Apply patchset from Partha to /usr/bin/cobbler-setup

2 files changed, 122 insertions, 20 deletions

diff --git a/installer_templates/modules.conf.template b/installer_templates/modules.conf.template
index 6b66b07c..0acd5fd5 100644
--- a/installer_templates/modules.conf.template
+++ b/installer_templates/modules.conf.template
@@ -1,26 +1,105 @@
 # this file was auto-generated by /usr/bin/cobbler-setup
 #import time
-$time.asctime()
+#$time.asctime()
 # the previous file is saved as /etc/cobbler/settings.backup
 
-# FIXME: this file is based on an older version of cobbler and needs to be updated to devel
+# specifies what cobbler modules to load.
 
+# what file/data formats to use for metadata
+#
+# choices:
+#    serializer_catalog (fast, uses .d directories in /var/lib/cobbler/config)
+#    serializer_yaml (original serializer, uses a few text files)
+#
+# for 99% or more of all installations, use serializer_catalog.
+#
+# NOTE:  serializer changes may remove your ability to access old data.
+# serializer_yaml users can change to serializer_catalog w/o manual 
+# migration steps.  Other changes are for new installs only.
 
 [serializers]
-settings = serializer_yaml
-distro = serializer_yaml
-profile = serializer_yaml
-system = serializer_yaml
-repo = serializer_yaml
+settings = serializer_catalog
+distro = serializer_catalog
+profile = serializer_catalog
+system = serializer_catalog
+repo = serializer_catalog
+image = serializer_catalog
+
+# policy: what users can log into the WebUI and Read-Write XMLRPC?
+#
+# choices:
+#    authn_denyall    -- no one (default)
+#    authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
+#    authn_passthru   -- ask Apache to handle it (used for kerberos)
+#    authn_ldap       -- authenticate against LDAP
+#    authn_spacewalk  -- ask Spacewalk/Satellite (experimental)
+#    authn_testing    -- username/password is always testing/testing (debug)
+#    (user supplied)  -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos
+# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap
 
 [authentication]
 module = $authn_module
 
+# policy: once a user has been cleared by the WebUI/XMLRPC, what can they do?
+#
+# choices:
+#    authz_allowall   -- full access for all authneticated users (default)
+#    authz_configfile -- determined by /etc/cobbler/users.conf
+#    authz_ownership  -- use users.conf, but add object ownership semantics
+#    (user supplied)  -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# If you want to further restrict cobbler with ACLs for various groups,
+# pick authz_ownership.  authz_allowall does not support ACLs.  configfile
+# does but does not support object ownership which is useful as an additional
+# layer of control.
+
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization
+# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership
+# https://fedorahosted.org/cobbler/wiki/AclFeature
+
 [authorization]
 module = $authz_module
 
+# chooses the DNS management engine if manage_dns is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+#    manage_bind    -- default, uses BIND/named
+#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDns
+
 [dns]
 module = $dns_module
 
+# chooses the DHCP management engine if manage_dhcp is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+#    manage_isc     -- default, uses ISC dhcpd
+#    manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDhcp
+  
 [dhcp]
 module = $dhcp_module
+
+#--------------------------------------------------
diff --git a/installer_templates/settings.template b/installer_templates/settings.template
index cbf6e58d..ac45af09 100644
--- a/installer_templates/settings.template
+++ b/installer_templates/settings.template
@@ -1,16 +1,15 @@
 ---
-# this file was auto-generated by /usr/bin/cobbler-setup
+## this file was auto-generated by /usr/bin/cobbler-setup
 #import time
-$time.asctime()
+#$time.asctime()
 # the previous file is saved as /etc/cobbler/settings.backup
-
-# FIXME: this file is based on an older version of cobbler
-# and needs to be updated to devel/latest
-
 # cobbler settings file
-# run "cobbler sync" after making changes
+# restart cobblerd and consider running "cobbler sync" after making changes
 # (it's a good idea to make backups too)
 #
+# This config file is in YAML 1.0 format
+# see http://yaml.org
+#
 # if 1, cobbler will allow insertions of system records that duplicate
 # the mac address information of other system records.  In general,
 # this is undesirable.
@@ -34,6 +33,7 @@ default_virt_bridge: xenbr0
 # if koan is invoked without --virt-type and no virt-type
 # is set on the profile/system, what virtualization type
 # should be assumed?  Values: xenpv, xenfv, qemu, vmware
+# (NOTE: this does not change what virt_type is chosen by import)
 default_virt_type: xenpv
 
 # use this as the default disk size for virt guests (GB)
@@ -47,6 +47,15 @@ default_virt_ram: 512
 # owner and/or group.  Can be a comma seperated list.
 default_ownership: "admin"
 
+# controls whether cobbler will add each new profile entry to the default
+# PXE boot menu.  This can be over-ridden on a per-profile
+# basis when adding/editing profiles with --enable-menu=0/1.  Users
+# should ordinarily leave this setting enabled unless they are concerned
+# with accidental reinstalls from users who select an entry at the PXE
+# boot menu.  Adding a password to the boot menus templates 
+# may also be a good solution to prevent unwanted reinstallations
+enable_menu: 1
+
 # location for some important binaries and config files 
 # that can vary based on the distribution.
 dhcpd_bin: /usr/sbin/dhcpd
@@ -93,6 +102,18 @@ manage_dns: $enable_dns
 manage_forward_zones: []
 manage_reverse_zones: []
 
+# cobbler has a feature that allows for integration with config management
+# systems such as Puppet.  The following parameters work in conjunction with 
+# --mgmt-classes  and are described in furhter detail at:
+# https://fedorahosted.org/cobbler/wiki/UsingCobblerWithConfigManagementSystem
+mgmt_classes: []
+mgmt_parameters:
+   from_cobbler: 1
+
+# location where cobbler will write its named.conf when BIND dns management is
+# enabled
+named_conf: /etc/named.conf
+
 # if using cobbler with manage_dhcp, put the IP address
 # of the cobbler server here so that PXE booting guests can find it
 # if you do not set this correctly, this will be manifested in TFTP open timeouts.
@@ -156,6 +177,12 @@ server: $server
 # this directory should not be required.
 snippetsdir: /var/lib/cobbler/snippets
 
+# if modules.conf specifies authn_spacewalk, this is the XMLRPC
+# endpoint to authenticate against.  If Satellite/Spacewalk is
+# not in use, ignore this setting entirely.  
+# See fedorahosted.org/spacewalk for details on that project.
+spacewalk_url: $spacewalk_url
+
 # by default, installs are set to send syslog traffic on this port
 # and cobblerd will listen on this port.  syslog data (for installs
 # that support it... RHEL 5 and later, etc) is logged in /var/log/cobbler
@@ -200,10 +227,6 @@ xmlrpc_rw_port: 25152
 # configuration can still be done manually.  This is just a shortcut.
 yum_post_install_mirror: $yum_post_install_mirror
 
-# "cobbler repo" support normally uses rsync or reposync.  If --rpm-list
-# is used, it's possible to download only a certain package list, plus
-# dependencies, but --resolve and other flags are not supported in
-# all versions of yumdownloader.  This is a list of what flags
-# to pass to it.  Only change this if you are experiencing problems
-# with "cobbler reposync" and are using --rpm-list.
+# additional flags to yum commands
+yumreposync_flags: "-l"
 yumdownloader_flags: "--resolve"