James Cammarata wrote: > On Sat, 27 Sep 2008 22:12:21 -0500, James Cammarata <[EMAIL PROTECTED]> wrote: > >> Available via git hub: >> git://github.com/jimi1283/cobbler-template-files.git >> > > Made an update to this to force the destination to always be relative to > the rendered directory, in order to prevent someone from accidentally > overwriting system files (or maliciously, if a user were granted sudo > access to cobbler. > > I've also created a more generic github repo: > git://github.com/jimi1283/cobbler.git > > Thanks. > > James c. > >
Thanks, I should have this reviewed sometime this week. I know we talked about this on IRC (and I think it's a neat tool in general for when you need very lightweight templating for some small files), but can you give an example for folks on the list so they can see what this might be used for? FYI -- Sudo access to cobbler allows control over future network provisioning (very much a powerful feature) -- so I am less concerned about malicious use there that than the shoot-foot scenario. Using "cobbler aclsetup" is another good thing to do, it ensures that cobbler triggers (except pre/post install triggers) are run as you, not as root. Either way, we wouldn't want to be accidentally clobbering /etc/grub.conf or something when we really meant to generate a file for used on the installed systems and just didn't read the manpage documentation, etc. _______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
