Fix the dependency on syslinux

Signed-off-by: Cristian Le <git@lecris.dev>
Add patch
2025-12-23 16:48:31 +07:00 · 2025-10-04 21:36:03 -06:00 · 2025-10-04 21:20:47 -06:00 · 2025-10-04 21:04:17 -06:00 · 2025-10-04 20:08:27 -06:00 · 2025-10-04 19:24:45 -06:00
18 changed files with 2083 additions and 982 deletions
--- a/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch
+++ b/0001-Give-root-RW-permissions-to-var-lib-cobbler-web.ss.patch
@ -1,25 +0,0 @@
-From 782dd7a1deacfcaa4318519f1cae2c0b4748661b Mon Sep 17 00:00:00 2001
-From: Orion Poplawski <orion@nwra.com>
-Date: Sun, 25 Oct 2020 11:43:25 -0600
-Subject: [PATCH] Give root RW permissions to /var/lib/cobbler/web.ss
-
---
- cobbler/cobblerd.py | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/cobbler/cobblerd.py b/cobbler/cobblerd.py
-index fe1cf889..34aedf97 100644
--- a/cobbler/cobblerd.py
-+++ b/cobbler/cobblerd.py
-@@ -57,7 +57,7 @@ def regen_ss_file():
-     data = fd.read(512)
-     fd.close()
- 
-    fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o600)
-+    fd = os.open(ssfile, os.O_CREAT | os.O_RDWR, 0o660)
-     os.write(fd, binascii.hexlify(data))
-     os.close(fd)
- 
-- 
-2.29.0
-
--- a/2441.patch
+++ b/2441.patch
@ -1,30 +0,0 @@
-From 8c04ef7d81f33900fda1ad3c4efa710827e22064 Mon Sep 17 00:00:00 2001
-From: Orion Poplawski <orion@nwra.com>
-Date: Sun, 25 Oct 2020 13:49:25 -0600
-Subject: [PATCH] Do not try to access log file if we are not running as root
-
---
- cobbler/clogger.py | 10 ++--------
- 1 file changed, 2 insertions(+), 8 deletions(-)
-
-diff --git a/cobbler/clogger.py b/cobbler/clogger.py
-index 191455113..635865dc1 100644
--- a/cobbler/clogger.py
-+++ b/cobbler/clogger.py
-@@ -30,14 +30,8 @@
- # Cobbler.
- 
- # This is necessary to prevent apache to try to access the file
-LOG_FILE = "/var/log/cobbler/cobbler.log"
-try:
-    if not os.path.isfile(LOG_FILE):
-        open(LOG_FILE, 'a').close()
-    if os.access(LOG_FILE, os.W_OK):
-        logging.config.fileConfig('/etc/cobbler/logging_config.conf')
-except Exception:
-    pass
-+if os.geteuid() == 0:
-+    logging.config.fileConfig('/etc/cobbler/logging_config.conf')
- 
- 
- class Logger(object):
--- a/2590.patch
+++ b/2590.patch
@ -1,92 +0,0 @@
-From 4b5025e9e30db30d6e264fabeb860a7758d7d7ad Mon Sep 17 00:00:00 2001
-From: Orion Poplawski <orion@nwra.com>
-Date: Mon, 8 Mar 2021 22:04:52 -0700
-Subject: [PATCH] autoinstall_templates are installed into
- /var/lib/cobbler/templates
-
---
- cobbler/actions/sync.py      | 2 +-
- config/cobbler/settings.yaml | 4 ++--
- docs/cobbler-conf.rst        | 4 ++--
- tests/test_data/settings_old | 4 ++--
- 4 files changed, 7 insertions(+), 7 deletions(-)
-
-diff --git a/cobbler/actions/sync.py b/cobbler/actions/sync.py
-index 2667edb56..302c81de7 100644
--- a/cobbler/actions/sync.py
-+++ b/cobbler/actions/sync.py
-@@ -179,7 +179,7 @@ def clean_trees(self):
-                 if x not in self.settings.webdir_whitelist:
-                     # delete directories that shouldn't exist
-                     utils.rmtree(path, logger=self.logger)
-                if x in ["autoinstall_templates", "autoinstall_templates_sys", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]:
-+                if x in ["templates", "images", "systems", "distros", "profiles", "repo_profile", "repo_system", "rendered"]:
-                     # clean out directory contents
-                     utils.rmtree_contents(path, logger=self.logger)
-         #
-diff --git a/config/cobbler/settings.yaml b/config/cobbler/settings.yaml
-index b2e05a7bf..ac8edccbf 100644
--- a/config/cobbler/settings.yaml
-+++ b/config/cobbler/settings.yaml
-@@ -77,7 +77,7 @@ cheetah_import_whitelist:
- createrepo_flags: "-c cache -s sha"
- 
- # if no autoinstall template is specified to profile add, use this template
-default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks
-+default_autoinstall: /var/lib/cobbler/templates/default.ks
- 
- # configure all installed systems to use these nameservers by default
- # unless defined differently in the profile.  For DHCP configurations
-@@ -92,7 +92,7 @@ default_ownership:
-  - "admin"
- 
- # Cobbler has various sample automatic installation templates stored
-# in /var/lib/cobbler/autoinstall_templates/.  This controls
-+# in /var/lib/cobbler/templates/.  This controls
- # what install (root) password is set up for those
- # systems that reference this variable.  The factory
- # default is "cobbler" and Cobbler check will warn if
-diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst
-index 52621e278..ef65acc0b 100644
--- a/docs/cobbler-conf.rst
-+++ b/docs/cobbler-conf.rst
-@@ -257,7 +257,7 @@ default_autoinstall
- 
- If no autoinstall template is specified to profile add, use this template.
- 
-default: ``/var/lib/cobbler/autoinstall_templates/default.ks``
-+default: ``/var/lib/cobbler/templates/default.ks``
- 
- default_name_*
- ==============
-@@ -284,7 +284,7 @@ default:
- default_password_crypted
- ========================
- 
-Cobbler has various sample automatic installation templates stored in ``/var/lib/cobbler/autoinstall_templates/``. This
-+Cobbler has various sample automatic installation templates stored in ``/var/lib/cobbler/templates/``. This
- controls what install (root) password is set up for those systems that reference this variable. The factory default is
- "cobbler" and Cobbler check will warn if this is not changed. The simplest way to change the password is to run
- ``openssl passwd -1`` and put the output between the ``""``.
-diff --git a/tests/test_data/settings_old b/tests/test_data/settings_old
-index acbe8cdc9..1b531d21d 100644
--- a/tests/test_data/settings_old
-+++ b/tests/test_data/settings_old
-@@ -92,7 +92,7 @@ cheetah_import_whitelist:
- createrepo_flags: "-c cache -s sha"
- 
- # if no autoinstall template is specified to profile add, use this template
-default_autoinstall: /var/lib/cobbler/autoinstall_templates/default.ks
-+default_autoinstall: /var/lib/cobbler/templates/default.ks
- 
- # configure all installed systems to use these nameservers by default
- # unless defined differently in the profile.  For DHCP configurations
-@@ -107,7 +107,7 @@ default_ownership:
-  - "admin"
- 
- # cobbler has various sample automatic installation templates stored
-# in /var/lib/cobbler/autoinstall_templates/.  This controls
-+# in /var/lib/cobbler/templates/.  This controls
- # what install (root) password is set up for those
- # systems that reference this variable.  The factory
- # default is "cobbler" and cobbler check will warn if
--- a/3945.patch
+++ b/3945.patch
@ -0,0 +1,32 @@
+From 1d83bd29c253ba898ac35683258fec285d5a6529 Mon Sep 17 00:00:00 2001
+From: Orion Poplawski <orion@nwra.com>
+Date: Sat, 4 Oct 2025 19:49:26 -0600
+Subject: [PATCH] Use systemctl is-active --quiet to check status of services
+ (fixes #3942)
+
+---
+ changelog.d/3942.fixed   | 1 +
+ cobbler/actions/check.py | 2 +-
+ 2 files changed, 2 insertions(+), 1 deletion(-)
+ create mode 100644 changelog.d/3942.fixed
+
+diff --git a/changelog.d/3942.fixed b/changelog.d/3942.fixed
+new file mode 100644
+index 0000000000..444bdb800a
+--- /dev/null
+++ b/changelog.d/3942.fixed
+@@ -0,0 +1 @@
+check: Use systemctl is-active --quiet to check the status of services
+diff --git a/cobbler/actions/check.py b/cobbler/actions/check.py
+index b79706aff1..5f6a3fa3bc 100644
+--- a/cobbler/actions/check.py
+++ b/cobbler/actions/check.py
+@@ -142,7 +142,7 @@ def check_service(self, status, which, notes=""):
+                     status.append("service %s is not running%s" % (which, notes))
+                     return
+         elif utils.is_systemd():
+-            return_code = utils.subprocess_call("systemctl status %s > /dev/null 2>/dev/null" % which,
+            return_code = utils.subprocess_call("systemctl is-active --quiet %s > /dev/null 2>/dev/null" % which,
+                                                 shell=True)
+             if return_code != 0:
+                 status.append("service %s is not running%s" % (which, notes))
--- a/354
+++ b/354
@ -0,0 +1,354 @@
+* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.7-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
+
+* Sun Jan 05 2025 Orion Poplawski <orion@nwra.com> - 3.3.7-2
+- Backport upstream patch for Python 3.13 support (rhbz#2335620)
+
+* Sun Nov 17 2024 Orion Poplawski <orion@nwra.com> - 3.3.7-1
+- Update to 3.3.7 (CVE-2024-47533)
+
+* Fri Sep 27 2024 Carl George <carlwgeorge@fedoraproject.org> - 3.3.6-2
+- Fix cheetah dependency rhbz#2314630
+
+* Wed Jul 31 2024 Orion Poplawski <orion@nwra.com> - 3.3.6-1
+- Update to 3.3.6
+
+* Thu Jul 25 2024 Miroslav Suchý <msuchy@redhat.com> - 3.3.5-3
+- convert license to SPDX
+
+* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.5-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
+
+* Fri Jul 12 2024 Orion Poplawski <orion@nwra.com> - 3.3.5-1
+- Update to 3.3.5
+
+* Fri Jun 07 2024 Python Maint <python-maint@redhat.com> - 3.3.4-5
+- Rebuilt for Python 3.13
+
+* Fri Jun 07 2024 Python Maint <python-maint@redhat.com> - 3.3.4-4
+- Rebuilt for Python 3.13
+
+* Sat Apr 27 2024 Orion Poplawski <orion@nwra.com> - 3.3.4-3
+- Fix service name in selinux post install script
+
+* Fri Apr 26 2024 Orion Poplawski <orion@nwra.com> - 3.3.4-2
+- Test for existence of web.ss before chowning it (bz#2276860)
+
+* Mon Feb 26 2024 Orion Poplawski <orion@nwra.com> - 3.3.4-1
+- Update to 3.3.4
+- Add local SELinux policy and allow cobbler to check service statuses,
+  run mkfs.fat, and check for reposync and yumdownloader (bz#2251220)
+- Change owndership of web.ss to root (bz#2247653)
+
+* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-9
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-8
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
+
+* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
+
+* Mon Jul 17 2023 Orion Poplawski <orion@nwra.com> - 3.3.3-6
+- Add patch to fix build with Sphinx 7
+
+* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 3.3.3-5
+- Rebuilt for Python 3.12
+
+* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
+
+* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
+
+* Thu Jun 23 2022 Python Maint <python-maint@redhat.com> - 3.3.3-2
+- Rebuilt for Python 3.11
+
+* Tue Jun 14 2022 Orion Poplawski <orion@nwra.com> - 3.3.3-1
+- Update to 3.3.3
+
+* Wed May 04 2022 Orion Poplawski <orion@nwra.com> - 3.3.2-2
+- Drop setting cache_enabled no longer present in 3.3
+
+* Sat Mar 12 2022 Orion Poplawski <orion@nwra.com> - 3.3.2-1
+- Update to 3.3.2
+
+* Tue Mar 01 2022 Orion Poplawski <orion@nwra.com> - 3.3.1-1
+- Update to 3.3.1, removes web interface
+
+* Tue Mar 01 2022 Orion Poplawski <orion@nwra.com> - 3.2.2-9
+- Apply fixes for CVE-2021-45082/3
+- Remove BR on python3-coverage
+
+* Mon Jan 24 2022 Orion Poplawski <orion@nwra.com> - 3.2.2-8
+- Fix posttrans script
+
+* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
+
+* Thu Dec 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-6
+- Fix path to settings.yaml in scriptlet
+
+* Thu Dec 09 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-5
+- Remove defunct get-loaders command
+
+* Mon Nov 22 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-4
+- Add new keys to settings.yaml on migration or if missing
+- Save original settings to settings.rpmorig
+
+* Fri Oct 08 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-3
+- Fix dependencies (bz#2010567)
+
+* Thu Sep 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-2
+- Migrate settings to settings.yaml
+- Migrate pre-cobbler 3 data if needed
+- Fix autoinstall_templates -> templates
+
+* Thu Sep 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-1
+- Update to 3.2.2
+- bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection
+- bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function
+- bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings
+
+* Wed Sep 22 2021 Orion Poplawski <orion@nwra.com> - 3.2.1-1
+- Update to 3.2.1
+
+* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
+
+* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 3.2.0-5
+- Rebuilt for Python 3.10
+
+* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.2.0-4
+- Rebuilt for updated systemd-rpm-macros
+  See https://pagure.io/fesco/issue/2583.
+
+* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
+
+* Sun Oct 25 2020 Orion Poplawski <orion@nwra.com> - 3.2.0-2
+- Give root RW permission to /var/lib/cobbler/web.ss
+- Fix SELinux cobbler logging issue
+
+* Sat Oct 24 2020 Orion Poplawski <orion@nwra.com> - 3.2.0-1
+- Update to 3.2.0
+
+* Thu Sep 17 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-4
+- Add requires on python-distro and file
+
+* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
+
+* Wed Jul 08 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-2
+- Fix apache configuration
+
+* Fri May 29 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-1
+- Update to 3.1.2
+
+* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 3.1.1-4
+- Rebuilt for Python 3.9
+
+* Fri Feb 21 2020 Orion Poplawski <orion@nwra.com> - 3.1.1-3
+- Add requires for python3-dns
+
+* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
+
+* Sun Jan 12 2020 Orion Poplawski <orion@nwra.com> - 3.1.1-1
+- Update to 3.1.1
+
+* Tue Oct 22 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-4
+- Drop koan completely, including obsoletes.  It is a separate package now.
+
+* Thu Oct 10 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-3
+- Require /sbin/service
+
+* Tue Oct  8 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-2
+- Fix requires (requests instead of urlgrabber)
+- Fix BR for EL8
+
+* Mon Sep 09 2019 Nicolas Chauvet <kwizart@gmail.com> - 3.0.1-1
+- Update to 3.0.1
+
+* Fri Aug 30 2019 Nicolas Chauvet <kwizart@gmail.com> - 3.0.0-1
+- Update to 3.0.0
+
+* Mon Aug 26 2019 Nicolas Chauvet <kwizart@gmail.com> - 2.8.5-0.1
+- Update to 2.8.5 - pre-release
+
+* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.4-7
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
+
+* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.4-6
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
+
+* Mon Nov 26 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-5
+- Fix empty man pages (BZ 1653415)
+
+* Mon Nov 26 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-4
+- Revert bind_manage_ipmi feature that is broken on 2.8
+
+* Sun Nov 25 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-3
+- Use pathfix.py to fix python shebangs
+
+* Sun Nov 25 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-2
+- Make koan require python2-ethtool (BZ 1638933)
+
+* Sat Nov 24 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-1
+- Update to 2.8.4 (Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931)
+
+* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.3-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
+
+* Wed May 30 2018 Orion Poplawski <orion@nwra.com> - 2.8.3-3
+- koan requires urlgrabber
+
+* Mon May 28 2018 Nicolas Chauvet <kwizart@gmail.com> - 2.8.3-2
+- Restore mergeability with epel7
+
+* Mon May 28 2018 Nicolas Chauvet <kwizart@gmail.com> - 2.8.3-1
+- Update to 2.8.3 - security bugfix
+
+* Wed Feb 21 2018 Orion Poplawski <orion@nwra.com> - 2.8.2-6
+- Really fix django requires for Fedora 28+
+
+* Tue Feb 20 2018 Orion Poplawski <orion@nwra.com> - 2.8.2-5
+- Fix django requires for Fedora 28+
+
+* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.8.2-4
+- Escape macros in %%changelog
+
+* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.2-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
+
+* Tue Feb 06 2018 Iryna Shcherbina <ishcherb@redhat.com> - 2.8.2-2
+- Update Python 2 dependency declarations to new packaging standards
+  (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
+
+* Mon Sep 18 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.2-1
+- Update to 2.8.2
+
+* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.1-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
+
+* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.1-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
+
+* Wed Jun 21 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-3
+- Suppress logrotate output
+
+* Mon Jun 12 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-2
+- Fix module loading
+
+* Wed May 24 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-1
+- Update to 2.8.1
+
+* Fri Feb 17 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-6
+- Add patch to fix handling of multiple bridge interfaces
+
+* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.0-5
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
+
+* Fri Jan 27 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-4
+- Fix named patch
+
+* Tue Jan 24 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-3
+- Restart named-chroot service if used
+
+* Fri Jan 20 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-2
+- Fix logrotate script for systemd (bug #1414617)
+
+* Thu Dec 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-1
+- Update to 2.8.0
+- Restructure spec file
+
+* Thu Sep 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-11.gitf78af86
+- Add patches to fix TEMPLATE_DIRS and use OrderedDict
+
+* Thu Aug 11 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-10.gitf78af86
+- Force IPv4 connections to cobblerd from web proxy
+
+* Thu Jul 21 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-9.gitf78af86
+- Suppress "virt-install --os-variant list" error messages
+
+* Thu Jul 21 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-8.git5680bf8
+- Fix handling unknown os variants with osinfo-query
+
+* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.11-7.git95749a6
+- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
+
+* Wed Jul 13 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-6.git95749a6
+- Fix typo in koan/app.py
+
+* Wed Jul 13 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-5.git13b035f
+- Update to current git snapshot (bug #1276896)
+
+* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.11-4
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
+
+* Mon Feb 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-3
+- Require dnf-plugins-core
+
+* Sun Jan 24 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-2
+- Require dnf-core-plugins instead of yum-utils for repoquery on Fedora 23+
+
+* Sun Jan 24 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-1
+- Update to 2.6.11
+- Make cobbler arch specific to allow for arch specific requires
+
+* Thu Oct 1 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.10-1
+- Update to 2.6.10
+
+* Mon Jun 22 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.9-1
+- Update to 2.6.9
+
+* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.8-3
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
+
+* Tue May 12 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.8-2
+- Support django 1.8 in Fedora 22+
+
+* Fri May 8 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.8-1
+- Update to 2.6.8
+- Backport upstream patch to fix centos version detection (bug #1201879)
+
+* Tue Apr 28 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-3
+- Add patch to fix virt-install support for F21+/EL7 (bug #1188424)
+
+* Mon Apr 27 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-2
+- Create and own directories in tftp_dir
+
+* Wed Dec 31 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-1
+- Update to 2.6.7
+
+* Sun Oct 19 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.6-1
+- Update to 2.6.6
+
+* Fri Aug 15 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.5-1
+- Update to 2.6.5
+
+* Wed Aug 13 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.4-2
+- Require Django >= 1.4
+
+* Mon Aug 11 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.4-1
+- Update to 2.6.4
+
+* Fri Jul 18 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.3-1
+- Update to 2.6.3
+
+* Wed Jul 16 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.2-1
+- Update to 2.6.2
+- Spec cleanup
+
+* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-2
+- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
+
+* Fri May 23 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.1-1
+- Update to 2.6.1
+- Drop koan patch applied upstream
+
+* Tue Apr 22 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.0-2
+- Only require syslinux on x86
+
+* Mon Apr 21 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.0-1
+- Update to 2.6.0
--- a/cobbler-CVE-2021-45082.patch
+++ b/cobbler-CVE-2021-45082.patch
@ -1,75 +0,0 @@
-diff --git a/cobbler.spec b/cobbler.spec
-index bbbbae37..1f81456a 100644
--- a/cobbler.spec
-+++ b/cobbler.spec
-@@ -382,6 +382,20 @@ fi
- %{_datadir}/%{name}/bin/mkgrub.sh >/dev/null 2>&1
- %endif
- %systemd_post cobblerd.service
-+# Fixup permission for world readable settings files
-+chmod 640 %{_sysconfdir}/cobbler/settings.yaml
-+chmod 600 %{_sysconfdir}/cobbler/mongodb.conf
-+chmod 600 %{_sysconfdir}/cobbler/modules.conf
-+chmod 640 %{_sysconfdir}/cobbler/users.conf
-+chmod 640 %{_sysconfdir}/cobbler/users.digest
-+chmod 750 %{_sysconfdir}/cobbler/settings.d
-+chmod 640 %{_sysconfdir}/cobbler/settings.d/*
-+chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.yaml
-+chgrp %{apache_group} %{_sysconfdir}/cobbler/users.conf
-+chgrp %{apache_group} %{_sysconfdir}/cobbler/users.digest
-+chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.d
-+chgrp %{apache_group} %{_sysconfdir}/cobbler/settings.d/*
-+
- 
- %preun
- %systemd_preun cobblerd.service
-@@ -461,8 +475,8 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler
- %dir %{_sysconfdir}/cobbler/iso
- %config(noreplace) %{_sysconfdir}/cobbler/iso/buildiso.template
- %config(noreplace) %{_sysconfdir}/cobbler/logging_config.conf
-%config(noreplace) %{_sysconfdir}/cobbler/modules.conf
-%config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf
-+%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/modules.conf
-+%attr(600, root, root) %config(noreplace) %{_sysconfdir}/cobbler/mongodb.conf
- %config(noreplace) %{_sysconfdir}/cobbler/named.template
- %config(noreplace) %{_sysconfdir}/cobbler/ndjbdns.template
- %dir %{_sysconfdir}/cobbler/reporting
-@@ -470,13 +484,13 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler
- %config(noreplace) %{_sysconfdir}/cobbler/rsync.exclude
- %config(noreplace) %{_sysconfdir}/cobbler/rsync.template
- %config(noreplace) %{_sysconfdir}/cobbler/secondary.template
-%config(noreplace) %{_sysconfdir}/cobbler/settings.yaml
-%dir %{_sysconfdir}/cobbler/settings.d
-%config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings
-%config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings
-%config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings
-%config(noreplace) %{_sysconfdir}/cobbler/users.conf
-%config(noreplace) %{_sysconfdir}/cobbler/users.digest
-+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.yaml
-+%attr(750, root, %{apache_group}) %dir %{_sysconfdir}/cobbler/settings.d
-+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings
-+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings
-+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings
-+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/users.conf
-+%attr(640, root, %{apache_group}) %config(noreplace) %{_sysconfdir}/cobbler/users.digest
- %config(noreplace) %{_sysconfdir}/cobbler/version
- %config(noreplace) %{_sysconfdir}/cobbler/zone.template
- %dir %{_sysconfdir}/cobbler/zone_templates
-diff --git a/cobbler/templar.py b/cobbler/templar.py
-index 7321e2d5..58ef16de 100644
--- a/cobbler/templar.py
-+++ b/cobbler/templar.py
-@@ -77,10 +77,10 @@ class Templar:
-         """
-         lines = data.split("\n")
-         for line in lines:
-            if line.find("#import") != -1:
-                rest = line.replace("#import", "").replace(" ", "").strip()
-+            if "#import" in line or "#from" in line:
-+                rest = line.replace("#import", "").replace("#from", "").replace("import", ".").replace(" ", "").strip()
-                 if self.settings and rest not in self.settings.cheetah_import_whitelist:
-                    raise CX("potentially insecure import in template: %s" % rest)
-+                    raise CX(f"Potentially insecure import in template: {rest}")
- 
-     def render(self, data_input: Union[TextIO, str], search_table: dict, out_path: Optional[str],
-                template_type="default") -> str:
--- a/cobbler-httpd.patch
+++ b/cobbler-httpd.patch
@ -1,18 +0,0 @@
-diff -up cobbler-3.1.2/config/apache/cobbler_web.conf.httpd cobbler-3.1.2/config/apache/cobbler_web.conf
--- cobbler-3.1.2/config/apache/cobbler_web.conf.httpd	2020-05-27 02:26:44.000000000 -0600
-+++ cobbler-3.1.2/config/apache/cobbler_web.conf	2020-07-07 21:12:53.942577055 -0600
-@@ -16,8 +16,6 @@ WSGIDaemonProcess cobbler_web display-na
- WSGIProcessGroup cobbler_web
- WSGIPassAuthorization On
- 
-<VirtualHost *:443>
-
- <Directory "/usr/share/cobbler/web/">
-         <IfModule mod_ssl.c>
-             SSLRequireSSL
-@@ -42,5 +40,3 @@ WSGIPassAuthorization On
-         AllowOverride None
-         Require all granted
- </Directory>
-
-</VirtualHost>
--- a/cobbler-nocov.patch
+++ b/cobbler-nocov.patch
@ -1,24 +1,17 @@
-diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py
--- cobbler-3.2.2/setup.py.nocov	2022-02-28 20:05:35.388747435 -0700
-+++ cobbler-3.2.2/setup.py	2022-02-28 20:06:31.743251279 -0700
-@@ -18,7 +18,6 @@ from setuptools import find_packages
- from sphinx.setup_command import BuildDoc
+diff --git a/setup.py b/setup.py
+index 59f7601..023d84b 100644
+--- a/setup.py
+++ b/setup.py
+@@ -341,17 +341,9 @@ class test_command(Command):
 
- import codecs
-from coverage import Coverage
- import pwd
- import shutil
- import subprocess
--- cobbler-3.2.2/setup.py.nocov	2022-02-28 21:34:34.996746220 -0700
-+++ cobbler-3.2.2/setup.py	2022-02-28 21:35:51.598440218 -0700
-@@ -373,15 +373,8 @@
     def run(self):
         import pytest
- 
+-        from coverage import Coverage
+-
 -        cov = Coverage()
 -        cov.erase()
 -        cov.start()
-
+ 
         result = pytest.main()
 
 -        cov.stop()
@ -27,20 +20,22 @@ diff -up cobbler-3.2.2/setup.py.nocov cobbler-3.2.2/setup.py
         sys.exit(int(bool(len(result.failures) > 0 or len(result.errors) > 0)))
 
 
-@@ -505,7 +498,6 @@
-         url="https://cobbler.github.io",
+@@ -479,7 +471,6 @@ if __name__ == "__main__":
+         },
         license="GPLv2+",
         setup_requires=[
 -            "coverage",
             "distro",
             "setuptools",
             "sphinx",
-@@ -528,7 +520,7 @@
-         ],
-         extras_require={
-             "lint": ["pyflakes", "pycodestyle"],
-            "test": ["pytest", "pytest-cov", "codecov", "pytest-mock"]
-+            "test": ["pytest", "pytest-mock"]
-         },
-         packages=find_packages(exclude=["*tests*"]),
-         scripts=[
+@@ -501,10 +492,7 @@ if __name__ == "__main__":
+             "lint": ["pyflakes", "pycodestyle", "pylint", "black", "mypy"],
+             "test": [
+                 "pytest>6",
+-                "pytest-cov",
+-                "codecov",
+                 "pytest-mock",
+-                "pytest-benchmark",
+             ],
+             "docs": ["sphinx", "sphinx-rtd-theme", "sphinxcontrib-apidoc"],
+             # We require the current version to properly detect duplicate issues
--- a/cobbler-python3.13.patch
+++ b/cobbler-python3.13.patch
@ -0,0 +1,972 @@
+diff --git a/changelog.d/3842.fixed b/changelog.d/3842.fixed
+new file mode 100644
+index 00000000..6c6d6313
+--- /dev/null
+++ b/changelog.d/3842.fixed
+@@ -0,0 +1 @@
+Fix compatibility with Python 3.13
+diff --git a/cobbler/actions/reposync.py b/cobbler/actions/reposync.py
+index c0163350..ec5745fb 100644
+--- a/cobbler/actions/reposync.py
+++ b/cobbler/actions/reposync.py
+@@ -23,9 +23,9 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
+ import logging
+ import os
+ import os.path
+-import pipes
+-import stat
+import shlex
+ import shutil
+import stat
+ from typing import Optional, Union
+ 
+ from cobbler import utils
+@@ -272,9 +272,9 @@ class RepoSync:
+             blended = utils.blender(self.api, False, repo)
+             flags = blended.get("createrepo_flags", "(ERROR: FLAGS)")
+             try:
+-                cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, pipes.quote(dirname))
+-                utils.subprocess_call(cmd)
+-            except:
+                cmd = ["createrepo"] + mdoptions + flags + [shlex.quote(dirname)]
+                utils.subprocess_call(cmd, shell=False)
+            except Exception:
+                 utils.log_exc()
+                 self.logger.error("createrepo failed.")
+             del fnames[:]  # we're in the right place
+@@ -302,8 +302,19 @@ class RepoSync:
+         dest_path = os.path.join(self.settings.webdir, "repo_mirror", repo.name)
+ 
+         # FIXME: wrapper for subprocess that logs to logger
+-        cmd = ["wget", "-N", "-np", "-r", "-l", "inf", "-nd", "-P", pipes.quote(dest_path), pipes.quote(repo.mirror)]
+-        rc = utils.subprocess_call(cmd)
+        cmd = [
+            "wget",
+            "-N",
+            "-np",
+            "-r",
+            "-l",
+            "inf",
+            "-nd",
+            "-P",
+            shlex.quote(dest_path),
+            shlex.quote(repo.mirror),
+        ]
+        return_value = utils.subprocess_call(cmd, shell=False)
+ 
+         if rc != 0:
+             raise CX("cobbler reposync failed")
+@@ -347,9 +358,14 @@ class RepoSync:
+         if flags == '':
+             flags = self.settings.reposync_rsync_flags
+ 
+-        cmd = "rsync %s --delete-after %s --delete --exclude-from=/etc/cobbler/rsync.exclude %s %s" \
+-              % (flags, spacer, pipes.quote(repo.mirror), pipes.quote(dest_path))
+-        rc = utils.subprocess_call(cmd)
+        cmd = ["rsync"] + flags + ["--delete-after"]
+        cmd += spacer + [
+            "--delete",
+            "--exclude-from=/etc/cobbler/rsync.exclude",
+            shlex.quote(repo.mirror),
+            shlex.quote(dest_path),
+        ]
+        return_code = utils.subprocess_call(cmd, shell=False)
+ 
+         if rc != 0:
+             raise CX("cobbler reposync failed")
+@@ -386,10 +402,11 @@ class RepoSync:
+         if not HAS_LIBREPO:
+             raise CX("no librepo found, please install python3-librepo")
+ 
+-        if os.path.exists("/usr/bin/dnf"):
+-            cmd = "/usr/bin/dnf reposync"
+-        elif os.path.exists("/usr/bin/reposync"):
+-            cmd = "/usr/bin/reposync"
+        if os.path.exists("/usr/bin/reposync"):
+            cmd = ["/usr/bin/reposync"]
+        # DNF5 does not have a reposync subcommand
+        elif os.path.exists("/usr/bin/dnf"):
+            cmd = ["/usr/bin/dnf", "reposync"]
+         else:
+             # Warn about not having yum-utils.  We don't want to require it in the package because Fedora 22+ has moved
+             # to dnf.
+@@ -451,6 +468,11 @@ class RepoSync:
+             # Counter-intuitive, but we want the newish kernels too
+             arch = "i686"
+ 
+        cmd = self.reposync_cmd()
+        cmd += self.rflags + [
+            f"--repo={shlex.quote(rest)}",
+            f"--download-path={shlex.quote(repos_path)}",
+        ]
+         if arch != "none":
+             cmd = "%s -a %s" % (cmd, arch)
+ 
+@@ -544,9 +566,11 @@ class RepoSync:
+ 
+         if not has_rpm_list:
+             # If we have not requested only certain RPMs, use reposync
+-            cmd = "%s %s --config=%s --repoid=%s -p %s" \
+-                  % (cmd, self.rflags, temp_file, pipes.quote(repo.name),
+-                     pipes.quote(repos_path))
+            cmd += self.rflags + [
+                f"--config={temp_file}",
+                f"--repoid={shlex.quote(repo.name)}",
+                f"--download-path={shlex.quote(repos_path)}",
+            ]
+             if arch != "none":
+                 cmd = "%s -a %s" % (cmd, arch)
+ 
+@@ -557,14 +581,14 @@ class RepoSync:
+ 
+             use_source = ""
+             if arch == "src":
+-                use_source = "--source"
+-
+-            # Older yumdownloader sometimes explodes on --resolvedeps if this happens to you, upgrade yum & yum-utils
+-            extra_flags = self.settings.yumdownloader_flags
+-            cmd = "/usr/bin/dnf download"
+-            cmd = "%s %s %s --disablerepo=* --enablerepo=%s -c %s --destdir=%s %s" \
+-                  % (cmd, extra_flags, use_source, pipes.quote(repo.name), temp_file, pipes.quote(dest_path),
+-                     " ".join(repo.rpm_list))
+                cmd.append("--source")
+            cmd += [
+                "--disablerepo=*",
+                f"--enablerepo={shlex.quote(repo.name)}",
+                f"-c={temp_file}",
+                f"--destdir={shlex.quote(dest_path)}",
+            ]
+            cmd += repo.rpm_list
+ 
+         # Now regardless of whether we're doing yumdownloader or reposync or whether the repo was http://, ftp://, or
+         # rhn://, execute all queued commands here.  Any failure at any point stops the operation.
+@@ -669,17 +693,21 @@ class RepoSync:
+             dists = ",".join(repo.apt_dists)
+             components = ",".join(repo.apt_components)
+ 
+-            mirror_data = "--method=%s --host=%s --root=%s --dist=%s --section=%s" \
+-                          % (pipes.quote(method), pipes.quote(host), pipes.quote(mirror), pipes.quote(dists),
+-                             pipes.quote(components))
+            mirror_data = [
+                f"--method={shlex.quote(method)}",
+                f"--host={shlex.quote(host)}",
+                f"--root={shlex.quote(mirror)}",
+                f"--dist={shlex.quote(dists)}",
+                f"--section={shlex.quote(components)}",
+            ]
+ 
+             rflags = "--nocleanup"
+             for x in repo.yumopts:
+                 if repo.yumopts[x]:
+                     rflags += " %s=%s" % (x, repo.yumopts[x])
+                 else:
+-                    rflags += " %s" % x
+-            cmd = "%s %s %s %s" % (mirror_program, rflags, mirror_data, pipes.quote(dest_path))
+                    rflags.append(repo_yumoption)
+            cmd = [mirror_program] + rflags + mirror_data + [shlex.quote(dest_path)]
+             if repo.arch == RepoArchs.SRC:
+                 cmd = "%s --source" % cmd
+             else:
+diff --git a/tests/actions/reposync_test.py b/tests/actions/reposync_test.py
+index 0bee772c..ee8d1549 100644
+--- a/tests/actions/reposync_test.py
+++ b/tests/actions/reposync_test.py
+@@ -1,251 +1,592 @@
+"""
+Tests that validate the functionality of the module that is responsible for repository synchronization.
+"""
+
+ import os
+-import glob
+from pathlib import Path
+from typing import TYPE_CHECKING, Any, Dict, List, Union
+ 
+ import pytest
+ 
+-from cobbler import enums
+from cobbler import cexceptions, enums
+from cobbler.actions import reposync
+ from cobbler.api import CobblerAPI
+-from cobbler.actions.reposync import RepoSync
+ from cobbler.items.repo import Repo
+-from cobbler import cexceptions
+-from tests.conftest import does_not_raise
+ 
+from tests.conftest import does_not_raise
+ 
+-@pytest.fixture(scope="class")
+-def api():
+-    return CobblerAPI()
+if TYPE_CHECKING:
+    from pytest_mock import MockerFixture
+ 
+ 
+-@pytest.fixture(scope="class")
+-def reposync(api):
+-    test_reposync = RepoSync(api, tries=2, nofail=False)
+@pytest.fixture(name="reposync_object", scope="function")
+def fixture_reposync_object(
+    mocker: "MockerFixture", cobbler_api: CobblerAPI
+) -> reposync.RepoSync:
+    settings_mock = mocker.MagicMock()
+    settings_mock.webdir = "/srv/www/cobbler"
+    settings_mock.server = "localhost"
+    settings_mock.http_port = 80
+    settings_mock.proxy_url_ext = ""
+    settings_mock.yumdownloader_flags = "--testflag"
+    settings_mock.reposync_rsync_flags = "--testflag"
+    settings_mock.reposync_flags = "--testflag"
+    mocker.patch.object(cobbler_api, "settings", return_value=settings_mock)
+    test_reposync = reposync.RepoSync(cobbler_api, tries=2, nofail=False)
+     return test_reposync
+ 
+ 
+-@pytest.fixture
+-def repo(api):
+@pytest.fixture(name="repo")
+def fixture_repo(cobbler_api: CobblerAPI) -> Repo:
+     """
+     Creates a Repository "testrepo0" with a keep_updated=True and mirror_locally=True".
+     """
+-    test_repo = Repo(api)
+    test_repo = Repo(cobbler_api)
+     test_repo.name = "testrepo0"
+     test_repo.mirror_locally = True
+     test_repo.keep_updated = True
+-    api.add_repo(test_repo)
+     return test_repo
+ 
+ 
+ @pytest.fixture
+-def remove_repo(api):
+def remove_repo(cobbler_api: CobblerAPI):
+     """
+     Removes the Repository "testrepo0" which can be created with repo.
+     """
+     yield
+-    test_repo = api.find_repo("testrepo0")
+-    if test_repo is not None:
+-        api.remove_repo(test_repo.name)
+    test_repo = cobbler_api.find_repo("testrepo0")
+    if test_repo is not None and not isinstance(test_repo, list):
+        cobbler_api.remove_repo(test_repo.name)
+ 
+ 
+-class TestRepoSync:
+-    @pytest.mark.usefixtures("remove_repo")
+-    @pytest.mark.parametrize(
+-        "input_mirror_type,input_mirror,expected_exception",
+-        [
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os",
+-                does_not_raise()
+-            ),
+-            (
+-                enums.MirrorType.MIRRORLIST,
+-                "https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64",
+-                does_not_raise()
+-            ),
+-            (
+-                enums.MirrorType.METALINK,
+-                "https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=x86_64",
+-                does_not_raise()
+-            ),
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://www.example.com/path/to/some/repo",
+-                pytest.raises(cexceptions.CX)
+-            ),
+@pytest.fixture(scope="function", autouse=True)
+def reset_librepo():
+    has_librepo = reposync.HAS_LIBREPO
+    yield
+    reposync.HAS_LIBREPO = has_librepo
+
+
+def test_repo_walker(mocker: "MockerFixture", tmp_path: Path):
+    # Arrange
+    def test_fun(arg: Any, top: Any, names: Any):
+        pass
+
+    subdir1 = tmp_path / "sub1"
+    subdir2 = tmp_path / "sub2"
+    subdir1.mkdir()
+    subdir2.mkdir()
+    spy = mocker.Mock(wraps=test_fun)
+
+    # Act
+    reposync.repo_walker(tmp_path, spy, None)  # type: ignore
+
+    # Assert
+    assert spy.mock_calls == [
+        # settings.yaml is here because of our autouse fixture that we use to restore the settings
+        mocker.call(None, tmp_path, ["settings.yaml", "sub1", "sub2"]),
+        mocker.call(None, str(subdir1), []),
+        mocker.call(None, str(subdir2), []),
+    ]
+
+
+@pytest.mark.parametrize(
+    "input_has_librepo,input_path_exists_side_effect,expected_exception,expected_result",
+    [
+        (True, [False, True], does_not_raise(), ["/usr/bin/dnf", "reposync"]),
+        (True, [True, False], does_not_raise(), ["/usr/bin/reposync"]),
+        (True, [False, False], pytest.raises(cexceptions.CX), ""),
+        (False, [False, True], pytest.raises(cexceptions.CX), ""),
+    ],
+)
+def test_reposync_cmd(
+    mocker: "MockerFixture",
+    reposync_object: reposync.RepoSync,
+    input_has_librepo: bool,
+    input_path_exists_side_effect: List[bool],
+    expected_exception: Any,
+    expected_result: Union[List[str], str],
+):
+    # Arrange
+    mocker.patch("os.path.exists", side_effect=input_path_exists_side_effect)
+    reposync.HAS_LIBREPO = input_has_librepo
+
+    # Act
+    with expected_exception:
+        result = reposync_object.reposync_cmd()
+
+        # Assert
+        assert result == expected_result
+
+
+def test_run(mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo):
+    # Arrange
+    env_vars: Dict[str, Any] = {}
+    mocker.patch("os.makedirs")
+    mocker.patch("os.path.isdir", return_value=True)
+    mocker.patch(
+        "os.path.join",
+        side_effect=[
+            "/srv/www/cobbler/repo_mirror",
+            "/srv/www/cobbler/repo_mirror/%s" % repo.name,
+         ],
+     )
+-    def test_reposync_yum(
+-        self,
+-        input_mirror_type,
+-        input_mirror,
+-        expected_exception,
+-        api,
+-        repo,
+-        reposync
+-    ):
+-        # Arrange
+-        test_repo = repo
+-        test_repo.breed = enums.RepoBreeds.YUM
+-        test_repo.mirror = input_mirror
+-        test_repo.mirror_type = input_mirror_type
+-        test_repo.rpm_list = "fedora-gpg-keys"
+-        test_settings = api.settings()
+-        repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
+-
+-        # Act & Assert
+-        with expected_exception:
+-            reposync.run(test_repo.name)
+-            result = os.path.exists(repo_path)
+-            if test_repo.rpm_list and test_repo.rpm_list != []:
+-                for rpm in test_repo.rpm_list:
+-                    assert glob.glob(os.path.join(repo_path, "**", rpm) + "*.rpm", recursive=True) != []
+-            assert result
+-            # Test that re-downloading the metadata in .origin/repodata will not result in an error
+-            reposync.run(test_repo.name)
+-
+-    @pytest.mark.usefixtures("remove_repo")
+-    @pytest.mark.parametrize(
+-        "input_mirror_type,input_mirror,input_arch,input_rpm_list,expected_exception",
+    mocker.patch("os.environ", return_value=env_vars)
+    mocker.patch.object(reposync_object, "repos", return_value=[repo])
+    mocker.patch.object(reposync_object, "sync")
+    mocker.patch.object(reposync_object, "update_permissions")
+    reposync_object.repos = [repo]  # type: ignore
+
+    # Act
+    reposync_object.run()
+
+    # Assert
+    # This has to be 0 since all env vars need to be removed after reposync has run.
+    assert len(env_vars) == 0
+
+
+def test_gen_urlgrab_ssl_opts(reposync_object: reposync.RepoSync):
+    # Arrange
+    input_dict: Dict[str, Any] = {}
+
+    # Act
+    result = reposync_object.gen_urlgrab_ssl_opts(input_dict)
+
+    # Assert
+    assert isinstance(result, tuple)
+    assert len(result) == 2
+    # The data of the first element is kind of flexible let's skip asserting it for now
+    assert isinstance(result[1], bool)
+
+
+@pytest.mark.usefixtures("remove_repo")
+@pytest.mark.parametrize(
+    "input_mirror_type,input_mirror,expected_exception",
+    [
+        (
+            enums.MirrorType.BASEURL,
+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os",
+            does_not_raise(),
+        ),
+        (
+            enums.MirrorType.MIRRORLIST,
+            "https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64",
+            does_not_raise(),
+        ),
+        (
+            enums.MirrorType.METALINK,
+            "https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=x86_64",
+            does_not_raise(),
+        ),
+    ],
+)
+def test_reposync_yum(
+    mocker: "MockerFixture",
+    input_mirror_type: enums.MirrorType,
+    input_mirror: str,
+    expected_exception: Any,
+    cobbler_api: CobblerAPI,
+    repo: Repo,
+    reposync_object: reposync.RepoSync,
+):
+    # Arrange
+    test_repo = repo
+    test_repo.breed = enums.RepoBreeds.YUM
+    test_repo.mirror = input_mirror
+    test_repo.mirror_type = input_mirror_type
+    test_repo.rpm_list = "fedora-gpg-keys"
+    test_settings = cobbler_api.settings()
+    repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
+    mocked_subprocess = mocker.patch(
+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
+    )
+    mocker.patch.object(
+        reposync_object, "create_local_file", return_value="/create/local/file"
+    )
+    mocker.patch.object(
+        reposync_object, "reposync_cmd", return_value=["/my/fake/dnf", "reposync"]
+    )
+    mocker.patch.object(reposync_object, "rflags", return_value="--fake-r-flakg")
+    mocker.patch.object(
+        reposync_object,
+        "gen_urlgrab_ssl_opts",
+        return_value=(("TODO", "TODO", "TODO"), False),
+    )
+    mocker.patch("os.path.exists", return_value=True)
+    mocker.patch("shutil.rmtree")
+    mocker.patch("os.makedirs")
+    mocked_repo_walker = mocker.patch("cobbler.actions.reposync.repo_walker")
+    handle_mock = mocker.MagicMock()
+    result_mock = mocker.MagicMock()
+    mocker.patch("librepo.Handle", return_value=handle_mock)
+    mocker.patch("librepo.Result", return_value=result_mock)
+
+    # Act & Assert
+    with expected_exception:
+        reposync_object.yum_sync(repo)
+
+        mocked_subprocess.assert_called_with(
+            [
+                "/usr/bin/dnf",
+                "download",
+                "--testflag",
+                "--disablerepo=*",
+                f"--enablerepo={repo.name}",
+                "-c=/create/local/file",
+                f"--destdir={repo_path}",
+                "fedora-gpg-keys",
+            ],
+            shell=False,
+        )
+        handle_mock.perform.assert_called_with(result_mock)
+        assert mocked_repo_walker.call_count == 1
+
+
+@pytest.mark.usefixtures("remove_repo")
+@pytest.mark.parametrize(
+    "input_mirror_type,input_mirror,input_arch,input_rpm_list,expected_exception",
+    [
+        (
+            enums.MirrorType.BASEURL,
+            "http://ftp.debian.org/debian",
+            enums.RepoArchs.X86_64,
+            "",
+            does_not_raise(),
+        ),
+        (
+            enums.MirrorType.MIRRORLIST,
+            "http://ftp.debian.org/debian",
+            enums.RepoArchs.X86_64,
+            "",
+            pytest.raises(cexceptions.CX),
+        ),
+        (
+            enums.MirrorType.METALINK,
+            "http://ftp.debian.org/debian",
+            enums.RepoArchs.X86_64,
+            "",
+            pytest.raises(cexceptions.CX),
+        ),
+        (
+            enums.MirrorType.BASEURL,
+            "http://ftp.debian.org/debian",
+            enums.RepoArchs.NONE,
+            "",
+            pytest.raises(cexceptions.CX),
+        ),
+        (
+            enums.MirrorType.BASEURL,
+            "http://ftp.debian.org/debian",
+            enums.RepoArchs.X86_64,
+            "dpkg",
+            pytest.raises(cexceptions.CX),
+        ),
+    ],
+)
+def test_reposync_apt(
+    mocker: "MockerFixture",
+    input_mirror_type: enums.MirrorType,
+    input_mirror: str,
+    input_arch: enums.RepoArchs,
+    input_rpm_list: str,
+    expected_exception: Any,
+    cobbler_api: CobblerAPI,
+    repo: Repo,
+    reposync_object: reposync.RepoSync,
+):
+    # Arrange
+    test_repo = repo
+    test_repo.breed = enums.RepoBreeds.APT
+    test_repo.arch = input_arch
+    test_repo.apt_components = "main"
+    test_repo.apt_dists = "stable"
+    test_repo.mirror = input_mirror
+    test_repo.mirror_type = input_mirror_type
+    test_repo.rpm_list = input_rpm_list
+    test_settings = cobbler_api.settings()
+    repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
+    mocked_subprocess = mocker.patch(
+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
+    )
+    mocker.patch("os.path.exists", return_value=True)
+
+    # Act
+    with expected_exception:
+        reposync_object.apt_sync(repo)
+
+        # Assert
+        mocked_subprocess.assert_called_with(
+            [
+                "/usr/bin/debmirror",
+                "--nocleanup",
+                "--method=http",
+                "--host=ftp.debian.org",
+                "--root=/debian",
+                "--dist=stable",
+                "--section=main",
+                repo_path,
+                "--nosource",
+                "-a=amd64",
+            ],
+            shell=False,
+        )
+
+
+@pytest.mark.usefixtures("remove_repo")
+@pytest.mark.parametrize(
+    "input_mirror_type,input_mirror,expected_exception",
+    [
+        (
+            enums.MirrorType.BASEURL,
+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
+            does_not_raise(),
+        ),
+        (
+            enums.MirrorType.MIRRORLIST,
+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
+            pytest.raises(cexceptions.CX),
+        ),
+        (
+            enums.MirrorType.METALINK,
+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
+            pytest.raises(cexceptions.CX),
+        ),
+    ],
+)
+def test_reposync_wget(
+    mocker: "MockerFixture",
+    input_mirror_type: enums.MirrorType,
+    input_mirror: str,
+    expected_exception: Any,
+    cobbler_api: CobblerAPI,
+    repo: Repo,
+    reposync_object: reposync.RepoSync,
+):
+    # Arrange
+    test_repo = repo
+    test_repo.breed = enums.RepoBreeds.WGET
+    test_repo.mirror = input_mirror
+    test_repo.mirror_type = input_mirror_type
+    repo_path = os.path.join(
+        reposync_object.settings.webdir, "repo_mirror", test_repo.name
+    )
+    mocked_subprocess = mocker.patch(
+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
+    )
+    mocker.patch("cobbler.actions.reposync.repo_walker")
+    mocker.patch.object(reposync_object, "create_local_file")
+
+    # Act
+    with expected_exception:
+        reposync_object.wget_sync(test_repo)
+
+        # Assert
+        mocked_subprocess.assert_called_with(
+            [
+                "wget",
+                "-N",
+                "-np",
+                "-r",
+                "-l",
+                "inf",
+                "-nd",
+                "-P",
+                repo_path,
+                input_mirror,
+            ],
+            shell=False,
+        )
+
+
+def test_reposync_rhn(
+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
+):
+    # Arrange
+    repo.mirror = "rhn://%s" % repo.name
+    mocked_subprocess = mocker.patch(
+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
+    )
+    mocker.patch("os.path.isdir", return_value=True)
+    mocker.patch("os.makedirs")
+    mocker.patch("cobbler.actions.reposync.repo_walker")
+    mocker.patch.object(reposync_object, "create_local_file")
+    mocker.patch.object(
+        reposync_object, "reposync_cmd", return_value=["/my/fake/reposync"]
+    )
+
+    # Act
+    reposync_object.rhn_sync(repo)
+
+    # Assert
+    # TODO: Check this more and document how its actually working
+    mocked_subprocess.assert_called_with(
+         [
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://ftp.debian.org/debian",
+-                enums.RepoArchs.X86_64,
+-                "",
+-                does_not_raise()
+-            ),
+-            (
+-                enums.MirrorType.MIRRORLIST,
+-                "http://ftp.debian.org/debian",
+-                enums.RepoArchs.X86_64,
+-                "",
+-                pytest.raises(cexceptions.CX)
+-            ),
+-            (
+-                enums.MirrorType.METALINK,
+-                "http://ftp.debian.org/debian",
+-                enums.RepoArchs.X86_64,
+-                "",
+-                pytest.raises(cexceptions.CX)
+-            ),
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://www.example.com/path/to/some/repo",
+-                enums.RepoArchs.X86_64,
+-                "",
+-                pytest.raises(cexceptions.CX)
+-            ),
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://ftp.debian.org/debian",
+-                enums.RepoArchs.NONE,
+-                "",
+-                pytest.raises(cexceptions.CX)
+-            ),
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://ftp.debian.org/debian",
+-                enums.RepoArchs.X86_64,
+-                "dpkg",
+-                pytest.raises(cexceptions.CX)
+-            ),
+            "/my/fake/reposync",
+            "--testflag",
+            "--repo=testrepo0",
+            "--download-path=/srv/www/cobbler/repo_mirror",
+         ],
+        shell=False,
+     )
+-    def test_reposync_apt(
+-        self,
+-        input_mirror_type,
+-        input_mirror,
+-        input_arch,
+-        input_rpm_list,
+-        expected_exception,
+-        api,
+-        repo,
+-        reposync
+-    ):
+-        # Arrange
+-        test_repo = repo
+-        test_repo.breed = enums.RepoBreeds.APT
+-        test_repo.arch = input_arch
+-        test_repo.apt_components = "main"
+-        test_repo.apt_dists = "stable"
+-        test_repo.mirror = input_mirror
+-        test_repo.mirror_type = input_mirror_type
+-        test_repo.rpm_list = input_rpm_list
+-        test_repo.yumopts = "--exclude=.* --include=dpkg.* --no-check-gpg --rsync-extra=none"
+-        test_settings = api.settings()
+-        repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
+-
+-        # Act & Assert
+-        with expected_exception:
+-            reposync.run(test_repo.name)
+-            result = os.path.exists(repo_path)
+-            for rpm in ["dpkg"]:
+-                assert glob.glob(os.path.join(repo_path, "**", "dpkg") + "*", recursive=True) != []
+-            assert result
+-
+-    @pytest.mark.skip("To flaky and thus not reliable. Needs to be mocked to be of use.")
+-    @pytest.mark.usefixtures("remove_repo")
+-    @pytest.mark.parametrize(
+-        "input_mirror_type,input_mirror,expected_exception",
+
+
+def test_reposync_rsync(
+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
+):
+    # Arrange
+    mocked_subprocess = mocker.patch("cobbler.utils.subprocess_call", return_value=0)
+    mocker.patch("cobbler.actions.reposync.repo_walker")
+    mocker.patch.object(reposync_object, "create_local_file")
+    repo_path = os.path.join(reposync_object.settings.webdir, "repo_mirror", repo.name)
+
+    # Act
+    reposync_object.rsync_sync(repo)
+
+    # Assert
+    mocked_subprocess.assert_called_with(
+         [
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
+-                does_not_raise()
+-            ),
+-            (
+-                enums.MirrorType.MIRRORLIST,
+-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
+-                pytest.raises(cexceptions.CX)
+-            ),
+-            (
+-                enums.MirrorType.METALINK,
+-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
+-                pytest.raises(cexceptions.CX)
+-            ),
+-            (
+-                enums.MirrorType.BASEURL,
+-                "http://www.example.com/path/to/some/repo",
+-                pytest.raises(cexceptions.CX)
+-            ),
+            "rsync",
+            "--testflag",
+            "--delete-after",
+            "-e ssh",
+            "--delete",
+            "--exclude-from=/etc/cobbler/rsync.exclude",
+            "/",
+            repo_path,
+         ],
+        shell=False,
+     )
+-    def test_reposync_wget(
+-        self,
+-        input_mirror_type,
+-        input_mirror,
+-        expected_exception,
+-        api,
+-        repo,
+-        reposync
+-    ):
+-        # Arrange
+-        test_repo = repo
+-        test_repo.breed = enums.RepoBreeds.WGET
+-        test_repo.mirror = input_mirror
+-        test_repo.mirror_type = input_mirror_type
+-        test_settings = api.settings()
+-        repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
+-
+-        # Act & Assert
+-        with expected_exception:
+-            reposync.run(test_repo.name)
+-            result = os.path.exists(repo_path)
+-            for rpm in ["rpm"]:
+-                assert glob.glob(os.path.join(repo_path, "**", "2") + "*", recursive=True) != []
+-            assert result
+-
+-
+-@pytest.mark.skip("TODO")
+-def test_reposync_rhn():
+
+
+def test_createrepo_walker(
+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
+):
+     # Arrange
+    input_repo = repo
+    input_repo.breed = enums.RepoBreeds.RSYNC
+    input_dirname = ""
+    input_fnames = []
+    expected_call = ["createrepo", "--testflags", f"'{input_dirname}'"]
+    mocked_subprocess = mocker.patch(
+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
+    )
+    mocker.patch(
+        "cobbler.utils.blender",
+        autospec=True,
+        return_value={"createrepo_flags": "--testflags"},
+    )
+    mocker.patch("cobbler.utils.remove_yum_olddata")
+    mocker.patch("cobbler.utils.subprocess_get", return_value="5")
+    mocker.patch("cobbler.utils.get_family", return_value="TODO")
+    mocker.patch("os.path.exists", return_value=True)
+    mocker.patch("os.path.isfile", return_value=True)
+    mocker.patch.object(reposync_object, "librepo_getinfo", return_value={})
+
+     # Act
+    reposync_object.createrepo_walker(input_repo, input_dirname, input_fnames)
+
+     # Assert
+-    assert False
+    # TODO: Improve coverage over different cases in method
+    mocked_subprocess.assert_called_with(expected_call, shell=False)
+ 
+ 
+-@pytest.mark.skip("TODO")
+-def test_reposync_rsync():
+@pytest.mark.parametrize(
+    "input_repotype,expected_exception",
+    [
+        (enums.RepoBreeds.YUM, does_not_raise()),
+        (enums.RepoBreeds.RHN, does_not_raise()),
+        (enums.RepoBreeds.APT, does_not_raise()),
+        (enums.RepoBreeds.RSYNC, does_not_raise()),
+        (enums.RepoBreeds.WGET, does_not_raise()),
+        (enums.RepoBreeds.NONE, pytest.raises(cexceptions.CX)),
+    ],
+)
+def test_sync(
+    mocker: "MockerFixture",
+    cobbler_api: CobblerAPI,
+    reposync_object: reposync.RepoSync,
+    input_repotype: enums.RepoBreeds,
+    expected_exception: Any,
+):
+     # Arrange
+    test_repo = Repo(cobbler_api)
+    test_repo.breed = input_repotype
+    rhn_sync_mock = mocker.patch.object(reposync_object, "rhn_sync")
+    yum_sync_mock = mocker.patch.object(reposync_object, "yum_sync")
+    apt_sync_mock = mocker.patch.object(reposync_object, "apt_sync")
+    rsync_sync_mock = mocker.patch.object(reposync_object, "rsync_sync")
+    wget_sync_mock = mocker.patch.object(reposync_object, "wget_sync")
+
+     # Act
+    with expected_exception:
+        reposync_object.sync(test_repo)
+
+        # Assert
+        call_count = sum(
+            (
+                rhn_sync_mock.call_count,
+                yum_sync_mock.call_count,
+                apt_sync_mock.call_count,
+                rsync_sync_mock.call_count,
+                wget_sync_mock.call_count,
+            )
+        )
+        assert call_count == 1
+
+
+def test_librepo_getinfo(
+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, tmp_path: Path
+):
+    # Arrange
+    handle_mock = mocker.MagicMock()
+    result_mock = mocker.MagicMock()
+    mocker.patch("librepo.Handle", return_value=handle_mock)
+    mocker.patch("librepo.Result", return_value=result_mock)
+
+    # Act
+    reposync_object.librepo_getinfo(str(tmp_path))
+
+    # Assert
+    handle_mock.perform.assert_called_with(result_mock)
+    result_mock.getinfo.assert_called()
+
+
+def test_create_local_file(
+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
+):
+    # Arrange
+    mocker.patch("cobbler.utils.filesystem_helpers.mkdir", autospec=True)
+    mock_open = mocker.patch("builtins.open", mocker.mock_open())
+    input_dest_path = ""
+    input_repo = repo
+    input_output = True
+
+    # Act
+    reposync_object.create_local_file(input_dest_path, input_repo, output=input_output)
+
+    # Assert
+    # TODO: Extend checks
+    assert mock_open.call_count == 1
+    assert mock_open.mock_calls[0] == mocker.call("config.repo", "w", encoding="UTF-8")
+    mock_open_handle = mock_open()
+    assert mock_open_handle.write.mock_calls[0] == mocker.call("[testrepo0]\n")
+    assert mock_open_handle.write.mock_calls[1] == mocker.call("name=testrepo0\n")
+
+
+def test_update_permissions(
+    mocker: "MockerFixture", reposync_object: reposync.RepoSync
+):
+    # Arrange
+    mocked_subprocess = mocker.patch(
+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
+    )
+    path_to_update = "/my/fake/path"
+    expected_calls = [
+        mocker.call(["chown", "-R", "root:www", path_to_update], shell=False),
+        mocker.call(["chmod", "-R", "755", path_to_update], shell=False),
+    ]
+
+    # Act
+    reposync_object.update_permissions(path_to_update)
+
+     # Assert
+-    assert False
+    assert mocked_subprocess.mock_calls == expected_calls
--- a/cobbler-remove-get-loaders.patch
+++ b/cobbler-remove-get-loaders.patch
@ -1,316 +0,0 @@
-commit a798eabd9b9e3e7d4cb8a828a5aa2273c69cec48
-Author: Dominik Gedon <dgedon@suse.de>
-Date:   Fri Mar 5 16:25:05 2021 +0100
-
-    Remove get-loader code
-
-diff --git a/cobbler/actions/check.py b/cobbler/actions/check.py
-index e034071e..4fadab53 100644
--- a/cobbler/actions/check.py
-+++ b/cobbler/actions/check.py
-@@ -386,12 +386,11 @@ class CobblerCheck:
-                 not_found.append(loader_name)
- 
-         if len(not_found) > 0:
-            status.append("some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler "
-                          "get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, "
-                          "you may ensure that you have installed a *recent* version of the syslinux package "
-                          "installed and can ignore this message entirely.  Files in this directory, should you want "
-                          "to support all architectures, should include pxelinux.0, menu.c32, and yaboot. The "
-                          "'cobbler get-loaders' command is the easiest way to resolve these requirements.")
-+            status.append("some network boot-loaders are missing from /var/lib/cobbler/loaders. If you only want to "
-+                          "handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version "
-+                          "of the syslinux package installed and can ignore this message entirely. Files in this "
-+                          "directory, should you want to support all architectures, should include pxelinux.0, "
-+                          "menu.c32, and yaboot.")
- 
-     def check_tftpd_dir(self, status):
-         """
-diff --git a/cobbler/actions/dlcontent.py b/cobbler/actions/dlcontent.py
-deleted file mode 100644
-index 84d73b8d..00000000
--- a/cobbler/actions/dlcontent.py
-+++ /dev/null
-@@ -1,77 +0,0 @@
-"""
-Downloads bootloader content for all arches for when the user doesn't want to supply their own.
-
-Copyright 2009, Red Hat, Inc and Others
-Michael DeHaan <michael.dehaan AT gmail>
-
-This program is free software; you can redistribute it and/or modify
-it under the terms of the GNU General Public License as published by
-the Free Software Foundation; either version 2 of the License, or
-(at your option) any later version.
-
-This program is distributed in the hope that it will be useful,
-but WITHOUT ANY WARRANTY; without even the implied warranty of
-MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-GNU General Public License for more details.
-
-You should have received a copy of the GNU General Public License
-along with this program; if not, write to the Free Software
-Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
-02110-1301  USA
-"""
-
-import os
-
-from cobbler import clogger
-from cobbler import download_manager
-
-
-class ContentDownloader:
-
-    def __init__(self, collection_mgr, logger=None):
-        """
-        Constructor
-
-        :param collection_mgr: The main collection manager instance which is used by the current running server.
-        :param logger: The logger object which logs to the desired target.
-        """
-        self.collection_mgr = collection_mgr
-        self.settings = collection_mgr.settings()
-        if logger is None:
-            logger = clogger.Logger()
-        self.logger = logger
-
-    def run(self, force: bool = False):
-        """
-        Download bootloader content for all of the latest bootloaders, since the user has chosen to not supply their
-        own. You may ask "why not get this from yum", we also want this to be able to work on Debian and further do not
-        want folks to have to install a cross compiler. For those that don't like this approach they can still source
-        their cross-arch bootloader content manually.
-
-        :param force: If the target path should be overwritten, even if there are already files present.
-        """
-
-        content_server = "https://cobbler.github.io/loaders"
-        dest = "/var/lib/cobbler/loaders"
-
-        files = (
-            ("%s/README" % content_server, "%s/README" % dest),
-            ("%s/COPYING.yaboot" % content_server, "%s/COPYING.yaboot" % dest),
-            ("%s/COPYING.syslinux" % content_server, "%s/COPYING.syslinux" % dest),
-            ("%s/yaboot-1.3.17" % content_server, "%s/yaboot" % dest),
-            ("%s/pxelinux.0-3.86" % content_server, "%s/pxelinux.0" % dest),
-            ("%s/menu.c32-3.86" % content_server, "%s/menu.c32" % dest),
-            ("%s/grub-0.97-x86.efi" % content_server, "%s/grub-x86.efi" % dest),
-            ("%s/grub-0.97-x86_64.efi" % content_server, "%s/grub-x86_64.efi" % dest),
-        )
-
-        dlmgr = download_manager.DownloadManager(self.collection_mgr, self.logger)
-        for src, dst in files:
-            if os.path.exists(dst) and not force:
-                self.logger.info("path %s already exists, not overwriting existing content, use --force if you wish "
-                                 "to update" % dst)
-                continue
-            self.logger.info("downloading %s to %s" % (src, dst))
-            dlmgr.download_file(src, dst)
-
-# EOF
-diff --git a/cobbler/api.py b/cobbler/api.py
-index bdf18391..9c52015e 100644
--- a/cobbler/api.py
-+++ b/cobbler/api.py
-@@ -25,7 +25,7 @@ import random
- import tempfile
- from typing import Optional
- 
-from cobbler.actions import status, dlcontent, hardlink, sync, buildiso, replicate, report, log, acl, check, reposync
-+from cobbler.actions import status, hardlink, sync, buildiso, replicate, report, log, acl, check, reposync
- from cobbler import autoinstall_manager
- from cobbler import clogger
- from cobbler.cobbler_collections import manager
-@@ -1276,21 +1276,6 @@ class CobblerAPI:
- 
-     # ==========================================================================
- 
-    def dlcontent(self, force=False, logger=None):
-        """
-        Downloads bootloader content that may not be avialable in packages for the given arch, ex: if installing on PPC,
-        get syslinux. If installing on x86_64, get elilo, etc.
-
-        :param force: Force the download, although the content may be already downloaded.
-        :param logger: The logger to audit the removal with.
-        """
-        # FIXME: teach code that copies it to grab from the right place
-        self.log("dlcontent")
-        grabber = dlcontent.ContentDownloader(self._collection_mgr, logger=logger)
-        return grabber.run(force)
-
-    # ==========================================================================
-
-     def validate_autoinstall_files(self, logger=None):
-         """
-         Validate if any of the autoinstallation files are invalid and if yes report this.
-diff --git a/cobbler/cli.py b/cobbler/cli.py
-index 5441ce0a..9a6c4fff 100644
--- a/cobbler/cli.py
-+++ b/cobbler/cli.py
-@@ -55,7 +55,7 @@ OBJECT_ACTIONS = []
- for actions in list(OBJECT_ACTIONS_MAP.values()):
-     OBJECT_ACTIONS += actions
- DIRECT_ACTIONS = "aclsetup buildiso import list replicate report reposync sync validate-autoinstalls version " \
-                 "signature get-loaders hardlink".split()
-+                 "signature hardlink".split()
- 
- ####################################################
- 
-@@ -687,10 +687,6 @@ class CobblerCLI:
-         elif action_name == "validate-autoinstalls":
-             (options, args) = self.parser.parse_args(self.args)
-             task_id = self.start_task("validate_autoinstall_files", options)
-        elif action_name == "get-loaders":
-            self.parser.add_option("--force", dest="force", action="store_true", help="overwrite any existing content in /var/lib/cobbler/loaders")
-            (options, args) = self.parser.parse_args(self.args)
-            task_id = self.start_task("dlcontent", options)
-         elif action_name == "import":
-             self.parser.add_option("--arch", dest="arch", help="OS architecture being imported")
-             self.parser.add_option("--breed", dest="breed", help="the breed being imported")
-diff --git a/cobbler/remote.py b/cobbler/remote.py
-index 759879a8..ac788752 100644
--- a/cobbler/remote.py
-+++ b/cobbler/remote.py
-@@ -200,18 +200,6 @@ class CobblerXMLRPCInterface:
-             )
-         return self.__start_task(runner, token, "aclsetup", "(CLI) ACL Configuration", options)
- 
-    def background_dlcontent(self, options, token) -> str:
-        """
-        Download bootloaders and other support files.
-
-        :param options: Unknown what this parameter is doing at the moment.
-        :param token: The API-token obtained via the login() method. The API-token obtained via the login() method.
-        :return: The id of the task which was started.
-        """
-        def runner(self):
-            self.remote.api.dlcontent(self.options.get("force", False), self.logger)
-        return self.__start_task(runner, token, "get_loaders", "Download Bootloader Content", options)
-
-     def background_sync(self, options, token) -> str:
-         """
-         Run a full Cobbler sync in the background.
-diff --git a/config/bash/completion/cobbler b/config/bash/completion/cobbler
-index f2d5bd59..169dbaec 100755
--- a/config/bash/completion/cobbler
-+++ b/config/bash/completion/cobbler
-@@ -9,7 +9,7 @@ _cobbler_completions()
-     prev="${COMP_WORDS[COMP_CWORD-1]}"
-     cobbler_type=${COMP_WORDS[1]}
-     COMPREPLY=()
-    TYPE="distro profile system repo image mgmtclass package file aclsetup buildiso import list replicate report reposync sync validateks version signature get-loaders hardlink"
-+    TYPE="distro profile system repo image mgmtclass package file aclsetup buildiso import list replicate report reposync sync validateks version signature hardlink"
-     ACTION="add edit copy list remove rename report"
-     opts=(
-         [distro]="--ctime --depth --mtime --source-repos --tree-build-time --uid --arch --autoinstall-meta --boot-files --boot-loader --breed --comment --fetchable-files --initrd --kernel --kernel-options --kernel-options-post --mgmt-classes --name --os-version --owners --redhat-management-key --template-files --in-place --help"
-diff --git a/config/cobbler/settings.yaml b/config/cobbler/settings.yaml
-index 82b8c11f..b2e05a7b 100644
--- a/config/cobbler/settings.yaml
-+++ b/config/cobbler/settings.yaml
-@@ -426,7 +426,7 @@ replicate_repo_rsync_options: "-avzH"
- # always write DHCP entries, regardless if netboot is enabled
- always_write_dhcp_entries: false
- 
-# External proxy - used by: "get-loaders", "reposync", "signature update"
-+# External proxy - used by: reposync", "signature update"
- # Eg: "http://192.168.1.1:8080" (HTTP), "https://192.168.1.1:8443" (HTTPS)
- proxy_url_ext: ""
- 
-diff --git a/docs/cobbler-conf.rst b/docs/cobbler-conf.rst
-index 673beffd..808d7738 100644
--- a/docs/cobbler-conf.rst
-+++ b/docs/cobbler-conf.rst
-@@ -577,7 +577,7 @@ default: ``ipmilanplus``
- proxy_url_ext
- =============
- 
-External proxy which is used by the following commands: ``get-loaders``, ``reposync``, ``signature update``
-+External proxy which is used by the following commands: ``reposync``, ``signature update``
- 
- defaults:
- 
-diff --git a/docs/cobbler.rst b/docs/cobbler.rst
-index 1fffc41e..6332a662 100644
--- a/docs/cobbler.rst
-+++ b/docs/cobbler.rst
-@@ -74,7 +74,7 @@ Long Usage:
- .. code-block:: shell
- 
-     cobbler <distro|profile|system|repo|image|mgmtclass|package|file> ... [add|edit|copy|get-autoinstall*|list|remove|rename|report] [options|--help]
-    cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validate-autoinstalls|version|signature|get-loaders|hardlink> [options|--help]
-+    cobbler <aclsetup|buildiso|import|list|replicate|report|reposync|sync|validate-autoinstalls|version|signature|hardlink> [options|--help]
- 
- Cobbler distro
- ==============
-@@ -1071,15 +1071,6 @@ Example:
- 
-     $ cobbler signature
- 
-Cobbler get-loaders
-===================
-
-Example:
-
-.. code-block:: shell
-
-    $ cobbler get-loaders
-
- Cobbler hardlink
- ================
- 
-diff --git a/docs/code-autodoc/cobbler.actions.rst b/docs/code-autodoc/cobbler.actions.rst
-index 44f7e1a4..a5845996 100644
--- a/docs/code-autodoc/cobbler.actions.rst
-+++ b/docs/code-autodoc/cobbler.actions.rst
-@@ -28,14 +28,6 @@ cobbler.actions.check module
-     :undoc-members:
-     :show-inheritance:
- 
-cobbler.actions.dlcontent module
---------------------------------
-
-.. automodule:: cobbler.actions.dlcontent
-    :members:
-    :undoc-members:
-    :show-inheritance:
-
- cobbler.actions.hardlink module
- -------------------------------
- 
-diff --git a/tests/cli/cobbler_cli_direct_test.py b/tests/cli/cobbler_cli_direct_test.py
-index 7cd6729c..01d42d6d 100644
--- a/tests/cli/cobbler_cli_direct_test.py
-+++ b/tests/cli/cobbler_cli_direct_test.py
-@@ -148,11 +148,6 @@ class TestCobblerCliTestDirect:
-         i = assert_report_section(lines, i, "packages")
-         i = assert_report_section(lines, i, "files")
- 
-    def test_cobbler_getloaders(self, run_cmd, get_last_line):
-        (outputstd, outputerr) = run_cmd(cmd=["get-loaders"])
-        lines = outputstd.split("\n")
-        assert "*** TASK COMPLETE ***" == get_last_line(lines)
-
-     def test_cobbler_hardlink(self, run_cmd, get_last_line):
-         (outputstd, outputerr) = run_cmd(cmd=["hardlink"])
-         lines = outputstd.split("\n")
-diff --git a/tests/xmlrpcapi/background_test.py b/tests/xmlrpcapi/background_test.py
-index 36c03b01..64e219ca 100644
--- a/tests/xmlrpcapi/background_test.py
-+++ b/tests/xmlrpcapi/background_test.py
-@@ -25,15 +25,6 @@ class TestBackground:
-         # Assert
-         assert result
- 
-    def test_background_dlccontent(self, remote, token):
-        # Arrange
-
-        # Act
-        result = remote.background_dlcontent({}, token)
-
-        # Assert
-        assert result
-
-     def test_background_hardlink(self, remote, token):
-         # Arrange
- 
--- a/cobbler-reposync.patch
+++ b/cobbler-reposync.patch
@ -0,0 +1,18 @@
+diff -up cobbler-3.3.7/cobbler/cli.py.reposync cobbler-3.3.7/cobbler/cli.py
+--- cobbler-3.3.7/cobbler/cli.py.reposync	2024-11-17 14:02:02.000000000 -0700
+++ cobbler-3.3.7/cobbler/cli.py	2025-10-04 19:21:03.379260526 -0600
+@@ -1184,7 +1184,13 @@ class CobblerCLI:
+             task_id = self.start_task("import", options)
+         elif action_name == "reposync":
+             self.parser.add_option("--only", dest="only", help="update only this repository name")
+-            self.parser.add_option("--tries", dest="tries", help="try each repo this many times", default=1)
+            self.parser.add_option(
+                "--tries",
+                dest="tries",
+                help="try each repo this many times",
+                default=1,
+                type="int",
+            )
+             self.parser.add_option("--no-fail", dest="nofail", help="don't stop reposyncing if a failure occurs",
+                                    action="store_true")
+             (options, args) = self.parser.parse_args(self.args)
--- a/cobbler-rhel.patch
+++ b/cobbler-rhel.patch
@ -1,13 +0,0 @@
-diff --git a/distro_build_configs.sh b/distro_build_configs.sh
-index bad43e3c..52eb1136 100644
--- a/distro_build_configs.sh
-+++ b/distro_build_configs.sh
-@@ -24,7 +24,7 @@ if [ "$DISTRO" = "" ] && [ -r /etc/os-release ];then
- 	sle*|*suse*)
- 	    DISTRO="SUSE"
- 	    ;;
-	fedora*|centos*)
-+	fedora*|centos*|rhel*)
- 	    DISTRO="FEDORA"
- 	    ;;
- 	ubuntu*|debian*)
--- a/cobbler-scripts.patch
+++ b/cobbler-scripts.patch
@ -1,12 +0,0 @@
-diff -up cobbler-3.2.1/setup.py.orig cobbler-3.2.1/setup.py
--- cobbler-3.2.1/setup.py.orig	2021-03-04 12:07:10.000000000 -0700
-+++ cobbler-3.2.1/setup.py	2021-03-08 22:25:15.239563778 -0700
-@@ -566,7 +566,7 @@ if __name__ == "__main__":
-             ("share/cobbler/web", glob("web/*.*")),
-             ("%s" % webcontent, glob("web/static/*")),
-             ("%s" % webimages, glob("web/static/images/*")),
-            ("share/cobbler/bin", glob("scripts/*.sh")),
-+            ("share/cobbler/bin", glob("scripts/*")),
-             ("share/cobbler/web/templates", glob("web/templates/*")),
-             ("%s/webui_sessions" % libpath, []),
-             ("%s/loaders" % libpath, []),
--- a/cobbler.fc
+++ b/cobbler.fc
@ -0,0 +1,28 @@
+/etc/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_etc_t,s0)
+
+/etc/rc\.d/init\.d/cobblerd	--	gen_context(system_u:object_r:cobblerd_initrc_exec_t,s0)
+
+/usr/bin/cobblerd	--	gen_context(system_u:object_r:cobblerd_exec_t,s0)
+
+/usr/lib/systemd/system/cobblerd.*	--	gen_context(system_u:object_r:cobblerd_unit_file_t,s0)
+
+/var/cache/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+
+/var/lib/tftpboot/aarch64(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/boot(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/etc(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/grub(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/images(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/images2(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/memdisk	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/menu\.c32	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/ppc(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/pxelinux\.0	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/pxelinux\.cfg(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/s390x(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+/var/lib/tftpboot/yaboot	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
+
+/var/log/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_log_t,s0)
+
+/var/www/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
--- a/cobbler.if
+++ b/cobbler.if
@ -0,0 +1,251 @@
+## <summary>Cobbler installation server.</summary>
+
+########################################
+## <summary>
+##	Execute a domain transition to run cobblerd.
+## </summary>
+## <param name="domain">
+## <summary>
+##	Domain allowed to transition.
+## </summary>
+## </param>
+#
+interface(`cobblerd_domtrans',`
+	gen_require(`
+		type cobblerd_t, cobblerd_exec_t;
+	')
+
+	corecmd_search_bin($1)
+	domtrans_pattern($1, cobblerd_exec_t, cobblerd_t)
+')
+
+########################################
+## <summary>
+##	Execute cobblerd server in the cobblerd domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed to transition.
+##	</summary>
+## </param>
+#
+interface(`cobblerd_systemctl',`
+	gen_require(`
+		type named_unit_file_t;
+		type named_t;
+	')
+
+	systemd_exec_systemctl($1)
+	init_reload_services($1)
+	allow $1 named_unit_file_t:file read_file_perms;
+	allow $1 named_unit_file_t:service manage_service_perms;
+
+	ps_process_pattern($1, named_t)
+')
+
+########################################
+## <summary>
+##	Execute cobblerd init scripts in
+##	the init script domain.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed to transition.
+##	</summary>
+## </param>
+#
+interface(`cobblerd_initrc_domtrans',`
+	gen_require(`
+		type cobblerd_initrc_exec_t;
+	')
+
+	init_labeled_script_domtrans($1, cobblerd_initrc_exec_t)
+')
+
+
+
+########################################
+## <summary>
+##	Read cobbler configuration dirs.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`cobbler_list_config',`
+	gen_require(`
+		type cobbler_etc_t;
+	')
+
+	list_dirs_pattern($1, cobbler_etc_t, cobbler_etc_t)
+	files_search_etc($1)
+')
+
+
+########################################
+## <summary>
+##	Read cobbler configuration files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`cobbler_read_config',`
+	gen_require(`
+		type cobbler_etc_t;
+	')
+
+	read_files_pattern($1, cobbler_etc_t, cobbler_etc_t)
+	files_search_etc($1)
+')
+
+########################################
+## <summary>
+##	Do not audit attempts to read and write
+##	cobbler log files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain to not audit.
+##	</summary>
+## </param>
+#
+interface(`cobbler_dontaudit_rw_log',`
+	gen_require(`
+		type cobbler_var_log_t;
+	')
+
+	dontaudit $1 cobbler_var_log_t:file rw_file_perms;
+')
+
+########################################
+## <summary>
+##	Search cobbler lib directories.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`cobbler_search_lib',`
+	gen_require(`
+		type cobbler_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	search_dirs_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
+')
+
+########################################
+## <summary>
+##	Read cobbler lib files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`cobbler_read_lib_files',`
+	gen_require(`
+		type cobbler_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	read_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
+    read_lnk_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
+')
+
+########################################
+## <summary>
+##	Create, read, write, and delete
+##	cobbler lib files.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`cobbler_manage_lib_files',`
+	gen_require(`
+		type cobbler_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	manage_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
+    manage_lnk_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
+    manage_dirs_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
+')
+
+########################################
+## <summary>
+##	All of the rules required to
+##	administrate an cobbler environment.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="role">
+##	<summary>
+##	Role allowed access.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`cobblerd_admin',`
+	refpolicywarn(`$0($*) has been deprecated, use cobbler_admin() instead.')
+	cobbler_admin($1, $2)
+')
+
+########################################
+## <summary>
+##	All of the rules required to
+##	administrate an cobbler environment.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+## <param name="role">
+##	<summary>
+##	Role allowed access.
+##	</summary>
+## </param>
+## <rolecap/>
+#
+interface(`cobbler_admin',`
+	gen_require(`
+		type cobblerd_t, cobbler_var_lib_t, cobbler_var_log_t;
+		type cobbler_etc_t, cobblerd_initrc_exec_t;
+		type cobbler_tmp_t;
+	')
+
+	allow $1 cobblerd_t:process { ptrace signal_perms };
+	ps_process_pattern($1, cobblerd_t)
+
+	cobblerd_initrc_domtrans($1)
+	domain_system_change_exemption($1)
+	role_transition $2 cobblerd_initrc_exec_t system_r;
+	allow $2 system_r;
+
+	files_search_etc($1)
+	admin_pattern($1, cobbler_etc_t)
+
+	files_search_tmp($1)
+	admin_pattern($1, cobbler_tmp_t)
+
+	files_search_var_lib($1)
+	admin_pattern($1, cobbler_var_lib_t)
+
+	logging_search_logs($1)
+	admin_pattern($1, cobbler_var_log_t)
+')
--- a/cobbler.spec
+++ b/cobbler.spec
@ -1,91 +1,87 @@
 %global tftpboot_dir %{_sharedstatedir}/tftpboot/

-%global commit0 172b8a0f79d110dcac1f50acfe412e0a01ff20ab
-%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
+%global commit 700eb5bdfb28baba4de5e4083bec9e132a763bcb
+%global shortcommit %(c=%{commit}; echo ${c:0:7})
+%global selinuxtype targeted
+
+# Tests require an installed system with root access
+%bcond check 0

 Name:           cobbler
-Version:        3.2.2
-Release:        9%{?dist}
+Version:        3.3.7
+Release:        %autorelease
 Summary:        Boot server configurator
 URL:            https://cobbler.github.io/
-License:        GPLv2+
+# Automatically converted from old format: GPLv2+ - review is highly recommended.
+License:        GPL-2.0-or-later
 Source0:        https://github.com/cobbler/cobbler/archive/v%{version}/%{name}-%{version}.tar.gz
-#Source0:        https://github.com/cobbler/cobbler/archive/%{commit0}/%{name}-%{commit0}.tar.gz
 Source1:        migrate-settings.sh
-# Revert upstream's VirtualHost addition
-# https://github.com/cobbler/cobbler/issues/2286
-Patch0:         cobbler-httpd.patch
-# Fix autoinstall_templates -> templates
-Patch1:         https://patch-diff.githubusercontent.com/raw/cobbler/cobbler/pull/2590.patch
-# Install migrate-data-v2-to-v3.py - https://github.com/cobbler/cobbler/pull/2591
-Patch2:         cobbler-scripts.patch
-# Remove get-loaders command
-Patch3:         cobbler-remove-get-loaders.patch
-# Upstream fix for CVE-2021-45082
-Patch4:         cobbler-CVE-2021-45082.patch
+Source2:        %{name}.te
+Source3:        %{name}.if
+Source4:        %{name}.fc
+
 # Do not run coverage tests
-Patch5:         cobbler-nocov.patch
+Patch0:         cobbler-nocov.patch
+# Python 3.13 support (backport of https://github.com/cobbler/cobbler/pull/3842)
+# https://bugzilla.redhat.com/show_bug.cgi?id=2335620
+Patch1:         cobbler-python3.13.patch
+# Upstream fix for reposync --tries
+# https://bugzilla.redhat.com/show_bug.cgi?id=2401605
+# Backport of https://github.com/cobbler/cobbler/pull/3378
+Patch2:         cobbler-reposync.patch
+# Use systemctl is-active to prevent some SELinux denials checking service status
+# https://bugzilla.redhat.com/show_bug.cgi?id=2353898
+Patch3:         https://github.com/cobbler/cobbler/pull/3945.patch
 BuildArch:      noarch

+BuildRequires: make
 BuildRequires: python%{python3_pkgversion}-devel
-%if 0%{?fedora} || 0%{?rhel} >= 8
+# Cheetah switched names from Cheetah3 to CT3 in its metadata in version 3.3.0.
+# https://github.com/CheetahTemplate3/cheetah3/commit/673259b2d139b4ea970b1c2da12607b7ac39cbec
+%if 0%{?fedora} >= 42 || 0%{?rhel} >= 10
+BuildRequires: %{py3_dist ct3}
+%else
 BuildRequires: %{py3_dist cheetah3}
+%endif
 BuildRequires: %{py3_dist distro}
 BuildRequires: %{py3_dist netaddr}
 BuildRequires: %{py3_dist pyyaml}
 BuildRequires: %{py3_dist requests}
 BuildRequires: %{py3_dist schema}
 BuildRequires: %{py3_dist setuptools}
-BuildRequires: %{py3_dist simplejson}
 # For docs
 BuildRequires: %{py3_dist sphinx}
-%else
-BuildRequires: python%{python3_pkgversion}-cheetah
-BuildRequires: python%{python3_pkgversion}-distro
-BuildRequires: python%{python3_pkgversion}-netaddr
-BuildRequires: python%{python3_pkgversion}-PyYAML
-BuildRequires: python%{python3_pkgversion}-requests
-BuildRequires: python%{python3_pkgversion}-schema
-BuildRequires: python%{python3_pkgversion}-setuptools
-BuildRequires: python%{python3_pkgversion}-simplejson
-# For docs
-BuildRequires: python%{python3_pkgversion}-sphinx
+%if %{with check}
+# For tests
+BuildRequires: %{py3_dist crypt-r}
+BuildRequires: %{py3_dist dnspython}
+BuildRequires: %{py3_dist file-magic}
+BuildRequires: %{py3_dist pytest-benchmark}
 %endif

+# This ensures that the *-selinux package and all it’s dependencies are not pulled
+# into containers and other systems that do not use SELinux
+Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})
+
 Requires: httpd
 Requires: tftp-server
+Requires: dosfstools
 Requires: createrepo_c
 Requires: rsync
 Requires: xorriso
-Requires: %{py3_dist cheetah3}
-Requires: %{py3_dist distro}
-Requires: %{py3_dist dnspython}
-Requires: %{py3_dist file-magic}
-Requires: %{py3_dist mod_wsgi}
-Requires: %{py3_dist netaddr}
-Requires: %{py3_dist pyyaml}
-Requires: %{py3_dist requests}
-Requires: %{py3_dist schema}
-Requires: %{py3_dist simplejson}
-Requires: %{py3_dist tornado}

 Requires: genisoimage
-%if 0%{?fedora} || 0%{?rhel} >= 8
 # Not everyone wants bash-completion...?
 Recommends: bash-completion
 Requires: dnf-plugins-core
 # syslinux is only available on x86
-Requires: (syslinux if (filesystem.x86_64 or filesystem.i686))
+Requires: (syslinux if (filesystem(x86-64) or filesystem(x86-32)))
 # grub2 efi stuff is only available on x86
 Recommends: grub2-efi-ia32
 Recommends: grub2-efi-x64
 Recommends: logrotate
 Recommends: %{py3_dist librepo}
-%else
-Requires: yum-utils
-%endif
-# https://github.com/cobbler/cobbler/issues/1685
-Requires: /sbin/service
+Obsoletes: cobbler-web < 3.3

 BuildRequires: systemd
 Requires(post): systemd
@ -93,28 +89,26 @@ Requires(preun): systemd
 Requires(postun): systemd

 %description
-Cobbler is a network install server.  Cobbler supports PXE, ISO
-virtualized installs, and re-installing existing Linux machines.
-The last two modes use a helper tool, 'koan', that integrates with
-cobbler.  There is also a web interface 'cobbler-web'.  Cobbler's
-advanced features include importing distributions from DVDs and rsync
-mirrors, kickstart templating, integrated yum mirroring, and built-in
-DHCP/DNS Management.  Cobbler has a XML-RPC API for integration with
-other applications.
+Cobbler is a network install server. Cobbler supports PXE, ISO
+virtualized installs, and re-installing existing Linux machines. The
+last two modes use a helper tool, 'koan', that integrates with cobbler.
+Cobbler's advanced features include importing distributions from DVDs
+and rsync mirrors, kickstart templating, integrated yum mirroring, and
+built-in DHCP/DNS Management. Cobbler has a XML-RPC API for integration
+with other applications.


-%package -n cobbler-web
-Summary:        Web interface for Cobbler
-Requires:       cobbler = %{version}-%{release}
-Requires:       %{py3_dist django}
-Requires:       %{py3_dist mod_wsgi}
-Requires:       mod_ssl
-Requires(post): coreutils
-Requires(post): sed
+%package selinux
+Summary:        SELinux policies for %{name}
+Requires:       selinux-policy-%{selinuxtype}
+Requires(post): selinux-policy-%{selinuxtype}
+BuildRequires:  selinux-policy-devel
+BuildArch:      noarch
+%{?selinux_requires}

-%description -n cobbler-web
-Web interface for Cobbler that allows visiting
-http://server/cobbler_web to configure the install server.
+
+%description selinux
+SELinux policies for %{name}.


 %package tests
@ -122,15 +116,38 @@ Summary:        Unit tests for cobbler
 Requires:       cobbler = %{version}-%{release}

 %description tests
-Unit test files from the Cobbler project
+Unit test files from the Cobbler project.
+
+
+%package tests-containers
+Summary:        Dockerfiles and scripts to setup testing containers
+Requires:       cobbler = %{version}-%{release}
+
+%description tests-containers
+Dockerfiles and scripts to setup testing containers.


 %prep
 %autosetup -p1
+mkdir -p selinux
+cp -p %{SOURCE2} %{SOURCE3} %{SOURCE4} selinux/
+
+# Cheetah switched names from Cheetah3 to CT3 in its metadata in version 3.3.0.
+# https://github.com/CheetahTemplate3/cheetah3/commit/673259b2d139b4ea970b1c2da12607b7ac39cbec
+%if 0%{?fedora} >= 42 || 0%{?rhel} >= 10
+sed -e 's/Cheetah3/CT3/' -i setup.py
+%endif
+

 %build
 . ./distro_build_configs.sh
 %py3_build
+make man
+
+# SELinux
+make -f %{_datadir}/selinux/devel/Makefile %{name}.pp
+bzip2 -9 %{name}.pp
+

 %install
 . ./distro_build_configs.sh
@ -150,15 +167,22 @@ mkdir -p %{buildroot}%{tftpboot_dir}/{boot,etc,grub/system{,_link},images{,2},pp
 mkdir -p %{buildroot}%{_unitdir}
 mv %{buildroot}%{_sysconfdir}/cobbler/cobblerd.service %{buildroot}%{_unitdir}

-# cobbler-web
-rm %{buildroot}%{_sysconfdir}/cobbler/cobbler_web.conf
-
 # ghosted files
 touch %{buildroot}%{_sharedstatedir}/cobbler/web.ss

 # migrate-settings.sh
 install -p -m0755 %SOURCE1 %{buildroot}%{_datadir}/cobbler/bin/migrate-settings.sh

+# SELinux
+install -D -m 0644 %{name}.pp.bz2 %{buildroot}%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
+install -D -p -m 0644 selinux/%{name}.if %{buildroot}%{_datadir}/selinux/devel/include/distributed/%{name}.if
+
+
+%if %{with check}
+%check
+%pytest -v
+%endif
+

 %pre
 if [ $1 -ge 2 ]; then
@ -179,6 +203,23 @@ fi

 %post
 %systemd_post cobblerd.service
+# Fixup permission for world readable settings files
+chmod 640 %{_sysconfdir}/cobbler/settings.yaml
+chmod 600 %{_sysconfdir}/cobbler/mongodb.conf
+chmod 600 %{_sysconfdir}/cobbler/modules.conf
+chmod 640 %{_sysconfdir}/cobbler/users.conf
+chmod 640 %{_sysconfdir}/cobbler/users.digest
+chmod 750 %{_sysconfdir}/cobbler/settings.d
+chmod 640 %{_sysconfdir}/cobbler/settings.d/*
+chgrp apache %{_sysconfdir}/cobbler/settings.yaml
+chgrp apache %{_sysconfdir}/cobbler/users.conf
+chgrp apache %{_sysconfdir}/cobbler/users.digest
+chgrp apache %{_sysconfdir}/cobbler/settings.d
+chgrp apache %{_sysconfdir}/cobbler/settings.d/*
+# Change from apache
+if [ -f %{_sharedstatedir}/cobbler/web.ss ]; then
+    chown root %{_sharedstatedir}/cobbler/web.ss
+fi

 %posttrans
 # Migrate pre-3.2.1 settings to settings.yaml
@ -190,13 +231,7 @@ if [ -f %{_sysconfdir}/cobbler/settings.rpmsave ]; then
    %{_datadir}/cobbler/bin/migrate-settings.sh
 fi
 # Add some missing options if needed
-grep -q '^cache_enabled:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\ncache_enabled: true' >> %{_sysconfdir}/cobbler/settings.yaml
 grep -q '^reposync_rsync_flags:' %{_sysconfdir}/cobbler/settings.yaml || echo -e '#ADDED:\nreposync_rsync_flags: "-rltDv --copy-unsafe-links"' >> %{_sysconfdir}/cobbler/settings.yaml
-# Migrate pre-3 configuration data if needed
-if [ -d %{_sharedstatedir}/cobbler/kickstarts -a $(find %{_sharedstatedir}/cobbler/collections -type f | wc -l) -eq 0  ]; then
-    echo warning: migrating pre cobbler 3 configuration data
-    %{_datadir}/cobbler/bin/migrate-data-v2-to-v3.py
-fi

 %preun
 %systemd_preun cobblerd.service
@ -204,12 +239,24 @@ fi
 %postun
 %systemd_postun_with_restart cobblerd.service

-%post -n cobbler-web
-# Change the SECRET_KEY option in the Django settings.py file
-# required for security reasons, should be unique on all systems
-# Choose from letters and numbers only, so no special chars like ampersand (&).
-RAND_SECRET=$(head /dev/urandom | tr -dc 'A-Za-z0-9!' | head -c 50 ; echo '')
-sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler/web/settings.py
+
+%pre selinux
+%selinux_relabel_pre -s %{selinuxtype}
+
+%post selinux
+%selinux_modules_install -s %{selinuxtype} %{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.bz2
+%selinux_relabel_post -s %{selinuxtype}
+
+if [ "$1" -le "1" ]; then # First install
+   # the daemon needs to be restarted for the custom label to be applied
+   %systemd_postun_with_restart cobblerd.service
+fi
+
+%postun selinux
+if [ $1 -eq 0 ]; then
+    %selinux_modules_uninstall -s %{selinuxtype} %{name}
+    %selinux_relabel_post -s %{selinuxtype}
+fi


 %files
@ -221,6 +268,7 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler
 %config(noreplace) %{_sysconfdir}/cobbler/boot_loader_conf/
 %config(noreplace) %{_sysconfdir}/cobbler/cheetah_macros
 %config(noreplace) %{_sysconfdir}/cobbler/dhcp.template
+%config(noreplace) %{_sysconfdir}/cobbler/dhcp6.template
 %config(noreplace) %{_sysconfdir}/cobbler/dnsmasq.template
 %config(noreplace) %{_sysconfdir}/cobbler/genders.template
 %config(noreplace) %{_sysconfdir}/cobbler/import_rsync_whitelist
@ -239,17 +287,19 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler
 %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/bind_manage_ipmi.settings
 %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/manage_genders.settings
 %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/nsupdate.settings
+%attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/settings.d/windows.settings
 %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/users.conf
 %attr(640, root, apache) %config(noreplace) %{_sysconfdir}/cobbler/users.digest
 %config(noreplace) %{_sysconfdir}/cobbler/version
+%config(noreplace) %{_sysconfdir}/cobbler/windows/
 %config(noreplace) %{_sysconfdir}/cobbler/zone.template
 %config(noreplace) %{_sysconfdir}/cobbler/zone_templates/
 %config(noreplace) %{_sysconfdir}/logrotate.d/cobblerd
 %config(noreplace) /etc/httpd/conf.d/cobbler.conf
 %{_bindir}/cobbler
+%{_bindir}/cobbler-settings
 %{_bindir}/cobbler-ext-nodes
 %{_bindir}/cobblerd
-%{_sbindir}/tftpd.py
 %{_datadir}/bash-completion/
 %dir %{_datadir}/cobbler
 %{_datadir}/cobbler/bin
@ -261,299 +311,32 @@ sed -i -e "s/SECRET_KEY = ''/SECRET_KEY = \'$RAND_SECRET\'/" %{_datadir}/cobbler
 %{_unitdir}/cobblerd.service
 %{tftpboot_dir}/*
 /var/www/cobbler
-%config(noreplace) %{_sharedstatedir}/cobbler
-%exclude %{_sharedstatedir}/cobbler/web.ss
-%exclude %{_sharedstatedir}/cobbler/webui_sessions
+%dir %{_sharedstatedir}/cobbler
+%ghost %attr(0755,root,root) %{_sharedstatedir}/cobbler/backup/
+%config(noreplace) %{_sharedstatedir}/cobbler/collections/
+%config(noreplace) %{_sharedstatedir}/cobbler/distro_signatures.json
+%config(noreplace) %{_sharedstatedir}/cobbler/grub_config/
+%config(noreplace) %{_sharedstatedir}/cobbler/loaders/
+%config(noreplace) %{_sharedstatedir}/cobbler/scripts/
+%config(noreplace) %{_sharedstatedir}/cobbler/snippets/
+%config(noreplace) %{_sharedstatedir}/cobbler/templates/
+%config(noreplace) %{_sharedstatedir}/cobbler/triggers/
+%ghost %attr(0644,root,root) %{_sharedstatedir}/cobbler/lock
+# Currently used for cli auth
+%ghost %attr(0644,root,root) %{_sharedstatedir}/cobbler/web.ss
 /var/log/cobbler

-%files -n cobbler-web
-%license COPYING
-%doc AUTHORS.in README.md
-%config(noreplace) /etc/httpd/conf.d/cobbler_web.conf
-%attr(-,apache,apache) %{_datadir}/cobbler/web
-%ghost %attr(0660,apache,root) %{_sharedstatedir}/cobbler/web.ss
-%dir %attr(700,apache,root) %{_sharedstatedir}/cobbler/webui_sessions
-%attr(-,apache,apache) /var/www/cobbler_webui_content/
+%files selinux
+%{_datadir}/selinux/packages/%{selinuxtype}/%{name}.pp.*
+%{_datadir}/selinux/devel/include/distributed/%{name}.if
+%ghost %verify(not md5 size mode mtime) %{_sharedstatedir}/selinux/%{selinuxtype}/active/modules/200/%{name}

 %files tests
-%dir %{_datadir}/cobbler/tests
-%{_datadir}/cobbler/tests/*
+%{_datadir}/cobbler/tests/
+
+%files tests-containers
+%{_datadir}/cobbler/docker/


 %changelog
-* Tue Mar 01 2022 Orion Poplawski <orion@nwra.com> - 3.2.2-9
- Apply fixes for CVE-2021-45082/3
- Remove BR on python3-coverage
-
-* Mon Jan 24 2022 Orion Poplawski <orion@nwra.com> - 3.2.2-8
- Fix posttrans script
-
-* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Thu Dec 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-6
- Fix path to settings.yaml in scriptlet
-
-* Thu Dec 09 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-5
- Remove defunct get-loaders command
-
-* Mon Nov 22 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-4
- Add new keys to settings.yaml on migration or if missing
- Save original settings to settings.rpmorig
-
-* Fri Oct 08 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-3
- Fix dependencies (bz#2010567)
-
-* Thu Sep 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-2
- Migrate settings to settings.yaml
- Migrate pre-cobbler 3 data if needed
- Fix autoinstall_templates -> templates
-
-* Thu Sep 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-1
- Update to 3.2.2
- bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection
- bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function
- bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings
-
-* Wed Sep 22 2021 Orion Poplawski <orion@nwra.com> - 3.2.1-1
- Update to 3.2.1
-
-* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 3.2.0-5
- Rebuilt for Python 3.10
-
-* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.2.0-4
- Rebuilt for updated systemd-rpm-macros
-  See https://pagure.io/fesco/issue/2583.
-
-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Sun Oct 25 2020 Orion Poplawski <orion@nwra.com> - 3.2.0-2
- Give root RW permission to /var/lib/cobbler/web.ss
- Fix SELinux cobbler logging issue
-
-* Sat Oct 24 2020 Orion Poplawski <orion@nwra.com> - 3.2.0-1
- Update to 3.2.0
-
-* Thu Sep 17 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-4
- Add requires on python-distro and file
-
-* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Wed Jul 08 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-2
- Fix apache configuration
-
-* Fri May 29 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-1
- Update to 3.1.2
-
-* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 3.1.1-4
- Rebuilt for Python 3.9
-
-* Fri Feb 21 2020 Orion Poplawski <orion@nwra.com> - 3.1.1-3
- Add requires for python3-dns
-
-* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Sun Jan 12 2020 Orion Poplawski <orion@nwra.com> - 3.1.1-1
- Update to 3.1.1
-
-* Tue Oct 22 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-4
- Drop koan completely, including obsoletes.  It is a separate package now.
-
-* Thu Oct 10 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-3
- Require /sbin/service
-
-* Tue Oct  8 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-2
- Fix requires (requests instead of urlgrabber)
- Fix BR for EL8
-
-* Mon Sep 09 2019 Nicolas Chauvet <kwizart@gmail.com> - 3.0.1-1
- Update to 3.0.1
-
-* Fri Aug 30 2019 Nicolas Chauvet <kwizart@gmail.com> - 3.0.0-1
- Update to 3.0.0
-
-* Mon Aug 26 2019 Nicolas Chauvet <kwizart@gmail.com> - 2.8.5-0.1
- Update to 2.8.5 - pre-release
-
-* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Mon Nov 26 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-5
- Fix empty man pages (BZ 1653415)
-
-* Mon Nov 26 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-4
- Revert bind_manage_ipmi feature that is broken on 2.8
-
-* Sun Nov 25 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-3
- Use pathfix.py to fix python shebangs
-
-* Sun Nov 25 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-2
- Make koan require python2-ethtool (BZ 1638933)
-
-* Sat Nov 24 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-1
- Update to 2.8.4 (Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931)
-
-* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Wed May 30 2018 Orion Poplawski <orion@nwra.com> - 2.8.3-3
- koan requires urlgrabber
-
-* Mon May 28 2018 Nicolas Chauvet <kwizart@gmail.com> - 2.8.3-2
- Restore mergeability with epel7
-
-* Mon May 28 2018 Nicolas Chauvet <kwizart@gmail.com> - 2.8.3-1
- Update to 2.8.3 - security bugfix
-
-* Wed Feb 21 2018 Orion Poplawski <orion@nwra.com> - 2.8.2-6
- Really fix django requires for Fedora 28+
-
-* Tue Feb 20 2018 Orion Poplawski <orion@nwra.com> - 2.8.2-5
- Fix django requires for Fedora 28+
-
-* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.8.2-4
- Escape macros in %%changelog
-
-* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Tue Feb 06 2018 Iryna Shcherbina <ishcherb@redhat.com> - 2.8.2-2
- Update Python 2 dependency declarations to new packaging standards
-  (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
-
-* Mon Sep 18 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.2-1
- Update to 2.8.2
-
-* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Wed Jun 21 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-3
- Suppress logrotate output
-
-* Mon Jun 12 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-2
- Fix module loading
-
-* Wed May 24 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-1
- Update to 2.8.1
-
-* Fri Feb 17 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-6
- Add patch to fix handling of multiple bridge interfaces
-
-* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Fri Jan 27 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-4
- Fix named patch
-
-* Tue Jan 24 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-3
- Restart named-chroot service if used
-
-* Fri Jan 20 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-2
- Fix logrotate script for systemd (bug #1414617)
-
-* Thu Dec 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-1
- Update to 2.8.0
- Restructure spec file
-
-* Thu Sep 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-11.gitf78af86
- Add patches to fix TEMPLATE_DIRS and use OrderedDict
-
-* Thu Aug 11 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-10.gitf78af86
- Force IPv4 connections to cobblerd from web proxy
-
-* Thu Jul 21 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-9.gitf78af86
- Suppress "virt-install --os-variant list" error messages
-
-* Thu Jul 21 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-8.git5680bf8
- Fix handling unknown os variants with osinfo-query
-
-* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.11-7.git95749a6
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
-
-* Wed Jul 13 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-6.git95749a6
- Fix typo in koan/app.py
-
-* Wed Jul 13 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-5.git13b035f
- Update to current git snapshot (bug #1276896)
-
-* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Mon Feb 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-3
- Require dnf-plugins-core
-
-* Sun Jan 24 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-2
- Require dnf-core-plugins instead of yum-utils for repoquery on Fedora 23+
-
-* Sun Jan 24 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-1
- Update to 2.6.11
- Make cobbler arch specific to allow for arch specific requires
-
-* Thu Oct 1 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.10-1
- Update to 2.6.10
-
-* Mon Jun 22 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.9-1
- Update to 2.6.9
-
-* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
-
-* Tue May 12 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.8-2
- Support django 1.8 in Fedora 22+
-
-* Fri May 8 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.8-1
- Update to 2.6.8
- Backport upstream patch to fix centos version detection (bug #1201879)
-
-* Tue Apr 28 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-3
- Add patch to fix virt-install support for F21+/EL7 (bug #1188424)
-
-* Mon Apr 27 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-2
- Create and own directories in tftp_dir
-
-* Wed Dec 31 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-1
- Update to 2.6.7
-
-* Sun Oct 19 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.6-1
- Update to 2.6.6
-
-* Fri Aug 15 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.5-1
- Update to 2.6.5
-
-* Wed Aug 13 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.4-2
- Require Django >= 1.4
-
-* Mon Aug 11 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.4-1
- Update to 2.6.4
-
-* Fri Jul 18 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.3-1
- Update to 2.6.3
-
-* Wed Jul 16 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.2-1
- Update to 2.6.2
- Spec cleanup
-
-* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
-* Fri May 23 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.1-1
- Update to 2.6.1
- Drop koan patch applied upstream
-
-* Tue Apr 22 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.0-2
- Only require syslinux on x86
-
-* Mon Apr 21 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.0-1
- Update to 2.6.0
+%autochangelog
--- a/cobbler.te
+++ b/cobbler.te
@ -0,0 +1,249 @@
+policy_module(cobbler, 1.3.0)
+
+########################################
+#
+# Declarations
+#
+
+## <desc>
+##	<p>
+##	Determine whether Cobbler can modify
+##	public files used for public file
+##	transfer services.
+##	</p>
+## </desc>
+gen_tunable(cobbler_anon_write, false)
+
+## <desc>
+##	<p>
+##	Determine whether Cobbler can connect
+##	to the network using TCP.
+##	</p>
+## </desc>
+gen_tunable(cobbler_can_network_connect, false)
+
+## <desc>
+##	<p>
+##	Determine whether Cobbler can access
+##	cifs file systems.
+##	</p>
+## </desc>
+gen_tunable(cobbler_use_cifs, false)
+
+## <desc>
+##	<p>
+##	Determine whether Cobbler can access
+##	nfs file systems.
+##	</p>
+## </desc>
+gen_tunable(cobbler_use_nfs, false)
+
+gen_require(`
+	type debuginfo_exec_t;
+	type init_exec_t;
+	class file getattr;
+')
+
+type cobblerd_t;
+type cobblerd_exec_t;
+init_daemon_domain(cobblerd_t, cobblerd_exec_t)
+
+type cobblerd_initrc_exec_t;
+init_script_file(cobblerd_initrc_exec_t)
+
+type cobbler_etc_t;
+files_config_file(cobbler_etc_t)
+
+type cobbler_var_log_t;
+logging_log_file(cobbler_var_log_t)
+
+type cobbler_var_lib_t alias cobbler_content_t;
+files_type(cobbler_var_lib_t)
+
+type cobbler_tmp_t;
+files_tmp_file(cobbler_tmp_t)
+
+type cobblerd_unit_file_t;
+systemd_unit_file(cobblerd_unit_file_t)
+
+########################################
+#
+# Local policy
+#
+
+allow cobblerd_t self:capability { chown dac_read_search  fowner fsetid sys_nice };
+dontaudit cobblerd_t self:capability sys_tty_config;
+allow cobblerd_t self:process { getsched setsched signal };
+allow cobblerd_t self:fifo_file rw_fifo_file_perms;
+allow cobblerd_t self:tcp_socket { accept listen };
+allow cobblerd_t self:netlink_audit_socket create_socket_perms;
+
+allow cobblerd_t cobbler_etc_t:dir list_dir_perms;
+allow cobblerd_t cobbler_etc_t:file read_file_perms;
+allow cobblerd_t cobbler_etc_t:lnk_file read_lnk_file_perms;
+
+allow cobblerd_t cobbler_tmp_t:file mmap_file_perms;
+# Allow cobbler to stat /usr/libexec/dnf-utils (aka reposync/yumdownloader)
+allow cobblerd_t debuginfo_exec_t:file getattr;
+# Allow cobbler to stat /usr/lib/systemd/systemd
+allow cobblerd_t init_exec_t:file getattr;
+# Allow cobbler to check status of itself
+allow cobblerd_t cobblerd_unit_file_t:service status;
+
+manage_dirs_pattern(cobblerd_t, cobbler_tmp_t, cobbler_tmp_t)
+manage_files_pattern(cobblerd_t, cobbler_tmp_t, cobbler_tmp_t)
+files_tmp_filetrans(cobblerd_t, cobbler_tmp_t, { dir file })
+
+manage_dirs_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
+manage_files_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
+manage_lnk_files_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
+files_var_lib_filetrans(cobblerd_t, cobbler_var_lib_t, dir)
+files_var_filetrans(cobblerd_t, cobbler_var_lib_t, dir, "cobbler")
+
+append_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
+create_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
+read_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
+setattr_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
+logging_log_filetrans(cobblerd_t, cobbler_var_log_t, file)
+
+kernel_read_system_state(cobblerd_t)
+kernel_read_network_state(cobblerd_t)
+
+corecmd_exec_bin(cobblerd_t)
+corecmd_exec_shell(cobblerd_t)
+
+corenet_all_recvfrom_netlabel(cobblerd_t)
+corenet_all_recvfrom_unlabeled(cobblerd_t)
+corenet_tcp_sendrecv_generic_if(cobblerd_t)
+corenet_tcp_sendrecv_generic_node(cobblerd_t)
+corenet_tcp_bind_generic_node(cobblerd_t)
+
+corenet_sendrecv_cobbler_server_packets(cobblerd_t)
+corenet_tcp_bind_cobbler_port(cobblerd_t)
+corenet_tcp_sendrecv_cobbler_port(cobblerd_t)
+
+corenet_sendrecv_ftp_client_packets(cobblerd_t)
+corenet_tcp_connect_ftp_port(cobblerd_t)
+corenet_tcp_sendrecv_ftp_port(cobblerd_t)
+
+corenet_tcp_sendrecv_http_port(cobblerd_t)
+corenet_tcp_connect_http_port(cobblerd_t)
+corenet_sendrecv_http_client_packets(cobblerd_t)
+
+dev_read_sysfs(cobblerd_t)
+dev_read_urand(cobblerd_t)
+
+files_list_boot(cobblerd_t)
+files_list_tmp(cobblerd_t)
+files_read_boot_files(cobblerd_t)
+files_read_etc_runtime_files(cobblerd_t)
+
+fs_getattr_all_fs(cobblerd_t)
+fs_read_iso9660_files(cobblerd_t)
+
+selinux_get_enforce_mode(cobblerd_t)
+
+term_use_console(cobblerd_t)
+
+auth_use_nsswitch(cobblerd_t)
+
+logging_send_syslog_msg(cobblerd_t)
+
+miscfiles_read_localization(cobblerd_t)
+miscfiles_read_public_files(cobblerd_t)
+
+sysnet_dns_name_resolve(cobblerd_t)
+sysnet_rw_dhcp_config(cobblerd_t)
+sysnet_write_config(cobblerd_t)
+
+tunable_policy(`cobbler_anon_write',`
+	miscfiles_manage_public_files(cobblerd_t)
+')
+
+tunable_policy(`cobbler_can_network_connect',`
+	corenet_sendrecv_all_client_packets(cobblerd_t)
+	corenet_tcp_connect_all_ports(cobblerd_t)
+	corenet_tcp_sendrecv_all_ports(cobblerd_t)
+')
+
+tunable_policy(`cobbler_use_cifs',`
+	fs_manage_cifs_dirs(cobblerd_t)
+	fs_manage_cifs_files(cobblerd_t)
+	fs_manage_cifs_symlinks(cobblerd_t)
+')
+
+tunable_policy(`cobbler_use_nfs',`
+	fs_manage_nfs_dirs(cobblerd_t)
+	fs_manage_nfs_files(cobblerd_t)
+	fs_manage_nfs_symlinks(cobblerd_t)
+')
+
+optional_policy(`
+	apache_search_config(cobblerd_t)
+	apache_domtrans(cobblerd_t)
+	apache_search_sys_content(cobblerd_t)
+')
+
+optional_policy(`
+	bind_read_config(cobblerd_t)
+	bind_write_config(cobblerd_t)
+	bind_domtrans_ndc(cobblerd_t)
+	bind_domtrans(cobblerd_t)
+	bind_initrc_domtrans(cobblerd_t)
+	bind_manage_zone(cobblerd_t)
+	bind_systemctl(cobblerd_t)
+')
+
+optional_policy(`
+	certmaster_exec(cobblerd_t)
+')
+
+optional_policy(`
+	dhcpd_domtrans(cobblerd_t)
+	dhcpd_initrc_domtrans(cobblerd_t)
+	dhcpd_systemctl(cobblerd_t)
+')
+
+optional_policy(`
+	dnsmasq_domtrans(cobblerd_t)
+	dnsmasq_initrc_domtrans(cobblerd_t)
+	dnsmasq_write_config(cobblerd_t)
+	dnsmasq_systemctl(cobblerd_t)
+')
+
+# To read /boot/efi
+optional_policy(`
+	fs_list_dos(cobblerd_t)
+	fs_read_dos_files(cobblerd_t)
+')
+
+# To run mkfs.fat when generating ISO
+optional_policy(`
+	fstools_exec(cobblerd_t)
+')
+
+optional_policy(`
+	libs_exec_ldconfig(cobblerd_t)
+')
+
+optional_policy(`
+	mysql_stream_connect(cobblerd_t)
+')
+
+optional_policy(`
+	rpm_exec(cobblerd_t)
+')
+
+optional_policy(`
+	rsync_exec(cobblerd_t)
+	rsync_read_config(cobblerd_t)
+	rsync_manage_config(cobblerd_t)
+	rsync_etc_filetrans_config(cobblerd_t, file, "rsync.conf")
+')
+
+optional_policy(`
+	tftp_manage_config(cobblerd_t)
+	tftp_manage_rw_content(cobblerd_t)
+	tftp_delete_content_dirs(cobblerd_t)
+	tftp_filetrans_tftpdir(cobblerd_t, cobbler_var_lib_t, { dir file })
+')
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (cobbler-3.2.2.tar.gz) = 65f3bf3bb43d1b1a6631ab299cd5a9a807c8e20ea07a61f89edc425b4833be5f2ddf0ac473010906bbcaaa5edfad577378185290bd2db01d9d64f276c2ad6be9
+SHA512 (cobbler-3.3.7.tar.gz) = df6570dd7c6cbe50464624267df1bbecbb29e60513bba312a6c726502d4670670f3113f24b6b7e465d0b3353c0721e6fe3725dbc4569b4f624ec2b4a29682d1a
Author	SHA1	Message	Date
Cristian Le	9be7a60c6c	Fix the dependency on syslinux Signed-off-by: Cristian Le <git@lecris.dev>	2025-12-23 16:48:31 +07:00
Orion Poplawski	20b9555db9	Add patch [skip changelog]	2025-10-04 21:36:03 -06:00
Orion Poplawski	dd50735347	Drop running migrate-data-v2-to-v3.py (rhbz#2349260)	2025-10-04 21:20:47 -06:00
Orion Poplawski	05d3a3d92b	Allow cobblerd access to /boot/efi (rhbz#2353901)	2025-10-04 21:04:17 -06:00
Orion Poplawski	87a66c903a	Add patch to use systemctl is-active to check status, avoids SELinux AVCs (rhbz#2353898)	2025-10-04 20:08:27 -06:00
Orion Poplawski	58e09a595a	Add upstream patch to fix reposync (rhbz#2401605)	2025-10-04 19:24:45 -06:00
Python Maint	5cc13feffb	Rebuilt for Python 3.14.0rc3 bytecode	2025-09-19 12:11:21 +02:00
Python Maint	4195c16d1e	Rebuilt for Python 3.14.0rc2 bytecode	2025-08-15 12:42:08 +02:00
Fedora Release Engineering	cd2b41fa6a	Rebuilt for https://fedoraproject.org/wiki/Fedora_43_Mass_Rebuild	2025-07-23 18:28:15 +00:00
Python Maint	70baef3349	Rebuilt for Python 3.14	2025-06-03 12:20:23 +02:00
Orion Poplawski	eb1d04f77e	Drop Requires: /sbin/service, no longer needed (rhbz#2365434)	2025-05-11 14:58:50 -06:00
Orion Poplawski	0788c790c2	Convert to %autorelease and %autochangelog [skip changelog]	2025-05-11 14:57:39 -06:00
Fedora Release Engineering	2c824d747a	Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild	2025-01-16 14:04:56 +00:00
Orion Poplawski	11a217ef3c	Backport upstream patch for Python 3.13 support (rhbz#2335620)	2025-01-05 11:02:23 -07:00
Orion Poplawski	fbd4957ccb	Drop unused patches	2024-11-17 16:56:21 -07:00
Orion Poplawski	694275065e	Update to 3.3.7 (CVE-2024-47533)	2024-11-17 16:24:53 -07:00
Carl George	47027a0994	Fix cheetah dependency Cheetah switched names from Cheetah3 to CT3 in its metadata in version 3.3.0. The Fedora package name is the same, but since we're using %py3_dist to specify the build-time dependency we must use the new metadata name. We also must adjust cobbler's metadata to specify the correct metadata name as a run-time dependency, because that is what the automatic Python run-time dependency generator uses. `673259b2d1` Resolves: rhbz#2314630	2024-09-30 19:15:04 -05:00
Carl George	a67153671d	Remove python3dist(ldap) weak dependency Nothing in Fedora provides python3dist(ldap), so this recommends has no effect. On PyPI ldap is an uninstallable dummy project with a description that directs people to python-ldap. Cobbler already has a run-time dependency on python-ldap from the automatic generator.	2024-09-27 01:22:24 -05:00
Carl George	38e625d09c	Remove duplicate run-time dependencies The automatic run-time dependency generator already covers all of these. https://docs.fedoraproject.org/en-US/packaging-guidelines/Python/#Automatically-generated-dependencies	2024-09-27 01:18:42 -05:00
Carl George	0db922ecdf	Remove simplejson dependency This was removed upstream in version 3.3.0. `ba64e5ef76`	2024-09-27 01:13:58 -05:00
Orion Poplawski	a8bdaff834	Drop old conditionals	2024-07-30 19:59:46 -06:00
Orion Poplawski	e4ad2811c5	Update to 3.3.6 Update to 3.3.6 Update to 3.3.6 Update to 3.3.6	2024-07-30 19:58:58 -06:00
Miroslav Suchý	4f2da8b22a	convert GPLv2+ license to SPDX This is part of https://fedoraproject.org/wiki/Changes/SPDX_Licenses_Phase_4	2024-07-25 23:19:59 +02:00
Fedora Release Engineering	da3242e687	Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild	2024-07-17 19:36:15 +00:00
Orion Poplawski	0bca026fd8	Update to 3.3.5 Update to 3.3.5 Update to 3.3.5 Update to 3.3.5	2024-07-11 21:38:48 -06:00
Python Maint	ba39bd45a2	Rebuilt for Python 3.13	2024-06-07 23:19:34 +02:00
Python Maint	ca7ccfbefd	Rebuilt for Python 3.13	2024-06-07 18:57:18 +02:00
Orion Poplawski	65c2b1ba5d	Fix service name in selinux post install script	2024-04-27 10:49:25 -06:00
Orion Poplawski	6428fa3761	Test for existence of web.ss before chowning it (bz#2276860)	2024-04-25 19:30:42 -06:00
Orion Poplawski	4411debad7	Fix BZ#s	2024-02-26 21:54:57 -07:00
Orion Poplawski	40e914ee29	Update to 3.3.4 Add local SELinux policy and allow cobbler to check service statuses, run mkfs.fat, and check for reposync and yumdownloader (bz#225122) Change owndership of web.ss to root (bz#2247652)	2024-02-26 21:43:13 -07:00
Fedora Release Engineering	0fc9b61b9b	Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild	2024-01-24 07:36:17 +00:00
Fedora Release Engineering	00d12f25d0	Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild	2024-01-19 15:46:52 +00:00
Fedora Release Engineering	1e0ee4450a	Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2023-07-19 15:59:35 +00:00
Orion Poplawski	762bc49951	Add BR on make	2023-07-17 07:53:50 -06:00
Orion Poplawski	d54231a40c	Manually make man pages	2023-07-17 07:34:17 -06:00
Orion Poplawski	2185610535	Add patch to fix build with Sphinx 7	2023-07-16 22:29:22 -06:00
Python Maint	375a43720e	Rebuilt for Python 3.12	2023-06-14 20:21:15 +02:00
Fedora Release Engineering	c8fb82f394	Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2023-01-19 00:08:59 +00:00
Fedora Release Engineering	5c3c68319d	Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org>	2022-07-20 23:13:07 +00:00
Python Maint	017b778961	Rebuilt for Python 3.11	2022-06-23 17:45:59 +02:00
Orion Poplawski	46bf3c8f18	Update to 3.3.3	2022-06-13 19:37:43 -06:00
Orion Poplawski	a8fe6f7f13	Drop setting cache_enabled no longer present in 3.3	2022-05-03 19:24:48 -06:00
Orion Poplawski	fed0a69bb7	Update to 3.3.2	2022-03-12 09:53:49 -07:00
Orion Poplawski	a4bb4acfa1	Update to 3.3.1, removes web interface	2022-02-28 22:13:35 -07:00