[et-mgmt-tools] [ANNOUNCE] Cobbler 0.6.2 (pre) release

Michael DeHaan mdehaan at redhat.com
Wed Sep 26 15:04:16 UTC 2007

Maute, Kevin P CTR AFRL/VAOO wrote:
> Thanks Michael & Al!
> I am somewhat of a newbie also with xmlrpc and am having trouble
> authenticating to webui.
> I have selinux disabled and have "xmlrpc_rw_enabled: 1" and did a
> "service cobblerd restart" after updating to 0.6.2-1 from 0.6.1.  I am
> unclear what "anyusername = yourpasswordhere" means.  

It means you can add your own username and password to the config file 
if you like.
The testuser really should be removed (and will be, for when I push -- 
doing that now).

As for your connection problem, I can guess.

Since you had a previous cobbler install, check /etc/httpd/conf.d/ and 
look for a cobbler.conf.rpmnew.
That contains the new Apache routing for the XMLRPC parts. Replace the 
conf.d with the contents
of the rpmnew, start httpd, and you should be good to go.

I'll add that to the Wiki.

> I tried the
> testuser with its password but did not have any joy.  I also tried my
> existing user/password combo.  I am assuming auth.conf is similar to
> .htaccess but am a little concerned about the clear text aspect.

We're going to SSLify XMLRPC communications later, I'm sure, but here's 
what we're doing right now.

Currently the xmlrpc interface for read-write operations is binding only 
to localhost. The WebUI
is connecting to it via localhost, and you can visit the WebUI with 
https:// URLs. So your password
is never broadcast outside the cobbler server in plaintext.

auth.conf is not nearly as fancy as htaccess, it's just a list of 
username and passwords. And it lives in /etc with
permissions such that only root can read it. We'll probably have more 
sophisticated access control around
passwords later (pam maybe?) though for now, attaching only to localhost 
is secure when the user visits
via https://. We should probably put in a redirect to ensure the WebUI 
isn't visited with http:// just to protect
users who don't know better.

> Thanks,
> Kevin
>> -----Original Message-----
>> From: et-mgmt-tools-bounces at redhat.com 
>> [mailto:et-mgmt-tools-bounces at redhat.com] On Behalf Of Michael DeHaan
>> Sent: Tuesday, September 25, 2007 6:48 PM
>> To: 'et-mgmt-tools at redhat.com'
>> Subject: [et-mgmt-tools] [ANNOUNCE] Cobbler 0.6.2 (pre) release
>> It's new Cobbler & koan time.
>> The new feature this time is the Cobbler Web UI, for which I have to 
>> give a big hand to Al Tobey for coding up a *massive* chunk of it.
>> The WUI recently gained the ability to edit kickstart files and is 
>> really shiny (IMHO) at this point.   While the rest of cobbler we'll
>> consider "stable", the Web UI component should be considered a "beta" 
>> just for this 1st release.  Definitely help test it out though,
>> and report back your findings/ideas/comments.   If you or 
>> fellow admins 
>> need to make tweaks from time to time and need a better
>> way of visualizing your provisioning configuration, the WebUI is 
>> probably for you.
>> As mentioned before, the setup instructions are on the Wiki, so just 
>> follow these steps once things are installed:
>> https://hosted.fedoraproject.org/projects/cobbler/wiki/CobblerWebUi
>> Unless you've been requesting a feature (in which case, it 
>> probably was 
>> added), the other changes are relatively minor
>> and you might not notice them.  I've sent emails out about 
>> most of them 
>> already.   One thing admins should note is that
>> /var/lib/cobbler/settings is finally packaged as a config file, so 
>> you'll get an "rpmnew" for the new settings.  That will
>> be moved into /etc probably in the next release and all will be right 
>> with config files :)
>> So ... I'm uploading the 0.6.2 RPM's today for folks to have 
>> a chance to 
>> try things out before pushing to the mirrors on Friday.
>> http://cobbler.et.redhat.com/download/cobbler-0.6.2-1.src.rpm
>> http://cobbler.et.redhat.com/download/koan-0.6.2-1.src.rpm
>> FYI -- The changelogs might look rather long, though it's 
>> been about a 
>> month since the last release and lots of folks have been
>> working off the source-control versions.   So things are rather well 
>> tested...
>> For Cobbler:
>> - cobbler repo auto-add to discover yum repos automatically  
>> (requires a 
>> rather new yum)
>> - fix bug that allows empty mac addresses (None) in dhcpd.conf
>> - kickstarts automatically save kickstart file used to 
>> /root/cobbler.ks
>> - allow multiple (comma-seperated) values for --virt-size
>> - removed deprecated 'enchant' function (use SSH and koan instead)
>> - cleanup of a few unused settings
>> - allow for serialization modules to be selected in 
>> /etc/cobbler/modules.conf
>> - patch to allow for reposync of specific repos, even if not 
>> set to update
>> - added --dhcp-tag section for better DHCP customization (esp with 
>> multiple subnets)
>> - added Apache proxying around XMLRPC port for wider network access
>> - refactor XMLRPC API and establish a read-write API
>> - allow for configuring of read-write XMLRPC users in 
>> /etc/cobbler/auth.conf
>> - WebUI
>> - packaged /var/lib/cobbler/settings as a config file
>> - added BuildRequires to help build on other platforms
>> - relocate cgi-bin files to cgi-bin/cobbler for namespacing
>> - fix syslog logging for systems not in the cobbler DB.
>> For koan
>> - Allow for multiple values (comma seperated) to --virt-path
>> - Allow for multiple virt file sizes
>> - Refactoring around the virt bits
>> - Remove legacy sys.path hack as enchant has been removed 
>> (just use SSH)
>> - Try port 80 proxied XMLRPC by default (first) before trying 25151
>> As usual, a huge thanks to everyone who submitted patches, emails, or 
>> hangs out in #cobbler.  
>> --Michael
>> _______________________________________________
>> et-mgmt-tools mailing list
>> et-mgmt-tools at redhat.com
>> https://www.redhat.com/mailman/listinfo/et-mgmt-tools
> _______________________________________________
> et-mgmt-tools mailing list
> et-mgmt-tools at redhat.com
> https://www.redhat.com/mailman/listinfo/et-mgmt-tools

More information about the et-mgmt-tools mailing list