diff options
author | Michael DeHaan <mdehaan@redhat.com> | 2008-09-22 12:46:46 -0400 |
---|---|---|
committer | Michael DeHaan <mdehaan@redhat.com> | 2008-09-22 12:46:46 -0400 |
commit | 1476be59ed091c467680c3b334194ed43f9e0c64 (patch) | |
tree | 07a004f37cfaf3802a946c3e0dd8accc2f2a7729 /installer_templates | |
parent | ee093726c4a831171866a04323a2ff6b8f84c6f4 (diff) | |
download | cobbler-1476be59ed091c467680c3b334194ed43f9e0c64.tar.gz cobbler-1476be59ed091c467680c3b334194ed43f9e0c64.tar.xz cobbler-1476be59ed091c467680c3b334194ed43f9e0c64.zip |
Apply patchset from Partha to /usr/bin/cobbler-setup
Diffstat (limited to 'installer_templates')
-rw-r--r-- | installer_templates/modules.conf.template | 93 | ||||
-rw-r--r-- | installer_templates/settings.template | 49 |
2 files changed, 122 insertions, 20 deletions
diff --git a/installer_templates/modules.conf.template b/installer_templates/modules.conf.template index 6b66b07c..0acd5fd5 100644 --- a/installer_templates/modules.conf.template +++ b/installer_templates/modules.conf.template @@ -1,26 +1,105 @@ # this file was auto-generated by /usr/bin/cobbler-setup #import time -$time.asctime() +#$time.asctime() # the previous file is saved as /etc/cobbler/settings.backup -# FIXME: this file is based on an older version of cobbler and needs to be updated to devel +# specifies what cobbler modules to load. +# what file/data formats to use for metadata +# +# choices: +# serializer_catalog (fast, uses .d directories in /var/lib/cobbler/config) +# serializer_yaml (original serializer, uses a few text files) +# +# for 99% or more of all installations, use serializer_catalog. +# +# NOTE: serializer changes may remove your ability to access old data. +# serializer_yaml users can change to serializer_catalog w/o manual +# migration steps. Other changes are for new installs only. [serializers] -settings = serializer_yaml -distro = serializer_yaml -profile = serializer_yaml -system = serializer_yaml -repo = serializer_yaml +settings = serializer_catalog +distro = serializer_catalog +profile = serializer_catalog +system = serializer_catalog +repo = serializer_catalog +image = serializer_catalog + +# policy: what users can log into the WebUI and Read-Write XMLRPC? +# +# choices: +# authn_denyall -- no one (default) +# authn_configfile -- use /etc/cobbler/users.digest (for basic setups) +# authn_passthru -- ask Apache to handle it (used for kerberos) +# authn_ldap -- authenticate against LDAP +# authn_spacewalk -- ask Spacewalk/Satellite (experimental) +# authn_testing -- username/password is always testing/testing (debug) +# (user supplied) -- you may write your own module +# +# WARNING: this is a security setting, do not choose an option blindly. +# +# for more information: +# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface +# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity +# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos +# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap [authentication] module = $authn_module +# policy: once a user has been cleared by the WebUI/XMLRPC, what can they do? +# +# choices: +# authz_allowall -- full access for all authneticated users (default) +# authz_configfile -- determined by /etc/cobbler/users.conf +# authz_ownership -- use users.conf, but add object ownership semantics +# (user supplied) -- you may write your own module +# +# WARNING: this is a security setting, do not choose an option blindly. +# +# If you want to further restrict cobbler with ACLs for various groups, +# pick authz_ownership. authz_allowall does not support ACLs. configfile +# does but does not support object ownership which is useful as an additional +# layer of control. + +# for more information: +# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface +# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity +# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization +# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership +# https://fedorahosted.org/cobbler/wiki/AclFeature + [authorization] module = $authz_module +# chooses the DNS management engine if manage_dns is enabled +# in /etc/cobbler/settings, which is off by default. +# +# choices: +# manage_bind -- default, uses BIND/named +# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below +# +# NOTE: more configuration is still required in /etc/cobbler +# +# for more information: +# https://fedorahosted.org/cobbler/wiki/ManageDns + [dns] module = $dns_module +# chooses the DHCP management engine if manage_dhcp is enabled +# in /etc/cobbler/settings, which is off by default. +# +# choices: +# manage_isc -- default, uses ISC dhcpd +# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above +# +# NOTE: more configuration is still required in /etc/cobbler +# +# for more information: +# https://fedorahosted.org/cobbler/wiki/ManageDhcp + [dhcp] module = $dhcp_module + +#-------------------------------------------------- diff --git a/installer_templates/settings.template b/installer_templates/settings.template index cbf6e58d..ac45af09 100644 --- a/installer_templates/settings.template +++ b/installer_templates/settings.template @@ -1,16 +1,15 @@ --- -# this file was auto-generated by /usr/bin/cobbler-setup +## this file was auto-generated by /usr/bin/cobbler-setup #import time -$time.asctime() +#$time.asctime() # the previous file is saved as /etc/cobbler/settings.backup - -# FIXME: this file is based on an older version of cobbler -# and needs to be updated to devel/latest - # cobbler settings file -# run "cobbler sync" after making changes +# restart cobblerd and consider running "cobbler sync" after making changes # (it's a good idea to make backups too) # +# This config file is in YAML 1.0 format +# see http://yaml.org +# # if 1, cobbler will allow insertions of system records that duplicate # the mac address information of other system records. In general, # this is undesirable. @@ -34,6 +33,7 @@ default_virt_bridge: xenbr0 # if koan is invoked without --virt-type and no virt-type # is set on the profile/system, what virtualization type # should be assumed? Values: xenpv, xenfv, qemu, vmware +# (NOTE: this does not change what virt_type is chosen by import) default_virt_type: xenpv # use this as the default disk size for virt guests (GB) @@ -47,6 +47,15 @@ default_virt_ram: 512 # owner and/or group. Can be a comma seperated list. default_ownership: "admin" +# controls whether cobbler will add each new profile entry to the default +# PXE boot menu. This can be over-ridden on a per-profile +# basis when adding/editing profiles with --enable-menu=0/1. Users +# should ordinarily leave this setting enabled unless they are concerned +# with accidental reinstalls from users who select an entry at the PXE +# boot menu. Adding a password to the boot menus templates +# may also be a good solution to prevent unwanted reinstallations +enable_menu: 1 + # location for some important binaries and config files # that can vary based on the distribution. dhcpd_bin: /usr/sbin/dhcpd @@ -93,6 +102,18 @@ manage_dns: $enable_dns manage_forward_zones: [] manage_reverse_zones: [] +# cobbler has a feature that allows for integration with config management +# systems such as Puppet. The following parameters work in conjunction with +# --mgmt-classes and are described in furhter detail at: +# https://fedorahosted.org/cobbler/wiki/UsingCobblerWithConfigManagementSystem +mgmt_classes: [] +mgmt_parameters: + from_cobbler: 1 + +# location where cobbler will write its named.conf when BIND dns management is +# enabled +named_conf: /etc/named.conf + # if using cobbler with manage_dhcp, put the IP address # of the cobbler server here so that PXE booting guests can find it # if you do not set this correctly, this will be manifested in TFTP open timeouts. @@ -156,6 +177,12 @@ server: $server # this directory should not be required. snippetsdir: /var/lib/cobbler/snippets +# if modules.conf specifies authn_spacewalk, this is the XMLRPC +# endpoint to authenticate against. If Satellite/Spacewalk is +# not in use, ignore this setting entirely. +# See fedorahosted.org/spacewalk for details on that project. +spacewalk_url: $spacewalk_url + # by default, installs are set to send syslog traffic on this port # and cobblerd will listen on this port. syslog data (for installs # that support it... RHEL 5 and later, etc) is logged in /var/log/cobbler @@ -200,10 +227,6 @@ xmlrpc_rw_port: 25152 # configuration can still be done manually. This is just a shortcut. yum_post_install_mirror: $yum_post_install_mirror -# "cobbler repo" support normally uses rsync or reposync. If --rpm-list -# is used, it's possible to download only a certain package list, plus -# dependencies, but --resolve and other flags are not supported in -# all versions of yumdownloader. This is a list of what flags -# to pass to it. Only change this if you are experiencing problems -# with "cobbler reposync" and are using --rpm-list. +# additional flags to yum commands +yumreposync_flags: "-l" yumdownloader_flags: "--resolve" |