On 31.08.2014 [10:15:01 +0200], J?rgen Maas wrote: > This is definitely a bug, i will take a look at it. > > FYI, the master branch is slated to become cobbler 3.0, this means > functionality and API may (and shall) change or can be removed altogether > (eg. s390/itanium).
Yep, that's fine with me, to be honest. But one thing I'd like to see improved is the commit logs indicating what is functionally changing (even if just the intent). The logs right now are a bit terse and it takes looking at the actual commit to know what they do often :) > One other example is the remote kickstart URL feature; this has been > removed on purpose also as a result of multiple CVE reports. > Kickstarts *must* reside on the Cobbler server and also they *must* be in > the directory /var/lib/cobbler/kickstarts/ I wonder if it would be possible to provide a mirroring? That is, if the kickstart referenced is remote, can it not be mirrored over as part of the sync and thus be local for the deployment itself? I suppose if that's the case, the admin could just mirror them over. I do think there's one use-case that is no longer supported, but isn't a CVE -- users testing custom kickstarts. Presuming a good authorization model, regular users may not be allowed to edit the Cobbler-wide kickstarts. But they might want to test some custom partitioning, or feature flag, and would like to specify that in their kickstart file? -Nish _______________________________________________ cobbler-devel mailing list cobbler-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/cobbler-devel
