[Spacewalk-list] Automatic kickstart generation and http communication

Thu Jul 26 11:44:05 UTC 2012

Hi all!

Below is my kickstart configuration. All unnecessary lines are truncated.
The file is automatically generated usning Spacewalk. As you can see all
links use http protocol, which is forbidden in my company, according to
security reasons. The question is: how can i force Spacewalk to generate
kickstart files with https links, not http?

# Kickstart config file generated by Spacewalk Config Management

# Profile Label : centos6-x86_64-ks

# Date Created  : 2012-07-18 09:33:03.847447

url --url http://spacewalk.local/ks/dist/centos6-x86_64-distr

repo --name=spacewalk17-client-centos6-x86_64
--baseurl=http://spacewalk.local/ks/dist/child/spacewalk17-client-centos6-x8
6_64/centos6-x86_64-distr

repo --name=epel6-centos6-x86_64
--baseurl=http://spacewalk.local/ks/dist/child/epel6-centos6-x86_64/centos6-
x86_64-distr

repo --name=centos6-x86_64-addons
--baseurl=http://spacewalk.local/ks/dist/child/centos6-x86_64-addons/centos6
-x86_64-distr

repo --name=centos6-x86_64-extras
--baseurl=http://spacewalk.local/ks/dist/child/centos6-x86_64-extras/centos6
-x86_64-distr

repo --name=centos6-x86_64-contrib
--baseurl=http://spacewalk.local/ks/dist/child/centos6-x86_64-contrib/centos
6-x86_64-distr

%pre

wget
"http://spacewalk.local/cblr/svc/op/trig/mode/pre/profile/centos6-x86_64-ks:
1:SpacewalkDefaultOrganization" -O /dev/null

%end

%post --log /root/ks-rhn-post.log

mkdir -p /tmp/rhn_rpms/optional

cd /tmp/rhn_rpms/optional 

wget -P /tmp/rhn_rpms/optional
http://spacewalk.local/download/package/85580d3616202bc640bc10ca721eb307ec98
5607/0/2/40178/rhnlib-2.5.51-1.el6.noarch.rpm
http://spacewalk.local/download/package/df93ab5eda43d8f8f4b5be5c85d0f9e89166
0c63/0/2/210/pyOpenSSL-0.10-2.el6.x86_64.rpm
http://spacewalk.local/download/package/03fe7bf77e79ab9398fc78f6d96730c3f3aa
8088/0/2/34692/libxml2-python-2.7.6-4.el6_2.4.x86_64.rpm 

rpm -Uvh --replacepkgs --replacefiles /tmp/rhn_rpms/optional/pyOpenSSL*
/tmp/rhn_rpms/optional/rhnlib* /tmp/rhn_rpms/optional/libxml2-python* 

perl -npe
's|^(\s*(noSSLS\|s)erverURL\s*=\s*[^:]+://)[^/]*/|${1}spacewalk.local/|' -i
/etc/sysconfig/rhn/up2date

# begin Red Hat management server registration

mkdir -p /usr/share/rhn/

wget http://spacewalk.local/pub/RHN-ORG-TRUSTED-SSL-CERT -O
/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT   

perl -npe 's/RHNS-CA-CERT/RHN-ORG-TRUSTED-SSL-CERT/g' -i
/etc/sysconfig/rhn/*  

key=""

if [ -f /tmp/key ]; then

    key=`cat /tmp/key`

fi

if [ $key ]; then 

    rhnreg_ks --serverUrl=http://spacewalk.local/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=$key,1-xxx,1-centos6-x86_64

else

    rhnreg_ks --serverUrl=http://spacewalk.local/XMLRPC
--sslCACert=/usr/share/rhn/RHN-ORG-TRUSTED-SSL-CERT
--activationkey=1-xxx,1-centos6-x86_64

fi

# end Red Hat management server registration

%end

%post

# Start koan environment setup

echo "export COBBLER_SERVER=spacewalk.local" > /etc/profile.d/cobbler.sh

echo "setenv COBBLER_SERVER spacewalk.local" > /etc/profile.d/cobbler.csh

# End koan environment setup

wget
"http://spacewalk.local/cblr/svc/op/ks/profile/centos6-x86_64-ks:1:Spacewalk
DefaultOrganization" -O /root/cobbler.ks

wget
"http://spacewalk.local/cblr/svc/op/trig/mode/post/profile/centos6-x86_64-ks
:1:SpacewalkDefaultOrganization" -O /dev/null

%end

Regards,

Mike.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/spacewalk-list/attachments/20120726/ee2d8ddd/attachment.htm>