cobbler 2.0 workaround for SELinux and misc issues
Hi, to share my testing experience with cobbler2.0 (thanks for it!) hoping it can hepls others. My context: - having one cobbler server1 being migrated from 1.6.x to 2.0. - having one cobbler server2 directly installed in 2.0 Both servers configured with ldap authentication in /etc/cobbler/[settings, modules.conf] authorization is also on in modules.conf [module = authz_ownership] Both servers are running with SELinux in enforcing mode. The cobbler 2.0 SW was built from the source in each case. I noticed the following: - on server2 set up from scratch cobbler import was complaining that the issued rsync command was failing I had to disable selinux for rsync to make cobbler import working with the following command. root# setsebool -P rsync_disable_trans=1 may be a better way exist ? or something to be notified by the cobbler check command ? Note this is not an issue is selinux is _not_ in enforcing mode. - on server1 (migrated from 1.6.x) and after migration: - Had to removed the omapi section from the /etc/cobbler/dhcp.template file a task for cobbler check ? (not sure but that helps dumb guy like myself not reading the docs... :-( ) - Some text comments attached with the systems had accents/diacritics char. I had to removed them (from jason files) to avoid a python stack trace in the new WEB interface (1.6.x was not having issue there - may be due to the move to django) - In the new WEB interface, I got python stack trace when trying to sort the Systems view on a per profile basis The pb was with the /usr/share/cobbler/session/sessionid. file the following solved the issue: root# chcon -t httpd_sys_content_t /usr/share/cobbler/web/sessions and to be sure it will be persistent: root # /usr/sbin/semanage fcontext -a -t httpd_sys_content_t /usr/share/cobbler/web(/.*)? may be something that can be addressed at installation time ? Note this is not an issue is selinux is _not_ in enforcing mode. - The owners field is not displayed anymore in the web interface. That was very usefull to figure out who to contact. Any easy way to make it visible again ? Apart the small annoyance sabove, cobbler2.0 on server1 (the migrated one) works very well and I continue testing and experimenting with it. thanks, Phil. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: cobbler 2.0 workaround for SELinux and misc issues
2009/9/28 Michael DeHaan mdeh...@redhat.com I noticed the following: - on server2 set up from scratch cobbler import was complaining that the issued rsync command was failing I had to disable selinux for rsync to make cobbler import working with the following command. root# setsebool -P rsync_disable_trans=1 What OS were you running from? RHEL 5 (I should have mentioned it). (General note -- Cobbler+SELinux is not supported on RHEL 4 (it is too primitive to share content between Apache and TFTP) but RHEL 5 and on it is) This may be a rule we want to indicate in cobbler check alongside the httpd_can_network_connect item it already reports about today. Let's make sure there's a Trac open on this one. Done. This iis tract ticket 500. - on server1 (migrated from 1.6.x) and after migration: - Had to removed the omapi section from the /etc/cobbler/dhcp.template file a task for cobbler check ? (not sure but that helps dumb guy like myself not reading the docs... :-( ) OMAPI is no longer supported in 2.0, so I am not sure what the problem is or why you would have to remove it. Can you explain further what the problem was? Despite we were not using OMAPI our 1.6.x /etc/cobbler/dhcp.template was having the declaration below. After migrating to2.0, the /etc/cobbler/dhcp.template was still having this declaration (my fault I should have removed it): #if $omapi_enabled omapi-port $omapi_port; #end if Then cobbler sync failed with a cheetah template instantiation error. Tue Sep 29 08:10:51 2009 - INFO | Exception occured: cexceptions.CX Tue Sep 29 08:10:51 2009 - INFO | Exception value: 'Error templating file: /etc/dhcpd.conf' Tue Sep 29 08:10:51 2009 - INFO | Exception Info: File /usr/lib/python2.4/site-packages/cobbler/remote.py, line 92, in run rc = self._run(self) File /usr/lib/python2.4/site-packages/cobbler/remote.py, line 181, in runner return self.remote.api.sync(self.options.get(verbose,False),logger=self.logger) File /usr/lib/python2.4/site-packages/cobbler/api.py, line 599, in sync return sync.run() File /usr/lib/python2.4/site-packages/cobbler/action_sync.py, line 124, in run self.dhcp.write_dhcp_file() File /usr/lib/python2.4/site-packages/cobbler/modules/manage_isc.py, line 193, in write_dhcp_file self.templar.render(template_data, metadata, self.settings_file, None) File /usr/lib/python2.4/site-packages/cobbler/templar.py, line 129, in render raise CX(Error templating file: %s % out_path) Tue Sep 29 08:10:51 2009 - ERROR | ### TASK FAILED ### - Some text comments attached with the systems had accents/diacritics char. I had to removed them (from jason files) to avoid a python stack trace in the new WEB interface (1.6.x was not having issue there - may be due to the move to django) Hmm, interesting.Please make sure there is a Trac item for this one. See my earlier note about how to get an account and file a bug. Done (Ticket 501) - In the new WEB interface, I got python stack trace when trying to sort the Systems view on a per profile basis The pb was with the /usr/share/cobbler/session/sessionid. file the following solved the issue: root# chcon -t httpd_sys_content_t /usr/share/cobbler/web/sessions and to be sure it will be persistent: root # /usr/sbin/semanage fcontext -a -t httpd_sys_content_t /usr/share/cobbler/web(/.*)? Ah, nice find.It is true we haven't done much SELinux testing with cobbler_web.This should be added to the rules that cobbler check reports that the user should set. Let's make sure we have a record of this bug in Trac. Done. (Ticket 502) - The owners field is not displayed anymore in the web interface. That was very usefull to figure out who to contact. Any easy way to make it visible again ? I've just fixed that, it appears we had two objects that had this still marked as a hidden field. Thanks! (no need for a Trac item on this one). Cool, thanks. Apart the small annoyance sabove, cobbler2.0 on server1 (the migrated one) works very well and I continue testing and experimenting with it. Much appreciated! Again, if you can make sure the two bugs noted above have Trac items we'll make sure they are fixed. Done (3 tickets entered). thanks, Phil. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: cobbler 2.0 workaround for SELinux and misc issues
2009/9/29 Michael DeHaan mdeh...@redhat.com On 09/29/2009 03:24 AM, Philippe Eveque wrote: 2009/9/28 Michael DeHaan mdeh...@redhat.com I noticed the following: - on server2 set up from scratch cobbler import was complaining that the issued rsync command was failing I had to disable selinux for rsync to make cobbler import working with the following command. root# setsebool -P rsync_disable_trans=1 What OS were you running from? RHEL 5 (I should have mentioned it). Were you doing an import from an rsync mirror (as in rsync protocol, rsync://) or just a DVD or filesystem path?I'm suprised we didn't hit that in SELinux testing on previous releases as that hasn't really changed. Here is the sequence I used with the results [root]# getsebool -a | grep rsync allow_rsync_anon_write -- off rsync_disable_trans -- off rsync_export_all_ro -- off Now try to import an iso image something that is locally loop back mounted via mount /var/rhel-server-5.3-i386-dvd.iso /mnt/RHEL5.3 -o loop [root]# cobbler import --name=philtrial --arch=x86 --path=/mnt/RHEL5.3 task started: 2009-09-29_162939_import task started (id=Media import, time=Tue Sep 29 16:29:39 2009) running: rsync -a '/mnt/RHEL5.3/' /var/www/cobbler/ks_mirror/philtrial-i386 --exclude-from=/etc/cobbler/rsync.exclude --progress returned: 12 Exception occured: cobbler.cexceptions.CX Exception value: 'Command failed' Exception Info: File /usr/lib/python2.4/site-packages/cobbler/utils.py, line 108, in die raise CX(msg) Exception occured: cobbler.cexceptions.CX Exception value: 'Command failed' Exception Info: File /usr/lib/python2.4/site-packages/cobbler/remote.py, line 94, in run rc = self._run(self) File /usr/lib/python2.4/site-packages/cobbler/remote.py, line 223, in runner self.logger File /usr/lib/python2.4/site-packages/cobbler/api.py, line 647, in import_tree return importer.run() File /usr/lib/python2.4/site-packages/cobbler/action_import.py, line 181, in run self.run_this(rsync_cmd, (spacer, self.mirror, self.settings.webdir, self.mirror_name)) File /usr/lib/python2.4/site-packages/cobbler/action_import.py, line 262, in run_this utils.die(self.logger,Command failed) File /usr/lib/python2.4/site-packages/cobbler/utils.py, line 116, in die raise CX(msg) !!! TASK FAILED !!! then switch off the SELinux rsync and retry (as it was already done it is fast :-) ) [root]# setsebool -P rsync_disable_trans=1 [root]# cobbler import --name=philtrial --arch=x86 --path=/mnt/RHEL5.3 task started: 2009-09-29_163011_import task started (id=Media import, time=Tue Sep 29 16:30:11 2009) running: rsync -a '/mnt/RHEL5.3/' /var/www/cobbler/ks_mirror/philtrial-i386 --exclude-from=/etc/cobbler/rsync.exclude --progress building file list ... 2516 files to consider sent 89541 bytes received 20 bytes 179122.00 bytes/sec total size is 2729915423 speedup is 30481.07 returned: 0 adding distros scanning /var/www/cobbler/ks_mirror/philtrial-i386/images/pxeboot for distro signature scanning /var/www/cobbler/ks_mirror/philtrial-i386/images for distro signature scanning /var/www/cobbler/ks_mirror/philtrial-i386 for distro signature found content (breed=redhat) at /v skipping import, as distro name already exists: philtrial-i386 scanning /var/www/cobbler/ks_mirror/philtrial-i386/images/xen for distro signature scanning /var/www/cobbler/ks_mirror/philtrial-i386/images for distro signature scanning /var/www/cobbler/ks_mirror/philtrial-i386 for distro signature found content (breed=redhat) at /v skipping import, as distro name already exists: philtrial-xen-i386 associating repos associating kickstarts *** TASK COMPLETE *** and IIRC, the result was the same when rsyncing from a remote location. Anyway, let's get a ticket for this one too and we'll check it out. Ok sure. Despite we were not using OMAPI our 1.6.x /etc/cobbler/dhcp.template was having the declaration below. After migrating to2.0, the /etc/cobbler/dhcp.template was still having this declaration (my fault I should have removed it): #if $omapi_enabled omapi-port $omapi_port; #end if Then cobbler sync failed with a cheetah template instantiation error. Ah, yes, that's one of the .rpmnew files you have to pay attention to on upgrades. This one is not a bug. Thanks very much for filing the others! --Michael ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: cobbler 2.0 workaround for SELinux and misc issues
2009/9/29 Philippe Eveque philippe.eve...@gmail.com 2009/9/29 Michael DeHaan mdeh...@redhat.com On 09/29/2009 03:24 AM, Philippe Eveque wrote: 2009/9/28 Michael DeHaan mdeh...@redhat.com I noticed the following: - on server2 set up from scratch cobbler import was complaining that the issued rsync command was failing I had to disable selinux for rsync to make cobbler import working with the following command. root# setsebool -P rsync_disable_trans=1 What OS were you running from? RHEL 5 (I should have mentioned it). Were you doing an import from an rsync mirror (as in rsync protocol, rsync://) or just a DVD or filesystem path?I'm suprised we didn't hit that in SELinux testing on previous releases as that hasn't really changed. I forgot to mention - this is a 2.0.x specific issue and 1.6.x does not expose it. - if you run as root the rsync command reported by cobbler import you do not hit the Pb either. I guess this is because with 2.0 the rsync command is run in the context of the cobblerd daemon (after the cmd has been submitted via the xmlrpc layer) does this make sense ? [...] Anyway, let's get a ticket for this one too and we'll check it out. Ok sure. done (this is ticket 503.) --Phil. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: Issue with cobbler sync
I would encourage you to move to cobbler 2.x if possible -- Phil 2010/1/21 Rivera, Jose B (Jose)** CTR ** jbriv...@alcatel-lucent.com Cobbler Gurus: We recently installed cobbler_1.6.6 and were able to import distributions but when we run cobbler sync we get cannot find directory: -c. We are not sure which directory -c is being referenced. If we run cobbler check, it tells us to create directory -c. Please advice, Jose Rivera HP Enterprise Services ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: Issue with cobbler sync
2.0.2 is in epel-testing for quite a while now. --Phil. 2010/1/22 brown wrap gra...@yahoo.com Am I missing something here? The latest version of Cobbler I see is 1.6.8. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: Authorization problem
see section How kickstart editing is handled in https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership 2010/3/3 Luc de Louw l...@delouw.ch Dear all, I want to prevent several users to make changes to ks templates and snippets. Normal users should only be able to add/remove and edit systems. Any hints on this? Thanks, Luc ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: Getting 'profile-kickstart' instead of 'system-kickstart'
Hi, I'm not using spacewalk, just cobbler (rev 2.0.1) I have a system S with a profile P. in P there is a variable $var (defined as a kickstart metadata) defined with value V1 in S I override the $var with a different value : V2 Then: cobbler profile getks --name=P = then $var value is V1 whereas: cobbler system getks --name=S = then $var value is V2 So cobbler seem to be working as expected for me, that is get the profile ks when requested and the system profile when requested. Phil. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: Getting 'profile-kickstart' instead of 'system-kickstart'
2010/3/22 Jonas Bygdén jonaslis...@gmail.com On 2010-03-22 12:10, chandan dutta chowdhury wrote: Hello, Your system report shows that you are inheriting the profile kickstart Am i missing something ? Kickstart :inherit r...@spacewalk # cobbler system report --name=xenlinux21 Name : xenLinux21 Comment: Gateway: 192.168.33.1 Hostname : xenLinux21.domain.net Image : Kernel Options : {} Kernel Options (Post Install) : {} Kickstart :inherit Kickstart Metadata : {} Management Classes : [] - Chandan Excuse my ignorance, but what would it say if it were correct? I'm trying to figure out how the relationships between repos, distros, profiles and systems work and all I get is bits and pieces. personnally https://fedorahosted.org/cobbler/wiki/HowWeModelThings and https://fedorahosted.org/cobbler/attachment/wiki/ChartsAndGraphs/code.png always helped figuring out the relationships. the latter is a bit outdated I think. But I guess you already went through it. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: Getting 'profile-kickstart' instead of 'system-kickstart'
Hi May be the following commands might help a little. Not sure [r...@sys]# cobbler system dumpvars --name=yoursystem [r...@sys]# cobbler profile dumpvars --name=profileAssigned2yoursystem But no sure we will understand what happened at deployment time though. Phil. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: LDAP authorization in Cobbler
We are using something similar and discover we had to specify the port into both the ldap_server field (xxx.com:636) AND in the ldap port field to make it work. e.g: ldap_server: xxx.xxx.com:636 ldap_base_dn: ou=people,o=xxx.com ldap_port: '636' ldap_tls: 1 [...] my 2cts Phil. 2010/7/28 Byron Pezan bpe...@secureworks.com I currently use LDAP against AD for the cobbler web interface. However, I use the ‘base_dn’ and OUs in AD to limit the scope of who can authenticate, not users.conf. I do use users.conf for ownership of objects though. Unfortunately I’ve been unable to get TLS encrypted LDAP to work, despite getting it to work on other web apps via Apache configs. Here’s my current LDAP config from /etc/cobbler/settings: --- ldap_server: xxx.xxx.xxx.xxx ldap_base_dn: OU=DeeperFolder,OU=Folder,DC=domain,DC=domain,DC=com ldap_port: 389 ldap_tls: 0 ldap_anonymous_bind: 0 ldap_search_bind_dn: 'ldapbindacco...@netbios Domain name' ldap_search_passwd: 'BindPassword' ldap_search_prefix: 'sAMAccountName=' Hope this helps. byron *From:* cobbler-boun...@lists.fedorahosted.org [mailto: cobbler-boun...@lists.fedorahosted.org] *On Behalf Of *Ignasi Blanco *Sent:* Wednesday, July 28, 2010 3:50 AM *To:* cobbler@lists.fedorahosted.org *Subject:* LDAP authorization in Cobbler Hi All, I am trying to get the cobbler webui to use LDAP authorization against our LDAP server. I check the correct LDAP configuration with demo_connect.py. I have can authenticated with any user of LDAP without password (no anonymous binding), but the authorization seems to be not necessary. In LDAP access log no appears any connection, I guess that it does not authorized with LDAP server. I want to authorizing only the LDAP user from users.conf. How is it possible? I use cobbler 2.0.3.1 and my configuration is the next: In modules.conf: [authentication] module = authn_ldap [authorization] module = authz_configfile In settings: ldap_server: ldap.x.org ldap_base_dn: dc=x,dc=org ldap_port: 389 ldap_tls: 1 ldap_anonymous_bind: 0 ldap_search_bind_dn: 'uid=cobbler,ou=system,dc=,dc=org' ldap_search_passwd: 'password' ldap_search_prefix: 'uid=' In users.conf: [dxs] cobbler = admin = ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
Re: LDAP authorization in Cobbler
2010/7/29 Ignasi Blanco ibla...@flumotion.com I really appreciated your help. But I can authenticate LDAP users (if I use ldap_base_dn ou=people, only people accounts). In fact, only LDAP users in users.conf can save and run options in webui, and others LDAP users authenticated does not have permissions to edit objects. Now, my real problem is that all LDAP users (ou=People) can authenticate in webui without typing any password. Just for checking: I guess you follow all the steps described on the wiki https://fedorahosted.org/cobbler/wiki/CobblerWithLdap and specially the steps 3, 4 and 5. I do not remember having being done more. Phil. ___ cobbler mailing list cobbler@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler
[cobbler] Re: Quirky thing with parameters. Anyone else see it?
Seeing the same for ks_meta: not being rendered/available when using $ks_meta but each individual parameter defined via ks_meta are being available ($my_var1, $my_var2. mgmt_parameters is being rendered (and seems to include the ks_meta): so that $mgmt_parameters is expanded to a json struct containing what you might be looking for Plus some additional fields like tree and from_cobbler. just add this in your ks_templete # A_TEST = $ks_meta # ANOTHER = $mgmt_parameters # ANOTHER ONE = $from_cobbler and $tree and $my_var1 expanded as below (some value replaced with ): # A_TEST = $ks_meta # ANOTHER = {'my_var1': '2017.07.1', 'tree': '', 'from_cobbler': 1, 'my_var2': 'a_value', 'partnumber': 'NONE'} # ANOTHER ONE = $from_cobbler and and 2017.07.1 So if you now the name of the variables passed via ks_meta this is easy job else you need to parse the json from $mgmt_parameters to extract the values you need, 2017-08-24 19:11 GMT+02:00 Michael C. Tiernan: > So I have taken to including a section in my kickstart that reads the > values of the ks_meta parameter and the value of mgmt_parameters. > > It seems that while ks_meta, is defined by cobbler (seen from dumpvars) it > does not seem to be showing up in my cheetah/kickstart environment. > > Two questions. > > 1) Anyone else seen this? > > 2) Is there a way to do a dumpvars type of listing of existing variables > from inside the cheetah code? > > Thanks for all your time. > ___ > cobbler mailing list -- cobbler@lists.fedorahosted.org > To unsubscribe send an email to cobbler-le...@lists.fedorahosted.org > ___ cobbler mailing list -- cobbler@lists.fedorahosted.org To unsubscribe send an email to cobbler-le...@lists.fedorahosted.org
Re: messages in /var/log/httpd
Yeap, seeing it too. 2009/9/3 Leonid Flaks fl...@bnl.gov I just noticed that /var/log/httpd/access_log is getting filled with lines every 2 seconds with whatever action is taken repeatedly until the next one is generated which goes endlessly. [...] Looks like some bug in logging. Does anybody else see this, or is just me? Yeap seeing it too Phil. ___ cobbler-devel mailing list cobbler-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler-devel
Re: Build Tool Changes
Hi, I've just updated to the latest Master and I'm sure I'm missing something... Now: $make rpms does not work anymore as the rev need to be updated. it just reports: [...] creating dist tar -cf dist/cobbler-2.0.3.1.tar cobbler-2.0.3.1 gzip -f9 dist/cobbler-2.0.3.1.tar removing 'cobbler-2.0.3.1' (and everything under it) mkdir -p rpm-build cp dist/*.gz rpm-build/ rpmbuild --define _topdir %(pwd)/rpm-build \ --define _builddir %{_topdir} \ --define _rpmdir %{_topdir} \ --define _srcrpmdir %{_topdir} \ --define _specdir %{_topdir} \ --define '_rpmfilename %%{NAME}-%%{VERSION}-%%{RELEASE}.%%{ARCH}.rpm' \ --define _sourcedir %{_topdir} \ -ba cobbler.spec error: File /home/eveque/src/cobbler/rpm-build/cobbler-2.0.3.2.tar.gz: No such file or directory make: *** [rpms] Error 1 [ Ok, need to move to tito now on. But that would be nice the old command to build the rpms works with the new system. So I've installed tito from epel and tried to run $ tito build --rpm ERROR: Tag does not exist locally: [cobbler-2.0.3.2-1] So I just realized I need the git tag command to return something valid... Phil. 2010/4/15 Devan Goodwin dgood...@rm-rf.ca Just pushed some small changes to switch to using Tito to git tag our releases and do tgz + rpm builds. http://github.com/dgoodwin/tito For anyone doing development, this just means you can run devel code off the latest git head, but install it via rpm if you'd prefer. 'tito build --rpm' will build the latest tagged release for your arch. 'tito build --rpm --test' will build test rpms off the latest git HEAD, great for devels who want to deploy via rpms. Once we go to do a new release: 'tito tag' will bump the version, auto-gen the spec file changelog from commit messages and give you a chance to edit it, then commit and git tag. 'tito build --srpm' will build a source rpm With some config changes we can get it set up to tito build --release will build the source rpm, commit changes to Fedora CVS and submit all the desired Koji builds. Let me know when, and I can help get this set up. I had to tag a new version to get this operational, you'll see a cobbler-2.0.3.2-1 tag out there, I don't intend for this to be a public release. (although it can be if we'd like to do one now) Will try to do some more work to cleanup build process in the coming weeks. Let me know if you hit any issues. Cheers, Devan -- Devan Goodwin dgood...@rm-rf.ca http://rm-rf.ca ___ cobbler-devel mailing list cobbler-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler-devel ___ cobbler-devel mailing list cobbler-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler-devel
Re: New templating language and support for EL4
2010/12/22 brett lentz brett.le...@gmail.com On Wed, Dec 22, 2010 at 9:19 AM, Scott Henson shen...@redhat.com wrote: On Wed, 22 Dec 2010 11:00:26 -0600, marek.doho...@thomsonreuters.com wrote: Actually yes I still am running EL4. Out of curiosity what do you find is a problem with Cheetah? Cheetah recently broke on F14 and has had various and other problems with its security. It has generally just been a pain in my back side for some time. I'm not saying I'm going to make a change, just trying to get a general feeling on the subject at this place. Support for EL4 should be maintained until EL4 is EOL. It's only got 2 years left. I believe it's EOL in 2012. As for templating, I agree that there needs to be specific reasons for the change. The various and other problems should be detailed. It's possible that there are less drastic solutions to those problems. I'm not personally invested too heavily in Cheetah. I like Genshi for a number of reasons, but would be open to adapting to other options. I'm not opposed to learning something new. :-) There's been a few blog posts going around Planet Python in the last month about good and bad uses of templating engines. With cobbler-web having moved to Django for cobbler 2.0 (IIRC), it sort of makes sense to move the rest of the app in that direction as well. However, if this happens, I think it should incur another big version bump to 2.5 or 3.0, so that it's clear that this isn't just a minor update. sharing the same view. Phil ___ cobbler-devel mailing list cobbler-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler-devel
Re: New templating language and support for EL4
Scott, would it help to summarize all the above comments about cobbler templating plans somewhere for future reference ? something like: - Support a enhanced/better templating system (jinja, django, ...) as a default - Ability to select between templating systems (legacy and new default) - list of pros and cons of moving to a new default also the description of some problems it solves - have some sample with the new templating to help figure out the transition this assumes a good view on the new templating system Phil ___ cobbler-devel mailing list cobbler-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/cobbler-devel