Add upstream patch for CVE-2022-0860 (bz#2066592)

Restore EL7 requires
Fix apache group
2022-03-23 07:27:16 -06:00 · 2022-03-07 10:29:07 -07:00 · 2022-03-03 08:37:12 -07:00 · 2022-03-02 21:47:12 -07:00 · 2021-12-08 20:21:57 -07:00 · 2019-12-29 12:53:54 -07:00
16 changed files with 2058 additions and 2188 deletions
--- a/1804.patch
+++ b/1804.patch
@ -0,0 +1,23 @@
+From 6759cc1b1834eb6b50b6a3c583fc531d8452eaf0 Mon Sep 17 00:00:00 2001
+From: Orion Poplawski <orion@cora.nwra.com>
+Date: Wed, 21 Jun 2017 11:41:45 -0600
+Subject: [PATCH] Suppress "edirecting to /bin/systemctl condrestart 
+ cobblerd.service" messages from logrotate on systemd systems
+
+---
+ config/cobblerd_rotate | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/config/cobblerd_rotate b/config/cobblerd_rotate
+index 2224f6600..17cb10e17 100644
+--- a/config/cobblerd_rotate
+++ b/config/cobblerd_rotate
+@@ -4,7 +4,7 @@
+    rotate 4
+    weekly
+    postrotate
+-      /sbin/service cobblerd condrestart > /dev/null
+      /sbin/service cobblerd condrestart > /dev/null 2>&1
+    endscript
+ }
+ 
--- a/3945.patch
+++ b/3945.patch
@ -1,32 +0,0 @@
-From 1d83bd29c253ba898ac35683258fec285d5a6529 Mon Sep 17 00:00:00 2001
-From: Orion Poplawski <orion@nwra.com>
-Date: Sat, 4 Oct 2025 19:49:26 -0600
-Subject: [PATCH] Use systemctl is-active --quiet to check status of services
- (fixes #3942)
-
---
- changelog.d/3942.fixed   | 1 +
- cobbler/actions/check.py | 2 +-
- 2 files changed, 2 insertions(+), 1 deletion(-)
- create mode 100644 changelog.d/3942.fixed
-
-diff --git a/changelog.d/3942.fixed b/changelog.d/3942.fixed
-new file mode 100644
-index 0000000000..444bdb800a
--- /dev/null
-+++ b/changelog.d/3942.fixed
-@@ -0,0 +1 @@
-+check: Use systemctl is-active --quiet to check the status of services
-diff --git a/cobbler/actions/check.py b/cobbler/actions/check.py
-index b79706aff1..5f6a3fa3bc 100644
--- a/cobbler/actions/check.py
-+++ b/cobbler/actions/check.py
-@@ -142,7 +142,7 @@ def check_service(self, status, which, notes=""):
-                     status.append("service %s is not running%s" % (which, notes))
-                     return
-         elif utils.is_systemd():
-            return_code = utils.subprocess_call("systemctl status %s > /dev/null 2>/dev/null" % which,
-+            return_code = utils.subprocess_call("systemctl is-active --quiet %s > /dev/null 2>/dev/null" % which,
-                                                 shell=True)
-             if return_code != 0:
-                 status.append("service %s is not running%s" % (which, notes))
--- a/354
+++ b/354
@ -1,354 +0,0 @@
-* Thu Jan 16 2025 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.7-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_42_Mass_Rebuild
-
-* Sun Jan 05 2025 Orion Poplawski <orion@nwra.com> - 3.3.7-2
- Backport upstream patch for Python 3.13 support (rhbz#2335620)
-
-* Sun Nov 17 2024 Orion Poplawski <orion@nwra.com> - 3.3.7-1
- Update to 3.3.7 (CVE-2024-47533)
-
-* Fri Sep 27 2024 Carl George <carlwgeorge@fedoraproject.org> - 3.3.6-2
- Fix cheetah dependency rhbz#2314630
-
-* Wed Jul 31 2024 Orion Poplawski <orion@nwra.com> - 3.3.6-1
- Update to 3.3.6
-
-* Thu Jul 25 2024 Miroslav Suchý <msuchy@redhat.com> - 3.3.5-3
- convert license to SPDX
-
-* Wed Jul 17 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.5-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_41_Mass_Rebuild
-
-* Fri Jul 12 2024 Orion Poplawski <orion@nwra.com> - 3.3.5-1
- Update to 3.3.5
-
-* Fri Jun 07 2024 Python Maint <python-maint@redhat.com> - 3.3.4-5
- Rebuilt for Python 3.13
-
-* Fri Jun 07 2024 Python Maint <python-maint@redhat.com> - 3.3.4-4
- Rebuilt for Python 3.13
-
-* Sat Apr 27 2024 Orion Poplawski <orion@nwra.com> - 3.3.4-3
- Fix service name in selinux post install script
-
-* Fri Apr 26 2024 Orion Poplawski <orion@nwra.com> - 3.3.4-2
- Test for existence of web.ss before chowning it (bz#2276860)
-
-* Mon Feb 26 2024 Orion Poplawski <orion@nwra.com> - 3.3.4-1
- Update to 3.3.4
- Add local SELinux policy and allow cobbler to check service statuses,
-  run mkfs.fat, and check for reposync and yumdownloader (bz#2251220)
- Change owndership of web.ss to root (bz#2247653)
-
-* Wed Jan 24 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Fri Jan 19 2024 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-8
- Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild
-
-* Wed Jul 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_39_Mass_Rebuild
-
-* Mon Jul 17 2023 Orion Poplawski <orion@nwra.com> - 3.3.3-6
- Add patch to fix build with Sphinx 7
-
-* Wed Jun 14 2023 Python Maint <python-maint@redhat.com> - 3.3.3-5
- Rebuilt for Python 3.12
-
-* Thu Jan 19 2023 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_38_Mass_Rebuild
-
-* Wed Jul 20 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.3.3-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_37_Mass_Rebuild
-
-* Thu Jun 23 2022 Python Maint <python-maint@redhat.com> - 3.3.3-2
- Rebuilt for Python 3.11
-
-* Tue Jun 14 2022 Orion Poplawski <orion@nwra.com> - 3.3.3-1
- Update to 3.3.3
-
-* Wed May 04 2022 Orion Poplawski <orion@nwra.com> - 3.3.2-2
- Drop setting cache_enabled no longer present in 3.3
-
-* Sat Mar 12 2022 Orion Poplawski <orion@nwra.com> - 3.3.2-1
- Update to 3.3.2
-
-* Tue Mar 01 2022 Orion Poplawski <orion@nwra.com> - 3.3.1-1
- Update to 3.3.1, removes web interface
-
-* Tue Mar 01 2022 Orion Poplawski <orion@nwra.com> - 3.2.2-9
- Apply fixes for CVE-2021-45082/3
- Remove BR on python3-coverage
-
-* Mon Jan 24 2022 Orion Poplawski <orion@nwra.com> - 3.2.2-8
- Fix posttrans script
-
-* Wed Jan 19 2022 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.2-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_36_Mass_Rebuild
-
-* Thu Dec 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-6
- Fix path to settings.yaml in scriptlet
-
-* Thu Dec 09 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-5
- Remove defunct get-loaders command
-
-* Mon Nov 22 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-4
- Add new keys to settings.yaml on migration or if missing
- Save original settings to settings.rpmorig
-
-* Fri Oct 08 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-3
- Fix dependencies (bz#2010567)
-
-* Thu Sep 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-2
- Migrate settings to settings.yaml
- Migrate pre-cobbler 3 data if needed
- Fix autoinstall_templates -> templates
-
-* Thu Sep 23 2021 Orion Poplawski <orion@nwra.com> - 3.2.2-1
- Update to 3.2.2
- bz#2006840: CVE-2021-40323: Arbitrary file disclosure/Template Injection
- bz#2006897: CVE-2021-40324: Arbitrary file write via upload_log_data XMLRPC function
- bz#2006904: CVE-2021-40325: Authorization bypass allows modifying settings
-
-* Wed Sep 22 2021 Orion Poplawski <orion@nwra.com> - 3.2.1-1
- Update to 3.2.1
-
-* Wed Jul 21 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_35_Mass_Rebuild
-
-* Fri Jun 04 2021 Python Maint <python-maint@redhat.com> - 3.2.0-5
- Rebuilt for Python 3.10
-
-* Tue Mar 02 2021 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 3.2.0-4
- Rebuilt for updated systemd-rpm-macros
-  See https://pagure.io/fesco/issue/2583.
-
-* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.2.0-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
-
-* Sun Oct 25 2020 Orion Poplawski <orion@nwra.com> - 3.2.0-2
- Give root RW permission to /var/lib/cobbler/web.ss
- Fix SELinux cobbler logging issue
-
-* Sat Oct 24 2020 Orion Poplawski <orion@nwra.com> - 3.2.0-1
- Update to 3.2.0
-
-* Thu Sep 17 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-4
- Add requires on python-distro and file
-
-* Mon Jul 27 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
-
-* Wed Jul 08 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-2
- Fix apache configuration
-
-* Fri May 29 2020 Orion Poplawski <orion@nwra.com> - 3.1.2-1
- Update to 3.1.2
-
-* Tue May 26 2020 Miro Hrončok <mhroncok@redhat.com> - 3.1.1-4
- Rebuilt for Python 3.9
-
-* Fri Feb 21 2020 Orion Poplawski <orion@nwra.com> - 3.1.1-3
- Add requires for python3-dns
-
-* Tue Jan 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.1.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
-
-* Sun Jan 12 2020 Orion Poplawski <orion@nwra.com> - 3.1.1-1
- Update to 3.1.1
-
-* Tue Oct 22 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-4
- Drop koan completely, including obsoletes.  It is a separate package now.
-
-* Thu Oct 10 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-3
- Require /sbin/service
-
-* Tue Oct  8 2019 Orion Poplawski <orion@nwra.com> - 3.0.1-2
- Fix requires (requests instead of urlgrabber)
- Fix BR for EL8
-
-* Mon Sep 09 2019 Nicolas Chauvet <kwizart@gmail.com> - 3.0.1-1
- Update to 3.0.1
-
-* Fri Aug 30 2019 Nicolas Chauvet <kwizart@gmail.com> - 3.0.0-1
- Update to 3.0.0
-
-* Mon Aug 26 2019 Nicolas Chauvet <kwizart@gmail.com> - 2.8.5-0.1
- Update to 2.8.5 - pre-release
-
-* Wed Jul 24 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.4-7
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild
-
-* Thu Jan 31 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.4-6
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
-
-* Mon Nov 26 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-5
- Fix empty man pages (BZ 1653415)
-
-* Mon Nov 26 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-4
- Revert bind_manage_ipmi feature that is broken on 2.8
-
-* Sun Nov 25 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-3
- Use pathfix.py to fix python shebangs
-
-* Sun Nov 25 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-2
- Make koan require python2-ethtool (BZ 1638933)
-
-* Sat Nov 24 2018 Orion Poplawski <orion@nwra.com> - 2.8.4-1
- Update to 2.8.4 (Fixes BZ 1613292, 1643860, 1614433, CVE-2018-1000226, CVE-2018-10931)
-
-* Thu Jul 12 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.3-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
-
-* Wed May 30 2018 Orion Poplawski <orion@nwra.com> - 2.8.3-3
- koan requires urlgrabber
-
-* Mon May 28 2018 Nicolas Chauvet <kwizart@gmail.com> - 2.8.3-2
- Restore mergeability with epel7
-
-* Mon May 28 2018 Nicolas Chauvet <kwizart@gmail.com> - 2.8.3-1
- Update to 2.8.3 - security bugfix
-
-* Wed Feb 21 2018 Orion Poplawski <orion@nwra.com> - 2.8.2-6
- Really fix django requires for Fedora 28+
-
-* Tue Feb 20 2018 Orion Poplawski <orion@nwra.com> - 2.8.2-5
- Fix django requires for Fedora 28+
-
-* Fri Feb 09 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 2.8.2-4
- Escape macros in %%changelog
-
-* Wed Feb 07 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.2-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
-
-* Tue Feb 06 2018 Iryna Shcherbina <ishcherb@redhat.com> - 2.8.2-2
- Update Python 2 dependency declarations to new packaging standards
-  (See https://fedoraproject.org/wiki/FinalizingFedoraSwitchtoPython3)
-
-* Mon Sep 18 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.2-1
- Update to 2.8.2
-
-* Wed Aug 02 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.1-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
-
-* Wed Jul 26 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.1-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
-
-* Wed Jun 21 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-3
- Suppress logrotate output
-
-* Mon Jun 12 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-2
- Fix module loading
-
-* Wed May 24 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.1-1
- Update to 2.8.1
-
-* Fri Feb 17 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-6
- Add patch to fix handling of multiple bridge interfaces
-
-* Fri Feb 10 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.8.0-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
-
-* Fri Jan 27 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-4
- Fix named patch
-
-* Tue Jan 24 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-3
- Restart named-chroot service if used
-
-* Fri Jan 20 2017 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-2
- Fix logrotate script for systemd (bug #1414617)
-
-* Thu Dec 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.8.0-1
- Update to 2.8.0
- Restructure spec file
-
-* Thu Sep 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-11.gitf78af86
- Add patches to fix TEMPLATE_DIRS and use OrderedDict
-
-* Thu Aug 11 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-10.gitf78af86
- Force IPv4 connections to cobblerd from web proxy
-
-* Thu Jul 21 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-9.gitf78af86
- Suppress "virt-install --os-variant list" error messages
-
-* Thu Jul 21 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-8.git5680bf8
- Fix handling unknown os variants with osinfo-query
-
-* Tue Jul 19 2016 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.11-7.git95749a6
- https://fedoraproject.org/wiki/Changes/Automatic_Provides_for_Python_RPM_Packages
-
-* Wed Jul 13 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-6.git95749a6
- Fix typo in koan/app.py
-
-* Wed Jul 13 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-5.git13b035f
- Update to current git snapshot (bug #1276896)
-
-* Wed Feb 03 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.6.11-4
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
-
-* Mon Feb 1 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-3
- Require dnf-plugins-core
-
-* Sun Jan 24 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-2
- Require dnf-core-plugins instead of yum-utils for repoquery on Fedora 23+
-
-* Sun Jan 24 2016 Orion Poplawski <orion@cora.nwra.com> - 2.6.11-1
- Update to 2.6.11
- Make cobbler arch specific to allow for arch specific requires
-
-* Thu Oct 1 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.10-1
- Update to 2.6.10
-
-* Mon Jun 22 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.9-1
- Update to 2.6.9
-
-* Wed Jun 17 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.8-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild
-
-* Tue May 12 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.8-2
- Support django 1.8 in Fedora 22+
-
-* Fri May 8 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.8-1
- Update to 2.6.8
- Backport upstream patch to fix centos version detection (bug #1201879)
-
-* Tue Apr 28 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-3
- Add patch to fix virt-install support for F21+/EL7 (bug #1188424)
-
-* Mon Apr 27 2015 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-2
- Create and own directories in tftp_dir
-
-* Wed Dec 31 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.7-1
- Update to 2.6.7
-
-* Sun Oct 19 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.6-1
- Update to 2.6.6
-
-* Fri Aug 15 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.5-1
- Update to 2.6.5
-
-* Wed Aug 13 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.4-2
- Require Django >= 1.4
-
-* Mon Aug 11 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.4-1
- Update to 2.6.4
-
-* Fri Jul 18 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.3-1
- Update to 2.6.3
-
-* Wed Jul 16 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.2-1
- Update to 2.6.2
- Spec cleanup
-
-* Sat Jun 07 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
-
-* Fri May 23 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.1-1
- Update to 2.6.1
- Drop koan patch applied upstream
-
-* Tue Apr 22 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.0-2
- Only require syslinux on x86
-
-* Mon Apr 21 2014 Orion Poplawski <orion@cora.nwra.com> - 2.6.0-1
- Update to 2.6.0
--- a/cobbler-CVE-2021-45082.patch
+++ b/cobbler-CVE-2021-45082.patch
@ -0,0 +1,34 @@
+commit 267184cc5c8db764847eee2d9ba0f5006879adfe
+Author: Alexander Graul <agraul@suse.com>
+Date:   Wed Feb 16 09:48:40 2022 +0100
+
+    Security: Fix incomplete template sanitization
+    
+    This only affects Cheetah templating.
+    
+    Without this commit, it is possible to evade the
+    "cheetah_import_whitelist" and import arbitraty Python code.
+    
+    Example exploit: #from exploit import pwned
+    
+    CVE-ID: CVE-2021-45082
+
+diff --git a/cobbler/templar.py b/cobbler/templar.py
+index c425908f..b2b99cb2 100644
+--- a/cobbler/templar.py
+++ b/cobbler/templar.py
+@@ -76,10 +76,10 @@ class Templar:
+         """
+         lines = data.split("\n")
+         for line in lines:
+-            if line.find("#import") != -1:
+-               rest=line.replace("#import","").replace(" ","").strip()
+-               if self.settings and rest not in self.settings.cheetah_import_whitelist:
+-                   raise CX("potentially insecure import in template: %s" % rest)
+            if "#import" in line or "#from" in line:
+                rest = line.replace("#import", "").replace("#from", "").replace("import", ".").replace(" ", "").strip()
+                if self.settings and rest not in self.settings.cheetah_import_whitelist:
+                    raise CX("Potentially insecure import in template: %s" % rest)
+ 
+     def render(self, data_input, search_table, out_path, subject=None, template_type=None):
+         """
--- a/cobbler-CVE-2022-0860.patch
+++ b/cobbler-CVE-2022-0860.patch
@ -0,0 +1,25 @@
+diff --git a/cobbler/modules/authn_pam.py b/cobbler/modules/authn_pam.py
+index 80ac4e7..26981f7 100644
+--- a/cobbler/modules/authn_pam.py
+++ b/cobbler/modules/authn_pam.py
+@@ -114,6 +114,10 @@ PAM_AUTHENTICATE = LIBPAM.pam_authenticate
+ PAM_AUTHENTICATE.restype = c_int
+ PAM_AUTHENTICATE.argtypes = [PamHandle, c_int]
+ 
+PAM_ACCT_MGMT = LIBPAM.pam_acct_mgmt
+PAM_ACCT_MGMT.restype = c_int
+PAM_ACCT_MGMT.argtypes = [PamHandle, c_int]
+
+ def authenticate(api_handle, username, password):
+     """
+     Returns True if the given username and password authenticate for the
+@@ -152,5 +156,9 @@ def authenticate(api_handle, username, password):
+         return False
+ 
+     retval = PAM_AUTHENTICATE(handle, 0)
+
+    if retval == 0:
+        retval = PAM_ACCT_MGMT(handle, 0)
+
+     return retval == 0
+ 
--- a/cobbler-nocov.patch
+++ b/cobbler-nocov.patch
@ -1,41 +0,0 @@
-diff --git a/setup.py b/setup.py
-index 59f7601..023d84b 100644
--- a/setup.py
-+++ b/setup.py
-@@ -341,17 +341,9 @@ class test_command(Command):
- 
-     def run(self):
-         import pytest
-        from coverage import Coverage
-
-        cov = Coverage()
-        cov.erase()
-        cov.start()
- 
-         result = pytest.main()
- 
-        cov.stop()
-        cov.save()
-        cov.html_report(directory="covhtml")
-         sys.exit(int(bool(len(result.failures) > 0 or len(result.errors) > 0)))
- 
- 
-@@ -479,7 +471,6 @@ if __name__ == "__main__":
-         },
-         license="GPLv2+",
-         setup_requires=[
-            "coverage",
-             "distro",
-             "setuptools",
-             "sphinx",
-@@ -501,10 +492,7 @@ if __name__ == "__main__":
-             "lint": ["pyflakes", "pycodestyle", "pylint", "black", "mypy"],
-             "test": [
-                 "pytest>6",
-                "pytest-cov",
-                "codecov",
-                 "pytest-mock",
-                "pytest-benchmark",
-             ],
-             "docs": ["sphinx", "sphinx-rtd-theme", "sphinxcontrib-apidoc"],
-             # We require the current version to properly detect duplicate issues
--- a/cobbler-python3.13.patch
+++ b/cobbler-python3.13.patch
@ -1,972 +0,0 @@
-diff --git a/changelog.d/3842.fixed b/changelog.d/3842.fixed
-new file mode 100644
-index 00000000..6c6d6313
--- /dev/null
-+++ b/changelog.d/3842.fixed
-@@ -0,0 +1 @@
-+Fix compatibility with Python 3.13
-diff --git a/cobbler/actions/reposync.py b/cobbler/actions/reposync.py
-index c0163350..ec5745fb 100644
--- a/cobbler/actions/reposync.py
-+++ b/cobbler/actions/reposync.py
-@@ -23,9 +23,9 @@ Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
- import logging
- import os
- import os.path
-import pipes
-import stat
-+import shlex
- import shutil
-+import stat
- from typing import Optional, Union
- 
- from cobbler import utils
-@@ -272,9 +272,9 @@ class RepoSync:
-             blended = utils.blender(self.api, False, repo)
-             flags = blended.get("createrepo_flags", "(ERROR: FLAGS)")
-             try:
-                cmd = "createrepo %s %s %s" % (" ".join(mdoptions), flags, pipes.quote(dirname))
-                utils.subprocess_call(cmd)
-            except:
-+                cmd = ["createrepo"] + mdoptions + flags + [shlex.quote(dirname)]
-+                utils.subprocess_call(cmd, shell=False)
-+            except Exception:
-                 utils.log_exc()
-                 self.logger.error("createrepo failed.")
-             del fnames[:]  # we're in the right place
-@@ -302,8 +302,19 @@ class RepoSync:
-         dest_path = os.path.join(self.settings.webdir, "repo_mirror", repo.name)
- 
-         # FIXME: wrapper for subprocess that logs to logger
-        cmd = ["wget", "-N", "-np", "-r", "-l", "inf", "-nd", "-P", pipes.quote(dest_path), pipes.quote(repo.mirror)]
-        rc = utils.subprocess_call(cmd)
-+        cmd = [
-+            "wget",
-+            "-N",
-+            "-np",
-+            "-r",
-+            "-l",
-+            "inf",
-+            "-nd",
-+            "-P",
-+            shlex.quote(dest_path),
-+            shlex.quote(repo.mirror),
-+        ]
-+        return_value = utils.subprocess_call(cmd, shell=False)
- 
-         if rc != 0:
-             raise CX("cobbler reposync failed")
-@@ -347,9 +358,14 @@ class RepoSync:
-         if flags == '':
-             flags = self.settings.reposync_rsync_flags
- 
-        cmd = "rsync %s --delete-after %s --delete --exclude-from=/etc/cobbler/rsync.exclude %s %s" \
-              % (flags, spacer, pipes.quote(repo.mirror), pipes.quote(dest_path))
-        rc = utils.subprocess_call(cmd)
-+        cmd = ["rsync"] + flags + ["--delete-after"]
-+        cmd += spacer + [
-+            "--delete",
-+            "--exclude-from=/etc/cobbler/rsync.exclude",
-+            shlex.quote(repo.mirror),
-+            shlex.quote(dest_path),
-+        ]
-+        return_code = utils.subprocess_call(cmd, shell=False)
- 
-         if rc != 0:
-             raise CX("cobbler reposync failed")
-@@ -386,10 +402,11 @@ class RepoSync:
-         if not HAS_LIBREPO:
-             raise CX("no librepo found, please install python3-librepo")
- 
-        if os.path.exists("/usr/bin/dnf"):
-            cmd = "/usr/bin/dnf reposync"
-        elif os.path.exists("/usr/bin/reposync"):
-            cmd = "/usr/bin/reposync"
-+        if os.path.exists("/usr/bin/reposync"):
-+            cmd = ["/usr/bin/reposync"]
-+        # DNF5 does not have a reposync subcommand
-+        elif os.path.exists("/usr/bin/dnf"):
-+            cmd = ["/usr/bin/dnf", "reposync"]
-         else:
-             # Warn about not having yum-utils.  We don't want to require it in the package because Fedora 22+ has moved
-             # to dnf.
-@@ -451,6 +468,11 @@ class RepoSync:
-             # Counter-intuitive, but we want the newish kernels too
-             arch = "i686"
- 
-+        cmd = self.reposync_cmd()
-+        cmd += self.rflags + [
-+            f"--repo={shlex.quote(rest)}",
-+            f"--download-path={shlex.quote(repos_path)}",
-+        ]
-         if arch != "none":
-             cmd = "%s -a %s" % (cmd, arch)
- 
-@@ -544,9 +566,11 @@ class RepoSync:
- 
-         if not has_rpm_list:
-             # If we have not requested only certain RPMs, use reposync
-            cmd = "%s %s --config=%s --repoid=%s -p %s" \
-                  % (cmd, self.rflags, temp_file, pipes.quote(repo.name),
-                     pipes.quote(repos_path))
-+            cmd += self.rflags + [
-+                f"--config={temp_file}",
-+                f"--repoid={shlex.quote(repo.name)}",
-+                f"--download-path={shlex.quote(repos_path)}",
-+            ]
-             if arch != "none":
-                 cmd = "%s -a %s" % (cmd, arch)
- 
-@@ -557,14 +581,14 @@ class RepoSync:
- 
-             use_source = ""
-             if arch == "src":
-                use_source = "--source"
-
-            # Older yumdownloader sometimes explodes on --resolvedeps if this happens to you, upgrade yum & yum-utils
-            extra_flags = self.settings.yumdownloader_flags
-            cmd = "/usr/bin/dnf download"
-            cmd = "%s %s %s --disablerepo=* --enablerepo=%s -c %s --destdir=%s %s" \
-                  % (cmd, extra_flags, use_source, pipes.quote(repo.name), temp_file, pipes.quote(dest_path),
-                     " ".join(repo.rpm_list))
-+                cmd.append("--source")
-+            cmd += [
-+                "--disablerepo=*",
-+                f"--enablerepo={shlex.quote(repo.name)}",
-+                f"-c={temp_file}",
-+                f"--destdir={shlex.quote(dest_path)}",
-+            ]
-+            cmd += repo.rpm_list
- 
-         # Now regardless of whether we're doing yumdownloader or reposync or whether the repo was http://, ftp://, or
-         # rhn://, execute all queued commands here.  Any failure at any point stops the operation.
-@@ -669,17 +693,21 @@ class RepoSync:
-             dists = ",".join(repo.apt_dists)
-             components = ",".join(repo.apt_components)
- 
-            mirror_data = "--method=%s --host=%s --root=%s --dist=%s --section=%s" \
-                          % (pipes.quote(method), pipes.quote(host), pipes.quote(mirror), pipes.quote(dists),
-                             pipes.quote(components))
-+            mirror_data = [
-+                f"--method={shlex.quote(method)}",
-+                f"--host={shlex.quote(host)}",
-+                f"--root={shlex.quote(mirror)}",
-+                f"--dist={shlex.quote(dists)}",
-+                f"--section={shlex.quote(components)}",
-+            ]
- 
-             rflags = "--nocleanup"
-             for x in repo.yumopts:
-                 if repo.yumopts[x]:
-                     rflags += " %s=%s" % (x, repo.yumopts[x])
-                 else:
-                    rflags += " %s" % x
-            cmd = "%s %s %s %s" % (mirror_program, rflags, mirror_data, pipes.quote(dest_path))
-+                    rflags.append(repo_yumoption)
-+            cmd = [mirror_program] + rflags + mirror_data + [shlex.quote(dest_path)]
-             if repo.arch == RepoArchs.SRC:
-                 cmd = "%s --source" % cmd
-             else:
-diff --git a/tests/actions/reposync_test.py b/tests/actions/reposync_test.py
-index 0bee772c..ee8d1549 100644
--- a/tests/actions/reposync_test.py
-+++ b/tests/actions/reposync_test.py
-@@ -1,251 +1,592 @@
-+"""
-+Tests that validate the functionality of the module that is responsible for repository synchronization.
-+"""
-+
- import os
-import glob
-+from pathlib import Path
-+from typing import TYPE_CHECKING, Any, Dict, List, Union
- 
- import pytest
- 
-from cobbler import enums
-+from cobbler import cexceptions, enums
-+from cobbler.actions import reposync
- from cobbler.api import CobblerAPI
-from cobbler.actions.reposync import RepoSync
- from cobbler.items.repo import Repo
-from cobbler import cexceptions
-from tests.conftest import does_not_raise
- 
-+from tests.conftest import does_not_raise
- 
-@pytest.fixture(scope="class")
-def api():
-    return CobblerAPI()
-+if TYPE_CHECKING:
-+    from pytest_mock import MockerFixture
- 
- 
-@pytest.fixture(scope="class")
-def reposync(api):
-    test_reposync = RepoSync(api, tries=2, nofail=False)
-+@pytest.fixture(name="reposync_object", scope="function")
-+def fixture_reposync_object(
-+    mocker: "MockerFixture", cobbler_api: CobblerAPI
-+) -> reposync.RepoSync:
-+    settings_mock = mocker.MagicMock()
-+    settings_mock.webdir = "/srv/www/cobbler"
-+    settings_mock.server = "localhost"
-+    settings_mock.http_port = 80
-+    settings_mock.proxy_url_ext = ""
-+    settings_mock.yumdownloader_flags = "--testflag"
-+    settings_mock.reposync_rsync_flags = "--testflag"
-+    settings_mock.reposync_flags = "--testflag"
-+    mocker.patch.object(cobbler_api, "settings", return_value=settings_mock)
-+    test_reposync = reposync.RepoSync(cobbler_api, tries=2, nofail=False)
-     return test_reposync
- 
- 
-@pytest.fixture
-def repo(api):
-+@pytest.fixture(name="repo")
-+def fixture_repo(cobbler_api: CobblerAPI) -> Repo:
-     """
-     Creates a Repository "testrepo0" with a keep_updated=True and mirror_locally=True".
-     """
-    test_repo = Repo(api)
-+    test_repo = Repo(cobbler_api)
-     test_repo.name = "testrepo0"
-     test_repo.mirror_locally = True
-     test_repo.keep_updated = True
-    api.add_repo(test_repo)
-     return test_repo
- 
- 
- @pytest.fixture
-def remove_repo(api):
-+def remove_repo(cobbler_api: CobblerAPI):
-     """
-     Removes the Repository "testrepo0" which can be created with repo.
-     """
-     yield
-    test_repo = api.find_repo("testrepo0")
-    if test_repo is not None:
-        api.remove_repo(test_repo.name)
-+    test_repo = cobbler_api.find_repo("testrepo0")
-+    if test_repo is not None and not isinstance(test_repo, list):
-+        cobbler_api.remove_repo(test_repo.name)
- 
- 
-class TestRepoSync:
-    @pytest.mark.usefixtures("remove_repo")
-    @pytest.mark.parametrize(
-        "input_mirror_type,input_mirror,expected_exception",
-        [
-            (
-                enums.MirrorType.BASEURL,
-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os",
-                does_not_raise()
-            ),
-            (
-                enums.MirrorType.MIRRORLIST,
-                "https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64",
-                does_not_raise()
-            ),
-            (
-                enums.MirrorType.METALINK,
-                "https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=x86_64",
-                does_not_raise()
-            ),
-            (
-                enums.MirrorType.BASEURL,
-                "http://www.example.com/path/to/some/repo",
-                pytest.raises(cexceptions.CX)
-            ),
-+@pytest.fixture(scope="function", autouse=True)
-+def reset_librepo():
-+    has_librepo = reposync.HAS_LIBREPO
-+    yield
-+    reposync.HAS_LIBREPO = has_librepo
-+
-+
-+def test_repo_walker(mocker: "MockerFixture", tmp_path: Path):
-+    # Arrange
-+    def test_fun(arg: Any, top: Any, names: Any):
-+        pass
-+
-+    subdir1 = tmp_path / "sub1"
-+    subdir2 = tmp_path / "sub2"
-+    subdir1.mkdir()
-+    subdir2.mkdir()
-+    spy = mocker.Mock(wraps=test_fun)
-+
-+    # Act
-+    reposync.repo_walker(tmp_path, spy, None)  # type: ignore
-+
-+    # Assert
-+    assert spy.mock_calls == [
-+        # settings.yaml is here because of our autouse fixture that we use to restore the settings
-+        mocker.call(None, tmp_path, ["settings.yaml", "sub1", "sub2"]),
-+        mocker.call(None, str(subdir1), []),
-+        mocker.call(None, str(subdir2), []),
-+    ]
-+
-+
-+@pytest.mark.parametrize(
-+    "input_has_librepo,input_path_exists_side_effect,expected_exception,expected_result",
-+    [
-+        (True, [False, True], does_not_raise(), ["/usr/bin/dnf", "reposync"]),
-+        (True, [True, False], does_not_raise(), ["/usr/bin/reposync"]),
-+        (True, [False, False], pytest.raises(cexceptions.CX), ""),
-+        (False, [False, True], pytest.raises(cexceptions.CX), ""),
-+    ],
-+)
-+def test_reposync_cmd(
-+    mocker: "MockerFixture",
-+    reposync_object: reposync.RepoSync,
-+    input_has_librepo: bool,
-+    input_path_exists_side_effect: List[bool],
-+    expected_exception: Any,
-+    expected_result: Union[List[str], str],
-+):
-+    # Arrange
-+    mocker.patch("os.path.exists", side_effect=input_path_exists_side_effect)
-+    reposync.HAS_LIBREPO = input_has_librepo
-+
-+    # Act
-+    with expected_exception:
-+        result = reposync_object.reposync_cmd()
-+
-+        # Assert
-+        assert result == expected_result
-+
-+
-+def test_run(mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo):
-+    # Arrange
-+    env_vars: Dict[str, Any] = {}
-+    mocker.patch("os.makedirs")
-+    mocker.patch("os.path.isdir", return_value=True)
-+    mocker.patch(
-+        "os.path.join",
-+        side_effect=[
-+            "/srv/www/cobbler/repo_mirror",
-+            "/srv/www/cobbler/repo_mirror/%s" % repo.name,
-         ],
-     )
-    def test_reposync_yum(
-        self,
-        input_mirror_type,
-        input_mirror,
-        expected_exception,
-        api,
-        repo,
-        reposync
-    ):
-        # Arrange
-        test_repo = repo
-        test_repo.breed = enums.RepoBreeds.YUM
-        test_repo.mirror = input_mirror
-        test_repo.mirror_type = input_mirror_type
-        test_repo.rpm_list = "fedora-gpg-keys"
-        test_settings = api.settings()
-        repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
-
-        # Act & Assert
-        with expected_exception:
-            reposync.run(test_repo.name)
-            result = os.path.exists(repo_path)
-            if test_repo.rpm_list and test_repo.rpm_list != []:
-                for rpm in test_repo.rpm_list:
-                    assert glob.glob(os.path.join(repo_path, "**", rpm) + "*.rpm", recursive=True) != []
-            assert result
-            # Test that re-downloading the metadata in .origin/repodata will not result in an error
-            reposync.run(test_repo.name)
-
-    @pytest.mark.usefixtures("remove_repo")
-    @pytest.mark.parametrize(
-        "input_mirror_type,input_mirror,input_arch,input_rpm_list,expected_exception",
-+    mocker.patch("os.environ", return_value=env_vars)
-+    mocker.patch.object(reposync_object, "repos", return_value=[repo])
-+    mocker.patch.object(reposync_object, "sync")
-+    mocker.patch.object(reposync_object, "update_permissions")
-+    reposync_object.repos = [repo]  # type: ignore
-+
-+    # Act
-+    reposync_object.run()
-+
-+    # Assert
-+    # This has to be 0 since all env vars need to be removed after reposync has run.
-+    assert len(env_vars) == 0
-+
-+
-+def test_gen_urlgrab_ssl_opts(reposync_object: reposync.RepoSync):
-+    # Arrange
-+    input_dict: Dict[str, Any] = {}
-+
-+    # Act
-+    result = reposync_object.gen_urlgrab_ssl_opts(input_dict)
-+
-+    # Assert
-+    assert isinstance(result, tuple)
-+    assert len(result) == 2
-+    # The data of the first element is kind of flexible let's skip asserting it for now
-+    assert isinstance(result[1], bool)
-+
-+
-+@pytest.mark.usefixtures("remove_repo")
-+@pytest.mark.parametrize(
-+    "input_mirror_type,input_mirror,expected_exception",
-+    [
-+        (
-+            enums.MirrorType.BASEURL,
-+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os",
-+            does_not_raise(),
-+        ),
-+        (
-+            enums.MirrorType.MIRRORLIST,
-+            "https://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64",
-+            does_not_raise(),
-+        ),
-+        (
-+            enums.MirrorType.METALINK,
-+            "https://mirrors.fedoraproject.org/metalink?repo=rawhide&arch=x86_64",
-+            does_not_raise(),
-+        ),
-+    ],
-+)
-+def test_reposync_yum(
-+    mocker: "MockerFixture",
-+    input_mirror_type: enums.MirrorType,
-+    input_mirror: str,
-+    expected_exception: Any,
-+    cobbler_api: CobblerAPI,
-+    repo: Repo,
-+    reposync_object: reposync.RepoSync,
-+):
-+    # Arrange
-+    test_repo = repo
-+    test_repo.breed = enums.RepoBreeds.YUM
-+    test_repo.mirror = input_mirror
-+    test_repo.mirror_type = input_mirror_type
-+    test_repo.rpm_list = "fedora-gpg-keys"
-+    test_settings = cobbler_api.settings()
-+    repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
-+    mocked_subprocess = mocker.patch(
-+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
-+    )
-+    mocker.patch.object(
-+        reposync_object, "create_local_file", return_value="/create/local/file"
-+    )
-+    mocker.patch.object(
-+        reposync_object, "reposync_cmd", return_value=["/my/fake/dnf", "reposync"]
-+    )
-+    mocker.patch.object(reposync_object, "rflags", return_value="--fake-r-flakg")
-+    mocker.patch.object(
-+        reposync_object,
-+        "gen_urlgrab_ssl_opts",
-+        return_value=(("TODO", "TODO", "TODO"), False),
-+    )
-+    mocker.patch("os.path.exists", return_value=True)
-+    mocker.patch("shutil.rmtree")
-+    mocker.patch("os.makedirs")
-+    mocked_repo_walker = mocker.patch("cobbler.actions.reposync.repo_walker")
-+    handle_mock = mocker.MagicMock()
-+    result_mock = mocker.MagicMock()
-+    mocker.patch("librepo.Handle", return_value=handle_mock)
-+    mocker.patch("librepo.Result", return_value=result_mock)
-+
-+    # Act & Assert
-+    with expected_exception:
-+        reposync_object.yum_sync(repo)
-+
-+        mocked_subprocess.assert_called_with(
-+            [
-+                "/usr/bin/dnf",
-+                "download",
-+                "--testflag",
-+                "--disablerepo=*",
-+                f"--enablerepo={repo.name}",
-+                "-c=/create/local/file",
-+                f"--destdir={repo_path}",
-+                "fedora-gpg-keys",
-+            ],
-+            shell=False,
-+        )
-+        handle_mock.perform.assert_called_with(result_mock)
-+        assert mocked_repo_walker.call_count == 1
-+
-+
-+@pytest.mark.usefixtures("remove_repo")
-+@pytest.mark.parametrize(
-+    "input_mirror_type,input_mirror,input_arch,input_rpm_list,expected_exception",
-+    [
-+        (
-+            enums.MirrorType.BASEURL,
-+            "http://ftp.debian.org/debian",
-+            enums.RepoArchs.X86_64,
-+            "",
-+            does_not_raise(),
-+        ),
-+        (
-+            enums.MirrorType.MIRRORLIST,
-+            "http://ftp.debian.org/debian",
-+            enums.RepoArchs.X86_64,
-+            "",
-+            pytest.raises(cexceptions.CX),
-+        ),
-+        (
-+            enums.MirrorType.METALINK,
-+            "http://ftp.debian.org/debian",
-+            enums.RepoArchs.X86_64,
-+            "",
-+            pytest.raises(cexceptions.CX),
-+        ),
-+        (
-+            enums.MirrorType.BASEURL,
-+            "http://ftp.debian.org/debian",
-+            enums.RepoArchs.NONE,
-+            "",
-+            pytest.raises(cexceptions.CX),
-+        ),
-+        (
-+            enums.MirrorType.BASEURL,
-+            "http://ftp.debian.org/debian",
-+            enums.RepoArchs.X86_64,
-+            "dpkg",
-+            pytest.raises(cexceptions.CX),
-+        ),
-+    ],
-+)
-+def test_reposync_apt(
-+    mocker: "MockerFixture",
-+    input_mirror_type: enums.MirrorType,
-+    input_mirror: str,
-+    input_arch: enums.RepoArchs,
-+    input_rpm_list: str,
-+    expected_exception: Any,
-+    cobbler_api: CobblerAPI,
-+    repo: Repo,
-+    reposync_object: reposync.RepoSync,
-+):
-+    # Arrange
-+    test_repo = repo
-+    test_repo.breed = enums.RepoBreeds.APT
-+    test_repo.arch = input_arch
-+    test_repo.apt_components = "main"
-+    test_repo.apt_dists = "stable"
-+    test_repo.mirror = input_mirror
-+    test_repo.mirror_type = input_mirror_type
-+    test_repo.rpm_list = input_rpm_list
-+    test_settings = cobbler_api.settings()
-+    repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
-+    mocked_subprocess = mocker.patch(
-+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
-+    )
-+    mocker.patch("os.path.exists", return_value=True)
-+
-+    # Act
-+    with expected_exception:
-+        reposync_object.apt_sync(repo)
-+
-+        # Assert
-+        mocked_subprocess.assert_called_with(
-+            [
-+                "/usr/bin/debmirror",
-+                "--nocleanup",
-+                "--method=http",
-+                "--host=ftp.debian.org",
-+                "--root=/debian",
-+                "--dist=stable",
-+                "--section=main",
-+                repo_path,
-+                "--nosource",
-+                "-a=amd64",
-+            ],
-+            shell=False,
-+        )
-+
-+
-+@pytest.mark.usefixtures("remove_repo")
-+@pytest.mark.parametrize(
-+    "input_mirror_type,input_mirror,expected_exception",
-+    [
-+        (
-+            enums.MirrorType.BASEURL,
-+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
-+            does_not_raise(),
-+        ),
-+        (
-+            enums.MirrorType.MIRRORLIST,
-+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
-+            pytest.raises(cexceptions.CX),
-+        ),
-+        (
-+            enums.MirrorType.METALINK,
-+            "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
-+            pytest.raises(cexceptions.CX),
-+        ),
-+    ],
-+)
-+def test_reposync_wget(
-+    mocker: "MockerFixture",
-+    input_mirror_type: enums.MirrorType,
-+    input_mirror: str,
-+    expected_exception: Any,
-+    cobbler_api: CobblerAPI,
-+    repo: Repo,
-+    reposync_object: reposync.RepoSync,
-+):
-+    # Arrange
-+    test_repo = repo
-+    test_repo.breed = enums.RepoBreeds.WGET
-+    test_repo.mirror = input_mirror
-+    test_repo.mirror_type = input_mirror_type
-+    repo_path = os.path.join(
-+        reposync_object.settings.webdir, "repo_mirror", test_repo.name
-+    )
-+    mocked_subprocess = mocker.patch(
-+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
-+    )
-+    mocker.patch("cobbler.actions.reposync.repo_walker")
-+    mocker.patch.object(reposync_object, "create_local_file")
-+
-+    # Act
-+    with expected_exception:
-+        reposync_object.wget_sync(test_repo)
-+
-+        # Assert
-+        mocked_subprocess.assert_called_with(
-+            [
-+                "wget",
-+                "-N",
-+                "-np",
-+                "-r",
-+                "-l",
-+                "inf",
-+                "-nd",
-+                "-P",
-+                repo_path,
-+                input_mirror,
-+            ],
-+            shell=False,
-+        )
-+
-+
-+def test_reposync_rhn(
-+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
-+):
-+    # Arrange
-+    repo.mirror = "rhn://%s" % repo.name
-+    mocked_subprocess = mocker.patch(
-+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
-+    )
-+    mocker.patch("os.path.isdir", return_value=True)
-+    mocker.patch("os.makedirs")
-+    mocker.patch("cobbler.actions.reposync.repo_walker")
-+    mocker.patch.object(reposync_object, "create_local_file")
-+    mocker.patch.object(
-+        reposync_object, "reposync_cmd", return_value=["/my/fake/reposync"]
-+    )
-+
-+    # Act
-+    reposync_object.rhn_sync(repo)
-+
-+    # Assert
-+    # TODO: Check this more and document how its actually working
-+    mocked_subprocess.assert_called_with(
-         [
-            (
-                enums.MirrorType.BASEURL,
-                "http://ftp.debian.org/debian",
-                enums.RepoArchs.X86_64,
-                "",
-                does_not_raise()
-            ),
-            (
-                enums.MirrorType.MIRRORLIST,
-                "http://ftp.debian.org/debian",
-                enums.RepoArchs.X86_64,
-                "",
-                pytest.raises(cexceptions.CX)
-            ),
-            (
-                enums.MirrorType.METALINK,
-                "http://ftp.debian.org/debian",
-                enums.RepoArchs.X86_64,
-                "",
-                pytest.raises(cexceptions.CX)
-            ),
-            (
-                enums.MirrorType.BASEURL,
-                "http://www.example.com/path/to/some/repo",
-                enums.RepoArchs.X86_64,
-                "",
-                pytest.raises(cexceptions.CX)
-            ),
-            (
-                enums.MirrorType.BASEURL,
-                "http://ftp.debian.org/debian",
-                enums.RepoArchs.NONE,
-                "",
-                pytest.raises(cexceptions.CX)
-            ),
-            (
-                enums.MirrorType.BASEURL,
-                "http://ftp.debian.org/debian",
-                enums.RepoArchs.X86_64,
-                "dpkg",
-                pytest.raises(cexceptions.CX)
-            ),
-+            "/my/fake/reposync",
-+            "--testflag",
-+            "--repo=testrepo0",
-+            "--download-path=/srv/www/cobbler/repo_mirror",
-         ],
-+        shell=False,
-     )
-    def test_reposync_apt(
-        self,
-        input_mirror_type,
-        input_mirror,
-        input_arch,
-        input_rpm_list,
-        expected_exception,
-        api,
-        repo,
-        reposync
-    ):
-        # Arrange
-        test_repo = repo
-        test_repo.breed = enums.RepoBreeds.APT
-        test_repo.arch = input_arch
-        test_repo.apt_components = "main"
-        test_repo.apt_dists = "stable"
-        test_repo.mirror = input_mirror
-        test_repo.mirror_type = input_mirror_type
-        test_repo.rpm_list = input_rpm_list
-        test_repo.yumopts = "--exclude=.* --include=dpkg.* --no-check-gpg --rsync-extra=none"
-        test_settings = api.settings()
-        repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
-
-        # Act & Assert
-        with expected_exception:
-            reposync.run(test_repo.name)
-            result = os.path.exists(repo_path)
-            for rpm in ["dpkg"]:
-                assert glob.glob(os.path.join(repo_path, "**", "dpkg") + "*", recursive=True) != []
-            assert result
-
-    @pytest.mark.skip("To flaky and thus not reliable. Needs to be mocked to be of use.")
-    @pytest.mark.usefixtures("remove_repo")
-    @pytest.mark.parametrize(
-        "input_mirror_type,input_mirror,expected_exception",
-+
-+
-+def test_reposync_rsync(
-+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
-+):
-+    # Arrange
-+    mocked_subprocess = mocker.patch("cobbler.utils.subprocess_call", return_value=0)
-+    mocker.patch("cobbler.actions.reposync.repo_walker")
-+    mocker.patch.object(reposync_object, "create_local_file")
-+    repo_path = os.path.join(reposync_object.settings.webdir, "repo_mirror", repo.name)
-+
-+    # Act
-+    reposync_object.rsync_sync(repo)
-+
-+    # Assert
-+    mocked_subprocess.assert_called_with(
-         [
-            (
-                enums.MirrorType.BASEURL,
-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
-                does_not_raise()
-            ),
-            (
-                enums.MirrorType.MIRRORLIST,
-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
-                pytest.raises(cexceptions.CX)
-            ),
-            (
-                enums.MirrorType.METALINK,
-                "http://download.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/Packages/2",
-                pytest.raises(cexceptions.CX)
-            ),
-            (
-                enums.MirrorType.BASEURL,
-                "http://www.example.com/path/to/some/repo",
-                pytest.raises(cexceptions.CX)
-            ),
-+            "rsync",
-+            "--testflag",
-+            "--delete-after",
-+            "-e ssh",
-+            "--delete",
-+            "--exclude-from=/etc/cobbler/rsync.exclude",
-+            "/",
-+            repo_path,
-         ],
-+        shell=False,
-     )
-    def test_reposync_wget(
-        self,
-        input_mirror_type,
-        input_mirror,
-        expected_exception,
-        api,
-        repo,
-        reposync
-    ):
-        # Arrange
-        test_repo = repo
-        test_repo.breed = enums.RepoBreeds.WGET
-        test_repo.mirror = input_mirror
-        test_repo.mirror_type = input_mirror_type
-        test_settings = api.settings()
-        repo_path = os.path.join(test_settings.webdir, "repo_mirror", test_repo.name)
-
-        # Act & Assert
-        with expected_exception:
-            reposync.run(test_repo.name)
-            result = os.path.exists(repo_path)
-            for rpm in ["rpm"]:
-                assert glob.glob(os.path.join(repo_path, "**", "2") + "*", recursive=True) != []
-            assert result
-
-
-@pytest.mark.skip("TODO")
-def test_reposync_rhn():
-+
-+
-+def test_createrepo_walker(
-+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
-+):
-     # Arrange
-+    input_repo = repo
-+    input_repo.breed = enums.RepoBreeds.RSYNC
-+    input_dirname = ""
-+    input_fnames = []
-+    expected_call = ["createrepo", "--testflags", f"'{input_dirname}'"]
-+    mocked_subprocess = mocker.patch(
-+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
-+    )
-+    mocker.patch(
-+        "cobbler.utils.blender",
-+        autospec=True,
-+        return_value={"createrepo_flags": "--testflags"},
-+    )
-+    mocker.patch("cobbler.utils.remove_yum_olddata")
-+    mocker.patch("cobbler.utils.subprocess_get", return_value="5")
-+    mocker.patch("cobbler.utils.get_family", return_value="TODO")
-+    mocker.patch("os.path.exists", return_value=True)
-+    mocker.patch("os.path.isfile", return_value=True)
-+    mocker.patch.object(reposync_object, "librepo_getinfo", return_value={})
-+
-     # Act
-+    reposync_object.createrepo_walker(input_repo, input_dirname, input_fnames)
-+
-     # Assert
-    assert False
-+    # TODO: Improve coverage over different cases in method
-+    mocked_subprocess.assert_called_with(expected_call, shell=False)
- 
- 
-@pytest.mark.skip("TODO")
-def test_reposync_rsync():
-+@pytest.mark.parametrize(
-+    "input_repotype,expected_exception",
-+    [
-+        (enums.RepoBreeds.YUM, does_not_raise()),
-+        (enums.RepoBreeds.RHN, does_not_raise()),
-+        (enums.RepoBreeds.APT, does_not_raise()),
-+        (enums.RepoBreeds.RSYNC, does_not_raise()),
-+        (enums.RepoBreeds.WGET, does_not_raise()),
-+        (enums.RepoBreeds.NONE, pytest.raises(cexceptions.CX)),
-+    ],
-+)
-+def test_sync(
-+    mocker: "MockerFixture",
-+    cobbler_api: CobblerAPI,
-+    reposync_object: reposync.RepoSync,
-+    input_repotype: enums.RepoBreeds,
-+    expected_exception: Any,
-+):
-     # Arrange
-+    test_repo = Repo(cobbler_api)
-+    test_repo.breed = input_repotype
-+    rhn_sync_mock = mocker.patch.object(reposync_object, "rhn_sync")
-+    yum_sync_mock = mocker.patch.object(reposync_object, "yum_sync")
-+    apt_sync_mock = mocker.patch.object(reposync_object, "apt_sync")
-+    rsync_sync_mock = mocker.patch.object(reposync_object, "rsync_sync")
-+    wget_sync_mock = mocker.patch.object(reposync_object, "wget_sync")
-+
-     # Act
-+    with expected_exception:
-+        reposync_object.sync(test_repo)
-+
-+        # Assert
-+        call_count = sum(
-+            (
-+                rhn_sync_mock.call_count,
-+                yum_sync_mock.call_count,
-+                apt_sync_mock.call_count,
-+                rsync_sync_mock.call_count,
-+                wget_sync_mock.call_count,
-+            )
-+        )
-+        assert call_count == 1
-+
-+
-+def test_librepo_getinfo(
-+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, tmp_path: Path
-+):
-+    # Arrange
-+    handle_mock = mocker.MagicMock()
-+    result_mock = mocker.MagicMock()
-+    mocker.patch("librepo.Handle", return_value=handle_mock)
-+    mocker.patch("librepo.Result", return_value=result_mock)
-+
-+    # Act
-+    reposync_object.librepo_getinfo(str(tmp_path))
-+
-+    # Assert
-+    handle_mock.perform.assert_called_with(result_mock)
-+    result_mock.getinfo.assert_called()
-+
-+
-+def test_create_local_file(
-+    mocker: "MockerFixture", reposync_object: reposync.RepoSync, repo: Repo
-+):
-+    # Arrange
-+    mocker.patch("cobbler.utils.filesystem_helpers.mkdir", autospec=True)
-+    mock_open = mocker.patch("builtins.open", mocker.mock_open())
-+    input_dest_path = ""
-+    input_repo = repo
-+    input_output = True
-+
-+    # Act
-+    reposync_object.create_local_file(input_dest_path, input_repo, output=input_output)
-+
-+    # Assert
-+    # TODO: Extend checks
-+    assert mock_open.call_count == 1
-+    assert mock_open.mock_calls[0] == mocker.call("config.repo", "w", encoding="UTF-8")
-+    mock_open_handle = mock_open()
-+    assert mock_open_handle.write.mock_calls[0] == mocker.call("[testrepo0]\n")
-+    assert mock_open_handle.write.mock_calls[1] == mocker.call("name=testrepo0\n")
-+
-+
-+def test_update_permissions(
-+    mocker: "MockerFixture", reposync_object: reposync.RepoSync
-+):
-+    # Arrange
-+    mocked_subprocess = mocker.patch(
-+        "cobbler.utils.subprocess_call", autospec=True, return_value=0
-+    )
-+    path_to_update = "/my/fake/path"
-+    expected_calls = [
-+        mocker.call(["chown", "-R", "root:www", path_to_update], shell=False),
-+        mocker.call(["chmod", "-R", "755", path_to_update], shell=False),
-+    ]
-+
-+    # Act
-+    reposync_object.update_permissions(path_to_update)
-+
-     # Assert
-    assert False
-+    assert mocked_subprocess.mock_calls == expected_calls
--- a/cobbler-remove-get-loaders.patch
+++ b/cobbler-remove-get-loaders.patch
@ -0,0 +1,111 @@
+commit fdf493ae4095c3266997e8b9c9cbcb31767b06d6
+Author: Orion Poplawski <orion@nwra.com>
+Date:   Wed Dec 8 20:19:51 2021 -0700
+
+    Remove get-loaders
+
+diff --git a/cobbler/action_check.py b/cobbler/action_check.py
+index c1980a39..825e666d 100644
+--- a/cobbler/action_check.py
+++ b/cobbler/action_check.py
+@@ -335,7 +335,7 @@ class BootCheck:
+              not_found.append(loader_name)
+ 
+        if len(not_found) > 0:
+-          status.append("Some network boot-loaders are missing from /var/lib/cobbler/loaders, you may run 'cobbler get-loaders' to download them, or, if you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot. The 'cobbler get-loaders' command is the easiest way to resolve these requirements.")
+          status.append("Some network boot-loaders are missing from /var/lib/cobbler/loaders.  If you only want to handle x86/x86_64 netbooting, you may ensure that you have installed a *recent* version of the syslinux package installed and can ignore this message entirely.  Files in this directory, should you want to support all architectures, should include pxelinux.0, menu.c32, elilo.efi, and yaboot.")
+ 
+    def check_tftpd_bin(self,status):
+        """
+diff --git a/cobbler/api.py b/cobbler/api.py
+index 77ffc689..30f4b878 100644
+--- a/cobbler/api.py
+++ b/cobbler/api.py
+@@ -36,7 +36,6 @@ import action_report
+ import action_power
+ import action_log
+ import action_hardlink
+-import action_dlcontent
+ from cexceptions import CX
+ import kickgen
+ import yumgen
+@@ -723,19 +722,6 @@ class BootAPI:
+ 
+     # ==========================================================================
+ 
+-    def dlcontent(self,force=False,logger=None):
+-        """
+-        Downloads bootloader content that may not be avialable in packages
+-        for the given arch, ex: if installing on PPC, get syslinux. If installing
+-        on x86_64, get elilo, etc.
+-        """
+-        # FIXME: teach code that copies it to grab from the right place
+-        self.log("dlcontent")
+-        grabber = action_dlcontent.ContentDownloader(self._config, logger=logger)
+-        return grabber.run(force)
+-
+-    # ==========================================================================
+-
+     def validateks(self, logger=None):
+         """
+         Use ksvalidator (from pykickstart, if available) to determine
+diff --git a/cobbler/cli.py b/cobbler/cli.py
+index a1aa815e..71af6853 100755
+--- a/cobbler/cli.py
+++ b/cobbler/cli.py
+@@ -56,7 +56,7 @@ OBJECT_TYPES = OBJECT_ACTIONS_MAP.keys()
+ OBJECT_ACTIONS = []
+ for actions in OBJECT_ACTIONS_MAP.values():
+    OBJECT_ACTIONS += actions
+-DIRECT_ACTIONS = "aclsetup buildiso import list replicate report reposync sync validateks version signature get-loaders hardlink".split()
+DIRECT_ACTIONS = "aclsetup buildiso import list replicate report reposync sync validateks version signature hardlink".split()
+ 
+ ####################################################
+ 
+@@ -501,10 +501,6 @@ class BootCLI:
+         elif action_name == "validateks":
+             (options, args) = self.parser.parse_args()
+             task_id = self.start_task("validateks",options)
+-        elif action_name == "get-loaders":
+-            self.parser.add_option("--force", dest="force", action="store_true", help="overwrite any existing content in /var/lib/cobbler/loaders")
+-            (options, args) = self.parser.parse_args()
+-            task_id = self.start_task("dlcontent",options)
+         elif action_name == "import":
+             self.parser.add_option("--arch",         dest="arch",           help="OS architecture being imported")
+             self.parser.add_option("--breed",        dest="breed",          help="the breed being imported")
+diff --git a/cobbler/remote.py b/cobbler/remote.py
+index f7b93abc..d2b5d0b5 100644
+--- a/cobbler/remote.py
+++ b/cobbler/remote.py
+@@ -168,14 +168,6 @@ class CobblerXMLRPCInterface:
+             )
+         return self.__start_task(runner, token, "aclsetup", "(CLI) ACL Configuration", options)
+ 
+-    def background_dlcontent(self, options, token):
+-        """
+-        Download bootloaders and other support files.
+-        """
+-        def runner(self):
+-            return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
+-        return self.__start_task(runner, token, "get_loaders", "Download Bootloader Content", options)
+-
+     def background_sync(self, options, token):
+         def runner(self):
+             return self.remote.api.sync(self.options.get("verbose",False),logger=self.logger)
+diff --git a/docs/appendix.rst b/docs/appendix.rst
+index b1945c72..7dc73411 100644
+--- a/docs/appendix.rst
+++ b/docs/appendix.rst
+@@ -611,12 +611,6 @@ Steps
+ DBAN 2.2.6
+ **********
+ 
+-Retrieve the extra loader parts that DBAN 2.2.6 needs:
+-
+-.. code-block:: bash
+-
+-    cobbler get-loaders
+-
+ Download DBAN:
+ 
+ .. code-block:: bash
--- a/cobbler-reposync.patch
+++ b/cobbler-reposync.patch
@ -1,18 +0,0 @@
-diff -up cobbler-3.3.7/cobbler/cli.py.reposync cobbler-3.3.7/cobbler/cli.py
--- cobbler-3.3.7/cobbler/cli.py.reposync	2024-11-17 14:02:02.000000000 -0700
-+++ cobbler-3.3.7/cobbler/cli.py	2025-10-04 19:21:03.379260526 -0600
-@@ -1184,7 +1184,13 @@ class CobblerCLI:
-             task_id = self.start_task("import", options)
-         elif action_name == "reposync":
-             self.parser.add_option("--only", dest="only", help="update only this repository name")
-            self.parser.add_option("--tries", dest="tries", help="try each repo this many times", default=1)
-+            self.parser.add_option(
-+                "--tries",
-+                dest="tries",
-+                help="try each repo this many times",
-+                default=1,
-+                type="int",
-+            )
-             self.parser.add_option("--no-fail", dest="nofail", help="don't stop reposyncing if a failure occurs",
-                                    action="store_true")
-             (options, args) = self.parser.parse_args(self.args)
--- a/cobbler.fc
+++ b/cobbler.fc
@ -1,28 +0,0 @@
-/etc/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_etc_t,s0)
-
-/etc/rc\.d/init\.d/cobblerd	--	gen_context(system_u:object_r:cobblerd_initrc_exec_t,s0)
-
-/usr/bin/cobblerd	--	gen_context(system_u:object_r:cobblerd_exec_t,s0)
-
-/usr/lib/systemd/system/cobblerd.*	--	gen_context(system_u:object_r:cobblerd_unit_file_t,s0)
-
-/var/cache/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-
-/var/lib/tftpboot/aarch64(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/boot(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/etc(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/grub(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/images(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/images2(/.*)? gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/memdisk	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/menu\.c32	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/ppc(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/pxelinux\.0	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/pxelinux\.cfg(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/s390x(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-/var/lib/tftpboot/yaboot	--	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
-
-/var/log/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_log_t,s0)
-
-/var/www/cobbler(/.*)?	gen_context(system_u:object_r:cobbler_var_lib_t,s0)
--- a/cobbler.if
+++ b/cobbler.if
@ -1,251 +0,0 @@
-## <summary>Cobbler installation server.</summary>
-
-########################################
-## <summary>
-##	Execute a domain transition to run cobblerd.
-## </summary>
-## <param name="domain">
-## <summary>
-##	Domain allowed to transition.
-## </summary>
-## </param>
-#
-interface(`cobblerd_domtrans',`
-	gen_require(`
-		type cobblerd_t, cobblerd_exec_t;
-	')
-
-	corecmd_search_bin($1)
-	domtrans_pattern($1, cobblerd_exec_t, cobblerd_t)
-')
-
-########################################
-## <summary>
-##	Execute cobblerd server in the cobblerd domain.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed to transition.
-##	</summary>
-## </param>
-#
-interface(`cobblerd_systemctl',`
-	gen_require(`
-		type named_unit_file_t;
-		type named_t;
-	')
-
-	systemd_exec_systemctl($1)
-	init_reload_services($1)
-	allow $1 named_unit_file_t:file read_file_perms;
-	allow $1 named_unit_file_t:service manage_service_perms;
-
-	ps_process_pattern($1, named_t)
-')
-
-########################################
-## <summary>
-##	Execute cobblerd init scripts in
-##	the init script domain.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed to transition.
-##	</summary>
-## </param>
-#
-interface(`cobblerd_initrc_domtrans',`
-	gen_require(`
-		type cobblerd_initrc_exec_t;
-	')
-
-	init_labeled_script_domtrans($1, cobblerd_initrc_exec_t)
-')
-
-
-
-########################################
-## <summary>
-##	Read cobbler configuration dirs.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`cobbler_list_config',`
-	gen_require(`
-		type cobbler_etc_t;
-	')
-
-	list_dirs_pattern($1, cobbler_etc_t, cobbler_etc_t)
-	files_search_etc($1)
-')
-
-
-########################################
-## <summary>
-##	Read cobbler configuration files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`cobbler_read_config',`
-	gen_require(`
-		type cobbler_etc_t;
-	')
-
-	read_files_pattern($1, cobbler_etc_t, cobbler_etc_t)
-	files_search_etc($1)
-')
-
-########################################
-## <summary>
-##	Do not audit attempts to read and write
-##	cobbler log files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain to not audit.
-##	</summary>
-## </param>
-#
-interface(`cobbler_dontaudit_rw_log',`
-	gen_require(`
-		type cobbler_var_log_t;
-	')
-
-	dontaudit $1 cobbler_var_log_t:file rw_file_perms;
-')
-
-########################################
-## <summary>
-##	Search cobbler lib directories.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`cobbler_search_lib',`
-	gen_require(`
-		type cobbler_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	search_dirs_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
-')
-
-########################################
-## <summary>
-##	Read cobbler lib files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`cobbler_read_lib_files',`
-	gen_require(`
-		type cobbler_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	read_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
-    read_lnk_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
-')
-
-########################################
-## <summary>
-##	Create, read, write, and delete
-##	cobbler lib files.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-#
-interface(`cobbler_manage_lib_files',`
-	gen_require(`
-		type cobbler_var_lib_t;
-	')
-
-	files_search_var_lib($1)
-	manage_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
-    manage_lnk_files_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
-    manage_dirs_pattern($1, cobbler_var_lib_t, cobbler_var_lib_t)
-')
-
-########################################
-## <summary>
-##	All of the rules required to
-##	administrate an cobbler environment.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="role">
-##	<summary>
-##	Role allowed access.
-##	</summary>
-## </param>
-## <rolecap/>
-#
-interface(`cobblerd_admin',`
-	refpolicywarn(`$0($*) has been deprecated, use cobbler_admin() instead.')
-	cobbler_admin($1, $2)
-')
-
-########################################
-## <summary>
-##	All of the rules required to
-##	administrate an cobbler environment.
-## </summary>
-## <param name="domain">
-##	<summary>
-##	Domain allowed access.
-##	</summary>
-## </param>
-## <param name="role">
-##	<summary>
-##	Role allowed access.
-##	</summary>
-## </param>
-## <rolecap/>
-#
-interface(`cobbler_admin',`
-	gen_require(`
-		type cobblerd_t, cobbler_var_lib_t, cobbler_var_log_t;
-		type cobbler_etc_t, cobblerd_initrc_exec_t;
-		type cobbler_tmp_t;
-	')
-
-	allow $1 cobblerd_t:process { ptrace signal_perms };
-	ps_process_pattern($1, cobblerd_t)
-
-	cobblerd_initrc_domtrans($1)
-	domain_system_change_exemption($1)
-	role_transition $2 cobblerd_initrc_exec_t system_r;
-	allow $2 system_r;
-
-	files_search_etc($1)
-	admin_pattern($1, cobbler_etc_t)
-
-	files_search_tmp($1)
-	admin_pattern($1, cobbler_tmp_t)
-
-	files_search_var_lib($1)
-	admin_pattern($1, cobbler_var_lib_t)
-
-	logging_search_logs($1)
-	admin_pattern($1, cobbler_var_log_t)
-')
--- a/cobbler.spec
+++ b/cobbler.spec
--- a/cobbler.te
+++ b/cobbler.te
@ -1,249 +0,0 @@
-policy_module(cobbler, 1.3.0)
-
-########################################
-#
-# Declarations
-#
-
-## <desc>
-##	<p>
-##	Determine whether Cobbler can modify
-##	public files used for public file
-##	transfer services.
-##	</p>
-## </desc>
-gen_tunable(cobbler_anon_write, false)
-
-## <desc>
-##	<p>
-##	Determine whether Cobbler can connect
-##	to the network using TCP.
-##	</p>
-## </desc>
-gen_tunable(cobbler_can_network_connect, false)
-
-## <desc>
-##	<p>
-##	Determine whether Cobbler can access
-##	cifs file systems.
-##	</p>
-## </desc>
-gen_tunable(cobbler_use_cifs, false)
-
-## <desc>
-##	<p>
-##	Determine whether Cobbler can access
-##	nfs file systems.
-##	</p>
-## </desc>
-gen_tunable(cobbler_use_nfs, false)
-
-gen_require(`
-	type debuginfo_exec_t;
-	type init_exec_t;
-	class file getattr;
-')
-
-type cobblerd_t;
-type cobblerd_exec_t;
-init_daemon_domain(cobblerd_t, cobblerd_exec_t)
-
-type cobblerd_initrc_exec_t;
-init_script_file(cobblerd_initrc_exec_t)
-
-type cobbler_etc_t;
-files_config_file(cobbler_etc_t)
-
-type cobbler_var_log_t;
-logging_log_file(cobbler_var_log_t)
-
-type cobbler_var_lib_t alias cobbler_content_t;
-files_type(cobbler_var_lib_t)
-
-type cobbler_tmp_t;
-files_tmp_file(cobbler_tmp_t)
-
-type cobblerd_unit_file_t;
-systemd_unit_file(cobblerd_unit_file_t)
-
-########################################
-#
-# Local policy
-#
-
-allow cobblerd_t self:capability { chown dac_read_search  fowner fsetid sys_nice };
-dontaudit cobblerd_t self:capability sys_tty_config;
-allow cobblerd_t self:process { getsched setsched signal };
-allow cobblerd_t self:fifo_file rw_fifo_file_perms;
-allow cobblerd_t self:tcp_socket { accept listen };
-allow cobblerd_t self:netlink_audit_socket create_socket_perms;
-
-allow cobblerd_t cobbler_etc_t:dir list_dir_perms;
-allow cobblerd_t cobbler_etc_t:file read_file_perms;
-allow cobblerd_t cobbler_etc_t:lnk_file read_lnk_file_perms;
-
-allow cobblerd_t cobbler_tmp_t:file mmap_file_perms;
-# Allow cobbler to stat /usr/libexec/dnf-utils (aka reposync/yumdownloader)
-allow cobblerd_t debuginfo_exec_t:file getattr;
-# Allow cobbler to stat /usr/lib/systemd/systemd
-allow cobblerd_t init_exec_t:file getattr;
-# Allow cobbler to check status of itself
-allow cobblerd_t cobblerd_unit_file_t:service status;
-
-manage_dirs_pattern(cobblerd_t, cobbler_tmp_t, cobbler_tmp_t)
-manage_files_pattern(cobblerd_t, cobbler_tmp_t, cobbler_tmp_t)
-files_tmp_filetrans(cobblerd_t, cobbler_tmp_t, { dir file })
-
-manage_dirs_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
-manage_files_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
-manage_lnk_files_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
-files_var_lib_filetrans(cobblerd_t, cobbler_var_lib_t, dir)
-files_var_filetrans(cobblerd_t, cobbler_var_lib_t, dir, "cobbler")
-
-append_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
-create_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
-read_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
-setattr_files_pattern(cobblerd_t, cobbler_var_log_t, cobbler_var_log_t)
-logging_log_filetrans(cobblerd_t, cobbler_var_log_t, file)
-
-kernel_read_system_state(cobblerd_t)
-kernel_read_network_state(cobblerd_t)
-
-corecmd_exec_bin(cobblerd_t)
-corecmd_exec_shell(cobblerd_t)
-
-corenet_all_recvfrom_netlabel(cobblerd_t)
-corenet_all_recvfrom_unlabeled(cobblerd_t)
-corenet_tcp_sendrecv_generic_if(cobblerd_t)
-corenet_tcp_sendrecv_generic_node(cobblerd_t)
-corenet_tcp_bind_generic_node(cobblerd_t)
-
-corenet_sendrecv_cobbler_server_packets(cobblerd_t)
-corenet_tcp_bind_cobbler_port(cobblerd_t)
-corenet_tcp_sendrecv_cobbler_port(cobblerd_t)
-
-corenet_sendrecv_ftp_client_packets(cobblerd_t)
-corenet_tcp_connect_ftp_port(cobblerd_t)
-corenet_tcp_sendrecv_ftp_port(cobblerd_t)
-
-corenet_tcp_sendrecv_http_port(cobblerd_t)
-corenet_tcp_connect_http_port(cobblerd_t)
-corenet_sendrecv_http_client_packets(cobblerd_t)
-
-dev_read_sysfs(cobblerd_t)
-dev_read_urand(cobblerd_t)
-
-files_list_boot(cobblerd_t)
-files_list_tmp(cobblerd_t)
-files_read_boot_files(cobblerd_t)
-files_read_etc_runtime_files(cobblerd_t)
-
-fs_getattr_all_fs(cobblerd_t)
-fs_read_iso9660_files(cobblerd_t)
-
-selinux_get_enforce_mode(cobblerd_t)
-
-term_use_console(cobblerd_t)
-
-auth_use_nsswitch(cobblerd_t)
-
-logging_send_syslog_msg(cobblerd_t)
-
-miscfiles_read_localization(cobblerd_t)
-miscfiles_read_public_files(cobblerd_t)
-
-sysnet_dns_name_resolve(cobblerd_t)
-sysnet_rw_dhcp_config(cobblerd_t)
-sysnet_write_config(cobblerd_t)
-
-tunable_policy(`cobbler_anon_write',`
-	miscfiles_manage_public_files(cobblerd_t)
-')
-
-tunable_policy(`cobbler_can_network_connect',`
-	corenet_sendrecv_all_client_packets(cobblerd_t)
-	corenet_tcp_connect_all_ports(cobblerd_t)
-	corenet_tcp_sendrecv_all_ports(cobblerd_t)
-')
-
-tunable_policy(`cobbler_use_cifs',`
-	fs_manage_cifs_dirs(cobblerd_t)
-	fs_manage_cifs_files(cobblerd_t)
-	fs_manage_cifs_symlinks(cobblerd_t)
-')
-
-tunable_policy(`cobbler_use_nfs',`
-	fs_manage_nfs_dirs(cobblerd_t)
-	fs_manage_nfs_files(cobblerd_t)
-	fs_manage_nfs_symlinks(cobblerd_t)
-')
-
-optional_policy(`
-	apache_search_config(cobblerd_t)
-	apache_domtrans(cobblerd_t)
-	apache_search_sys_content(cobblerd_t)
-')
-
-optional_policy(`
-	bind_read_config(cobblerd_t)
-	bind_write_config(cobblerd_t)
-	bind_domtrans_ndc(cobblerd_t)
-	bind_domtrans(cobblerd_t)
-	bind_initrc_domtrans(cobblerd_t)
-	bind_manage_zone(cobblerd_t)
-	bind_systemctl(cobblerd_t)
-')
-
-optional_policy(`
-	certmaster_exec(cobblerd_t)
-')
-
-optional_policy(`
-	dhcpd_domtrans(cobblerd_t)
-	dhcpd_initrc_domtrans(cobblerd_t)
-	dhcpd_systemctl(cobblerd_t)
-')
-
-optional_policy(`
-	dnsmasq_domtrans(cobblerd_t)
-	dnsmasq_initrc_domtrans(cobblerd_t)
-	dnsmasq_write_config(cobblerd_t)
-	dnsmasq_systemctl(cobblerd_t)
-')
-
-# To read /boot/efi
-optional_policy(`
-	fs_list_dos(cobblerd_t)
-	fs_read_dos_files(cobblerd_t)
-')
-
-# To run mkfs.fat when generating ISO
-optional_policy(`
-	fstools_exec(cobblerd_t)
-')
-
-optional_policy(`
-	libs_exec_ldconfig(cobblerd_t)
-')
-
-optional_policy(`
-	mysql_stream_connect(cobblerd_t)
-')
-
-optional_policy(`
-	rpm_exec(cobblerd_t)
-')
-
-optional_policy(`
-	rsync_exec(cobblerd_t)
-	rsync_read_config(cobblerd_t)
-	rsync_manage_config(cobblerd_t)
-	rsync_etc_filetrans_config(cobblerd_t, file, "rsync.conf")
-')
-
-optional_policy(`
-	tftp_manage_config(cobblerd_t)
-	tftp_manage_rw_content(cobblerd_t)
-	tftp_delete_content_dirs(cobblerd_t)
-	tftp_filetrans_tftpdir(cobblerd_t, cobbler_var_lib_t, { dir file })
-')
--- a/cobblerd.service
+++ b/cobblerd.service
@ -0,0 +1,13 @@
+[Unit]
+Description=Cobbler Helper Daemon
+After=syslog.target network.target
+
+[Service]
+Type=oneshot
+ExecStart=/usr/bin/cobblerd
+RemainAfterExit=yes
+PrivateTmp=yes
+
+[Install]
+WantedBy=multi-user.target
+
--- a/migrate-settings.sh
+++ b/migrate-settings.sh
@ -1,4 +0,0 @@
-#!/bin/bash
-sed -i -e 's,^default_kickstart: */var/lib/cobbler/kickstarts,default_autoinstall: /var/lib/cobbler/templates,' \
-       -e '/^\(consoles\|func_\|kernel_options_s390x\|power_template_dir\|pxe_template_dir\|redhat_management_type\|snippetsdir\|template_remote_kickstarts\):/s/^/# REMOVED: /' \
-       -e '$a#ADDED:' -e '$acache_enabled: true' -e '$areposync_rsync_flags: "-rltDv --copy-unsafe-links"' /etc/cobbler/settings.yaml
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (cobbler-3.3.7.tar.gz) = df6570dd7c6cbe50464624267df1bbecbb29e60513bba312a6c726502d4670670f3113f24b6b7e465d0b3353c0721e6fe3725dbc4569b4f624ec2b4a29682d1a
+SHA512 (cobbler-2.8.5.tar.gz) = 6587308eb9eb49f7a894ddd052e1e3e226b4bcbffcf5c7e909e035b3faba1a8ae00631b96e11f0274d058b41b985b9a53776428b4587708111ef8158dec4e9d1
Author	SHA1	Message	Date
Orion Poplawski	aed96123ed	Add upstream patch for CVE-2022-0860 (bz#2066592)	2022-03-23 07:27:16 -06:00
Orion Poplawski	1a1895e5f3	Restore EL7 requires	2022-03-07 10:29:07 -07:00
Orion Poplawski	7ad7c967bc	Fix apache group	2022-03-03 08:37:12 -07:00
Orion Poplawski	ad73eb12ce	Apply fixes for CVE-2021-45082/3 Drop EL6 support	2022-03-02 21:47:12 -07:00
Orion Poplawski	6c42a12b29	Remove defunct get-loaders command	2021-12-08 20:21:57 -07:00
Orion Poplawski	1adc30aa8a	Merge branch 'f30' into epel7	2019-12-29 12:53:54 -07:00
Orion Poplawski	26c83ee708	Udate to 2.8.5 final release	2019-12-29 12:52:50 -07:00
Orion Poplawski	6787b261cf	Merge branch 'f30' into epel7	2019-10-14 20:03:52 -06:00
Orion Poplawski	3fffbe1bfc	Fix changelog	2019-10-14 20:01:17 -06:00
Orion Poplawski	f922d141fc	Merge branch 'f30' into epel7	2019-10-14 19:56:46 -06:00
Orion Poplawski	b3db39dbee	Require python2-iptables	2019-10-14 19:53:47 -06:00
Orion Poplawski	cc56685952	Require /sbin/service	2019-10-10 18:22:53 -06:00
Nicolas Chauvet	9aae0020c0	Merge branch 'master' into epel7	2019-08-30 15:40:31 +02:00
Orion Poplawski	d00dfa08d7	Merge branch 'master' into epel7	2018-11-26 11:47:09 -07:00
Orion Poplawski	286422bea9	Merge branch 'master' into epel7	2018-11-25 11:16:53 -07:00
Orion Poplawski	ee45de0efd	Merge branch 'master' into epel7 Conflicts: .gitignore cobbler.spec sources	2018-11-24 10:47:36 -07:00
Nicolas Chauvet	14f10e29ce	Fix merge for epel7	2018-05-28 14:39:43 +02:00
Nicolas Chauvet	741c25f506	Squashed commit of the following: commit `61179e935d` Author: Nicolas Chauvet <kwizart@gmail.com> Date: Mon May 28 14:18:15 2018 +0200 Update changelog commit `38dd02fc84` Author: Nicolas Chauvet <kwizart@gmail.com> Date: Mon May 28 14:17:16 2018 +0200 Restore mergeability with epel7 commit `a340d23ce3` Author: Orion Poplawski <orion@nwra.com> Date: Wed Feb 21 16:47:14 2018 -0700 Really fix django requires for Fedora 28+ commit `ed3dc22bca` Author: Nicolas Chauvet <kwizart@gmail.com> Date: Mon May 28 12:17:42 2018 +0200 Update to 2.8.3 security bugfix commit `e7675c9ffa` Author: Orion Poplawski <orion@nwra.com> Date: Tue Feb 20 14:32:47 2018 -0700 Fix django requires for Fedora 28+ commit `382b85b7b9` Author: Igor Gnatenko <ignatenkobrain@fedoraproject.org> Date: Fri Feb 9 09:04:14 2018 +0100 Escape macros in %changelog Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/ Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org> commit `7d7612ed31` Author: Fedora Release Engineering <releng@fedoraproject.org> Date: Wed Feb 7 05:17:15 2018 +0000 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org> commit `7c672d424e` Author: Iryna Shcherbina <shcherbina.iryna@gmail.com> Date: Tue Feb 6 22:36:11 2018 +0100 Update Python 2 dependency declarations to new packaging standards	2018-05-28 14:33:17 +02:00
Nicolas Chauvet	708c34790c	Squashed commit of the following: commit `a340d23ce3` Author: Orion Poplawski <orion@nwra.com> Date: Wed Feb 21 16:47:14 2018 -0700 Really fix django requires for Fedora 28+ commit `ed3dc22bca` Author: Nicolas Chauvet <kwizart@gmail.com> Date: Mon May 28 12:17:42 2018 +0200 Update to 2.8.3 security bugfix commit `e7675c9ffa` Author: Orion Poplawski <orion@nwra.com> Date: Tue Feb 20 14:32:47 2018 -0700 Fix django requires for Fedora 28+ commit `382b85b7b9` Author: Igor Gnatenko <ignatenkobrain@fedoraproject.org> Date: Fri Feb 9 09:04:14 2018 +0100 Escape macros in %changelog Reference: https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/thread/Y2ZUKK2B7T2IKXPMODNF6HB2O5T5TS6H/ Signed-off-by: Igor Gnatenko <ignatenkobrain@fedoraproject.org> commit `7d7612ed31` Author: Fedora Release Engineering <releng@fedoraproject.org> Date: Wed Feb 7 05:17:15 2018 +0000 - Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild Signed-off-by: Fedora Release Engineering <releng@fedoraproject.org> commit `7c672d424e` Author: Iryna Shcherbina <shcherbina.iryna@gmail.com> Date: Tue Feb 6 22:36:11 2018 +0100 Update Python 2 dependency declarations to new packaging standards	2018-05-28 12:44:38 +02:00
Orion Poplawski	03b41c9225	Merge branch 'master' into epel7 Conflicts: cobbler.spec	2017-09-18 09:14:29 -06:00
Orion Poplawski	64e0c05fd4	Suppress logrotate output	2017-06-21 11:46:25 -06:00
Orion Poplawski	ac71d9b08d	Merge branch 'master' into epel7	2017-06-12 11:06:00 -06:00
Orion Poplawski	509b25dbf1	Merge branch 'master' into epel7	2017-05-24 11:40:00 -06:00
Orion Poplawski	c20bb734e1	Merge branch 'master' into epel7	2017-01-31 16:21:57 -07:00
Orion Poplawski	a4875874fa	Merge branch 'master' into epel7	2016-07-21 11:57:12 -06:00
Orion Poplawski	524e517078	Merge branch 'master' into epel7	2016-07-21 11:52:39 -06:00
Orion Poplawski	a48483fe26	Clean changelog	2016-07-21 11:22:48 -06:00
Orion Poplawski	9e5faa9450	Merge branch 'master' into epel7	2016-07-21 11:21:40 -06:00
Orion Poplawski	f3bdb77132	Merge branch 'master' into epel7	2016-07-13 13:07:34 -06:00
Orion Poplawski	5e6d9de0d9	Merge branch 'master' into epel7	2016-07-13 12:10:54 -06:00
Orion Poplawski	8b686a7194	Merge branch 'master' into epel7	2016-01-24 07:40:12 -07:00
Orion Poplawski	19002b0af6	Merge branch 'master' into epel7	2015-10-01 11:03:50 -06:00
Orion Poplawski	40cda21513	Cleanup changelog	2015-06-22 12:03:55 -06:00
Orion Poplawski	1ebdebef89	Merge branch 'master' into epel7	2015-06-22 12:02:56 -06:00
Orion Poplawski	5c425960ef	Merge branch 'master' into epel7	2015-05-08 19:34:17 -06:00
Orion Poplawski	7376a607d9	Merge branch 'epel7' of ssh://pkgs.fedoraproject.org/cobbler into epel7	2015-04-28 10:46:36 -06:00
Orion Poplawski	abced35faa	Merge branch 'master' into epel7	2015-04-28 10:46:12 -06:00
Orion Poplawski	3d4efaa54d	Merge branch 'master' into epel7	2014-12-31 09:56:40 -07:00
Orion Poplawski	697366892b	Merge branch 'master' into epel7	2014-10-19 23:00:36 -06:00
Orion Poplawski	6b062fec15	Merge branch 'master' into epel7	2014-08-15 15:54:08 -06:00
Orion Poplawski	20dd58ed42	Merge branch 'master' into epel7	2014-08-11 10:20:48 -06:00
Orion Poplawski	9385f062a9	Merge branch 'master' into epel7	2014-07-18 16:55:45 -06:00
Orion Poplawski	bc8f55d58c	Merge branch 'master' into epel7	2014-07-17 10:04:53 -06:00
Orion Poplawski	c0fdc52c4d	Update to 2.6.1 from master	2014-05-23 16:01:23 -06:00
Orion Poplawski	57917b0e3e	Merge branch 'f20' into f19 Update to 2.4.4	2014-04-22 09:22:49 -06:00
Orion Poplawski	874e5f4d4f	Update to 2.4.4 - Drop koan patch applied upstream	2014-04-22 09:22:00 -06:00
Orion Poplawski	dc27e3aa9b	Update to 2.4.3 from master	2014-04-21 13:49:31 -06:00
James Cammarata	e8cedda572	New upstream release: 2.4.0-1	2013-06-20 00:49:36 -05:00
James Cammarata	e557733e61	Merge branch 'f19' of ssh://pkgs.fedoraproject.org/cobbler into f19 Conflicts: cobbler.spec	2013-05-24 16:27:02 -05:00
James Cammarata	7150fb718e	New upstream release: 2.4.0-beta6 Conflicts: cobbler.spec	2013-05-24 16:15:16 -05:00
Cole Robinson	a0f637a834	python-virtinst is no more, require virt-install (bz #958489 )	2013-05-09 20:34:23 -04:00
James Cammarata	9ca878626b	New upstream release, 2.4.0-beta5	2013-04-22 10:35:29 -05:00
James Cammarata	41c2a59817	New upstream release - 2.4.0-beta4 Conflicts: cobbler.spec	2013-04-03 20:52:27 -05:00