Leonid Flaks wrote:
Benjamin Riggs wrote:
> Leonid Flaks wrote:
>> Hi!
>> I am trying to use download_config_files snippet on cobbler-1.6.6.
>> I've read
https://fedorahosted.org/cobbler/wiki/ModPythonDetails
>> and
https://fedorahosted.org/cobbler/wiki/BuiltinConfigManagement
>> Here is the question:
>> If I want to use the template x.template (taken from example in the
>> link above), where should I put the template file for cobbler to serve
>> it?
>>
>> Thanks,
>>
> There is an inherited variable in distros on down called template_files
> which takes a dictionary. The keys are the location of the templates on
> the cobbler server and the values are the location on the client.
>
> We use a 'fakeroot' file structure on our file system under which we put
> all of the template files we want served and where we want them. Then
> we have a simple python script which uses the cobbler API to update the
> profiles we want the files associated with. For example:
> /opt/pub/config/root/.ssh/authorized_keys on the server is downloaded to
> /root/.ssh/authorized_keys by the kickstart via mod python.
>
> Do note, however, that the snippet uses http via wget to actually
> download the files, so permissions are not maintained. I made a
> workaround by modifying the snippet to grab the file permissions and
> chmod the file immediately after it's downloaded. I've attached the patch.
>
>
That was very helpful! Thanks.
I was able to use command like
cobbles system edit --name=test --template-files=/source/path=/dest/path
to make use of it. I am not sure what do you need your python script for.
It would be nice to have this variable available in WebUI - much easier
to edit if there are few files to provide.
I used your patch that preserves file permission - did not test it on
the real installation yet. Would you consider submitting it into cobbler?
Thanks again for help,
Glad to help. We use a script because we have about two dozen files we
specify on half-a-dozen different profiles. I don't want to type that
many paths. It also works well as a simple repository for the template
files.
I'm a bit weary of submitting the patch to the trunk because, while the
trick works in a kickstart, it's not possible if the --update-files flag
is passed to koan. As long as the specified file exists on the client,
the permissions are unchanged, but if it's not, the permissions are set
by default (to 644, IIRC). So, if you add a file to the profile and
have the clients run the koan command to update themselves, there's a
potential security issue, but more likely just a nasty 'gotcha.'
--
Benjamin Riggs
System Staff
School of Mathematics
University of Minnesota