreeds.APT ++ test_repo.arch = input_arch ++ test_repo.apt_components = "main" ++ test_repo.apt_dists = "stable" ++ test_repo.mirror = input_mirror ++ test_repo.mirror_type = input_mirror_type ++ test_repo.rpm_list = input_rpm_list ++ test_settings = cobbler_api.settings() ++ repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name) ++ mocked_subprocess = mocker.patch( ++ "cobbler.utils.subprocess_call", autospec=True, return_value=0 ++ ) ++ mocker.patch("os.path.exists", return_value=True) ++ ++ # Act ++ with expected_exception: ++ reposync_object.apt_sync(repo) ++ ++ # Assert ++ mocked_subprocess.assert_called_with( ++ [ ++ "/usr/bin/debmirror", ++ "--nocleanup", ++ "--method=http", ++ "--host=ftp.debian.org", ++ "--root=/debian", ++ "--dist=stable", ++ "--section=main", ++ repo_path, ++ "--nosource", ++ "-a=amd64", ++ ], ++ shell=False, ++ ) ++ ++ ++@pytest.mark.usefixtures("remove_repo") ++@pytest.mark.parametrize( ++ "input_mirror_type,input_mirror,expected_exception", ++ [ ++ ( ++ enums.MirrorType.BASEURL, ++ "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2", ++ does_not_raise(), ++ ), ++ ( ++ enums.MirrorType.MIRRORLIST, ++ "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2", ++ pytest.raises(cexceptions.CX), ++ ), ++ ( ++ enums.MirrorType.METALINK, ++ "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2", ++ pytest.raises(cexceptions.CX), ++ ), ++ ], ++) ++def test_reposync_wget( ++ mocker: "MockerFixture", ++ input_mirror_type: enums.MirrorType, ++ input_mirror: str, ++ expected_exception: Any, ++ cobbler_api: CobblerAPI, ++ repo: Repo, ++ reposync_object: reposync.RepoSync, ++): ++ # Arrange ++ test_repo = repo ++ test_repo.breed = enums.RepoBreeds.WGET ++ test_repo.mirror = input_mirror ++ test_repo.mirror_type = input_mirror_type ++ repo_path = os.path.join( ++ reposync_object.settings.webdir, "repo_mirror", test_repo.name ++ ) ++ mocked_subprocess = mocker.patch( ++ "cobbler.utils.subprocess_call", autospec=True, return_value=0 ++ ) ++ mocker.patch("cobbler.actions.reposync.repo_walker") ++ mocker.patch.object(reposync_object, "create_local_file") ++ ++ # Act ++ with expected_exception: ++ reposync_object.wget_sync(test_repo) ++ ++ # Assert ++ mocked_subprocess.assert_called_with( ++ [ ++ "wget", ++ "-N", ++ "-np", ++ "-r", ++ "-l", ++ "inf", ++ "-nd", ++ "-P", ++ repo_path, ++ input_mirror, ++ ], ++ shell=False, ++ ) ++ ++ ++def test_reposync_rhn( ++ mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo ++): ++ # Arrange ++ repo.mirror = "rhn://%s" % repo.name ++ mocked_subprocess = mocker.patch( ++ "cobbler.utils.subprocess_call", autospec=True, return_value=0 ++ ) ++ mocker.patch("os.path.isdir", return_value=True) ++ mocker.patch("os.makedirs") ++ mocker.patch("cobbler.actions.reposync.repo_walker") ++ mocker.patch.object(reposync_object, "create_local_file") ++ mocker.patch.object( ++ reposync_object, "reposync_cmd", return_value=["/my/fake/reposync"] ++ ) ++ ++ # Act ++ reposync_object.rhn_sync(repo) ++ ++ # Assert ++ # TODO: Check this more and document how its actually working ++ mocked_subprocess.assert_called_with( + [ +- ( +- enums.MirrorType.BASEURL, +- "http://ftp.debian.org/debian", +- enums.RepoArchs.X86_64, +- "", +- does_not_raise() +- ), +- ( +- enums.MirrorType.MIRRORLIST, +- "http://ftp.debian.org/debian", +- enums.RepoArchs.X86_64, +- "", +- pytest.raises(cexceptions.CX) +- ), +- ( +- enums.MirrorType.METALINK, +- "http://ftp.debian.org/debian", +- enums.RepoArchs.X86_64, +- "", +- pytest.raises(cexceptions.CX) +- ), +- ( +- enums.MirrorType.BASEURL, +- "http://www.example.com/path/to/some/repo", +- enums.RepoArchs.X86_64, +- "", +- pytest.raises(cexceptions.CX) +- ), +- ( +- enums.MirrorType.BASEURL, +- "http://ftp.debian.org/debian", +- enums.RepoArchs.NONE, +- "", +- pytest.raises(cexceptions.CX) +- ), +- ( +- enums.MirrorType.BASEURL, +- "http://ftp.debian.org/debian", +- enums.RepoArchs.X86_64, +- "dpkg", +- pytest.raises(cexceptions.CX) +- ), ++ "/my/fake/reposync", ++ "--testflag", ++ "--repo=testrepo0", ++ "--download-path=/srv/www/cobbler/repo_mirror", + ], ++ shell=False, + ) +- def test_reposync_apt( +- self, +- input_mirror_type, +- input_mirror, +- input_arch, +- input_rpm_list, +- expected_exception, +- api, +- repo, +- reposync +- ): +- # Arrange +- test_repo = repo +- test_repo.breed = enums.RepoBreeds.APT +- test_repo.arch = input_arch +- test_repo.apt_components = "main" +- test_repo.apt_dists = "stable" +- test_repo.mirror = input_mirror +- test_repo.mirror_type = input_mirror_type +- test_repo.rpm_list = input_rpm_list +- test_repo.yumopts = "--exclude=.* --include=dpkg.* --no-check-gpg --rsync-extra=none" +- test_settings = api.settings() +- repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name) +- +- # Act & Assert +- with expected_exception: +- reposync.run(test_repo.name) +- result = os.path.exists(repo_path) +- for rpm in ["dpkg"]: +- assert glob.glob(os.path.join(repo_path, "**", "dpkg") + "*", recursive=True) != [] +- assert result +- +- @pytest.mark.skip("To flaky and thus not reliable. Needs to be mocked to be of use.") +- @pytest.mark.usefixtures("remove_repo") +- @pytest.mark.parametrize( +- "input_mirror_type,input_mirror,expected_exception", ++ ++ ++def test_reposync_rsync( ++ mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo ++): ++ # Arrange ++ mocked_subprocess = mocker.patch("cobbler.utils.subprocess_call", return_value=0) ++ mocker.patch("cobbler.actions.reposync.repo_walker") ++ mocker.patch.object(reposync_object, "create_local_file") ++ repo_path = os.path.join(reposync_object.settings.webdir, "repo_mirror", repo.name) ++ ++ # Act ++ reposync_object.rsync_sync(repo) ++ ++ # Assert ++ mocked_subprocess.assert_called_with( + [ +- ( +- enums.MirrorType.BASEURL, +- "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2", +- does_not_raise() +- ), +- ( +- enums.MirrorType.MIRRORLIST, +- "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2", +- pytest.raises(cexceptions.CX) +- ), +- ( +- enums.MirrorType.METALINK, +- "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2", +- pytest.raises(cexceptions.CX) +- ), +- ( +- enums.MirrorType.BASEURL, +- "http://www.example.com/path/to/some/repo", +- pytest.raises(cexceptions.CX) +- ), ++ "rsync", ++ "--testflag", ++ "--delete-after", ++ "-e ssh", ++ "--delete", ++ "--exclude-from=/etc/cobbler/rsync.exclude", ++ "/", ++ repo_path, + ], ++ shell=False, + ) +- def test_reposync_wget( +- self, +- input_mirror_type, +- input_mirror, +- expected_exception, +- api, +- repo, +- reposync +- ): +- # Arrange +- test_repo = repo +- test_repo.breed = enums.RepoBreeds.WGET +- test_repo.mirror = input_mirror +- test_repo.mirror_type = input_mirror_type +- test_settings = api.settings() +- repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name) +- +- # Act & Assert +- with expected_exception: +- reposync.run(test_repo.name) +- result = os.path.exists(repo_path) +- for rpm in ["rpm"]: +- assert glob.glob(os.path.join(repo_path, "**", "2") + "*", recursive=True) != [] +- assert result +- +- +-@pytest.mark.skip("TODO") +-def test_reposync_rhn(): ++ ++ ++def test_createrepo_walker( ++ mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo ++): + # Arrange ++ input_repo = repo ++ input_repo.breed = enums.RepoBreeds.RSYNC ++ input_dirname = "" ++ input_fnames = [] ++ expected_call = ["createrepo", "--testflags", f"'{input_dirname}'"] ++ mocked_subprocess = mocker.patch( ++ "cobbler.utils.subprocess_call", autospec=True, return_value=0 ++ ) ++ mocker.patch( ++ "cobbler.utils.blender", ++ autospec=True, ++ return_value={"createrepo_flags": "--testflags"}, ++ ) ++ mocker.patch("cobbler.utils.remove_yum_olddata") ++ mocker.patch("cobbler.utils.subprocess_get", return_value="5") ++ mocker.patch("cobbler.utils.get_family", return_value="TODO") ++ mocker.patch("os.path.exists", return_value=True) ++ mocker.patch("os.path.isfile", return_value=True) ++ mocker.patch.object(reposync_object, "librepo_getinfo", return_value={}) ++ + # Act ++ reposync_object.createrepo_walker(input_repo, input_dirname, input_fnames) ++ + # Assert +- assert False ++ # TODO: Improve coverage over different cases in method ++ mocked_subprocess.assert_called_with(expected_call, shell=False) + + +-@pytest.mark.skip("TODO") +-def test_reposync_rsync(): ++@pytest.mark.parametrize( ++ "input_repotype,expected_exception", ++ [ ++ (enums.RepoBreeds.YUM, does_not_raise()), ++ (enums.RepoBreeds.RHN, does_not_raise()), ++ (enums.RepoBreeds.APT, does_not_raise()), ++ (enums.RepoBreeds.RSYNC, does_not_raise()), ++ (enums.RepoBreeds.WGET, does_not_raise()), ++ (enums.RepoBreeds.NONE, pytest.raises(cexceptions.CX)), ++ ], ++) ++def test_sync( ++ mocker: "MockerFixture", ++ cobbler_api: CobblerAPI, ++ reposync_object: reposync.RepoSync, ++ input_repotype: enums.RepoBreeds, ++ expected_exception: Any, ++): + # Arrange ++ test_repo = Repo(cobbler_api) ++ test_repo.breed = input_repotype ++ rhn_sync_mock = mocker.patch.object(reposync_object, "rhn_sync") ++ yum_sync_mock = mocker.patch.object(reposync_object, "yum_sync") ++ apt_sync_mock = mocker.patch.object(reposync_object, "apt_sync") ++ rsync_sync_mock = mocker.patch.object(reposync_object, "rsync_sync") ++ wget_sync_mock = mocker.patch.object(reposync_object, "wget_sync") ++ + # Act ++ with expected_exception: ++ reposync_object.sync(test_repo) ++ ++ # Assert ++ call_count = sum( ++ ( ++ rhn_sync_mock.call_count, ++ yum_sync_mock.call_count, ++ apt_sync_mock.call_count, ++ rsync_sync_mock.call_count, ++ wget_sync_mock.call_count, ++ ) ++ ) ++ assert call_count == 1 ++ ++ ++def test_librepo_getinfo( ++ mocker: "MockerFixture", reposync_object: reposync.RepoSync, tmp_path: Path ++): ++ # Arrange ++ handle_mock = mocker.MagicMock() ++ result_mock = mocker.MagicMock() ++ mocker.patch("librepo.Handle", return_value=handle_mock) ++ mocker.patch("librepo.Result", return_value=result_mock) ++ ++ # Act ++ reposync_object.librepo_getinfo(str(tmp_path)) ++ ++ # Assert ++ handle_mock.perform.assert_called_with(result_mock) ++ result_mock.getinfo.assert_called() ++ ++ ++def test_create_local_file( ++ mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo ++): ++ # Arrange ++ mocker.patch("cobbler.utils.filesystem_helpers.mkdir", autospec=True) ++ mock_open = mocker.patch("builtins.open", mocker.mock_open()) ++ input_dest_path = "" ++ input_repo = repo ++ input_output = True ++ ++ # Act ++ reposync_object.create_local_file(input_dest_path, input_repo, output=input_output) ++ ++ # Assert ++ # TODO: Extend checks ++ assert mock_open.call_count == 1 ++ assert mock_open.mock_calls[0] == mocker.call("config.repo", "w", encoding="UTF-8") ++ mock_open_handle = mock_open() ++ assert mock_open_handle.write.mock_calls[0] == mocker.call("[testrepo0]\n") ++ assert mock_open_handle.write.mock_calls[1] == mocker.call("name=testrepo0\n") ++ ++ ++def test_update_permissions( ++ mocker: "MockerFixture", reposync_object: reposync.RepoSync ++): ++ # Arrange ++ mocked_subprocess = mocker.patch( ++ "cobbler.utils.subprocess_call", autospec=True, return_value=0 ++ ) ++ path_to_update = "/my/fake/path" ++ expected_calls = [ ++ mocker.call(["chown", "-R", "root:www", path_to_update], shell=False), ++ mocker.call(["chmod", "-R", "755", path_to_update], shell=False), ++ ] ++ ++ # Act ++ reposync_object.update_permissions(path_to_update) ++ + # Assert +- assert False ++ assert mocked_subprocess.mock_calls == expected_calls diff --git a/cobbler.spec b/cobbler.spec index 764ad3b..97485eb 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -4,9 +4,12 @@ %global shortcommit %(c=%{commit}; echo ${c:0:7}) %global selinuxtype targeted +# Tests require an installed system with root access +%bcond check 0 + Name: cobbler Version: 3.3.7 -Release: 1%{?dist} +Release: 2%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ # Automatically converted from old format: GPLv2+ - review is highly recommended. @@ -19,6 +22,9 @@ Source4: %{name}.fc # Do not run coverage tests Patch0: cobbler-nocov.patch +# Python 3.13 support (backport of https://github.com/cobbler/cobbler/pull/3842) +# https://bugzilla.redhat.com/show_bug.cgi?id=2335620 +Patch1: cobbler-python3.13.patch BuildArch: noarch BuildRequires: make @@ -38,6 +44,13 @@ BuildRequires: %{py3_dist schema} BuildRequires: %{py3_dist setuptools} # For docs BuildRequires: %{py3_dist sphinx} +%if %{with check} +# For tests +BuildRequires: %{py3_dist crypt-r} +BuildRequires: %{py3_dist dnspython} +BuildRequires: %{py3_dist file-magic} +BuildRequires: %{py3_dist pytest-benchmark} +%endif # This ensures that the *-selinux package and all it’s dependencies are not pulled # into containers and other systems that do not use SELinux @@ -160,9 +173,10 @@ install -D -m 0644 %{name}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{sel install -D -p -m 0644 selinux/%{name}.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/%{name}.if +%if %{with check} %check -# These require an installed system with root access -#pytest -v +%pytest -v +%endif %pre @@ -325,6 +339,9 @@ fi %changelog +* Sun Jan 05 2025 Orion Poplawski - 3.3.7-2 +- Backport upstream patch for Python 3.13 support (rhbz#2335620) + * Sun Nov 17 2024 Orion Poplawski - 3.3.7-1 - Update to 3.3.7 (CVE-2024-47533) From 2c824d747ac993db801cbc0dd19c3f0813ac45f8 Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Thu, 16 Jan 2025 14:04:56 +0000 Subject: [PATCH 77/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild --- cobbler.spec | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index 97485eb..71c0bd8 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -9,7 +9,7 @@ Name: cobbler Version: 3.3.7 -Release: 2%{?dist} +Release: 3%{?dist} Summary: Boot server configurator URL: https://cobbler.github.io/ # Automatically converted from old format: GPLv2+ - review is highly recommended. @@ -339,6 +339,9 @@ fi %changelog +* Thu Jan 16 2025 Fedora Release Engineering - 3.3.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + * Sun Jan 05 2025 Orion Poplawski - 3.3.7-2 - Backport upstream patch for Python 3.13 support (rhbz#2335620) From 0788c790c2a47ab9bae746d4a504d59d82ab3547 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 11 May 2025 14:57:39 -0600 Subject: [PATCH 78/89] Convert to %autorelease and %autochangelog [skip changelog] --- changelog | 354 ++++++++++++++++++++++++++++++++++++++++++++++++++ cobbler.spec | 357 +-------------------------------------------------- 2 files changed, 356 insertions(+), 355 deletions(-) create mode 100644 changelog diff --git a/changelog b/changelog new file mode 100644 index 0000000..291772a --- /dev/null +++ b/changelog @@ -0,0 +1,354 @@ +* Thu Jan 16 2025 Fedora Release Engineering - 3.3.7-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild + +* Sun Jan 05 2025 Orion Poplawski - 3.3.7-2 +- Backport upstream patch for Python 3.13 support (rhbz#2335620) + +* Sun Nov 17 2024 Orion Poplawski - 3.3.7-1 +- Update to 3.3.7 (CVE-2024-47533) + +* Fri Sep 27 2024 Carl George - 3.3.6-2 +- Fix cheetah dependency rhbz#2314630 + +* Wed Jul 31 2024 Orion Poplawski - 3.3.6-1 +- Update to 3.3.6 + +* Thu Jul 25 2024 Miroslav Suchý - 3.3.5-3 +- convert license to SPDX + +* Wed Jul 17 2024 Fedora Release Engineering - 3.3.5-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild + +* Fri Jul 12 2024 Orion Poplawski - 3.3.5-1 +- Update to 3.3.5 + +* Fri Jun 07 2024 Python Maint - 3.3.4-5 +- Rebuilt for Python 3.13 + +* Fri Jun 07 2024 Python Maint - 3.3.4-4 +- Rebuilt for Python 3.13 + +* Sat Apr 27 2024 Orion Poplawski - 3.3.4-3 +- Fix service name in selinux post install script + +* Fri Apr 26 2024 Orion Poplawski - 3.3.4-2 +- Test for existence of web.ss before chowning it (bz#2276860) + +* Mon Feb 26 2024 Orion Poplawski - 3.3.4-1 +- Update to 3.3.4 +- Add local SELinux policy and allow cobbler to check service statuses, + run mkfs.fat, and check for reposync and yumdownloader (bz#2251220) +- Change owndership of web.ss to root (bz#2247653) + +* Wed Jan 24 2024 Fedora Release Engineering - 3.3.3-9 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Fri Jan 19 2024 Fedora Release Engineering - 3.3.3-8 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild + +* Wed Jul 19 2023 Fedora Release Engineering - 3.3.3-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild + +* Mon Jul 17 2023 Orion Poplawski - 3.3.3-6 +- Add patch to fix build with Sphinx 7 + +* Wed Jun 14 2023 Python Maint - 3.3.3-5 +- Rebuilt for Python 3.12 + +* Thu Jan 19 2023 Fedora Release Engineering - 3.3.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild + +* Wed Jul 20 2022 Fedora Release Engineering - 3.3.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild + +* Thu Jun 23 2022 Python Maint - 3.3.3-2 +- Rebuilt for Python 3.11 + +* Tue Jun 14 2022 Orion Poplawski - 3.3.3-1 +- Update to 3.3.3 + +* Wed May 04 2022 Orion Poplawski - 3.3.2-2 +- Drop setting cache_enabled no longer present in 3.3 + +* Sat Mar 12 2022 Orion Poplawski - 3.3.2-1 +- Update to 3.3.2 + +* Tue Mar 01 2022 Orion Poplawski - 3.3.1-1 +- Update to 3.3.1, removes web interface + +* Tue Mar 01 2022 Orion Poplawski - 3.2.2-9 +- Apply fixes for CVE-2021-45082/3 +- Remove BR on python3-coverage + +* Mon Jan 24 2022 Orion Poplawski - 3.2.2-8 +- Fix posttrans script + +* Wed Jan 19 2022 Fedora Release Engineering - 3.2.2-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild + +* Thu Dec 23 2021 Orion Poplawski - 3.2.2-6 +- Fix path to settings.yaml in scriptlet + +* Thu Dec 09 2021 Orion Poplawski - 3.2.2-5 +- Remove defunct get-loaders command + +* Mon Nov 22 2021 Orion Poplawski - 3.2.2-4 +- Add new keys to settings.yaml on migration or if missing +- Save original settings to settings.rpmorig + +* Fri Oct 08 2021 Orion Poplawski - 3.2.2-3 +- Fix dependencies (bz#2010567) + +* Thu Sep 23 2021 Orion Poplawski - 3.2.2-2 +- Migrate settings to settings.yaml +- Migrate pre-cobbler 3 data if needed +- Fix autoinstall_templates -> templates + +* Thu Sep 23 2021 Orion Poplawski - 3.2.2-1 +- Update to 3.2.2 +- bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection +- bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function +- bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings + +* Wed Sep 22 2021 Orion Poplawski - 3.2.1-1 +- Update to 3.2.1 + +* Wed Jul 21 2021 Fedora Release Engineering - 3.2.0-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild + +* Fri Jun 04 2021 Python Maint - 3.2.0-5 +- Rebuilt for Python 3.10 + +* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.2.0-4 +- Rebuilt for updated systemd-rpm-macros + See https://pagure.io/fesco/issue/2583. + +* Tue Jan 26 2021 Fedora Release Engineering - 3.2.0-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild + +* Sun Oct 25 2020 Orion Poplawski - 3.2.0-2 +- Give root RW permission to /var/lib/cobbler/web.ss +- Fix SELinux cobbler logging issue + +* Sat Oct 24 2020 Orion Poplawski - 3.2.0-1 +- Update to 3.2.0 + +* Thu Sep 17 2020 Orion Poplawski - 3.1.2-4 +- Add requires on python-distro and file + +* Mon Jul 27 2020 Fedora Release Engineering - 3.1.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild + +* Wed Jul 08 2020 Orion Poplawski - 3.1.2-2 +- Fix apache configuration + +* Fri May 29 2020 Orion Poplawski - 3.1.2-1 +- Update to 3.1.2 + +* Tue May 26 2020 Miro Hrončok - 3.1.1-4 +- Rebuilt for Python 3.9 + +* Fri Feb 21 2020 Orion Poplawski - 3.1.1-3 +- Add requires for python3-dns + +* Tue Jan 28 2020 Fedora Release Engineering - 3.1.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild + +* Sun Jan 12 2020 Orion Poplawski - 3.1.1-1 +- Update to 3.1.1 + +* Tue Oct 22 2019 Orion Poplawski - 3.0.1-4 +- Drop koan completely, including obsoletes. It is a separate package now. + +* Thu Oct 10 2019 Orion Poplawski - 3.0.1-3 +- Require /sbin/service + +* Tue Oct 8 2019 Orion Poplawski - 3.0.1-2 +- Fix requires (requests instead of urlgrabber) +- Fix BR for EL8 + +* Mon Sep 09 2019 Nicolas Chauvet - 3.0.1-1 +- Update to 3.0.1 + +* Fri Aug 30 2019 Nicolas Chauvet - 3.0.0-1 +- Update to 3.0.0 + +* Mon Aug 26 2019 Nicolas Chauvet - 2.8.5-0.1 +- Update to 2.8.5 - pre-release + +* Wed Jul 24 2019 Fedora Release Engineering - 2.8.4-7 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild + +* Thu Jan 31 2019 Fedora Release Engineering - 2.8.4-6 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild + +* Mon Nov 26 2018 Orion Poplawski - 2.8.4-5 +- Fix empty man pages (BZ 1653415) + +* Mon Nov 26 2018 Orion Poplawski - 2.8.4-4 +- Revert bind_manage_ipmi feature that is broken on 2.8 + +* Sun Nov 25 2018 Orion Poplawski - 2.8.4-3 +- Use pathfix.py to fix python shebangs + +* Sun Nov 25 2018 Orion Poplawski - 2.8.4-2 +- Make koan require python2-ethtool (BZ 1638933) + +* Sat Nov 24 2018 Orion Poplawski - 2.8.4-1 +- Update to 2.8.4 (Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931) + +* Thu Jul 12 2018 Fedora Release Engineering - 2.8.3-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild + +* Wed May 30 2018 Orion Poplawski - 2.8.3-3 +- koan requires urlgrabber + +* Mon May 28 2018 Nicolas Chauvet - 2.8.3-2 +- Restore mergeability with epel7 + +* Mon May 28 2018 Nicolas Chauvet - 2.8.3-1 +- Update to 2.8.3 - security bugfix + +* Wed Feb 21 2018 Orion Poplawski - 2.8.2-6 +- Really fix django requires for Fedora 28+ + +* Tue Feb 20 2018 Orion Poplawski - 2.8.2-5 +- Fix django requires for Fedora 28+ + +* Fri Feb 09 2018 Igor Gnatenko - 2.8.2-4 +- Escape macros in %%changelog + +* Wed Feb 07 2018 Fedora Release Engineering - 2.8.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild + +* Tue Feb 06 2018 Iryna Shcherbina - 2.8.2-2 +- Update Python 2 dependency declarations to new packaging standards + (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) + +* Mon Sep 18 2017 Orion Poplawski - 2.8.2-1 +- Update to 2.8.2 + +* Wed Aug 02 2017 Fedora Release Engineering - 2.8.1-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild + +* Wed Jul 26 2017 Fedora Release Engineering - 2.8.1-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Jun 21 2017 Orion Poplawski - 2.8.1-3 +- Suppress logrotate output + +* Mon Jun 12 2017 Orion Poplawski - 2.8.1-2 +- Fix module loading + +* Wed May 24 2017 Orion Poplawski - 2.8.1-1 +- Update to 2.8.1 + +* Fri Feb 17 2017 Orion Poplawski - 2.8.0-6 +- Add patch to fix handling of multiple bridge interfaces + +* Fri Feb 10 2017 Fedora Release Engineering - 2.8.0-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Fri Jan 27 2017 Orion Poplawski - 2.8.0-4 +- Fix named patch + +* Tue Jan 24 2017 Orion Poplawski - 2.8.0-3 +- Restart named-chroot service if used + +* Fri Jan 20 2017 Orion Poplawski - 2.8.0-2 +- Fix logrotate script for systemd (bug #1414617) + +* Thu Dec 1 2016 Orion Poplawski - 2.8.0-1 +- Update to 2.8.0 +- Restructure spec file + +* Thu Sep 1 2016 Orion Poplawski - 2.6.11-11.gitf78af86 +- Add patches to fix TEMPLATE_DIRS and use OrderedDict + +* Thu Aug 11 2016 Orion Poplawski - 2.6.11-10.gitf78af86 +- Force IPv4 connections to cobblerd from web proxy + +* Thu Jul 21 2016 Orion Poplawski - 2.6.11-9.gitf78af86 +- Suppress "virt-install --os-variant list" error messages + +* Thu Jul 21 2016 Orion Poplawski - 2.6.11-8.git5680bf8 +- Fix handling unknown os variants with osinfo-query + +* Tue Jul 19 2016 Fedora Release Engineering - 2.6.11-7.git95749a6 +- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages + +* Wed Jul 13 2016 Orion Poplawski - 2.6.11-6.git95749a6 +- Fix typo in koan/app.py + +* Wed Jul 13 2016 Orion Poplawski - 2.6.11-5.git13b035f +- Update to current git snapshot (bug #1276896) + +* Wed Feb 03 2016 Fedora Release Engineering - 2.6.11-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Mon Feb 1 2016 Orion Poplawski - 2.6.11-3 +- Require dnf-plugins-core + +* Sun Jan 24 2016 Orion Poplawski - 2.6.11-2 +- Require dnf-core-plugins instead of yum-utils for repoquery on Fedora 23+ + +* Sun Jan 24 2016 Orion Poplawski - 2.6.11-1 +- Update to 2.6.11 +- Make cobbler arch specific to allow for arch specific requires + +* Thu Oct 1 2015 Orion Poplawski - 2.6.10-1 +- Update to 2.6.10 + +* Mon Jun 22 2015 Orion Poplawski - 2.6.9-1 +- Update to 2.6.9 + +* Wed Jun 17 2015 Fedora Release Engineering - 2.6.8-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Tue May 12 2015 Orion Poplawski - 2.6.8-2 +- Support django 1.8 in Fedora 22+ + +* Fri May 8 2015 Orion Poplawski - 2.6.8-1 +- Update to 2.6.8 +- Backport upstream patch to fix centos version detection (bug #1201879) + +* Tue Apr 28 2015 Orion Poplawski - 2.6.7-3 +- Add patch to fix virt-install support for F21+/EL7 (bug #1188424) + +* Mon Apr 27 2015 Orion Poplawski - 2.6.7-2 +- Create and own directories in tftp_dir + +* Wed Dec 31 2014 Orion Poplawski - 2.6.7-1 +- Update to 2.6.7 + +* Sun Oct 19 2014 Orion Poplawski - 2.6.6-1 +- Update to 2.6.6 + +* Fri Aug 15 2014 Orion Poplawski - 2.6.5-1 +- Update to 2.6.5 + +* Wed Aug 13 2014 Orion Poplawski - 2.6.4-2 +- Require Django >= 1.4 + +* Mon Aug 11 2014 Orion Poplawski - 2.6.4-1 +- Update to 2.6.4 + +* Fri Jul 18 2014 Orion Poplawski - 2.6.3-1 +- Update to 2.6.3 + +* Wed Jul 16 2014 Orion Poplawski - 2.6.2-1 +- Update to 2.6.2 +- Spec cleanup + +* Sat Jun 07 2014 Fedora Release Engineering - 2.6.1-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Fri May 23 2014 Orion Poplawski - 2.6.1-1 +- Update to 2.6.1 +- Drop koan patch applied upstream + +* Tue Apr 22 2014 Orion Poplawski - 2.6.0-2 +- Only require syslinux on x86 + +* Mon Apr 21 2014 Orion Poplawski - 2.6.0-1 +- Update to 2.6.0 diff --git a/cobbler.spec b/cobbler.spec index 71c0bd8..5eafc81 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -9,7 +9,7 @@ Name: cobbler Version: 3.3.7 -Release: 3%{?dist} +Release: %autorelease Summary: Boot server configurator URL: https://cobbler.github.io/ # Automatically converted from old format: GPLv2+ - review is highly recommended. @@ -339,357 +339,4 @@ fi %changelog -* Thu Jan 16 2025 Fedora Release Engineering - 3.3.7-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild - -* Sun Jan 05 2025 Orion Poplawski - 3.3.7-2 -- Backport upstream patch for Python 3.13 support (rhbz#2335620) - -* Sun Nov 17 2024 Orion Poplawski - 3.3.7-1 -- Update to 3.3.7 (CVE-2024-47533) - -* Fri Sep 27 2024 Carl George - 3.3.6-2 -- Fix cheetah dependency rhbz#2314630 - -* Wed Jul 31 2024 Orion Poplawski - 3.3.6-1 -- Update to 3.3.6 - -* Thu Jul 25 2024 Miroslav Suchý - 3.3.5-3 -- convert license to SPDX - -* Wed Jul 17 2024 Fedora Release Engineering - 3.3.5-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild - -* Fri Jul 12 2024 Orion Poplawski - 3.3.5-1 -- Update to 3.3.5 - -* Fri Jun 07 2024 Python Maint - 3.3.4-5 -- Rebuilt for Python 3.13 - -* Fri Jun 07 2024 Python Maint - 3.3.4-4 -- Rebuilt for Python 3.13 - -* Sat Apr 27 2024 Orion Poplawski - 3.3.4-3 -- Fix service name in selinux post install script - -* Fri Apr 26 2024 Orion Poplawski - 3.3.4-2 -- Test for existence of web.ss before chowning it (bz#2276860) - -* Mon Feb 26 2024 Orion Poplawski - 3.3.4-1 -- Update to 3.3.4 -- Add local SELinux policy and allow cobbler to check service statuses, - run mkfs.fat, and check for reposync and yumdownloader (bz#2251220) -- Change owndership of web.ss to root (bz#2247653) - -* Wed Jan 24 2024 Fedora Release Engineering - 3.3.3-9 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Fri Jan 19 2024 Fedora Release Engineering - 3.3.3-8 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild - -* Wed Jul 19 2023 Fedora Release Engineering - 3.3.3-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild - -* Mon Jul 17 2023 Orion Poplawski - 3.3.3-6 -- Add patch to fix build with Sphinx 7 - -* Wed Jun 14 2023 Python Maint - 3.3.3-5 -- Rebuilt for Python 3.12 - -* Thu Jan 19 2023 Fedora Release Engineering - 3.3.3-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild - -* Wed Jul 20 2022 Fedora Release Engineering - 3.3.3-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild - -* Thu Jun 23 2022 Python Maint - 3.3.3-2 -- Rebuilt for Python 3.11 - -* Tue Jun 14 2022 Orion Poplawski - 3.3.3-1 -- Update to 3.3.3 - -* Wed May 04 2022 Orion Poplawski - 3.3.2-2 -- Drop setting cache_enabled no longer present in 3.3 - -* Sat Mar 12 2022 Orion Poplawski - 3.3.2-1 -- Update to 3.3.2 - -* Tue Mar 01 2022 Orion Poplawski - 3.3.1-1 -- Update to 3.3.1, removes web interface - -* Tue Mar 01 2022 Orion Poplawski - 3.2.2-9 -- Apply fixes for CVE-2021-45082/3 -- Remove BR on python3-coverage - -* Mon Jan 24 2022 Orion Poplawski - 3.2.2-8 -- Fix posttrans script - -* Wed Jan 19 2022 Fedora Release Engineering - 3.2.2-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild - -* Thu Dec 23 2021 Orion Poplawski - 3.2.2-6 -- Fix path to settings.yaml in scriptlet - -* Thu Dec 09 2021 Orion Poplawski - 3.2.2-5 -- Remove defunct get-loaders command - -* Mon Nov 22 2021 Orion Poplawski - 3.2.2-4 -- Add new keys to settings.yaml on migration or if missing -- Save original settings to settings.rpmorig - -* Fri Oct 08 2021 Orion Poplawski - 3.2.2-3 -- Fix dependencies (bz#2010567) - -* Thu Sep 23 2021 Orion Poplawski - 3.2.2-2 -- Migrate settings to settings.yaml -- Migrate pre-cobbler 3 data if needed -- Fix autoinstall_templates -> templates - -* Thu Sep 23 2021 Orion Poplawski - 3.2.2-1 -- Update to 3.2.2 -- bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection -- bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function -- bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings - -* Wed Sep 22 2021 Orion Poplawski - 3.2.1-1 -- Update to 3.2.1 - -* Wed Jul 21 2021 Fedora Release Engineering - 3.2.0-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild - -* Fri Jun 04 2021 Python Maint - 3.2.0-5 -- Rebuilt for Python 3.10 - -* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek - 3.2.0-4 -- Rebuilt for updated systemd-rpm-macros - See https://pagure.io/fesco/issue/2583. - -* Tue Jan 26 2021 Fedora Release Engineering - 3.2.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild - -* Sun Oct 25 2020 Orion Poplawski - 3.2.0-2 -- Give root RW permission to /var/lib/cobbler/web.ss -- Fix SELinux cobbler logging issue - -* Sat Oct 24 2020 Orion Poplawski - 3.2.0-1 -- Update to 3.2.0 - -* Thu Sep 17 2020 Orion Poplawski - 3.1.2-4 -- Add requires on python-distro and file - -* Mon Jul 27 2020 Fedora Release Engineering - 3.1.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild - -* Wed Jul 08 2020 Orion Poplawski - 3.1.2-2 -- Fix apache configuration - -* Fri May 29 2020 Orion Poplawski - 3.1.2-1 -- Update to 3.1.2 - -* Tue May 26 2020 Miro Hrončok - 3.1.1-4 -- Rebuilt for Python 3.9 - -* Fri Feb 21 2020 Orion Poplawski - 3.1.1-3 -- Add requires for python3-dns - -* Tue Jan 28 2020 Fedora Release Engineering - 3.1.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild - -* Sun Jan 12 2020 Orion Poplawski - 3.1.1-1 -- Update to 3.1.1 - -* Tue Oct 22 2019 Orion Poplawski - 3.0.1-4 -- Drop koan completely, including obsoletes. It is a separate package now. - -* Thu Oct 10 2019 Orion Poplawski - 3.0.1-3 -- Require /sbin/service - -* Tue Oct 8 2019 Orion Poplawski - 3.0.1-2 -- Fix requires (requests instead of urlgrabber) -- Fix BR for EL8 - -* Mon Sep 09 2019 Nicolas Chauvet - 3.0.1-1 -- Update to 3.0.1 - -* Fri Aug 30 2019 Nicolas Chauvet - 3.0.0-1 -- Update to 3.0.0 - -* Mon Aug 26 2019 Nicolas Chauvet - 2.8.5-0.1 -- Update to 2.8.5 - pre-release - -* Wed Jul 24 2019 Fedora Release Engineering - 2.8.4-7 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild - -* Thu Jan 31 2019 Fedora Release Engineering - 2.8.4-6 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Mon Nov 26 2018 Orion Poplawski - 2.8.4-5 -- Fix empty man pages (BZ 1653415) - -* Mon Nov 26 2018 Orion Poplawski - 2.8.4-4 -- Revert bind_manage_ipmi feature that is broken on 2.8 - -* Sun Nov 25 2018 Orion Poplawski - 2.8.4-3 -- Use pathfix.py to fix python shebangs - -* Sun Nov 25 2018 Orion Poplawski - 2.8.4-2 -- Make koan require python2-ethtool (BZ 1638933) - -* Sat Nov 24 2018 Orion Poplawski - 2.8.4-1 -- Update to 2.8.4 (Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931) - -* Thu Jul 12 2018 Fedora Release Engineering - 2.8.3-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Wed May 30 2018 Orion Poplawski - 2.8.3-3 -- koan requires urlgrabber - -* Mon May 28 2018 Nicolas Chauvet - 2.8.3-2 -- Restore mergeability with epel7 - -* Mon May 28 2018 Nicolas Chauvet - 2.8.3-1 -- Update to 2.8.3 - security bugfix - -* Wed Feb 21 2018 Orion Poplawski - 2.8.2-6 -- Really fix django requires for Fedora 28+ - -* Tue Feb 20 2018 Orion Poplawski - 2.8.2-5 -- Fix django requires for Fedora 28+ - -* Fri Feb 09 2018 Igor Gnatenko - 2.8.2-4 -- Escape macros in %%changelog - -* Wed Feb 07 2018 Fedora Release Engineering - 2.8.2-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild - -* Tue Feb 06 2018 Iryna Shcherbina - 2.8.2-2 -- Update Python 2 dependency declarations to new packaging standards - (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3) - -* Mon Sep 18 2017 Orion Poplawski - 2.8.2-1 -- Update to 2.8.2 - -* Wed Aug 02 2017 Fedora Release Engineering - 2.8.1-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Wed Jul 26 2017 Fedora Release Engineering - 2.8.1-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Wed Jun 21 2017 Orion Poplawski - 2.8.1-3 -- Suppress logrotate output - -* Mon Jun 12 2017 Orion Poplawski - 2.8.1-2 -- Fix module loading - -* Wed May 24 2017 Orion Poplawski - 2.8.1-1 -- Update to 2.8.1 - -* Fri Feb 17 2017 Orion Poplawski - 2.8.0-6 -- Add patch to fix handling of multiple bridge interfaces - -* Fri Feb 10 2017 Fedora Release Engineering - 2.8.0-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Fri Jan 27 2017 Orion Poplawski - 2.8.0-4 -- Fix named patch - -* Tue Jan 24 2017 Orion Poplawski - 2.8.0-3 -- Restart named-chroot service if used - -* Fri Jan 20 2017 Orion Poplawski - 2.8.0-2 -- Fix logrotate script for systemd (bug #1414617) - -* Thu Dec 1 2016 Orion Poplawski - 2.8.0-1 -- Update to 2.8.0 -- Restructure spec file - -* Thu Sep 1 2016 Orion Poplawski - 2.6.11-11.gitf78af86 -- Add patches to fix TEMPLATE_DIRS and use OrderedDict - -* Thu Aug 11 2016 Orion Poplawski - 2.6.11-10.gitf78af86 -- Force IPv4 connections to cobblerd from web proxy - -* Thu Jul 21 2016 Orion Poplawski - 2.6.11-9.gitf78af86 -- Suppress "virt-install --os-variant list" error messages - -* Thu Jul 21 2016 Orion Poplawski - 2.6.11-8.git5680bf8 -- Fix handling unknown os variants with osinfo-query - -* Tue Jul 19 2016 Fedora Release Engineering - 2.6.11-7.git95749a6 -- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages - -* Wed Jul 13 2016 Orion Poplawski - 2.6.11-6.git95749a6 -- Fix typo in koan/app.py - -* Wed Jul 13 2016 Orion Poplawski - 2.6.11-5.git13b035f -- Update to current git snapshot (bug #1276896) - -* Wed Feb 03 2016 Fedora Release Engineering - 2.6.11-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild - -* Mon Feb 1 2016 Orion Poplawski - 2.6.11-3 -- Require dnf-plugins-core - -* Sun Jan 24 2016 Orion Poplawski - 2.6.11-2 -- Require dnf-core-plugins instead of yum-utils for repoquery on Fedora 23+ - -* Sun Jan 24 2016 Orion Poplawski - 2.6.11-1 -- Update to 2.6.11 -- Make cobbler arch specific to allow for arch specific requires - -* Thu Oct 1 2015 Orion Poplawski - 2.6.10-1 -- Update to 2.6.10 - -* Mon Jun 22 2015 Orion Poplawski - 2.6.9-1 -- Update to 2.6.9 - -* Wed Jun 17 2015 Fedora Release Engineering - 2.6.8-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild - -* Tue May 12 2015 Orion Poplawski - 2.6.8-2 -- Support django 1.8 in Fedora 22+ - -* Fri May 8 2015 Orion Poplawski - 2.6.8-1 -- Update to 2.6.8 -- Backport upstream patch to fix centos version detection (bug #1201879) - -* Tue Apr 28 2015 Orion Poplawski - 2.6.7-3 -- Add patch to fix virt-install support for F21+/EL7 (bug #1188424) - -* Mon Apr 27 2015 Orion Poplawski - 2.6.7-2 -- Create and own directories in tftp_dir - -* Wed Dec 31 2014 Orion Poplawski - 2.6.7-1 -- Update to 2.6.7 - -* Sun Oct 19 2014 Orion Poplawski - 2.6.6-1 -- Update to 2.6.6 - -* Fri Aug 15 2014 Orion Poplawski - 2.6.5-1 -- Update to 2.6.5 - -* Wed Aug 13 2014 Orion Poplawski - 2.6.4-2 -- Require Django >= 1.4 - -* Mon Aug 11 2014 Orion Poplawski - 2.6.4-1 -- Update to 2.6.4 - -* Fri Jul 18 2014 Orion Poplawski - 2.6.3-1 -- Update to 2.6.3 - -* Wed Jul 16 2014 Orion Poplawski - 2.6.2-1 -- Update to 2.6.2 -- Spec cleanup - -* Sat Jun 07 2014 Fedora Release Engineering - 2.6.1-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild - -* Fri May 23 2014 Orion Poplawski - 2.6.1-1 -- Update to 2.6.1 -- Drop koan patch applied upstream - -* Tue Apr 22 2014 Orion Poplawski - 2.6.0-2 -- Only require syslinux on x86 - -* Mon Apr 21 2014 Orion Poplawski - 2.6.0-1 -- Update to 2.6.0 +%autochangelog From eb1d04f77eafa6829cc98bbd6cce36626c98da0b Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sun, 11 May 2025 14:58:50 -0600 Subject: [PATCH 79/89] Drop Requires: /sbin/service, no longer needed (rhbz#2365434) --- cobbler.spec | 2 -- 1 file changed, 2 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 5eafc81..b843a24 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -74,8 +74,6 @@ Recommends: grub2-efi-ia32 Recommends: grub2-efi-x64 Recommends: logrotate Recommends: %{py3_dist librepo} -# https://github.com/cobbler/cobbler/issues/1685 -Requires: /sbin/service Obsoletes: cobbler-web < 3.3 BuildRequires: systemd From 70baef33491cb585556de1acdc53f81990ea9bba Mon Sep 17 00:00:00 2001 From: Python Maint Date: Tue, 3 Jun 2025 12:20:23 +0200 Subject: [PATCH 80/89] Rebuilt for Python 3.14 From cd2b41fa6aa379ce271e4eefd272645c9614abde Mon Sep 17 00:00:00 2001 From: Fedora Release Engineering Date: Wed, 23 Jul 2025 18:28:15 +0000 Subject: [PATCH 81/89] Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild From 4195c16d1e9a022ab451b0073450f0e2770c93c5 Mon Sep 17 00:00:00 2001 From: Python Maint Date: Fri, 15 Aug 2025 12:42:08 +0200 Subject: [PATCH 82/89] Rebuilt for Python 3.14.0rc2 bytecode From 5cc13feffb4bdbfdb816e439a17ff5e16a6ccd4b Mon Sep 17 00:00:00 2001 From: Python Maint Date: Fri, 19 Sep 2025 12:11:21 +0200 Subject: [PATCH 83/89] Rebuilt for Python 3.14.0rc3 bytecode From 58e09a595a2a7e220451daefc719e13af144d6ce Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 4 Oct 2025 19:24:45 -0600 Subject: [PATCH 84/89] Add upstream patch to fix reposync (rhbz#2401605) --- cobbler-reposync.patch | 18 ++++++++++++++++++ cobbler.spec | 4 ++++ 2 files changed, 22 insertions(+) create mode 100644 cobbler-reposync.patch diff --git a/cobbler-reposync.patch b/cobbler-reposync.patch new file mode 100644 index 0000000..4a2fff1 --- /dev/null +++ b/cobbler-reposync.patch @@ -0,0 +1,18 @@ +diff -up cobbler-3.3.7/cobbler/cli.py.reposync cobbler-3.3.7/cobbler/cli.py +--- cobbler-3.3.7/cobbler/cli.py.reposync 2024-11-17 14:02:02.000000000 -0700 ++++ cobbler-3.3.7/cobbler/cli.py 2025-10-04 19:21:03.379260526 -0600 +@@ -1184,7 +1184,13 @@ class CobblerCLI: + task_id = self.start_task("import", options) + elif action_name == "reposync": + self.parser.add_option("--only", dest="only", help="update only this repository name") +- self.parser.add_option("--tries", dest="tries", help="try each repo this many times", default=1) ++ self.parser.add_option( ++ "--tries", ++ dest="tries", ++ help="try each repo this many times", ++ default=1, ++ type="int", ++ ) + self.parser.add_option("--no-fail", dest="nofail", help="don't stop reposyncing if a failure occurs", + action="store_true") + (options, args) = self.parser.parse_args(self.args) diff --git a/cobbler.spec b/cobbler.spec index b843a24..485867d 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -25,6 +25,10 @@ Patch0: cobbler-nocov.patch # Python 3.13 support (backport of https://github.com/cobbler/cobbler/pull/3842) # https://bugzilla.redhat.com/show_bug.cgi?id=2335620 Patch1: cobbler-python3.13.patch +# Upstream fix for reposync --tries +# https://bugzilla.redhat.com/show_bug.cgi?id=2401605 +# Backport of https://github.com/cobbler/cobbler/pull/3378 +Patch2: cobbler-reposync.patch BuildArch: noarch BuildRequires: make From 87a66c903a04567784243f2d5d2ebb8691951a39 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 4 Oct 2025 20:08:27 -0600 Subject: [PATCH 85/89] Add patch to use systemctl is-active to check status, avoids SELinux AVCs (rhbz#2353898) --- cobbler.spec | 3 +++ 1 file changed, 3 insertions(+) diff --git a/cobbler.spec b/cobbler.spec index 485867d..20a7539 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -29,6 +29,9 @@ Patch1: cobbler-python3.13.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2401605 # Backport of https://github.com/cobbler/cobbler/pull/3378 Patch2: cobbler-reposync.patch +# Use systemctl is-active to prevent some SELinux denials checking service status +# https://bugzilla.redhat.com/show_bug.cgi?id=2353898 +Patch3: https://github.com/cobbler/cobbler/pull/3945.patch BuildArch: noarch BuildRequires: make From 05d3a3d92b5314ce66313269396379cc4fab43cc Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 4 Oct 2025 21:04:17 -0600 Subject: [PATCH 86/89] Allow cobblerd access to /boot/efi (rhbz#2353901) --- cobbler.te | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/cobbler.te b/cobbler.te index 96bdec4..d233f01 100644 --- a/cobbler.te +++ b/cobbler.te @@ -211,6 +211,12 @@ optional_policy(` dnsmasq_systemctl(cobblerd_t) ') +# To read /boot/efi +optional_policy(` + fs_list_dos(cobblerd_t) + fs_read_dos_files(cobblerd_t) +') + # To run mkfs.fat when generating ISO optional_policy(` fstools_exec(cobblerd_t) From dd50735347618e139352f24a399e463502a3bed2 Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 4 Oct 2025 21:20:47 -0600 Subject: [PATCH 87/89] Drop running migrate-data-v2-to-v3.py (rhbz#2349260) --- cobbler.spec | 5 ----- 1 file changed, 5 deletions(-) diff --git a/cobbler.spec b/cobbler.spec index 20a7539..a93a1f6 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -232,11 +232,6 @@ if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then fi # Add some missing options if needed grep -q '^reposync_rsync_flags:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\nreposync_rsync_flags: "-rltDv --copy-unsafe-links"' >> %{_sysconfdir}/cobbler/settings.yaml -# Migrate pre-3 configuration data if needed -if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0 ]; then - echo warning: migrating pre cobbler 3 configuration data - %{_datadir}/cobbler/bin/migrate-data-v2-to-v3.py -fi %preun %systemd_preun cobblerd.service From 20b9555db9c838e2ddc2b5893ce60c5467f569ba Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 4 Oct 2025 21:36:03 -0600 Subject: [PATCH 88/89] Add patch [skip changelog] --- 3945.patch | 32 ++++++++++++++++++++++++++++++++ 1 file changed, 32 insertions(+) create mode 100644 3945.patch diff --git a/3945.patch b/3945.patch new file mode 100644 index 0000000..e75c349 --- /dev/null +++ b/3945.patch @@ -0,0 +1,32 @@ +From 1d83bd29c253ba898ac35683258fec285d5a6529 Mon Sep 17 00:00:00 2001 +From: Orion Poplawski +Date: Sat, 4 Oct 2025 19:49:26 -0600 +Subject: [PATCH] Use systemctl is-active --quiet to check status of services + (fixes #3942) + +--- + changelog.d/3942.fixed | 1 + + cobbler/actions/check.py | 2 +- + 2 files changed, 2 insertions(+), 1 deletion(-) + create mode 100644 changelog.d/3942.fixed + +diff --git a/changelog.d/3942.fixed b/changelog.d/3942.fixed +new file mode 100644 +index 0000000000..444bdb800a +--- /dev/null ++++ b/changelog.d/3942.fixed +@@ -0,0 +1 @@ ++check: Use systemctl is-active --quiet to check the status of services +diff --git a/cobbler/actions/check.py b/cobbler/actions/check.py +index b79706aff1..5f6a3fa3bc 100644 +--- a/cobbler/actions/check.py ++++ b/cobbler/actions/check.py +@@ -142,7 +142,7 @@ def check_service(self, status, which, notes=""): + status.append("service %s is not running%s" % (which, notes)) + return + elif utils.is_systemd(): +- return_code = utils.subprocess_call("systemctl status %s > /dev/null 2>/dev/null" % which, ++ return_code = utils.subprocess_call("systemctl is-active --quiet %s > /dev/null 2>/dev/null" % which, + shell=True) + if return_code != 0: + status.append("service %s is not running%s" % (which, notes)) From 9be7a60c6c727160854cc8dd5a250f10672b8223 Mon Sep 17 00:00:00 2001 From: Cristian Le Date: Tue, 23 Dec 2025 16:48:31 +0700 Subject: [PATCH 89/89] Fix the dependency on syslinux Signed-off-by: Cristian Le --- cobbler.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/cobbler.spec b/cobbler.spec index a93a1f6..69d7d40 100644 --- a/cobbler.spec +++ b/cobbler.spec @@ -75,7 +75,7 @@ Requires: genisoimage Recommends: bash-completion Requires: dnf-plugins-core # syslinux is only available on x86 -Requires: (syslinux if (filesystem.x86_64 or filesystem.i686)) +Requires: (syslinux if (filesystem(x86-64) or filesystem(x86-32))) # grub2 efi stuff is only available on x86 Recommends: grub2-efi-ia32 Recommends: grub2-efi-x64