--- /dev/null
+# This configuration file allows cobbler data\r
+# to be accessed over HTTP.\r
+\r
+AliasMatch ^/cblr/svc/op/ks/system/(.*)?$ "/var/www/cblr_ks/$1"\r
+AliasMatch ^/cblr(?!/svc/)(.*)?$ "/var/www/cobbler$1"\r
+AliasMatch ^/cobbler_track(.*)?$ "/var/www/cobbler$1"\r
+#AliasMatch ^/cobbler(.*)?$ "/var/www/cobbler$1"\r
+Alias /cobbler /var/www/cobbler\r
+Alias /cobbler_webui_content /var/www/cobbler_webui_content\r
+\r
+WSGIScriptAliasMatch ^/cblr/svc/([^/]*) /var/www/cobbler/svc/services.py\r
+\r
+<Directory "/var/www/cobbler">\r
+ Options Indexes FollowSymLinks\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+\r
+ProxyRequests off\r
+\r
+ProxyPass /cobbler_api http://localhost:25151/\r
+ProxyPassReverse /cobbler_api http://localhost:25151/\r
+\r
+BrowserMatch "MSIE" AuthDigestEnableQueryStringHack=On\r
+\r
+# the webui is now part of the "cobbler-web" package\r
+# and is visited at http://.../cobbler_web not this URL.\r
+# this is only a pointer to the new page.\r
+\r
+<Directory "/var/www/cobbler/web/">\r
+ Options Indexes FollowSymLinks\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
+\r
+<Directory "/var/www/cblr_ks/">\r
+ Options Indexes FollowSymLinks\r
+ Order allow,deny\r
+ Allow from all\r
+</Directory>\r
--- /dev/null
+# ******************************************************************\r
+# Cobbler managed dhcpd.conf file\r
+#\r
+# generated from cobbler dhcp.conf template ($date)\r
+# Do NOT make changes to /etc/dhcpd.conf. Instead, make your changes\r
+# in /etc/cobbler/dhcp.template, as /etc/dhcpd.conf will be\r
+# overwritten.\r
+#\r
+# ******************************************************************\r
+\r
+ddns-update-style interim;\r
+\r
+allow booting;\r
+allow bootp;\r
+deny unknown-clients;\r
+local-address $ipaddr;\r
+log-facility local6;\r
+\r
+ignore client-updates;\r
+set vendorclass = option vendor-class-identifier;\r
+\r
+option pxe-system-type code 93 = unsigned integer 16;\r
+option space pxelinux;\r
+option pxelinux.magic code 208 = string;\r
+option pxelinux.configfile code 209 = text;\r
+option pxelinux.pathprefix code 210 = text;\r
+option pxelinux.reboottime code 211 = unsigned integer 32;\r
+\r
+subnet $subnet netmask $netmask {\r
+ option routers $gateway;\r
+ option domain-name-servers $ipaddr;\r
+ option subnet-mask $netmask;\r
+ range dynamic-bootp $ip_range;\r
+ default-lease-time 21600;\r
+ max-lease-time 43200;\r
+ next-server $next_server;\r
+ class "pxeclients" {\r
+ match if substring (option vendor-class-identifier, 0, 9) = "PXEClient";\r
+ if option pxe-system-type = 00:02 {\r
+ filename "ia64/elilo.efi";\r
+ } else if option pxe-system-type = 00:06 {\r
+ filename "grub/grub-x86.efi";\r
+ } else if option pxe-system-type = 00:07 {\r
+ filename "grub/grub-x86_64.efi";\r
+ } else {\r
+ filename "pxelinux.0";\r
+ }\r
+ }\r
+\r
+}\r
+\r
+#for dhcp_tag in $dhcp_tags.keys():\r
+ ## group could be subnet if your dhcp tags line up with your subnets\r
+ ## or really any valid dhcpd.conf construct ... if you only use the\r
+ ## default dhcp tag in cobbler, the group block can be deleted for a\r
+ ## flat configuration\r
+# group for Cobbler DHCP tag: $dhcp_tag\r
+group {\r
+ #for mac in $dhcp_tags[$dhcp_tag].keys():\r
+ #set iface = $dhcp_tags[$dhcp_tag][$mac]\r
+ host $iface.name {\r
+ hardware ethernet $mac;\r
+ site-option-space "pxelinux";\r
+ option pxelinux.magic f1:00:74:7e;\r
+ if exists dhcp-parameter-request-list {\r
+ # Always send the PXELINUX options (specified in hexadecimal)\r
+ option dhcp-parameter-request-list = concat(option dhcp-parameter-request-list,d0,d1,d2,d3);\r
+ }\r
+ option pxelinux.reboottime 30;\r
+ #if $iface.hostname:\r
+ option host-name "$iface.hostname";\r
+ #end if\r
+ #if $iface.netmask:\r
+ option subnet-mask $iface.netmask;\r
+ #end if\r
+ #if $iface.gateway:\r
+ option routers $iface.gateway;\r
+ #end if\r
+ #if $iface.enable_gpxe:\r
+ if exists user-class and option user-class = "gPXE" {\r
+ filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";\r
+ } else if exists user-class and option user-class = "iPXE" {\r
+ filename "http://$cobbler_server/cblr/svc/op/gpxe/system/$iface.owner";\r
+ } else {\r
+ filename "undionly.kpxe";\r
+ }\r
+ #else\r
+ filename "$iface.filename";\r
+ #end if\r
+ ## Cobbler defaults to $next_server, but some users\r
+ ## may like to use $iface.system.server for proxied setups\r
+ next-server $next_server;\r
+ ## next-server $iface.next_server;\r
+ }\r
+ #end for\r
+}\r
+#end for\r
+\r
--- /dev/null
+# cobbler module configuration file\r
+# =================================\r
+\r
+# authentication: \r
+# what users can log into the WebUI and Read-Write XMLRPC?\r
+# choices:\r
+# authn_denyall -- no one (default)\r
+# authn_configfile -- use /etc/cobbler/users.digest (for basic setups)\r
+# authn_passthru -- ask Apache to handle it (used for kerberos)\r
+# authn_ldap -- authenticate against LDAP\r
+# authn_spacewalk -- ask Spacewalk/Satellite (experimental)\r
+# authn_pam -- use PAM facilities\r
+# authn_testing -- username/password is always testing/testing (debug)\r
+# (user supplied) -- you may write your own module\r
+# WARNING: this is a security setting, do not choose an option blindly.\r
+# for more information:\r
+# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface\r
+# https://github.com/cobbler/cobbler/wiki/Security-overview\r
+# https://github.com/cobbler/cobbler/wiki/Kerberos\r
+# https://github.com/cobbler/cobbler/wiki/Ldap\r
+\r
+[authentication]\r
+module = authn_configfile\r
+\r
+# authorization: \r
+# once a user has been cleared by the WebUI/XMLRPC, what can they do?\r
+# choices:\r
+# authz_allowall -- full access for all authneticated users (default)\r
+# authz_ownership -- use users.conf, but add object ownership semantics\r
+# (user supplied) -- you may write your own module\r
+# WARNING: this is a security setting, do not choose an option blindly.\r
+# If you want to further restrict cobbler with ACLs for various groups,\r
+# pick authz_ownership. authz_allowall does not support ACLs. configfile\r
+# does but does not support object ownership which is useful as an additional\r
+# layer of control.\r
+\r
+# for more information:\r
+# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface\r
+# https://github.com/cobbler/cobbler/wiki/Security-overview\r
+# https://github.com/cobbler/cobbler/wiki/Web-authorization\r
+\r
+[authorization]\r
+module = authz_allowall\r
+\r
+# dns:\r
+# chooses the DNS management engine if manage_dns is enabled\r
+# in /etc/cobbler/settings, which is off by default.\r
+# choices:\r
+# manage_bind -- default, uses BIND/named\r
+# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below\r
+# NOTE: more configuration is still required in /etc/cobbler\r
+# for more information:\r
+# https://github.com/cobbler/cobbler/wiki/Dns-management\r
+\r
+[dns]\r
+module = manage_bind\r
+\r
+# dhcp:\r
+# chooses the DHCP management engine if manage_dhcp is enabled\r
+# in /etc/cobbler/settings, which is off by default.\r
+# choices:\r
+# manage_isc -- default, uses ISC dhcpd\r
+# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above\r
+# NOTE: more configuration is still required in /etc/cobbler\r
+# for more information:\r
+# https://github.com/cobbler/cobbler/wiki/Dhcp-management\r
+ \r
+[dhcp]\r
+module = manage_isc\r
+\r
+# tftpd:\r
+# chooses the TFTP management engine if manage_tftp is enabled\r
+# in /etc/cobbler/settings, which is ON by default.\r
+#\r
+# choices:\r
+# manage_in_tftpd -- default, uses the system's tftp server\r
+# manage_tftpd_py -- uses cobbler's tftp server\r
+#\r
+ \r
+[tftpd]\r
+module = manage_in_tftpd\r
+\r
+#--------------------------------------------------\r
--- /dev/null
+options {\r
+ listen-on port 53 { $ipaddr; };\r
+ directory "/var/named";\r
+ dump-file "/var/named/data/cache_dump.db";\r
+ statistics-file "/var/named/data/named_stats.txt";\r
+ memstatistics-file "/var/named/data/named_mem_stats.txt";\r
+ allow-query { 127.0.0.0/8; $subnet; };\r
+ recursion yes;\r
+};\r
+\r
+logging {\r
+ channel default_debug {\r
+ file "data/named.run";\r
+ severity dynamic;\r
+ };\r
+};\r
+\r
+#for $zone in $forward_zones\r
+zone "${zone}." {\r
+ type master;\r
+ file "$zone";\r
+};\r
+\r
+#end for\r
+#for $zone, $arpa in $reverse_zones\r
+zone "${arpa}." {\r
+ type master;\r
+ file "$zone";\r
+};\r
+\r
+#end for\r
--- /dev/null
+---\r
+# cobbler settings file\r
+# restart cobblerd and run "cobbler sync" after making changes\r
+# This config file is in YAML 1.0 format\r
+# see http://yaml.org\r
+# ==========================================================\r
+# if 1, cobbler will allow insertions of system records that duplicate\r
+# the --dns-name information of other system records. In general,\r
+# this is undesirable and should be left 0.\r
+allow_duplicate_hostnames: 0\r
+\r
+# if 1, cobbler will allow insertions of system records that duplicate\r
+# the ip address information of other system records. In general,\r
+# this is undesirable and should be left 0.\r
+allow_duplicate_ips: 0\r
+\r
+# if 1, cobbler will allow insertions of system records that duplicate\r
+# the mac address information of other system records. In general,\r
+# this is undesirable.\r
+allow_duplicate_macs: 0\r
+\r
+# if 1, cobbler will allow settings to be changed dynamically without\r
+# a restart of the cobblerd daemon. You can only change this variable\r
+# by manually editing the settings file, and you MUST restart cobblerd\r
+# after changing it.\r
+allow_dynamic_settings: 0\r
+\r
+# by default, installs are *not* set to send installation logs to the cobbler\r
+# # # server. With 'anamon_enabled', kickstart templates may use the pre_anamon\r
+# # # snippet to allow remote live monitoring of their installations from the\r
+# # # cobbler server. Installation logs will be stored under\r
+# # # /var/log/cobbler/anamon/. NOTE: This does allow an xmlrpc call to send logs\r
+# # # to this directory, without authentication, so enable only if you are\r
+# # # ok with this limitation.\r
+anamon_enabled: 1\r
+\r
+# If using authn_pam in the modules.conf, this can be configured\r
+# to change the PAM service authentication will be tested against.\r
+# The default value is "login".\r
+authn_pam_service: "login"\r
+\r
+# Email out a report when cobbler finishes installing a system.\r
+# enabled: set to 1 to turn this feature on\r
+# sender: optional\r
+# email: which addresses to email\r
+# smtp_server: used to specify another server for an MTA\r
+# subject: use the default subject unless overridden\r
+build_reporting_enabled: 0\r
+build_reporting_sender: ""\r
+build_reporting_email: [ 'root@localhost' ]\r
+build_reporting_smtp_server: "localhost"\r
+build_reporting_subject: ""\r
+\r
+# Cheetah-language kickstart templates can import Python modules.\r
+# while this is a useful feature, it is not safe to allow them to \r
+# import anything they want. This whitelists which modules can be \r
+# imported through Cheetah. Users can expand this as needed but\r
+# should never allow modules such as subprocess or those that\r
+# allow access to the filesystem as Cheetah templates are evaluated\r
+# by cobblerd as code.\r
+cheetah_import_whitelist:\r
+ - "random"\r
+ - "re"\r
+ - "time"\r
+\r
+# Default createrepo_flags to use for new repositories. If you have\r
+# createrepo >= 0.4.10, consider "-c cache --update -C", which can\r
+# dramatically improve your "cobbler reposync" time. "-s sha"\r
+# enables working with Fedora repos from F11/F12 from EL-4 or\r
+# EL-5 without python-hashlib installed (which is not available\r
+# on EL-4)\r
+createrepo_flags: "-c cache -s sha"\r
+\r
+# if no kickstart is specified to profile add, use this template\r
+default_kickstart: /var/lib/cobbler/kickstarts/default.ks\r
+\r
+# configure all installed systems to use these nameservers by default\r
+# unless defined differently in the profile. For DHCP configurations\r
+# you probably do /not/ want to supply this.\r
+default_name_servers: ['$ipaddr']\r
+\r
+# if using the authz_ownership module (see the Wiki), objects\r
+# created without specifying an owner are assigned to this\r
+# owner and/or group. Can be a comma seperated list.\r
+default_ownership:\r
+ - "admin"\r
+\r
+# cobbler has various sample kickstart templates stored\r
+# in /var/lib/cobbler/kickstarts/. This controls\r
+# what install (root) password is set up for those\r
+# systems that reference this variable. The factory\r
+# default is "cobbler" and cobbler check will warn if\r
+# this is not changed.\r
+# The simplest way to change the password is to run \r
+# openssl passwd -1\r
+# and put the output between the "" below.\r
+default_password_crypted: "$1$huawei$9OkoVJwO4W8vavlXd1bUS/"\r
+\r
+# the default template type to use in the absence of any\r
+# other detected template. If you do not specify the template \r
+# with '#template=<template_type>' on the first line of your\r
+# templates/snippets, cobbler will assume try to use the\r
+# following template engine to parse the templates.\r
+#\r
+# Current valid values are: cheetah, jinja2\r
+default_template_type: "cheetah"\r
+\r
+# for libvirt based installs in koan, if no virt bridge\r
+# is specified, which bridge do we try? For EL 4/5 hosts\r
+# this should be xenbr0, for all versions of Fedora, try\r
+# "virbr0". This can be overriden on a per-profile\r
+# basis or at the koan command line though this saves\r
+# typing to just set it here to the most common option.\r
+default_virt_bridge: xenbr0\r
+\r
+# use this as the default disk size for virt guests (GB)\r
+default_virt_file_size: 5\r
+\r
+# use this as the default memory size for virt guests (MB)\r
+default_virt_ram: 512\r
+\r
+# if koan is invoked without --virt-type and no virt-type\r
+# is set on the profile/system, what virtualization type\r
+# should be assumed? Values: xenpv, xenfv, qemu, vmware\r
+# (NOTE: this does not change what virt_type is chosen by import)\r
+default_virt_type: xenpv\r
+\r
+# enable gPXE booting? Enabling this option will cause cobbler\r
+# to copy the undionly.kpxe file to the tftp root directory, \r
+# and if a profile/system is configured to boot via gpxe it will \r
+# chain load off pxelinux.0.\r
+# Default: 0\r
+enable_gpxe: 0\r
+\r
+# controls whether cobbler will add each new profile entry to the default\r
+# PXE boot menu. This can be over-ridden on a per-profile\r
+# basis when adding/editing profiles with --enable-menu=0/1. Users\r
+# should ordinarily leave this setting enabled unless they are concerned\r
+# with accidental reinstalls from users who select an entry at the PXE\r
+# boot menu. Adding a password to the boot menus templates \r
+# may also be a good solution to prevent unwanted reinstallations\r
+enable_menu: 0\r
+\r
+# enable Func-integration? This makes sure each installed machine is set up\r
+# to use func out of the box, which is a powerful way to script and control\r
+# remote machines. \r
+# Func lives at http://fedorahosted.org/func\r
+# read more at https://github.com/cobbler/cobbler/wiki/Func-integration\r
+# you will need to mirror Fedora/EPEL packages for this feature, so see\r
+# https://github.com/cobbler/cobbler/wiki/Manage-yum-repos if you want cobbler\r
+# to help you with this\r
+func_auto_setup: 0\r
+func_master: overlord.example.org\r
+\r
+# change this port if Apache is not running plaintext on port\r
+# 80. Most people can leave this alone.\r
+http_port: 80\r
+\r
+# kernel options that should be present in every cobbler installation.\r
+# kernel options can also be applied at the distro/profile/system\r
+# level.\r
+kernel_options:\r
+ ksdevice: bootif\r
+ lang: ' '\r
+ text: ~\r
+\r
+# s390 systems require additional kernel options in addition to the\r
+# above defaults\r
+kernel_options_s390x:\r
+ RUNKS: 1\r
+ ramdisk_size: 40000\r
+ root: /dev/ram0\r
+ ro: ~\r
+ ip: off\r
+ vnc: ~\r
+\r
+# configuration options if using the authn_ldap module. See the\r
+# the Wiki for details. This can be ignored if you are not using\r
+# LDAP for WebUI/XMLRPC authentication.\r
+ldap_server: "ldap.example.com"\r
+ldap_base_dn: "DC=example,DC=com"\r
+ldap_port: 389\r
+ldap_tls: 1\r
+ldap_anonymous_bind: 1\r
+ldap_search_bind_dn: ''\r
+ldap_search_passwd: ''\r
+ldap_search_prefix: 'uid='\r
+ldap_tls_cacertfile: ''\r
+ldap_tls_keyfile: ''\r
+ldap_tls_certfile: ''\r
+\r
+# cobbler has a feature that allows for integration with config management\r
+# systems such as Puppet. The following parameters work in conjunction with \r
+# --mgmt-classes and are described in furhter detail at:\r
+# https://github.com/cobbler/cobbler/wiki/Using-cobbler-with-a-configuration-management-system\r
+mgmt_classes: []\r
+mgmt_parameters:\r
+ from_cobbler: 1\r
+\r
+# if enabled, this setting ensures that puppet is installed during\r
+# machine provision, a client certificate is generated and a\r
+# certificate signing request is made with the puppet master server\r
+puppet_auto_setup: 0\r
+\r
+# when puppet starts on a system after installation it needs to have\r
+# its certificate signed by the puppet master server. Enabling the\r
+# following feature will ensure that the puppet server signs the\r
+# certificate after installation if the puppet master server is\r
+# running on the same machine as cobbler. This requires\r
+# puppet_auto_setup above to be enabled\r
+sign_puppet_certs_automatically: 0\r
+\r
+# location of the puppet executable, used for revoking certificates\r
+puppetca_path: "/usr/bin/puppet"\r
+\r
+# when a puppet managed machine is reinstalled it is necessary to\r
+# remove the puppet certificate from the puppet master server before a\r
+# new certificate is signed (see above). Enabling the following\r
+# feature will ensure that the certificate for the machine to be\r
+# installed is removed from the puppet master server if the puppet\r
+# master server is running on the same machine as cobbler. This\r
+# requires puppet_auto_setup above to be enabled\r
+remove_old_puppet_certs_automatically: 0\r
+\r
+# choose a --server argument when running puppetd/puppet agent during kickstart\r
+#puppet_server: 'puppet'\r
+\r
+# let cobbler know that you're using a newer version of puppet\r
+# choose version 3 to use: 'puppet agent'; version 2 uses status quo: 'puppetd'\r
+#puppet_version: 2\r
+\r
+# choose whether to enable puppet parameterized classes or not.\r
+# puppet versions prior to 2.6.5 do not support parameters\r
+#puppet_parameterized_classes: 1\r
+\r
+# set to 1 to enable Cobbler's DHCP management features.\r
+# the choice of DHCP management engine is in /etc/cobbler/modules.conf\r
+manage_dhcp: 1\r
+\r
+# set to 1 to enable Cobbler's DNS management features.\r
+# the choice of DNS mangement engine is in /etc/cobbler/modules.conf\r
+manage_dns: 1\r
+\r
+# set to path of bind chroot to create bind-chroot compatible bind\r
+# configuration files. This should be automatically detected.\r
+bind_chroot_path: ""\r
+\r
+# set to the ip address of the master bind DNS server for creating secondary\r
+# bind configuration files\r
+bind_master: 127.0.0.1\r
+\r
+# set to 1 to enable Cobbler's TFTP management features.\r
+# the choice of TFTP mangement engine is in /etc/cobbler/modules.conf\r
+manage_tftpd: 1\r
+\r
+# set to 1 to enable Cobbler's RSYNC management features.\r
+manage_rsync: 0\r
+\r
+# if using BIND (named) for DNS management in /etc/cobbler/modules.conf\r
+# and manage_dns is enabled (above), this lists which zones are managed\r
+# See the Wiki (https://github.com/cobbler/cobbler/wiki/Dns-management) for more info\r
+manage_forward_zones: []\r
+manage_reverse_zones: []\r
+\r
+# if using cobbler with manage_dhcp, put the IP address\r
+# of the cobbler server here so that PXE booting guests can find it\r
+# if you do not set this correctly, this will be manifested in TFTP open timeouts.\r
+next_server: $next_server\r
+\r
+# settings for power management features. optional.\r
+# see https://github.com/cobbler/cobbler/wiki/Power-management to learn more\r
+# choices (refer to codes.py):\r
+# apc_snmp bladecenter bullpap drac ether_wake ilo integrity\r
+# ipmilan ipmitool lpar rsa virsh wti\r
+power_management_default_type: 'ipmitool'\r
+\r
+# the commands used by the power management module are sourced\r
+# from what directory?\r
+power_template_dir: "/etc/cobbler/power"\r
+\r
+# if this setting is set to 1, cobbler systems that pxe boot\r
+# will request at the end of their installation to toggle the \r
+# --netboot-enabled record in the cobbler system record. This eliminates\r
+# the potential for a PXE boot loop if the system is set to PXE\r
+# first in it's BIOS order. Enable this if PXE is first in your BIOS\r
+# boot order, otherwise leave this disabled. See the manpage\r
+# for --netboot-enabled.\r
+pxe_just_once: 1\r
+\r
+# the templates used for PXE config generation are sourced\r
+# from what directory?\r
+pxe_template_dir: "/etc/cobbler/pxe"\r
+\r
+# Path to where system consoles are \r
+consoles: "/var/consoles"\r
+\r
+# Are you using a Red Hat management platform in addition to Cobbler?\r
+# Cobbler can help you register to it. Choose one of the following:\r
+# "off" : I'm not using Red Hat Network, Satellite, or Spacewalk\r
+# "hosted" : I'm using Red Hat Network\r
+# "site" : I'm using Red Hat Satellite Server or Spacewalk\r
+# You will also want to read: https://github.com/cobbler/cobbler/wiki/Tips-for-RHN\r
+redhat_management_type: "off"\r
+\r
+# if redhat_management_type is enabled, choose your server\r
+# "management.example.org" : For Satellite or Spacewalk\r
+# "xmlrpc.rhn.redhat.com" : For Red Hat Network\r
+# This setting is also used by the code that supports using Spacewalk/Satellite users/passwords\r
+# within Cobbler Web and Cobbler XMLRPC. Using RHN Hosted for this is not supported.\r
+# This feature can be used even if redhat_management_type is off, you just have\r
+# to have authn_spacewalk selected in modules.conf\r
+redhat_management_server: "xmlrpc.rhn.redhat.com"\r
+\r
+# specify the default Red Hat authorization key to use to register\r
+# system. If left blank, no registration will be attempted. Similarly\r
+# you can set the --redhat-management-key to blank on any system to \r
+# keep it from trying to register.\r
+redhat_management_key: ""\r
+\r
+# if using authn_spacewalk in modules.conf to let cobbler authenticate \r
+# against Satellite/Spacewalk's auth system, by default it will not allow per user \r
+# access into Cobbler Web and Cobbler XMLRPC.\r
+# in order to permit this, the following setting must be enabled HOWEVER\r
+# doing so will permit all Spacewalk/Satellite users of certain types to edit all\r
+# of cobbler's configuration.\r
+# these roles are: config_admin and org_admin\r
+# users should turn this on only if they want this behavior and\r
+# do not have a cross-multi-org seperation concern. If you have\r
+# a single org in your satellite, it's probably safe to turn this\r
+# on and then you can use CobblerWeb alongside a Satellite install.\r
+redhat_management_permissive: 0\r
+\r
+# if set to 1, allows /usr/bin/cobbler-register (part of the koan package)\r
+# to be used to remotely add new cobbler system records to cobbler.\r
+# this effectively allows for registration of new hardware from system\r
+# records.\r
+register_new_installs: 0\r
+\r
+# Flags to use for yum's reposync. If your version of yum reposync\r
+# does not support -l, you may need to remove that option.\r
+reposync_flags: "-l -n -d"\r
+\r
+# These options will be used for an rsync initiated by cobbler replicate\r
+replicate_rsync_options: "-avzH"\r
+\r
+# when DHCP and DNS management are enabled, cobbler sync can automatically\r
+# restart those services to apply changes. The exception for this is\r
+# if using ISC for DHCP, then omapi eliminates the need for a restart.\r
+# omapi, however, is experimental and not recommended for most configurations.\r
+# If DHCP and DNS are going to be managed, but hosted on a box that\r
+# is not on this server, disable restarts here and write some other\r
+# script to ensure that the config files get copied/rsynced to the destination\r
+# box. This can be done by modifying the restart services trigger.\r
+# Note that if manage_dhcp and manage_dns are disabled, the respective\r
+# parameter will have no effect. Most users should not need to change\r
+# this.\r
+restart_dns: 1\r
+restart_dhcp: 1\r
+\r
+# install triggers are scripts in /var/lib/cobbler/triggers/install\r
+# that are triggered in kickstart pre and post sections. Any\r
+# executable script in those directories is run. They can be used\r
+# to send email or perform other actions. They are currently\r
+# run as root so if you do not need this functionality you can\r
+# disable it, though this will also disable "cobbler status" which\r
+# uses a logging trigger to audit install progress.\r
+run_install_triggers: 1\r
+\r
+# enables a trigger which version controls all changes to /var/lib/cobbler\r
+# when add, edit, or sync events are performed. This can be used\r
+# to revert to previous database versions, generate RSS feeds, or for\r
+# other auditing or backup purposes. "git" and "hg" are currently suported, \r
+# but git is the recommend SCM for use with this feature.\r
+scm_track_enabled: 0\r
+scm_track_mode: "git"\r
+\r
+# this is the address of the cobbler server -- as it is used\r
+# by systems during the install process, it must be the address\r
+# or hostname of the system as those systems can see the server.\r
+# if you have a server that appears differently to different subnets\r
+# (dual homed, etc), you need to read the --server-override section\r
+# of the manpage for how that works.\r
+server: $ipaddr\r
+\r
+# If set to 1, all commands will be forced to use the localhost address\r
+# instead of using the above value which can force commands like\r
+# cobbler sync to open a connection to a remote address if one is in the\r
+# configuration and would traceback.\r
+client_use_localhost: 0\r
+\r
+# If set to 1, all commands to the API (not directly to the XMLRPC\r
+# server) will go over HTTPS instead of plaintext. Be sure to change\r
+# the http_port setting to the correct value for the web server\r
+client_use_https: 0\r
+\r
+# this is a directory of files that cobbler uses to make\r
+# templating easier. See the Wiki for more information. Changing\r
+# this directory should not be required.\r
+snippetsdir: /var/lib/cobbler/snippets\r
+\r
+# Normally if a kickstart is specified at a remote location, this\r
+# URL will be passed directly to the kickstarting system, thus bypassing\r
+# the usual snippet templating Cobbler does for local kickstart files. If\r
+# this option is enabled, Cobbler will fetch the file contents internally\r
+# and serve a templated version of the file to the client.\r
+template_remote_kickstarts: 0\r
+\r
+# should new profiles for virtual machines default to auto booting with the physical host when the physical host reboots?\r
+# this can be overridden on each profile or system object.\r
+virt_auto_boot: 1\r
+\r
+# cobbler's web directory. Don't change this setting -- see the\r
+# Wiki on "relocating your cobbler install" if your /var partition\r
+# is not large enough.\r
+webdir: /var/www/cobbler\r
+\r
+# cobbler's public XMLRPC listens on this port. Change this only\r
+# if absolutely needed, as you'll have to start supplying a new\r
+# port option to koan if it is not the default.\r
+xmlrpc_port: 25151\r
+\r
+# "cobbler repo add" commands set cobbler up with repository\r
+# information that can be used during kickstart and is automatically\r
+# set up in the cobbler kickstart templates. By default, these\r
+# are only available at install time. To make these repositories\r
+# usable on installed systems (since cobbler makes a very convient)\r
+# mirror, set this to 1. Most users can safely set this to 1. Users\r
+# who have a dual homed cobbler server, or are installing laptops that\r
+# will not always have access to the cobbler server may wish to leave\r
+# this as 0. In that case, the cobbler mirrored yum repos are still\r
+# accessable at http://cobbler.example.org/cblr/repo_mirror and yum\r
+# configuration can still be done manually. This is just a shortcut.\r
+yum_post_install_mirror: 1\r
+\r
+# the default yum priority for all the distros. This is only used\r
+# if yum-priorities plugin is used. 1=maximum. Tweak with caution.\r
+yum_distro_priority: 1\r
+\r
+# Flags to use for yumdownloader. Not all versions may support \r
+# --resolve.\r
+yumdownloader_flags: "--resolve"\r
+\r
+# sort and indent JSON output to make it more human-readable\r
+serializer_pretty_json: 0\r
+\r
+# replication rsync options for distros, kickstarts, snippets set to override default value of "-avzH"\r
+replicate_rsync_options: "-avzH"\r
+\r
+# replication rsync options for repos set to override default value of "-avzH"\r
+replicate_repo_rsync_options: "-avzH"\r
--- /dev/null
+# default: off\r
+# description: The tftp server serves files using the trivial file transfer \\r
+# protocol. The tftp protocol is often used to boot diskless \\r
+# workstations, download configuration files to network-aware printers, \\r
+# and to start the installation process for some operating systems.\r
+service tftp\r
+{\r
+ disable = no\r
+ log_type = SYSLOG local5 info\r
+ socket_type = dgram\r
+ protocol = udp\r
+ wait = yes\r
+ user = $user\r
+ server = $binary\r
+ server_args = -B 1380 -v -s $args\r
+ instances = 1000\r
+ per_source = 1000\r
+ cps = 1000 2\r
+ flags = IPv4\r
+}\r
+\r
--- /dev/null
+\$TTL 300\r
+@ IN SOA $cobbler_server. nobody.example.com. (\r
+ $serial ; Serial\r
+ 600 ; Refresh\r
+ 1800 ; Retry\r
+ 604800 ; Expire\r
+ 300 ; TTL\r
+ )\r
+\r
+ IN NS $cobbler_server.\r
+\r
+\r
+$cname_record\r
+\r
+$host_record\r
+$hostname IN A $ipaddr\r
+metrics IN A $ipaddr\r
--- /dev/null
+# Mostly based on the Ubuntu installation guide\r
+# https://help.ubuntu.com/12.04/installation-guide/\r
+\r
+## Figure out if we're kickstarting a system or a profile\r
+#if $getVar('system_name','') != ''\r
+#set $what = "system"\r
+#else\r
+#set $what = "profile"\r
+#end if\r
+\r
+# Preseeding only locale sets language, country and locale.\r
+d-i debian-installer/locale string en_US\r
+d-i debian-installer/country string US\r
+d-i debian-installer/language string en\r
+\r
+# Keyboard selection.\r
+# Disable automatic (interactive) keymap detection.\r
+d-i console-setup/ask_detect boolean false\r
+d-i console-setup/layoutcode string us\r
+d-i console-setup/modelcode string SKIP\r
+d-i keyboard-configuration/variantcode string us\r
+d-i keyboard-configuration/layoutcode string us\r
+d-i keyboard-configuration/model select Generic 105-key (Intl) PC\r
+d-i console-keymaps-at/keymap select us\r
+d-i keyboard-configuration/xkb-keymap select us\r
+\r
+d-i preseed/early_command string \\r
+wget -O- \\r
+http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_early_default | /bin/sh -s; \\r
+debconf-set-selections /tmp/pre_install_network_config\r
+\r
+d-i partman/early_command string \\r
+wget -O- \\r
+http://$http_server/cblr/svc/op/script/$what/$name/?script=partman_early_default | /bin/sh -s; \\r
+debconf-set-selections /tmp/part-include\r
+\r
+$SNIPPET('preseed_network_config')\r
+$SNIPPET('preseed_partition_disks')\r
+\r
+# NTP/Time Setup\r
+#if $getVar('timezone', '') != ""\r
+d-i time/zone string $timezone\r
+#else\r
+d-i time/zone string US/Pacific\r
+#end if\r
+d-i clock-setup/utc boolean true\r
+d-i clock-setup/ntp boolean true\r
+#if $getVar('ntp_server', '') == ""\r
+d-i clock-setup/ntp-server string 0.ubuntu.pool.ntp.org\r
+#else\r
+d-i clock-setup/ntp-server string $ntp_server\r
+#end if\r
+\r
+# Setup the installation source\r
+d-i mirror/country string manual\r
+d-i mirror/http/hostname string $http_server\r
+d-i mirror/http/directory string $install_source_directory\r
+d-i mirror/http/proxy string\r
+d-i mirror/http/mirror select $http_server\r
+d-i mirror/protocol select http\r
+d-i mirror/udeb/components multiselect main, restricted\r
+\r
+#set $os_v = $getVar('os_version','')\r
+#if $os_v and $os_v.lower()[0] > 'p'\r
+# Required at least for 12.10+\r
+d-i live-installer/net-image string http://$http_server/cobbler/ks_mirror/$distro_name/install/filesystem.squashfs\r
+#end if\r
+\r
+# root account and password\r
+#if $getVar('username', 'root') != "root"\r
+d-i passwd/root-login boolean false\r
+d-i passwd/make-user boolean true\r
+d-i user-setup/allow-password-weak boolean true\r
+d-i passwd/root-password password root\r
+d-i passwd/root-password-again password root\r
+ #set username = $getVar('username', 'root')\r
+d-i passwd/user-fullname string $username\r
+d-i passwd/username string $username\r
+ #if $getVar('password', '') != ""\r
+d-i passwd/user-password-crypted password $password\r
+ #else\r
+d-i passwd/user-password password $username\r
+d-i passwd/user-password-again password $username\r
+ #end if\r
+#else\r
+d-i passwd/root-login boolean true\r
+d-i passwd/make-user boolean false\r
+d-i user-setup/allow-password-weak boolean true\r
+ #if $getVar('password', '') != ""\r
+d-i passwd/root-password-crypted password $password\r
+ #else\r
+d-i passwd/root-password password root\r
+d-i passwd/root-password-again password root\r
+ #end if\r
+#end if\r
+\r
+$SNIPPET('preseed_apt_repo_config')\r
+\r
+# Individual additional packages to install\r
+# wget is REQUIRED otherwise quite a few things won't work\r
+# later in the build (like late-command scripts)\r
+#if $getVar('tool', '') != ''\r
+ #set $preseed_software = "preseed_software_%s" % $tool\r
+$SNIPPET($preseed_software)\r
+#else\r
+d-i pkgsel/include string ntp ssh wget\r
+#end if\r
+\r
+# Whether to upgrade packages after debootstrap.\r
+# Allowed values: none, safe-upgrade, full-upgrade\r
+d-i pkgsel/upgrade select none\r
+d-i popularity-contest/participate boolean false\r
+d-i lilo-installer/skip boolean true\r
+d-i grub-installer/only_debian boolean true\r
+\r
+# Use the following option to add additional boot parameters for the\r
+# installed system (if supported by the bootloader installer).\r
+# Note: options passed to the installer will be added automatically.\r
+d-i debian-installer/add-kernel-opts string $kernel_options_post\r
+d-i debian-installer/allow_unauthenticated string true\r
+\r
+# Avoid that last message about the install being complete.\r
+d-i finish-install/reboot_in_progress note\r
+\r
+# This will prevent the installer from ejecting the CD during the reboot,\r
+# which is useful in some situations.\r
+d-i cdrom-detect/eject boolean false\r
+\r
+# This command is run just before the install finishes, but when there is\r
+# still a usable /target directory. You can chroot to /target and use it\r
+# directly, or use the apt-install and in-target commands to easily install\r
+# packages and run commands in the target system.\r
+# d-i preseed/late_command string [command]\r
+d-i preseed/late_command string \\r
+wget -O- \\r
+ http://$http_server/cblr/svc/op/script/$what/$name/?script=preseed_late_default | \\r
+ chroot /target /bin/sh -s; cp /target/etc/network/interfaces /etc/network/interfaces\r
--- /dev/null
+## Figure out if we're kickstarting a system or a profile\r
+#if $getVar('system_name','') != ''\r
+#set $what = "system"\r
+#else\r
+#set $what = "profile"\r
+#end if\r
+<?xml version="1.0" standalone="no"?>\r
+<!--\r
+\r
+ Copyright (c) 2011 Novell\r
+ Uwe Gansert ug@suse.de\r
+\r
+ This software is licensed to you under the GNU General Public License,\r
+ version 2 (GPLv2). There is NO WARRANTY for this software, express or\r
+ implied, including the implied warranties of MERCHANTABILITY or FITNESS\r
+ FOR A PARTICULAR PURPOSE. You should have received a copy of GPLv2\r
+ along with this software; if not, see\r
+ http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.\r
+\r
+-->\r
+<!DOCTYPE profile [\r
+<!ENTITY network SYSTEM "/tmp/profile/network.xml">\r
+<!ENTITY partition SYSTEM "/tmp/profile/partition.xml">\r
+<!ENTITY bootloader SYSTEM "/tmp/profile/bootloader.xml">\r
+]>\r
+<profile xmlns="http://www.suse.com/1.0/yast2ns" xmlns:config="http://www.suse.com/1.0/configns">\r
+ <deploy_image>\r
+ <image_installation config:type="boolean">false</image_installation>\r
+ </deploy_image>\r
+ ## without the next 6 lines autoyast will ask for confirmation bevore installation\r
+ <general>\r
+ <signature-handling>\r
+ <accept_unsigned_file config:type="boolean">true</accept_unsigned_file>\r
+ <accept_file_without_checksum config:type="boolean">true</accept_file_without_checksum>\r
+ <accept_verification_failed config:type="boolean">true</accept_verification_failed>\r
+ <accept_unknown_gpg_key config:type="boolean">true</accept_unknown_gpg_key>\r
+ <import_gpg_key config:type="boolean">true</import_gpg_key>\r
+ <accept_non_trusted_gpg_key config:type="boolean">true</accept_non_trusted_gpg_key>\r
+ </signature-handling>\r
+ <mode>\r
+ <confirm config:type="boolean">false</confirm>\r
+ <final_reboot config:type="boolean">true</final_reboot> \r
+ </mode>\r
+ </general>\r
+ $SNIPPET('hosts.xml')\r
+ $SNIPPET('kdump.xml')\r
+ ## <keyboard>\r
+ ## <keymap>english</keymap>\r
+ ## </keyboard>\r
+ <language>\r
+ <language>en_US</language>\r
+ <languages></languages>\r
+ </language>\r
+ <timezone>\r
+ <hwclock>localtime</hwclock>\r
+#if $getVar('timezone', '') != ""\r
+ <timezone>$timezone</timezone>\r
+#else\r
+ <timezone>US/Pacific</timezone>\r
+#end if\r
+ </timezone>\r
+ <software>\r
+ <add-on>\r
+ <add_on_products config:type="list">\r
+ $SNIPPET('repo_config.xml')\r
+ </add_on_products>\r
+ </add-on>\r
+ <patterns config:type="list">\r
+ <pattern>base</pattern>\r
+ </patterns>\r
+ <packages config:type="list">\r
+ <package>iputils</package>\r
+ <package>openssh</package>\r
+ <package>gcc</package>\r
+ <package>net-tools</package>\r
+ <package>ethtool</package>\r
+ <package>ntp</package>\r
+ <package>wget</package>\r
+ <package>rsyslog</package>\r
+ <package>iproute2</package>\r
+ <package>parted</package>\r
+ <package>lsb-release</package>\r
+#if $getVar('tool', '') != ''\r
+ #set $suse_software = "software_%s.xml" % $tool\r
+$SNIPPET($suse_software)\r
+#end if\r
+ </packages>\r
+ <do_online_update config:type="boolean">true</do_online_update> <!-- since openSUSE 11.1 -->\r
+ </software>\r
+ $SNIPPET('yast_repo_config.xml')\r
+ <files config:type="list">\r
+ $SNIPPET('limits_conf.xml')\r
+ $SNIPPET('ssh.xml')\r
+ $SNIPPET('sshd.xml')\r
+ $SNIPPET('sysctl.xml')\r
+ $SNIPPET('rsyslog.xml')\r
+ </files>\r
+ <login_settings/>\r
+ <sysconfig config:type="list" >\r
+ </sysconfig>\r
+ <networking>\r
+ &amp;network;\r
+ </networking>\r
+ $SNIPPET('ntp.xml')\r
+ <partitioning config:type="list">\r
+ &amp;partition;\r
+ </partitioning>\r
+ <bootloader>\r
+ &amp;bootloader;\r
+ </bootloader>\r
+ <runlevel>\r
+ <default>3</default>\r
+ <services config:type="list">\r
+ <service>\r
+ <service_name>sshd</service_name>\r
+ <service_status>enable</service_status>\r
+ </service>\r
+ <service>\r
+ <service_name>ntp</service_name>\r
+ <service_status>enable</service_status>\r
+ </service>\r
+ <service>\r
+ <service_name>syslog</service_name>\r
+ <service_status>enable</service_status>\r
+ </service>\r
+ <service>\r
+ <service_name>autoyast</service_name>\r
+ <service_status>enable</service_status>\r
+ </service>\r
+ </services>\r
+ </runlevel>\r
+ <sysconfig config:type="list">\r
+ <sysconfig_entry>\r
+ <sysconfig_key>SYSLOG_DAEMON</sysconfig_key>\r
+ <sysconfig_path>/etc/sysconfig/syslog</sysconfig_path>\r
+ <sysconfig_value>rsyslogd</sysconfig_value>\r
+ </sysconfig_entry>\r
+ <sysconfig_entry>\r
+ <sysconfig_key>RSYSLOGD_COMPAT_VERSION</sysconfig_key>\r
+ <sysconfig_path>/etc/sysconfig/syslog</sysconfig_path>\r
+ <sysconfig_value>4</sysconfig_value>\r
+ </sysconfig_entry>\r
+ </sysconfig>\r
+ <user_defaults>\r
+ <expire></expire>\r
+ <home>/home</home>\r
+ <inactive>-1</inactive>\r
+ <shell>/bin/bash</shell>\r
+ <skel>/etc/skel</skel>\r
+ </user_defaults>\r
+ <users config:type="list">\r
+#if $getVar('username', 'root') != "root"\r
+ <user>\r
+ <encrypted config:type="boolean">false</encrypted>\r
+ <fullname>root</fullname>\r
+ <gid>0</gid>\r
+ <home>/root</home>\r
+ <password_settings>\r
+ <expire></expire>\r
+ <flag></flag>\r
+ <inact></inact>\r
+ <max></max>\r
+ <min></min>\r
+ <warn></warn>\r
+ </password_settings>\r
+ <shell>/bin/bash</shell>\r
+ <uid>0</uid>\r
+ <username>root</username>\r
+ <user_password>root</user_password>\r
+ </user>\r
+ #set username = $getVar('username', 'root')\r
+ <user>\r
+#if $getVar('password', '') != ""\r
+ <encrypted config:type="boolean">true</encrypted>\r
+ <user_password>$password</user_password>\r
+#else\r
+ <encrypted config:type="boolean">false</encrypted>\r
+ <user_password>$username</user_password>\r
+#end if\r
+ <username>$username</username>\r
+ <fullname>$username</fullname>\r
+ <password_settings>\r
+ <expire></expire>\r
+ <flag></flag>\r
+ <inact></inact>\r
+ <max></max>\r
+ <min></min>\r
+ <warn></warn>\r
+ </password_settings>\r
+ <shell>/bin/bash</shell>\r
+ </user>\r
+#else\r
+ <user>\r
+#if $getVar('password', '') != ""\r
+ <encrypted config:type="boolean">true</encrypted>\r
+ <user_password>$password</user_password>\r
+#else\r
+ <encrypted config:type="boolean">false</encrypted>\r
+ <user_password>root</user_password>\r
+#end if\r
+ <username>root</username>\r
+ <fullname>root</fullname>\r
+ <gid>0</gid>\r
+ <home>/root</home>\r
+ <password_settings>\r
+ <expire></expire>\r
+ <flag></flag>\r
+ <inact></inact>\r
+ <max></max>\r
+ <min></min>\r
+ <warn></warn>\r
+ </password_settings>\r
+ <shell>/bin/bash</shell>\r
+ <uid>0</uid>\r
+ </user>\r
+#end if\r
+ </users>\r
+ <scripts>\r
+ ## we have to include the pre-scripts tag to get kickstart_start included\r
+ <pre-scripts config:type="list">\r
+ <script>\r
+ <interpreter>shell</interpreter>\r
+ <filename>pre_install_script.sh</filename>\r
+ <source><![CDATA[\r
+ wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_early_default | /bin/bash\r
+ ]]></source>\r
+ </script>\r
+ ## SuSE has an annoying habit on ppc64 of changing the system\r
+ ## boot order after installation. This makes it non-trivial to\r
+ ## automatically re-install future OS.\r
+#set global $wrappedscript = 'save_boot_device'\r
+$SNIPPET('suse_scriptwrapper.xml')\r
+ </pre-scripts>\r
+ <post-scripts config:type="list">\r
+ <script>\r
+ <interpreter>shell</interpreter>\r
+ <network_needed config:type="boolean">true</network_needed>\r
+ <filename>post_install_script.sh</filename>\r
+ <source><![CDATA[\r
+ wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_post_default | /bin/bash\r
+ ]]></source>\r
+ </script>\r
+ ## This plugin wrapper provides the flexibility to call pure shell\r
+ ## snippets which can be used directly on kickstart and with with\r
+ ## wrapper on SuSE.\r
+#set global $wrappedscript = 'restore_boot_device'\r
+$SNIPPET('suse_scriptwrapper.xml')\r
+ </post-scripts>\r
+ <chroot-scripts config:type="list">\r
+ <script>\r
+ <interpreter>shell</interpreter>\r
+ <chrooted config:type="boolean">true</chrooted>\r
+ <filename>chroot_install_script.sh</filename>\r
+ <source><![CDATA[\r
+ wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_late_default | /bin/bash\r
+ ]]></source>\r
+ </script>\r
+ </chroot-scripts>\r
+ <init-scripts config:type="list">\r
+ <script>\r
+ <interpreter>shell</interpreter>\r
+ <filename>init_install_script.sh</filename>\r
+ <source><![CDATA[\r
+ wget -O- http://$http_server/cblr/svc/op/script/$what/$name/?script=suse_init_default | /bin/bash\r
+ ]]></source>\r
+ </script>\r
+ </init-scripts>\r
+ </scripts>\r
+</profile>\r
--- /dev/null
+# Start partman_early_default\r
+# This script is not run in the chroot /target by default\r
+$SNIPPET('preseed_pre_partition_disks')\r
+# End partman_early_default\r
+\r
--- /dev/null
+# Start preseed_early_default\r
+# This script is not run in the chroot /target by default\r
+$SNIPPET('kickstart_start')\r
+$SNIPPET('preseed_pre_anamon')\r
+echo "processed preseed_pre_anamon" >> /tmp/preseed.log\r
+$SNIPPET('preseed_pre_install_network_config')\r
+# End preseed_early_default\r
--- /dev/null
+# Start preseed_late_default\r
+# This script runs in the chroot /target by default\r
+$SNIPPET('preseed_post_install_kernel_options')\r
+$SNIPPET('preseed_post_install_network_config')\r
+$SNIPPET('preseed_post_partition_disks')\r
+$SNIPPET('preseed_ssh')\r
+$SNIPPET('preseed_ntp')\r
+$SNIPPET('preseed_post_apt_repo_config')\r
+#if $getVar('tool', '') != ''\r
+ #set $preseed_tool = "preseed_%s" % $tool\r
+$SNIPPET($preseed_tool)\r
+#end if\r
+$SNIPPET('preseed_limits.conf')\r
+$SNIPPET('preseed_sysctl.conf')\r
+$SNIPPET('preseed_rsyslog.conf')\r
+$SNIPPET('preseed_post_anamon')\r
+$SNIPPET('kickstart_done')\r
+# End preseed_late_default\r
--- /dev/null
+cat << EOF >> /etc/apt/sources.list\r
+deb http://archive.ubuntu.com/ubuntu/ precise main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ precise-security main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ precise-updates main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ precise-proposed main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ precise-backports main restricted universe multiverse\r
+EOF\r
+\r
--- /dev/null
+cat << EOF >> /etc/apt/sources.list\r
+deb http://archive.ubuntu.com/ubuntu/ trusty main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ trusty-security main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ trusty-updates main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ trusty-proposed main restricted universe multiverse\r
+deb http://archive.ubuntu.com/ubuntu/ trusty-backports main restricted universe multiverse\r
+EOF\r
+\r
--- /dev/null
+# Begin cobbler registration\r
+#if $getVar('system_name','') == ''\r
+#if $str($getVar('register_new_installs','')) in [ "1", "true", "yes", "y" ]\r
+if [ -f "/usr/bin/cobbler-register" ]; then\r
+ cobbler-register --server=$server --fqdn '*AUTO*' --profile=$profile_name --batch\r
+fi\r
+#else\r
+# cobbler registration is disabled in /etc/cobbler/settings\r
+#end if\r
+#else\r
+# skipping for system-based installation\r
+#end if\r
+# End cobbler registration\r
--- /dev/null
+# Start download cobbler managed config files (if applicable)\r
+#for $tkey, $tpath in $template_files.items()\r
+ #set $orig = $tpath\r
+ #set $tpath = $tpath.replace("_","__").replace("/","_")\r
+ #if $getVar("system_name","") != ""\r
+ #set $ttype = "system"\r
+ #set $tname = $system_name\r
+ #else\r
+ #set $ttype = "profile"\r
+ #set $tname = $profile_name\r
+ #end if\r
+ #set $turl = "http://"+$http_server+"/cblr/svc/op/template/"+$ttype+"/"+$tname+"/path/"+$tpath\r
+#if $orig.startswith("/")\r
+mkdir -p `dirname $orig`\r
+wget "$turl" --output-document="$orig"\r
+#end if\r
+#end for\r
+# End download cobbler managed config files (if applicable)\r
--- /dev/null
+## Start download cobbler managed config files (if applicable)\r
+#import os\r
+#import stat\r
+#set $cmd = '\\'\r
+#for $tkey, $tpath in $template_files.items()\r
+ #set $orig = $tpath\r
+ #set $tpath = $tpath.replace("_","__").replace("/","_")\r
+ #if $getVar("system_name","") != ""\r
+ #set $ttype = "system"\r
+ #set $tname = $system_name\r
+ #else\r
+ #set $ttype = "profile"\r
+ #set $tname = $profile_name\r
+ #end if\r
+ #set $turl = "http://"+$http_server+"/cblr/svc/op/template/"+$ttype+"/"+$tname+"/path/"+$tpath\r
+#if $orig.startswith("/")\r
+#set $perms = oct(stat.S_IMODE(os.stat($tkey).st_mode))[-3:]\r
+#set $cmd = $cmd + "\n" + "mkdir -p " + "`dirname " + $orig + "`; wget -nv " + $turl + " --output-document=" + $orig + "; chmod " + $perms +" " + $orig +"; \\"\r
+#end if\r
+#end for\r
+#echo $cmd\r
+## End download cobbler managed config files (if applicable)\r
--- /dev/null
+#if $str($getVar('func_auto_setup','')) == "1"\r
+func\r
+#end if\r
+\r
--- /dev/null
+\r
+#if $str($getVar('func_auto_setup','')) == "1"\r
+# Start func registration section\r
+\r
+/sbin/chkconfig --level 345 funcd on\r
+\r
+cat <<EOFM > /etc/func/minion.conf\r
+[main]\r
+log_level = INFO\r
+acl_dir = /etc/func/minion-acl.d\r
+\r
+listen_addr =\r
+listen_port = 51234\r
+EOFM\r
+\r
+cat <<EOCM > /etc/certmaster/minion.conf\r
+[main]\r
+certmaster = $func_master\r
+certmaster_port = 51235\r
+log_level = DEBUG\r
+cert_dir = /etc/pki/certmaster\r
+EOCM\r
+\r
+# End func registration section\r
+#end if\r
+\r
--- /dev/null
+<host>\r
+ <hosts config:type="list">\r
+ <hosts_entry>\r
+ <host_address>127.0.0.1</host_address>\r
+ <names config:type="list">\r
+ <name>localhost</name>\r
+ </names>\r
+ </hosts_entry>\r
+ #if $getVar("system_name","") != ""\r
+ #set $ikeys = $interfaces.keys()\r
+ #for $iface in $ikeys\r
+ #set $idata = $interfaces[$iface]\r
+ #if $idata["interface_type"].lower() in ["","na","bridge","bond"]\r
+ <hosts_entry>\r
+ <host_address>$idata["ip_address"]</host_address>\r
+ <names config:type="list">\r
+ #set $my_interface_hostname_short = $idata["dns_name"].split('.',1)[:1][0]\r
+ <name>$idata["dns_name"].lower() $my_interface_hostname_short.lower()</name>\r
+ </names>\r
+ </hosts_entry>\r
+ #end if\r
+ #end for\r
+ #end if\r
+ </hosts>\r
+ </host>\r
--- /dev/null
+<kdump>\r
+ <!-- memory reservation -->\r
+ <!-- reserve 64 MB with 256MB to 2GB Memory and 128MB with more then 2GB Memory -->\r
+ <add_crash_kernel config:type="boolean">true</add_crash_kernel>\r
+ <crash_kernel>256M-2G:64M,2G-:128M</crash_kernel>\r
+ \r
+ <general>\r
+ <!-- dump target settings -->\r
+ <KDUMP_SAVEDIR>file:///var/crash</KDUMP_SAVEDIR>\r
+ <KDUMP_COPY_KERNEL>true</KDUMP_COPY_KERNEL>\r
+ <KDUMP_FREE_DISK_SIZE>64</KDUMP_FREE_DISK_SIZE>\r
+ <KDUMP_KEEP_OLD_DUMPS>4</KDUMP_KEEP_OLD_DUMPS>\r
+ \r
+ <!-- filtering and compression -->\r
+ <KDUMP_DUMPFORMAT>compressed</KDUMP_DUMPFORMAT>\r
+ <KDUMP_DUMPLEVEL>31</KDUMP_DUMPLEVEL>\r
+ \r
+ <!-- notification -->\r
+ <KDUMP_NOTIFICATION_TO></KDUMP_NOTIFICATION_TO>\r
+ <KDUMP_NOTIFICATION_CC></KDUMP_NOTIFICATION_CC>\r
+ <KDUMP_SMTP_SERVER></KDUMP_SMTP_SERVER>\r
+ <KDUMP_SMTP_USER></KDUMP_SMTP_USER>\r
+ <KDUMP_SMTP_PASSWORD></KDUMP_SMTP_PASSWORD>\r
+ \r
+ <!-- kdump kernel -->\r
+ <KDUMP_KERNELVER></KDUMP_KERNELVER>\r
+ <KDUMP_COMMANDLINE></KDUMP_COMMANDLINE>\r
+ <KDUMP_COMMANDLINE_APPEND></KDUMP_COMMANDLINE_APPEND>\r
+ \r
+ <!-- expert settings -->\r
+ <KDUMP_IMMEDIATE_REBOOT>yes</KDUMP_IMMEDIATE_REBOOT>\r
+ <KDUMP_VERBOSE>3</KDUMP_VERBOSE>\r
+ <KEXEC_OPTIONS></KEXEC_OPTIONS>\r
+ </general>\r
+ </kdump> \r
--- /dev/null
+#raw\r
+# Nifty trick to restore cfengine keys without using a nochroot %post\r
+\r
+echo "Saving cfengine keys..." > /dev/ttyS0\r
+\r
+SEARCHDIR=/var/cfengine/ppkeys\r
+TEMPDIR=cfengine\r
+PATTERN=localhost\r
+\r
+keys_found=no\r
+# /var could be a separate partition\r
+SHORTDIR=${SEARCHDIR#/var}\r
+if [ $SHORTDIR = $SEARCHDIR ]; then\r
+ SHORTDIR=''\r
+fi \r
+insmod /lib/jbd.o\r
+insmod /lib/ext3.o\r
+\r
+mkdir -p /tmp/$TEMPDIR\r
+\r
+function findkeys\r
+{\r
+ for disk in $DISKS; do\r
+ name=$(basename $disk)\r
+ tmpdir=$(mktemp -d $name.XXXXXX)\r
+ mkdir -p /tmp/$tmpdir\r
+ mount $disk /tmp/$tmpdir\r
+ if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails\r
+ rm -rf /tmp/$tmpdir\r
+ continue\r
+ fi\r
+ # Copy current host keys out to be reused\r
+ if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then\r
+ keys_found="yes"\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ break\r
+ elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then\r
+ keys_found="yes"\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ break\r
+ fi\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ done\r
+}\r
+\r
+DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions)\r
+# In the awk line above we want to make list of partitions, but not devices/controllers\r
+# cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there\r
+# No need to scan loopback niether.\r
+# Try to find the keys on ordinary partitions\r
+\r
+findkeys\r
+\r
+# Try software RAID\r
+if [ "$keys_found" = "no" ]; then\r
+ if mdadm -As; then\r
+ DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat)\r
+ findkeys\r
+ fi\r
+fi\r
+\r
+\r
+# Try LVM if that didn't work\r
+if [ "$keys_found" = "no" ]; then\r
+ lvm lvmdiskscan\r
+ vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')\r
+ for vg in $vgs; do\r
+ # Activate any VG we found\r
+ lvm vgchange -ay $vg\r
+ done\r
+ \r
+ DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')\r
+ findkeys \r
+\r
+ # And clean up..\r
+ for vg in $vgs; do\r
+ lvm vgchange -an $vg\r
+ done\r
+fi\r
+\r
+# Loop until the corresponding rpm is installed\r
+if [ "$keys_found" = "yes" ]; then\r
+ while : ; do\r
+ sleep 10\r
+ if [ -d /mnt/sysimage$SEARCHDIR ] ; then\r
+ cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR\r
+ logger "keys copied to newly installed system"\r
+ break\r
+ fi\r
+ done &\r
+fi\r
+#end raw\r
--- /dev/null
+## This snippet preserves files during re-build.\r
+## It supersedes other similar snippets - keep_*_keys.\r
+## Put it in %pre section of the kickstart template file\r
+## It uses preserve_files field which should contain a list of items to preserve\r
+## This field for now could contain any of the following:\r
+## 'ssh', 'cfengine', 'rhn' in any order\r
+## 'rhn' part of this snippet should NOT be used with systems subscribed\r
+## to Red Hat Satellite Server or Spacewalk as these\r
+## have a concept of "reactivation keys" to keep the systems\r
+## appearing to be the same. Also do not use if changing\r
+## base channels, i.e. RHEL4 -> RHEL5 upgrades.\r
+##\r
+\r
+#if $getVar('$preserve_files','') != ''\r
+ #set $preserve_files = $getVar('$preserve_files','') \r
+ preserve_files = $preserve_files \r
+ \r
+#raw\r
+# Nifty trick to restore keys without using a nochroot %post\r
+\r
+echo "Saving keys..." > /dev/ttyS0\r
+\r
+insmod /lib/jbd.o\r
+insmod /lib/ext3.o\r
+\r
+function findkeys\r
+{\r
+ for disk in $DISKS; do\r
+ name=$(basename $disk)\r
+ tmpdir=$(mktemp -d $name.XXXXXX)\r
+ mkdir -p /tmp/$tmpdir\r
+ mount $disk /tmp/$tmpdir\r
+ if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails\r
+ rm -rf /tmp/$tmpdir \r
+ continue \r
+ fi \r
+ # Copy current host keys out to be reused\r
+ if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then\r
+ keys_found="yes"\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ break\r
+ elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then\r
+ keys_found="yes"\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ break\r
+ fi\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ done\r
+}\r
+\r
+function search_for_keys\r
+{\r
+\r
+ SEARCHDIR=$1\r
+ TEMPDIR=$2\r
+ PATTERN=$3\r
+\r
+ keys_found=no\r
+ # /var could be a separate partition\r
+ SHORTDIR=${SEARCHDIR#/var}\r
+ if [ $SHORTDIR = $SEARCHDIR ]; then\r
+ SHORTDIR=''\r
+ fi \r
+\r
+ mkdir -p /tmp/$TEMPDIR\r
+\r
+ DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions)\r
+ # In the awk line above we want to make list of partitions, but not devices/controllers\r
+ # cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there\r
+ # No need to scan loopback niether.\r
+ # Try to find the keys on ordinary partitions\r
+\r
+ findkeys\r
+\r
+ # Try software RAID\r
+ if [ "$keys_found" = "no" ]; then\r
+ if mdadm -As; then\r
+ DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat)\r
+ findkeys\r
+ fi\r
+ fi\r
+\r
+\r
+ # Try LVM if that didn't work\r
+ if [ "$keys_found" = "no" ]; then\r
+ lvm lvmdiskscan\r
+ vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')\r
+ for vg in $vgs; do\r
+ # Activate any VG we found\r
+ lvm vgchange -ay $vg\r
+ done\r
+ \r
+ DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')\r
+ findkeys \r
+\r
+ # And clean up..\r
+ for vg in $vgs; do\r
+ lvm vgchange -an $vg\r
+ done\r
+ fi\r
+}\r
+\r
+function restore_keys\r
+{\r
+ SEARCHDIR=$1\r
+ TEMPDIR=$2\r
+ PATTERN=$3\r
+ # Loop until the corresponding rpm is installed if the keys are saved\r
+ if [ "$keys_found" = "yes" ] && [ -f /tmp/$TEMPDIR/${PATTERN}* ]; then\r
+ while : ; do\r
+ sleep 10\r
+ if [ -d /mnt/sysimage$SEARCHDIR ] ; then\r
+ cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR\r
+ logger "$TEMPDIR keys copied to newly installed system"\r
+ break\r
+ fi\r
+ done &\r
+ fi\r
+}\r
+\r
+for key in $preserve_files\r
+do\r
+ if [ $key = 'ssh' ]; then\r
+ search_for_keys '/etc/ssh' 'ssh' 'ssh_host_'\r
+ elif [ $key = 'cfengine' ]; then\r
+ search_for_keys '/var/cfengine/ppkeys' 'cfengine' 'localhost'\r
+ elif [ $key = 'rhn' ]; then\r
+ search_for_keys '/etc/sysconfig/rhn', 'rhn', '*'\r
+ else\r
+ echo "No keys to save!" > /dev/ttyS0\r
+ fi\r
+done\r
+\r
+# now restore keys if found\r
+\r
+for key in $preserve_files\r
+do\r
+ if [ $key = 'ssh' ]; then\r
+ restore_keys '/etc/ssh' 'ssh' 'ssh_host_'\r
+ elif [ $key = 'cfengine' ]; then\r
+ restore_keys '/var/cfengine/ppkeys' 'cfengine' 'localhost'\r
+ elif [ $key = 'rhn' ]; then\r
+ restore_keys '/etc/sysconfig/rhn', 'rhn', '*'\r
+ else\r
+ echo "Nothing to restore!" > /dev/ttyS0\r
+ fi\r
+done\r
+\r
+\r
+#end raw\r
+#end if\r
--- /dev/null
+#raw\r
+\r
+## this snippet should NOT be used with systems subscribed\r
+## to Red Hat Satellite Server or Spacewalk as these\r
+## have a concept of "reactivation keys" to keep the systems\r
+## appearing to be the same. Also do not use if changing\r
+## base channels, i.e. RHEL4 -> RHEL5 upgrades.\r
+\r
+echo "Saving RHN keys..." > /dev/ttyS0\r
+\r
+rhn_keys_found=no\r
+\r
+insmod /lib/jbd.o\r
+insmod /lib/ext3.o\r
+\r
+mkdir -p /tmp/rhn\r
+\r
+drives=$(list-harddrives | awk '{print $1}')\r
+for disk in $drives; do\r
+ DISKS="$DISKS $(fdisk -l /dev/$disk | awk '/^\/dev/{print $1}')"\r
+done\r
+\r
+# Try to find the keys on ordinary partitions\r
+for disk in $DISKS; do\r
+ name=$(basename $disk)\r
+ mkdir -p /tmp/$name\r
+ mount $disk /tmp/$name\r
+ [ $? -eq 0 ] || continue # Skip to the next partition if the mount fails\r
+\r
+ # Copy current RHN host keys out to be reused\r
+ if [ -d /tmp/${name}/etc/sysconfig/rhn ]; then\r
+ cp -a /tmp/${name}/etc/sysconfig/rhn/install-num /tmp/rhn\r
+ cp -a /tmp/${name}/etc/sysconfig/rhn/systemid /tmp/rhn\r
+ cp -a /tmp/${name}/etc/sysconfig/rhn/up2date /tmp/rhn\r
+ rhn_keys_found="yes"\r
+ umount /tmp/$name\r
+ break\r
+ fi\r
+ umount /tmp/$name\r
+ rm -r /tmp/$name\r
+done\r
+\r
+# Try LVM if that didn't work\r
+if [ "$rhn_keys_found" = "no" ]; then\r
+ lvm lvmdiskscan\r
+ vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')\r
+ for vg in $vgs; do\r
+ # Activate any VG we found\r
+ lvm vgchange -ay $vg\r
+ done\r
+ \r
+ lvs=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')\r
+ for lv in $lvs; do\r
+ tmpdir=$(mktemp -d findkeys.XXXXXX)\r
+ mkdir -p /tmp/${tmpdir}\r
+ mount $lv /tmp/${tmpdir} || continue # Skip to next volume if this fails\r
+\r
+ # Let's see if the keys are in there\r
+ if [ -d /tmp/${tmpdir}/etc/sysconfig/rhn ]; then\r
+ cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/install-num* /tmp/rhn/\r
+ cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/systemid* /tmp/rhn/\r
+ cp -a /tmp/${tmpdir}/etc/sysconfig/rhn/up2date /tmp/rhn/\r
+ rhn_keys_found="yes"\r
+ umount /tmp/${tmpdir}\r
+ break # We're done!\r
+ fi\r
+ umount /tmp/${tmpdir}\r
+ rm -r /tmp/${tmpdir}\r
+ done\r
+ \r
+ # And clean up..\r
+ for vg in $vgs; do\r
+ lvm vgchange -an $vg\r
+ done\r
+fi\r
+\r
+# Loop until the RHN rpm is installed\r
+if [ "$rhn_keys_found" = "yes" ]; then\r
+ while : ; do\r
+ sleep 10\r
+ if [ -d /mnt/sysimage/etc/sysconfig/rhn ] ; then\r
+ cp -af /tmp/rhn/* /mnt/sysimage/etc/sysconfig/rhn/\r
+ logger "RHN KEY copied to newly installed system"\r
+ break\r
+ fi\r
+ done &\r
+fi\r
+#end raw\r
--- /dev/null
+#raw\r
+# Nifty trick to restore keys without using a nochroot %post\r
+\r
+echo "Saving keys..." > /dev/ttyS0\r
+\r
+SEARCHDIR=/etc/ssh\r
+TEMPDIR=ssh\r
+PATTERN=ssh_host_\r
+\r
+keys_found=no\r
+# /var could be a separate partition\r
+SHORTDIR=${SEARCHDIR#/var}\r
+if [ $SHORTDIR = $SEARCHDIR ]; then\r
+ SHORTDIR=''\r
+fi \r
+insmod /lib/jbd.o\r
+insmod /lib/ext3.o\r
+\r
+mkdir -p /tmp/$TEMPDIR\r
+\r
+\r
+function findkeys\r
+{\r
+ for disk in $DISKS; do\r
+ name=$(basename $disk)\r
+ tmpdir=$(mktemp -d $name.XXXXXX)\r
+ mkdir -p /tmp/$tmpdir\r
+ mount $disk /tmp/$tmpdir\r
+ if [ $? -ne 0 ]; then # Skip to the next partition if the mount fails\r
+ rm -rf /tmp/$tmpdir \r
+ continue \r
+ fi \r
+ # Copy current host keys out to be reused\r
+ if [ -d /tmp/$tmpdir$SEARCHDIR ] && cp -a /tmp/$tmpdir$SEARCHDIR/${PATTERN}* /tmp/$TEMPDIR; then \r
+ keys_found="yes"\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ break\r
+ elif [ -n "$SHORTDIR" ] && [ -d /tmp/$tmpdir$SHORTDIR ] && cp -a /tmp/$tmpdir$SHORTDIR/${PATTERN}* /tmp/$TEMPDIR; then \r
+ keys_found="yes"\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ break\r
+ fi\r
+ umount /tmp/$tmpdir\r
+ rm -r /tmp/$tmpdir\r
+ done\r
+}\r
+\r
+DISKS=$(awk '{if ($NF ~ "^[a-zA-Z].*[0-9]$" && $NF !~ "c[0-9]+d[0-9]+$" && $NF !~ "^loop.*") print "/dev/"$NF}' /proc/partitions)\r
+# In the awk line above we want to make list of partitions, but not devices/controllers\r
+# cciss raid controllers have partitions like /dev/cciss/cNdMpL, where N,M,L - some digits, we want to make sure 'pL' is there\r
+# No need to scan loopback niether.\r
+# Try to find the keys on ordinary partitions\r
+\r
+findkeys\r
+\r
+# Try software RAID\r
+if [ "$keys_found" = "no" ]; then\r
+ if mdadm -As; then\r
+ DISKS=$(awk '/md/{print "/dev/"$1}' /proc/mdstat)\r
+ findkeys\r
+ # unmount and deactivate all md \r
+ for md in $DISKS ; do\r
+ umount $md\r
+ mdadm -S $md\r
+ done\r
+ fi\r
+fi\r
+\r
+\r
+# Try LVM if that didn't work\r
+if [ "$keys_found" = "no" ]; then\r
+ lvm lvmdiskscan\r
+ vgs=$(lvm vgs | tail -n +2 | awk '{ print $1 }')\r
+ for vg in $vgs; do\r
+ # Activate any VG we found\r
+ lvm vgchange -ay $vg\r
+ done\r
+ \r
+ DISKS=$(lvm lvs | tail -n +2 | awk '{ print "/dev/" $2 "/" $1 }')\r
+ findkeys \r
+\r
+ # And clean up..\r
+ for vg in $vgs; do\r
+ lvm vgchange -an $vg\r
+ done\r
+fi\r
+\r
+# Loop until the corresponding rpm is installed\r
+if [ "$keys_found" = "yes" ]; then\r
+ if [ "$PATTERN" = "ssh_host_" ]; then\r
+ while : ; do\r
+ sleep 10\r
+ if [ -f /etc/ssh/ssh_host_key ] ; then\r
+ cp -af /tmp/$TEMPDIR/${PATTERN}* $SEARCHDIR\r
+ break\r
+ fi\r
+ done 1>/dev/null 2>/dev/null &\r
+ fi\r
+ while : ; do\r
+ sleep 10\r
+ if [ -d /mnt/sysimage$SEARCHDIR ] ; then\r
+ cp -af /tmp/$TEMPDIR/${PATTERN}* /mnt/sysimage$SEARCHDIR\r
+ if [ -e "/sbin/restorecon"]; then\r
+ /sbin/restorecon -r /etc/ssh\r
+ fi\r
+ logger "keys copied to newly installed system"\r
+ break\r
+ fi\r
+ done 1>/dev/null 2>/dev/null &\r
+fi\r
+#end raw\r
+\r
--- /dev/null
+# Start koan environment setup\r
+echo "export COBBLER_SERVER=$server" > /etc/profile.d/cobbler.sh\r
+echo "setenv COBBLER_SERVER $server" > /etc/profile.d/cobbler.csh\r
+# End koan environment setup\r
--- /dev/null
+<file>\r
+ <file_path>/etc/security/limits.conf</file_path>\r
+ <file_contents>\r
+<![CDATA[\r
+#raw\r
+# /etc/security/limits.conf\r
+#\r
+# Each line describes a limit for a user in the form:\r
+#\r
+#<domain> <type> <item> <value>\r
+#\r
+#Where:\r
+#<domain> can be:\r
+# - an user name\r
+# - a group name, with @group syntax\r
+# - the wildcard *, for default entry\r
+# - the wildcard %, can be also used with %group syntax,\r
+# for maxlogin limit\r
+#\r
+#<type> can have the two values:\r
+# - "soft" for enforcing the soft limits\r
+# - "hard" for enforcing hard limits\r
+#\r
+#<item> can be one of the following:\r
+# - core - limits the core file size (KB)\r
+# - data - max data size (KB)\r
+# - fsize - maximum filesize (KB)\r
+# - memlock - max locked-in-memory address space (KB)\r
+# - nofile - max number of open files\r
+# - rss - max resident set size (KB)\r
+# - stack - max stack size (KB)\r
+# - cpu - max CPU time (MIN)\r
+# - nproc - max number of processes\r
+# - as - address space limit (KB)\r
+# - maxlogins - max number of logins for this user\r
+# - maxsyslogins - max number of logins on the system\r
+# - priority - the priority to run user process with\r
+# - locks - max number of file locks the user can hold\r
+# - sigpending - max number of pending signals\r
+# - msgqueue - max memory used by POSIX message queues (bytes)\r
+# - nice - max nice priority allowed to raise to values: [-20, 19]\r
+# - rtprio - max realtime priority\r
+#\r
+#<domain> <type> <item> <value>\r
+#\r
+\r
+#* soft core 0\r
+#* hard rss 10000\r
+#@student hard nproc 20\r
+#@faculty soft nproc 20\r
+#@faculty hard nproc 50\r
+#ftp hard nproc 0\r
+#@student - maxlogins 4\r
+* - nofile 100000 \r
+# End of file\r
+#end raw\r
+]]>\r
+ </file_contents>\r
+ <file_owner>root.root</file_owner>\r
+ <file_permissions>644</file_permissions>\r
+</file>\r
--- /dev/null
+set -x -v\r
+exec 1>/root/ks-post.log 2>&1\r
--- /dev/null
+set -x -v\r
+exec 1>/tmp/ks-pre.log 2>&1\r
+\r
+# Once root's homedir is there, copy over the log.\r
+while : ; do\r
+ sleep 10\r
+ if [ -d /mnt/sysimage/root ]; then\r
+ cp /tmp/ks-pre.log /mnt/sysimage/root/\r
+ logger "Copied %pre section log to system"\r
+ break\r
+ fi\r
+done &\r
--- /dev/null
+#set $hostname = $getVar("hostname","")\r
+#if $hostname == ""\r
+#set $hostname = $getVar("system_name","cobbler")\r
+#end if\r
+#if $getVar("dns_name_eth0","") != ""\r
+ #set $my_hostname = $hostname.split('.',1)[:1][0]\r
+ #set $my_domainname = $dns_name_eth0.split('.',1)[1:][0]\r
+#else\r
+ #set $my_hostname = $hostname\r
+ #set $my_domainname = "site"\r
+#end if\r
+\r
+ <networking>\r
+ <keep_install_network config:type="boolean">false</keep_install_network>\r
+ <dhcp_options>\r
+ <dhclient_client_id></dhclient_client_id>\r
+ <dhclient_hostname_option></dhclient_hostname_option>\r
+ </dhcp_options>\r
+ <dns>\r
+ <dhcp_hostname config:type="boolean">false</dhcp_hostname>\r
+ <dhcp_resolv config:type="boolean">false</dhcp_resolv>\r
+ <write_hostname config:type="boolean">false</write_hostname>\r
+ <resolv_conf_policy></resolv_conf_policy>\r
+ <hostname>$my_hostname</hostname>\r
+ <domain>$my_domainname</domain>\r
+ #if $getVar("name_servers_search","") != ""\r
+ <searchlist config:type="list">\r
+ #for $sd in $name_servers_search\r
+ <search>$sd</search>\r
+ #end for\r
+ </searchlist>\r
+ #end if\r
+ <nameservers config:type="list">\r
+ #for $ns in $name_servers\r
+ <nameserver>$ns</nameserver>\r
+ #end for\r
+ </nameservers>\r
+ </dns>\r
+ <interfaces config:type="list">\r
+ #if $getVar("system_name","") != ""\r
+ #set $ikeys = $interfaces.keys()\r
+ #for $iface in $ikeys\r
+ #set $idata = $interfaces[$iface]\r
+ #set $mac = $idata["mac_address"]\r
+ #set $ip = $idata["ip_address"]\r
+ #set $netmask = $idata["netmask"]\r
+ #set $iface_type = $idata["interface_type"]\r
+ #set $bonding_opts = $idata["bonding_opts"]\r
+ #if $iface_type.lower() == "bond"\r
+ <interface>\r
+ <bonding_master>yes</bonding_master>\r
+ <bonding_module_opts>$bonding_opts.lower()</bonding_module_opts>\r
+ #set $loop_ikeys = $interfaces.keys()\r
+ #set $loop_counter = 0\r
+ #for $loop_iface in $loop_ikeys\r
+ #set $loop_idata = $interfaces[$loop_iface]\r
+ #set $loop_interface_type = $loop_idata["interface_type"]\r
+ #if $loop_interface_type.lower == "bond_slave"\r
+ #if $loop_idata["interface_master"] != ""\r
+ #if $loop_idata["interface_master"].lower() == $iface.lower()\r
+ <bonding_slave$loop_counter>$loop_iface</bonding_slave$loop_counter>\r
+ #set $loop_counter += 1\r
+ #end if\r
+ #end if\r
+ #end if\r
+ #end for\r
+ <bootproto>static</bootproto>\r
+ <device>$iface</device>\r
+ <ipaddr>$ip</ipaddr>\r
+ <netmask>$netmask</netmask>\r
+ <startmode>auto</startmode>\r
+ <usercontrol>no</usercontrol>\r
+ </interface>\r
+ #end if\r
+ #if $iface_type.lower() in ["bond_slave","bridge_slave"]\r
+ <interface>\r
+ <bootproto>none</bootproto>\r
+ <device>$iface</device>\r
+ <startmode>off</startmode>\r
+ <usercontrol>no</usercontrol>\r
+ </interface>\r
+ #end if\r
+ #if $iface_type.lower() in ["","na"]\r
+ <interface>\r
+ <bootproto>static</bootproto>\r
+ <device>$iface</device>\r
+ <lladdr>$mac.lower()</lladdr>\r
+ <ipaddr>$ip</ipaddr>\r
+ <netmask>$netmask</netmask>\r
+ <startmode>auto</startmode>\r
+ <usercontrol>no</usercontrol>\r
+ </interface>\r
+ #end if\r
+ #end for\r
+ #end if\r
+ </interfaces>\r
+ <managed config:type="boolean">false</managed>\r
+ <net-udev config:type="list">\r
+ #if $getVar("system_name","") != ""\r
+ #set $ikeys = $interfaces.keys()\r
+ #for $iface in $ikeys\r
+ #set $idata = $interfaces[$iface]\r
+ #set $mac = $idata["mac_address"]\r
+ #set $interface_type = $idata["interface_type"]\r
+ #if $mac.lower() != ""\r
+ #if $interface_type.lower() not in ["bond","bridge"]\r
+ <rule>\r
+ <name>$iface</name>\r
+ <rule>ATTR{address}</rule>\r
+ <value>$mac.lower()</value>\r
+ </rule>\r
+ #end if\r
+ #end if\r
+ #end for\r
+ #end if\r
+ </net-udev>\r
+ <routing>\r
+ <ip_forward config:type="boolean">false</ip_forward>\r
+ #if $getVar("system_name","") != ""\r
+ ## TODO: add in static routes here\r
+ <routes config:type="list">\r
+ <route>\r
+ <destination>default</destination>\r
+ <netmask>-</netmask>\r
+ <device>-</device>\r
+ <gateway>$gateway</gateway>\r
+ </route>\r
+ </routes>\r
+ #end if\r
+ </routing>\r
+ </networking>\r
--- /dev/null
+#if $getVar('ntp_server', '') == ""\r
+ #set $ntp_server = '0.pool.ntp.org'\r
+#end if\r
+ <ntp-client>\r
+ <configure_dhcp config:type="boolean">false</configure_dhcp>\r
+ <peers config:type="list">\r
+ <peer>\r
+ <address>$ntp_server</address>\r
+ <initial_sync config:type="boolean">true</initial_sync>\r
+ <options></options>\r
+ <type>server</type>\r
+ </peer>\r
+ </peers>\r
+ <start_at_boot config:type="boolean">true</start_at_boot>\r
+ <start_in_chroot config:type="boolean">true</start_in_chroot>\r
+ </ntp-client>\r
--- /dev/null
+%post\r
+#if $getVar("system_name","") != ""\r
+ koan --server=$server --replace-self --add-reinstall-entry\r
+#else\r
+ koan --server=$server --replace-self --profile=$profile_name --add-reinstall-entry\r
+#end if\r
--- /dev/null
+## RHEL zVM installs do not properly reboot into the installed system. This\r
+## issue has been resolved in RHEL-5 Update3. To get a consistent reboot\r
+## behavior for s390* installs on all distros, this snippet can be used. The\r
+## snippet will attempt to discover the IPL volume zipl is being installed\r
+## to and will attempt a reipl. Be sure to set this snippet as the *last*\r
+## snippet your kickstart template.\r
+\r
+#if $arch.startswith("s390"):\r
+%post --nochroot\r
+\r
+# Does the kickstart file request a reboot?\r
+grep -q "^reboot" /tmp/ks.cfg /ks.cfg 2>/dev/null\r
+if [ \$? -ne 0 ]; then\r
+ exit 0\r
+fi\r
+\r
+# find out the location of /boot and use it to re-ipl\r
+boot_dev=""\r
+for mountpt in /mnt/sysimage/boot /mnt/sysimage;\r
+do\r
+ set -- \$(grep " \$mountpt " /proc/mounts)\r
+ if [ -b "\$1" ]; then\r
+ boot_dev=\$1\r
+ break\r
+ fi\r
+done\r
+\r
+# lookup dasd disk\r
+if [[ \$boot_dev == *dasd* ]]; then\r
+ # remove the '/dev/' (aka basename)\r
+ boot_dev=\${boot_dev\#\#/[^/]*/}\r
+ # strip partition number from dasd device\r
+ boot_dev=\${boot_dev%%[0-9]}\r
+ type="ccw"\r
+ id=`basename \$(readlink /sys/block/\$boot_dev/device)`\r
+\r
+ # HACK - In RHEL4 and RHEL3 ... we do it the hard way\r
+ grep -q "^[34]\$" /.buildstamp 2>/dev/null\r
+ if [ \$? -eq 0 ]; then\r
+ cat <<EOF> /mnt/sysimage/tmp/zeboot.sh\r
+\#!/bin/bash\r
+/sbin/modprobe -r vmcp\r
+rm -f "/dev/vmcp"\r
+sleep 2\r
+[ -b "/dev/vmcp" ] || /bin/mknod /dev/vmcp c 10 61\r
+/sbin/modprobe -a vmcp\r
+sync\r
+# Force a boot (e.g. IPL 0100)\r
+/sbin/vmcp ipl \${id\#\#*.}\r
+EOF\r
+ /bin/chmod +x /mnt/sysimage/tmp/zeboot.sh\r
+ /bin/chroot /mnt/sysimage /tmp/zeboot.sh\r
+ # In RHEL5 ... lets cleanly shutdown (Update 3 and newer)\r
+ else\r
+ echo \$type > /sys/firmware/reipl/reipl_type\r
+ echo \$id > /sys/firmware/reipl/\$type/device\r
+\r
+ # Force a reboot\r
+ pid=\$(cat /var/run/init.pid)\r
+ [ -z "\$pid" ] && pid=\$(pidof init)\r
+ kill -12 \$pid\r
+ pid=\$(cat /var/run/loader.run)\r
+ [ -z "\$pid" ] && pid=\$(pidof loader)\r
+ kill \$pid\r
+ fi\r
+fi\r
+#end if\r
--- /dev/null
+# Uncomment this if you don't want to use a network mirror\r
+d-i apt-setup/use_mirror boolean false\r
+d-i apt-setup/services-select multiselect\r
+d-i apt-setup/security_host string $http_server \r
+d-i apt-setup/security_path string $install_source_directory\r
+# Additional repositories, local[0-9] available\r
+#set $cur=0\r
+#set $repo_data = $getVar("repo_data",[])\r
+#for $repo in $repo_data\r
+ #for $dist in $repo.apt_dists\r
+ #set $comps = " ".join($repo.apt_components)\r
+d-i apt-setup/local${cur}/repository string \\r
+ #if $repo.mirror_locally\r
+deb http://$http_server/cobbler/repo_mirror/${repo.name} $dist $comps\r
+ #else\r
+deb ${repo.mirror} $dist $comps\r
+ #end if\r
+ #if $repo.comment != ""\r
+d-i apt-setup/local${cur}/comment string ${repo.comment}\r
+ #end if\r
+ #if $repo.breed == "src"\r
+# Enable deb-src lines\r
+d-i apt-setup/local${cur}/source boolean false\r
+ #end if\r
+ #set $cur=$cur+1\r
+ #end for\r
+#end for\r
--- /dev/null
+mkdir -p /etc/chef\r
+mkdir -p /var/log/chef\r
+\r
+## Generate validation.pem\r
+$SNIPPET('preseed_chef-validator.pem')\r
+## Generate admin.pem\r
+$SNIPPET('preseed_chef-admin.pem')\r
+## Generate client.rb\r
+$SNIPPET('preseed_client.rb')\r
+$SNIPPET('preseed_knife.rb')\r
+$SNIPPET('preseed_gem_local_repo')\r
+$SNIPPET('preseed_chef_run.sh')\r
+$SNIPPET('preseed_chef_init')\r
--- /dev/null
+#if $getVar('chef_admin_file', '') == ""\r
+ #set chef_admin_file = '/etc/chef-server/admin.pem'\r
+#end if\r
+#set f = $open($chef_admin_file)\r
+cat << EOL > /etc/chef/admin.pem\r
+#echo $f.read()\r
+EOL\r
+#silent $f.close()\r
--- /dev/null
+#if $getVar('chef_validation_file', '') == ""\r
+ #set chef_validation_file = '/etc/chef-server/chef-validator.pem'\r
+#end if\r
+#set f = $open($chef_validation_file)\r
+cat << EOL > /etc/chef/validation.pem\r
+#echo $f.read()\r
+EOL\r
+#silent $f.close()\r
--- /dev/null
+## A self-destruct service to boot chef client and register cron job\r
+#if $getVar('ntp_server', '') == ""\r
+ #set $ntp_server = '0.ubuntu.pool.ntp.org'\r
+#end if\r
+cat << EOF > /etc/init.d/chef\r
+#raw\r
+#!/bin/bash\r
+# chkconfig: 2345 99 20\r
+# description: Description of the script\r
+# processname: chef-agent\r
+#end raw\r
+echo "old date is: `date`" 2>&1 > /tmp/ntp.log\r
+service ntpd stop 2>&1 >> /tmp/ntp.log\r
+ntpdate $ntp_server 2>&1 >> /tmp/ntp.log\r
+service ntpd start 2>&1 >> /tmp/ntp.log\r
+echo "new date is: `date`" 2>&1 >> /tmp/ntp.log\r
+apt-get -y update 2>&1 >> /tmp/apt_update\r
+\r
+crontab -l > /tmp/mycron\r
+echo "*/30 * * * * /etc/chef/chef_client_run.sh" >> /tmp/mycron\r
+crontab /tmp/mycron\r
+rm /tmp/mycron\r
+\r
+/etc/chef/chef_client_run.sh &\r
+\r
+update-rc.d -f chef remove\r
+mv /etc/init.d/chef /tmp/chef\r
+EOF\r
+\r
+chmod +x /etc/init.d/chef\r
+update-rc.d chef defaults 99 20\r
--- /dev/null
+echo "\\$ModLoad imfile" > /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFileName /var/log/chef-client.log" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFileReadMode 0" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFileTag" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFileStateFile firstboot_log" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFileSeverity notice" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFileFacility local3" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputRunFileMonitor" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "\\$InputFilePollInterval 1" >> /target/etc/rsyslog.d/chef.conf; \\r
+echo "local3.info @$server:514" >> /target/etc/rsyslog.d/chef.conf; \\r
--- /dev/null
+#set ip_address = ""\r
+#set ikeys = $interfaces.keys()\r
+#for $iname in $ikeys\r
+ #set $idata = $interfaces[$iname]\r
+ #set $static = $idata["static"]\r
+ #set $management = $idata["management"]\r
+ #set $ip = $idata["ip_address"]\r
+ #if $management and $ip\r
+ #set $ip_address = $ip\r
+ #end if\r
+#end for\r
+\r
+#set $proxy_url = ""\r
+#set $local_repo_url = ""\r
+#if $getVar("local_repo","") != ""\r
+ #set $local_repo_url = $local_repo\r
+#end if\r
+#if $getVar("proxy","") != ""\r
+ #set $proxy_url = $proxy\r
+#end if\r
+\r
+#if $getVar('compass_server', '') != ""\r
+ #set srv = $getVar('compass_server','')\r
+#else\r
+ #set srv = $getVar('server','')\r
+#end if\r
+\r
+cat << EOF > /etc/chef/chef_client_run.sh\r
+#!/bin/bash\r
+touch /var/log/chef.log\r
+PIDFILE=/tmp/chef_client_run.pid\r
+if [ -f \\$PIDFILE ]; then\r
+ pid=\\$(cat \\$PIDFILE)\r
+ if [ -f /proc/\\$pid/exe ]; then\r
+ echo "there are chef_client_run.sh running with pid \\$pid" >> /var/log/chef.log 2>&1\r
+ exit 1\r
+ fi\r
+fi\r
+echo \\$$ > \\$PIDFILE\r
+while true; do\r
+ echo "run chef-client on \`date\`" >> /var/log/chef.log 2>&1\r
+ clients=\\$(pgrep chef-client)\r
+ if [[ "\\$?" == "0" ]]; then\r
+ echo "there are chef-clients '\\$clients' running" >> /var/log/chef.log 2>&1\r
+ break\r
+ else\r
+ echo "knife search nodes" >> /var/log/chef.log 2>&1\r
+ USER=root HOME=/root knife node list |grep \\$HOSTNAME. >> /var/log/chef.log 2>&1\r
+ nodes=\\$(USER=root HOME=/root knife node list |grep \\$HOSTNAME.)\r
+ echo "found nodes \\$nodes" >> /var/log/chef.log 2>&1\r
+ all_nodes_success=1\r
+ for node in \\$nodes; do\r
+ mkdir -p /var/log/chef/\\$node\r
+ if [ ! -f /etc/chef/\\$node.json ]; then\r
+ cat << EOL > /etc/chef/\\$node.json\r
+{\r
+ "local_repo": "$local_repo_url",\r
+ "proxy_url": "$proxy_url",\r
+ "ip_address": "$ip_address"\r
+}\r
+EOL\r
+ fi\r
+ if [ ! -f "/etc/chef/\\$node.pem" ]; then\r
+ cat << EOL > /etc/rsyslog.d/\\$node.conf\r
+\\\\$ModLoad imfile\r
+\\\\$InputFileName /var/log/chef/\\$node/chef-client.log\r
+\\\\$InputFileReadMode 0\r
+\\\\$InputFileTag \\$node\r
+\\\\$InputFileStateFile chef_\\${node}_log\r
+\\\\$InputFileSeverity notice\r
+\\\\$InputFileFacility local3\r
+\\\\$InputRunFileMonitor\r
+\\\\$InputFilePollInterval 1\r
+#if $getVar("compass_server","") != ""\r
+local3.info @$compass_server:514\r
+#else\r
+local3.info @@$server:514\r
+#end if\r
+EOL\r
+ rm -rf /var/lib/rsyslog/chef_\\$node_log\r
+ service rsyslog restart\r
+ fi\r
+ if [ -f "/etc/chef/\\$node.done" ]; then\r
+ USER=root HOME=/root chef-client --node-name \\$node -j /etc/chef/\\$node.json --client_key /etc/chef/\\$node.pem >> /var/log/chef.log 2>&1\r
+ else\r
+ USER=root HOME=/root chef-client --node-name \\$node -j /etc/chef/\\$node.json --client_key /etc/chef/\\$node.pem -L /var/log/chef/\\$node/chef-client.log >> /var/log/chef.log 2>&1\r
+ fi\r
+ if [ "\\$?" != "0" ]; then\r
+ echo "chef-client --node-name \\$node run failed" >> /var/log/chef.log 2>&1\r
+ all_nodes_success=0\r
+ else\r
+ echo "chef-client --node-name \\$node run success" >> /var/log/chef.log 2>&1\r
+ touch /etc/chef/\\$node.done\r
+ wget -O /tmp/package_state.\\$node --post-data='{"ready": true}' --header=Content-Type:application/json "http://$srv/api/clusterhosts/\\${node}/state_internal"\r
+ fi\r
+ done\r
+ if [ \\$all_nodes_success -eq 0 ]; then\r
+ sleep 1m\r
+ else\r
+ break\r
+ fi\r
+ fi\r
+done\r
+EOF\r
+chmod +x /etc/chef/chef_client_run.sh\r
--- /dev/null
+cat << EOL > /etc/chef/client.rb\r
+log_level :info\r
+log_location '/dev/null'\r
+#if $getVar('chef_url', '') != ""\r
+chef_server_url '$chef_url'\r
+#elif $getVar("compass_server","") != ""\r
+chef_server_url 'https://$compass_server'\r
+#else\r
+chef_server_url 'https://$server'\r
+#end if\r
+validation_client_name 'chef-validator'\r
+json_attribs nil\r
+pid_file '/var/run/chef-client.pid'\r
+# Using default node name (fqdn) \r
+no_lazy_load true\r
+ssl_verify_mode :verify_none\r
+EOL\r
+\r
+mkdir -p /etc/chef/trusted_certs\r
+#set certs_path = $getVar("trusted_certs_path", "/var/opt/chef-server/nginx/ca")\r
+#if $certs_path != ""\r
+ #import os\r
+ #import os.path\r
+ #set filenames = $os.listdir($certs_path)\r
+ #for filename in $filenames\r
+ #if $filename.endswith('.crt')\r
+ #set filepath = $os.path.join($certs_path, $filename)\r
+ #set f = $open($filepath)\r
+cat << EOF > /etc/chef/trusted_certs/$filename\r
+ #echo $f.read()\r
+EOF\r
+ #silent $f.close() \r
+ #end if\r
+ #end for\r
+#end if\r
--- /dev/null
+cat << EOF > /root/.gemrc\r
+#if $getVar('proxy', '') != ""\r
+gem: --no-ri --no-rdoc --http-proxy=$proxy\r
+#else\r
+gem: --no-ri --no-rdoc\r
+#end if\r
+:backtrace: false\r
+:benchmark: false\r
+:bulk_threshold: 1000\r
+:sources:\r
+#if $getVar("local_repo","") != ""\r
+- $local_repo/gem_repo/\r
+ #if $getVar("local_repo_only","1") == "0"\r
+- https://rubygems.org/\r
+ #end if\r
+#else\r
+- https://rubygems.org/\r
+#end if\r
+:update_sources: true\r
+:verbose: true\r
+EOF\r
+\r
+cp -f /root/.gemrc /etc/gemrc\r
--- /dev/null
+cat << EOL > /etc/hosts\r
+127.0.0.1 $system_name localhost localhost.localdomain localhost4 localhost4.localdomain4\r
+::1 $system_name localhost localhost.localdomain localhost6 localhost6.localdomain6\r
+#for $iname, $idata in $interfaces.items()\r
+ #if $hostname and $idata["management"] and $idata["static"] and $idata.get("ip_address", "") != ""\r
+$idata["ip_address"] $hostname\r
+ #end if\r
+#end for\r
+#import os\r
+#set $server_name = $os.uname[1]\r
+$server $server_name\r
+#if $getVar("chef_server_ip", "") != "" and $getVar("chef_server_dns", "") != ""\r
+$chef_server_ip $chef_server_dns\r
+#end if\r
+EOL\r
--- /dev/null
+mkdir -p /root/.chef\r
+cat << EOL > /root/.chef/knife.rb\r
+log_level :info\r
+log_location '/dev/null'\r
+#if $getVar('chef_url', '') != ""\r
+chef_server_url '$chef_url'\r
+#end if\r
+node_name 'admin'\r
+client_key '/etc/chef/admin.pem'\r
+validation_client_name 'chef-validator'\r
+validation_key '/etc/chef/validation.pem'\r
+syntax_check_cache_path '/root/.chef/syntax_check_cache'\r
+ssl_verify_mode :verify_none\r
+EOL\r
+\r
+mkdir -p /root/.chef/trusted_certs\r
+#set certs_path = $getVar("trusted_certs_path", "/var/opt/chef-server/nginx/ca")\r
+#if $certs_path != ""\r
+ #import os\r
+ #import os.path\r
+ #set filenames = $os.listdir($certs_path)\r
+ #for filename in $filenames\r
+ #if $filename.endswith('.crt')\r
+ #set filepath = $os.path.join($certs_path, $filename)\r
+ #set f = $open($filepath)\r
+cat << EOF > /root/.chef/trusted_certs/$filename\r
+ #echo $f.read()\r
+EOF\r
+ #silent $f.close() \r
+ #end if\r
+ #end for\r
+#end if\r
--- /dev/null
+cat << EOF > /etc/security/limits.conf\r
+#raw\r
+# /etc/security/limits.conf\r
+#\r
+# Each line describes a limit for a user in the form:\r
+#\r
+#<domain> <type> <item> <value>\r
+#\r
+#Where:\r
+#<domain> can be:\r
+# - an user name\r
+# - a group name, with @group syntax\r
+# - the wildcard *, for default entry\r
+# - the wildcard %, can be also used with %group syntax,\r
+# for maxlogin limit\r
+#\r
+#<type> can have the two values:\r
+# - "soft" for enforcing the soft limits\r
+# - "hard" for enforcing hard limits\r
+#\r
+#<item> can be one of the following:\r
+# - core - limits the core file size (KB)\r
+# - data - max data size (KB)\r
+# - fsize - maximum filesize (KB)\r
+# - memlock - max locked-in-memory address space (KB)\r
+# - nofile - max number of open files\r
+# - rss - max resident set size (KB)\r
+# - stack - max stack size (KB)\r
+# - cpu - max CPU time (MIN)\r
+# - nproc - max number of processes\r
+# - as - address space limit (KB)\r
+# - maxlogins - max number of logins for this user\r
+# - maxsyslogins - max number of logins on the system\r
+# - priority - the priority to run user process with\r
+# - locks - max number of file locks the user can hold\r
+# - sigpending - max number of pending signals\r
+# - msgqueue - max memory used by POSIX message queues (bytes)\r
+# - nice - max nice priority allowed to raise to values: [-20, 19]\r
+# - rtprio - max realtime priority\r
+#\r
+#<domain> <type> <item> <value>\r
+#\r
+\r
+#* soft core 0\r
+#* hard rss 10000\r
+#@student hard nproc 20\r
+#@faculty soft nproc 20\r
+#@faculty hard nproc 50\r
+#ftp hard nproc 0\r
+#@student - maxlogins 4\r
+* - nofile 100000 \r
+# End of file\r
+#end raw\r
+EOF\r
--- /dev/null
+#if $getVar("system_name","") != ""\r
+d-i netcfg/link_detection_timeout string 0\r
+d-i netcfg/dhcp_timeout string 0\r
+d-i netcfg/dhcpv6_timeout string 0\r
+d-i netcfg/enable boolean false\r
+d-i netcfg/disable_autoconfig boolean true\r
+d-i netcfg/use_autoconfig boolean false\r
+d-i netcfg/disable_dhcp boolean true\r
+d-i netcfg/dhcp_failed note\r
+d-i netcfg/dhcp_options select Configure network manually\r
+d-i hw-detect/load_firmware boolean true\r
+d-i netcfg/confirm_static boolean true\r
+ #if $hostname != ""\r
+d-i netcfg/get_hostname string $hostname\r
+d-i netcfg/hostname string $hostname\r
+ #end if\r
+ #if $gateway != ""\r
+d-i netcfg/get_gateway string $gateway\r
+ #end if\r
+ #if $len($name_servers) > 0\r
+d-i netcfg/get_nameservers string $name_servers[0]\r
+ #end if\r
+#end if\r
--- /dev/null
+#if $getVar('ntp_server', '') == ""\r
+ #set $ntp_server = '0.ubuntu.pool.ntp.org'\r
+#end if\r
+\r
+cat << EOF > /etc/ntp.conf\r
+# For more information about this file, see the man pages\r
+# ntp.conf(5), ntp_acc(5), ntp_auth(5), ntp_clock(5), ntp_misc(5), ntp_mon(5).\r
+\r
+# Include the option tinker panic 0 at the top of your ntp.conf file. \r
+# By default, the NTP daemon sometimes panics and exits if the underlying clock\r
+# appears to be behaving erratically. This option causes the daemon to keep \r
+# running instead of panicking. \r
+tinker panic 0\r
+\r
+driftfile /var/lib/ntp/drift\r
+\r
+# Permit time synchronization with our time source, but do not\r
+# permit the source to query or modify the service on this system.\r
+restrict default kod nomodify notrap nopeer noquery\r
+restrict -6 default kod nomodify notrap nopeer noquery\r
+\r
+# Permit all access over the loopback interface. This could\r
+# be tightened as well, but to do so would effect some of\r
+# the administrative functions.\r
+restrict 127.0.0.1 \r
+restrict -6 ::1\r
+\r
+# Hosts on local network are less restricted.\r
+# restrict 192.168.1.0 mask 255.255.255.0 nomodify notrap\r
+\r
+# Use public servers from the pool.ntp.org project.\r
+# Please consider joining the pool (http://www.pool.ntp.org/join.html).\r
+# server 0.ubuntu.pool.ntp.org\r
+# server 1.ubuntu.pool.ntp.org\r
+# server 2.ubuntu.pool.ntp.org\r
+server $ntp_server\r
+\r
+# broadcast 192.168.1.255 autokey # broadcast server\r
+# broadcastclient # broadcast client\r
+# broadcast 224.0.1.1 autokey # multicast server\r
+# multicastclient 224.0.1.1 # multicast client\r
+# manycastserver 239.255.254.254 # manycast server\r
+# manycastclient 239.255.254.254 autokey # manycast client\r
+\r
+# Undisciplined Local Clock. This is a fake driver intended for backup\r
+# and when no outside source of synchronized time is available. \r
+server 127.127.1.0 # local clock\r
+\r
+# Enable public key cryptography.\r
+# crypto\r
+\r
+includefile /etc/ntp/crypto/pw\r
+\r
+# Key file containing the keys and key identifiers used when operating\r
+# with symmetric key cryptography. \r
+keys /etc/ntp/keys\r
+\r
+# Specify the key identifiers which are trusted.\r
+# trustedkey 4 8 42\r
+\r
+# Specify the key identifier to use with the ntpdc utility.\r
+# requestkey 8\r
+\r
+# Specify the key identifier to use with the ntpq utility.\r
+# controlkey 8\r
+\r
+# Enable writing of statistics records.\r
+# statistics clockstats cryptostats loopstats peerstats\r
+EOF\r
+update-rc.d ntp defaults 58 74\r
--- /dev/null
+d-i partman-auto/init_automatically_partition string custom\r
+d-i partman-auto/automatically_partition string custom\r
+d-i partman-auto/method string lvm\r
+d-i partman-auto/purge_lvm_from_device boolean true\r
+d-i partman-auto-lvm/guided_size string max\r
+d-i partman-lvm/device_remove_lvm boolean true\r
+d-i partman-lvm/device_remove_lvm_span boolean true\r
+d-i partman-lvm/confirm boolean true\r
+d-i partman-lvm/confirm_nooverwrite boolean true\r
+d-i partman-md/device_remove_md boolean true\r
+d-i partman-md/confirm boolean true\r
+d-i partman-partitioning/confirm_write_new_label boolean true\r
+d-i partman/confirm boolean true\r
+d-i partman/confirm_nooverwrite boolean true\r
+d-i partman/default_filesystem string ext3\r
+d-i partman/mount_style select uuid\r
+d-i partman/confirm_write_changes_to_disks_and_configure_lvm boolean true\r
+d-i partman/choose_partition select Finish partitioning and write changes to disk\r
+d-i mdadm/boot_degraded boolean true\r
+d-i partman-auto-lvm/no_boot boolean true\r
+d-i partman-basicfilesystems/no_mount_point false\r
+d-i partman/filter_mounted boolean false\r
+d-i partman/unmount_active boolean false\r
--- /dev/null
+#if $str($getVar('anamon_enabled','')) == "1"\r
+\r
+## install anamon script\r
+ #if $getVar("compass_server", "") != ""\r
+wget -O /usr/local/sbin/anamon "http://$compass_server:$http_port/cobbler/aux/anamon"\r
+ #else\r
+wget -O /usr/local/sbin/anamon "http://$server:$http_port/cobbler/aux/anamon"\r
+ #end if\r
+## install anamon system service\r
+cat << EOF > /etc/init.d/anamon.init\r
+#raw\r
+#!/bin/bash\r
+## BEGIN INIT INFO\r
+# Provides: anamon.init\r
+# Default-Start: 3 5\r
+# Default-Stop: 0 1 2 4 6\r
+# Required-Start: $network\r
+# Short-Description: Starts the cobbler anamon boot notification program\r
+# Description: anamon runs the first time a machine is booted after\r
+# installation.\r
+## END INIT INFO\r
+\r
+#\r
+# anamon.init: Starts the cobbler post-install boot notification program\r
+#\r
+# chkconfig: 35 95 95\r
+#\r
+# description: anamon runs the first time a machine is booted after\r
+# installation.\r
+#\r
+#end raw\r
+cd /var/log/installer\r
+gunzip initial-status.gz\r
+cd -\r
+#if $getVar("compass_server","") != ""\r
+/usr/local/sbin/anamon --watchfile "/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status" --name $name --server $compass_server --port $http_port --exit\r
+#else\r
+/usr/local/sbin/anamon --watchfile "/var/log/installer/syslog /var/log/installer/hardware-summary /var/log/installer/initial-status /var/log/installer/status" --name $name --server $server --port $http_port --exit\r
+#end if\r
+update-rc.d -f anamon remove\r
+mv /etc/init.d/anamon.init /tmp/anamon.init\r
+EOF\r
+\r
+## adjust permissions\r
+chmod 755 /etc/init.d/anamon.init /usr/local/sbin/anamon\r
+test -d /selinux && restorecon /etc/init.d/anamon.init /usr/local/sbin/anamon\r
+\r
+## enable the script\r
+update-rc.d anamon.init defaults 95 95\r
+#end if\r
+\r
+## place start-up script for updating os state\r
+#if $getVar('compass_server', '') != ""\r
+ #set srv = $getVar('compass_server','')\r
+#else\r
+ #set srv = $getVar('server','')\r
+#end if\r
+cat << EOF > /etc/init.d/set_state\r
+#raw\r
+#!/bin/bash\r
+# Provides: set_state\r
+# Default-Start: 3 5\r
+# Default-Stop: 0 1 2 4 6\r
+# Required-Start: $network $ssh\r
+# Short-Description: Notifies the os installation is finished\r
+# Description: set_state runs the first time a machine is booted after\r
+# installation.\r
+#end raw\r
+wget -O /tmp/os_state --post-data='{"ready": true}' --header=Content-Type:application/json "http://$srv/api/hosts/${hostname}/state_internal"\r
+update-rc.d -f set_state remove\r
+mv /etc/init.d/set_state /tmp/set_state\r
+EOF\r
+\r
+## adjust permissions\r
+chmod 755 /etc/init.d/set_state\r
+test -d /selinux && restorecon /etc/init.d/set_state\r
+\r
+update-rc.d set_state defaults 99 99\r
+\r
+echo "compass_server=$server" >> /etc/compass.conf\r
--- /dev/null
+#set profile_name = $getVar('profile_name','')\r
+#set os_info = $profile_name.split('-')\r
+#set osname = $os_info[0].lower()\r
+#set osversion = $os_info[1]\r
+#set osversion_flat = $osversion.replace('.', '_')\r
+\r
+cat << EOF > /etc/apt/apt.conf\r
+APT::Get::Assume-Yes "true";\r
+APT::Get::force-yes "true";\r
+#if $getVar('proxy', '') != ''\r
+Acquire::http::Proxy "$proxy";\r
+#end if\r
+Acquire::http::Proxy::$http_server DIRECT;\r
+#if $getVar("local_repo","") != ""\r
+ #import urlparse\r
+ #set $local_repo_url = $urlparse.urlparse($local_repo)\r
+ #set $local_repo_server = $local_repo_url.hostname\r
+ #if $http_server != $local_repo_server\r
+Acquire::http::Proxy::${local_repo_server} DIRECT;\r
+ #end if\r
+#end if\r
+EOF\r
+\r
+\r
+#if $getVar("local_repo", "") == "" or $getVar("local_repo_only","1") == "0"\r
+ #set repos_snippet = 'apt.repos.d/%s/%s/preseed_repos' % ($osname, $osversion)\r
+$SNIPPET($repos_snippet)\r
+#end if\r
+\r
+#if $arch == "x86_64"\r
+ #set $rarch = "[arch=amd64]"\r
+#else\r
+ #set $rarch = "[arch=%s]" % $arch\r
+#end if\r
+\r
+rm -f /etc/apt/sources.list\r
+cat << EOF >> /etc/apt/sources.list\r
+deb ${rarch} $tree $os_version main restricted\r
+EOF\r
+\r
+cat << EOF >> /etc/apt/sources.list\r
+ #set $repo_data = $getVar("repo_data",[])\r
+ #for $repo in $repo_data\r
+ #for $dist in $repo.apt_dists\r
+ #set $comps = " ".join($repo.apt_components)\r
+ #if $repo.comment != ""\r
+# ${repo.comment}\r
+ #end if\r
+ #if $repo.mirror_locally\r
+deb ${rarch} http://$http_server/cblr/repo_mirror/${repo.name} $dist $comps\r
+ #else\r
+deb ${rarch} ${repo.mirror} $dist $comps\r
+ #end if\r
+ #end for\r
+ #end for\r
+EOF\r
+\r
+#if $getVar("local_repo","") != ""\r
+cat << EOF >> /etc/apt/sources.list\r
+#set compass_repo = 'apt.repos.d/%s/%s/ubuntu_repo' % ($osname, $osversion)\r
+deb ${rarch} $local_repo/$compass_repo/ local_repo main\r
+EOF\r
+\r
+ \r
+ #if $getVar("local_repo_only","1") != "0" \r
+apt-get -y update \r
+ #end if\r
+#end if\r
--- /dev/null
+#if $getVar('kernel_options_post','') != ''\r
+# Start post install kernel options update\r
+if [ -f /etc/default/grub ]; then\r
+ TMP_GRUB=\$(gawk 'match(\$0,/^GRUB_CMDLINE_LINUX="([^"]+)"/,a) {printf("%s\n",a[1])}' /etc/default/grub)\r
+ sed -i '/^GRUB_CMDLINE_LINUX=/d' /etc/default/grub\r
+ echo "GRUB_CMDLINE_LINUX=\"\$TMP_GRUB $kernel_options_post\"" >> /etc/default/grub\r
+ grub2-mkconfig -o /boot/grub2/grub.cfg\r
+else\r
+ /sbin/grubby --update-kernel=\$(/sbin/grubby --default-kernel) --args="$kernel_options_post"\r
+fi\r
+# End post install kernel options update\r
+#end if\r
+\r
+\r
--- /dev/null
+## Start post_install_network_config generated code\r
+#if $getVar('promisc_nics', '') != ""\r
+ #set promisc_interfaces = [promisc.strip() for promisc in $promisc_nics.split(',') if promisc.strip()]\r
+#else\r
+ #set promisc_interfaces = []\r
+#end if\r
+#if $hostname != ""\r
+# set the hostname\r
+echo "$hostname" > /etc/hostname\r
+/bin/hostname $hostname\r
+#end if\r
+\r
+#set osversion = $getVar("os_version","")\r
+\r
+$SNIPPET('preseed_hosts')\r
+\r
+#set $num_ns_search = $len($name_servers_search)\r
+#if $num_ns_search > 0\r
+sed -i -e "/^search /d" /etc/resolv.conf\r
+echo -n "search " >>/etc/resolv.conf\r
+ #for $nameserversearch in $name_servers_search\r
+echo -n "$nameserversearch " >>/etc/resolv.conf\r
+ #end for\r
+echo "" >>/etc/resolv.conf\r
+#end if\r
+\r
+#set $num_ns = $len($name_servers)\r
+#if $num_ns > 0\r
+sed -i -e "/^nameserver /d" /etc/resolv.conf\r
+ #for $nameserver in $name_servers\r
+echo "nameserver $nameserver" >>/etc/resolv.conf\r
+ #end for\r
+#end if\r
+\r
+echo '' > /tmp/network_log\r
+\r
+# get physical interfaces\r
+physical_interfaces=""\r
+for physical_interface in \$(ip -o link | cut -d: -f2 | grep -v lo); do\r
+ echo "processing physical interface \${physical_interface}" >> /tmp/network_log\r
+ if [ -z "\${physical_interfaces}" ]; then\r
+ physical_interfaces="\${physical_interface}"\r
+ else\r
+ physical_interfaces="\${physical_interfaces} \${physical_interface}"\r
+ fi\r
+ eval "physical_interface_\${physical_interface}=\${physical_interface}"\r
+done\r
+echo "physical interfaces: \${physical_interfaces}" >> /tmp/network_log\r
+\r
+# map physical interface to mac address\r
+mac_names=""\r
+for physical_interface in \${physical_interfaces}; do\r
+ set \$(ip link show \${physical_interface})\r
+#if $osversion == "trusty"\r
+ mac=\$(echo \$@ | cut -d' ' -f17)\r
+#else\r
+ mac=\$(echo \$@ | cut -d' ' -f13)\r
+#end if\r
+ mac_name=\$(echo \${mac} |tr 'a-z' 'A-Z' | tr ':' '_')\r
+ if [ -z "\${mac_name}" ]; then\r
+ mac_names="\${mac_name}"\r
+ else\r
+ mac_names="\${mac_names} \${mac_name}"\r
+ fi\r
+ echo "mapping physical interface \${physical_interface} to mac \${mac}" >> /tmp/network_log\r
+ eval "physical_interface_mac_\${physical_interface}=\$mac"\r
+ eval "physical_mac_interface_\${mac_name}=\${physical_interface}"\r
+ eval "mac_name_\${mac_name}=\$mac"\r
+done\r
+\r
+echo "list physical interfaces to mac" >> /tmp/network_log\r
+for physical_interface in \${physical_interfaces}; do\r
+ eval "mac=\\${physical_interface_mac_\${physical_interface}}"\r
+ echo "physical interface to mac: \${physical_interface} => \${mac}" >> /tmp/network_log\r
+done\r
+\r
+echo "list mac to physical interface mapping" >> /tmp/network_log\r
+for mac_name in \${mac_names}; do\r
+ eval "mac=\\${mac_name_\${mac_name}}"\r
+ eval "physical_interface=\\${physical_mac_interface_\${mac_name}}"\r
+ echo "mac to physical interface: \${mac} => \${physical_interface}" >> /tmp/network_log\r
+done\r
+\r
+logical_interfaces=""\r
+#set ikeys = $interfaces.keys()\r
+#import re\r
+#set $vlanpattern = $re.compile("([a-zA-Z0-9]+)[\.][0-9]+")\r
+#set $subinterfacepattern = $re.compile("([a-zA-Z0-9]+)[:][0-9]+")\r
+#set $numbondingdevs = 0\r
+#for $iname in $ikeys\r
+ #set $idata = $interfaces[$iname]\r
+ #set $mac = $idata.get("mac_address", "").upper()\r
+ #set $interface_type = $idata.get("interface_type", "").lower()\r
+ #if $interface_type in ("master","bond","bonded_bridge_slave")\r
+ #set $numbondingdevs += 1\r
+ #end if\r
+ #if $interface_type in ("master","bond","bridge","bonded_bridge_slave")\r
+ #continue\r
+ #end if\r
+ #if $vlanpattern.match($iname)\r
+ #set $interface_matched = $vlanpattern.match($iname)\r
+ #set $interface_name = $interface_matched.group(1)\r
+logical_interface=${interface_name}\r
+ #elif $subinterfacepattern.match($iname)\r
+ #set $interface_matched = $subinterfacepattern.match($iname)\r
+ #set $interface_name = $interface_matched.group(1)\r
+logical_interface=${interface_name}\r
+ #else\r
+logical_interface=$iname\r
+ #end if\r
+if [ -z "\${logical_interfaces}" ]; then\r
+ logical_interfaces="\${logical_interface}"\r
+else\r
+ logical_interfaces="\${logical_interfaces} \${logical_interface}"\r
+fi\r
+eval "logical_interface_\${logical_interface}=\${logical_interface}"\r
+ #if $mac != ""\r
+ #set mac_name = $mac.replace(':', '_')\r
+physical_interface=\${physical_mac_interface_${mac_name}}\r
+eval "logical_interface_mapping_\${logical_interface}=\${physical_interface}"\r
+if [ ! -z "\${physical_interface}" ]; then\r
+ eval "physical_interface_mapping_\${physical_interface}=\${logical_interface}"\r
+fi\r
+ #else\r
+eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"\r
+if [ -z "\${physical_interface}" ]; then\r
+ eval "logical_interface_mapping_\${logical_interface}="\r
+fi\r
+ #end if\r
+#end for\r
+\r
+echo "logical interfaces: \${logical_interfaces}" >> /tmp/network_log\r
+\r
+echo "finish mapping logical interfaces in network config to physical interfaces" >> /tmp/network_log\r
+for key in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${key}}"\r
+ echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log\r
+done\r
+for key in \${physical_interfaces}; do\r
+ eval "logical_interface=\\${physical_interface_mapping_\${key}}"\r
+ echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log\r
+done\r
+\r
+# map unmapped logical interface to the same name physical interface\r
+echo "mapping unmapped logical interfaces to the same name physical interfaces" >> /tmp/network_log\r
+for logical_interface in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"\r
+ if [ ! -z "\${physical_interface}" ]; then\r
+ echo "ignore logical interface \${logical_interface} where its physical interface is \${physical_interface}" >> /tmp/network_log\r
+ continue\r
+ fi\r
+ # check if the same name physical interface is mapped\r
+ eval "mapped_logical_interface=\\${physical_interface_mapping_\${logical_interface}}"\r
+ if [ ! -z "\${mapped_logical_interface}" ]; then\r
+ echo "ignore logical interface \${logical_interface} since the same name physical interface is mapped by logical interface \${mapped_logical_interface}" >> /tmp/network_log\r
+ continue\r
+ fi\r
+ # check if the same name physical interface exists\r
+ eval "mapped_logical_interface=\\${physical_interface_\${logical_interface}}"\r
+ if [ -z "\${mapped_logical_interface}" ]; then\r
+ echo "ignore logical interface \${logical_interface} since the same name physical interface does not exist" >> /tmp/network_log\r
+ continue\r
+ fi\r
+ eval "logical_interface_mapping_\${logical_interface}=\${logical_interface}"\r
+ eval "physical_interface_mapping_\${logical_interface}=\${logical_interface}"\r
+ echo "set logical interface \${logical_interface} to the same physical interface" >> /tmp/network_log\r
+done\r
+\r
+echo "finish mapping unmapped logical interfaces in network config to the same name physical interfaces" >> /tmp/network_log\r
+for key in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${key}}"\r
+ echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log\r
+done\r
+for key in \${physical_interfaces}; do\r
+ eval "logical_interface=\\${physical_interface_mapping_\${key}}"\r
+ echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log\r
+done\r
+\r
+\r
+unset_physical_interfaces=""\r
+echo "get unset physical interfaces from \${physical_interfaces}" >> /tmp/network_log\r
+for physical_interface in \${physical_interfaces}; do\r
+ eval "logical_interface=\\${physical_interface_mapping_\${physical_interface}}"\r
+ if [ ! -z "\${logical_interface}" ]; then\r
+ echo "physical interface \${physical_interface} is already set to \${logical_interface}" >> /tmp/network_log\r
+ continue\r
+ fi\r
+ if [ -z "\${unset_physical_interfaces}" ]; then\r
+ unset_physical_interfaces="\${physical_interface}"\r
+ else\r
+ unset_physical_interfaces="\${unset_physical_interfaces} \${physical_interface}"\r
+ fi\r
+ eval "unset_physical_interface_\${physical_interface}=\${physical_interface}"\r
+done\r
+echo "unset physical interfaces \${unset_physical_interfaces}" >> /tmp/network_log\r
+\r
+unset_logical_interfaces=""\r
+echo "get unset logical interfaces from \${logical_interfaces}" >> /tmp/network_log\r
+for logical_interface in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"\r
+ if [ ! -z "\${physical_interface}" ]; then\r
+ echo "logical interface \${logical_interface} is already set to \${physical_interface}" >> /tmp/network_log\r
+ continue\r
+ fi\r
+ if [ -z "\${unset_logical_interfaces}" ]; then\r
+ unset_logical_interfaces="\${logical_interface}"\r
+ else\r
+ unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}"\r
+ fi\r
+done\r
+echo "unset logical interfaces \${unset_logical_interfaces}" >> /tmp/network_log\r
+\r
+sorted_unset_physical_interfaces=\$(printf '%s\n' \${unset_physical_interfaces} | sort | xargs)\r
+echo "sorted unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log\r
+sorted_unset_logical_interfaces=\$(printf '%s\n' \${unset_logical_interfaces} | sort | xargs)\r
+echo "sorted unset logical interfaces \${sorted_unset_logical_interfaces}" >> /tmp/network_log\r
+\r
+# map unset logical interface to unset physical interface\r
+echo "map unset logical interfaces \${sorted_unset_logical_interfaces} to unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log\r
+unset_logical_interfaces=""\r
+for logical_interface in \${sorted_unset_logical_interfaces}; do\r
+ set \${sorted_unset_physical_interfaces}\r
+ physical_interface_num=\$#;\r
+ if [ \${physical_interface_num} -gt 0 ]; then\r
+ physical_interface=\$1\r
+ shift 1\r
+ sorted_unset_physical_interfaces="\$@"\r
+ echo "map unset logical interface \${logical_interface} to unset physical interface \${physical_interface}" >> /tmp/network_log\r
+ eval "physical_interface_mapping_\${physical_interface}=\${logical_interface}"\r
+ eval "logical_interface_mapping_\${logical_interface}=\${physical_interface}"\r
+ else\r
+ echo "remain unset logical interface \${logical_interface} since there is no remain unset physical interfaces" >> /tmp/network_log\r
+ if [ -z "\${unset_logical_interfaces}" ]; then\r
+ unset_logical_interfaces="\${logical_interface}"\r
+ else\r
+ unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}"\r
+ fi\r
+ fi\r
+done\r
+sorted_unset_logical_interfaces=\${unset_logical_interfaces}\r
+unset_physical_interfaces=\${sorted_unset_physical_interfaces}\r
+\r
+echo "finish mapping unmapped logical interfaces in network config to unmapped physical interfaces" >> /tmp/network_log\r
+for key in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${key}}"\r
+ echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log\r
+done\r
+for key in \${physical_interfaces}; do\r
+ eval "logical_interface=\\${physical_interface_mapping_\${key}}"\r
+ echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log\r
+done\r
+\r
+echo "unset physical interfaces \${sorted_unset_physical_interfaces}" >> /tmp/network_log\r
+echo "unset logical interfaces \${sorted_unset_logical_interfaces}" >> /tmp/network_log\r
+\r
+# map remaining unmapped logical interfaces\r
+echo "map remaining unmapped logical interfaces" >> /tmp/network_log\r
+if [ ! -z "\${sorted_unset_logical_interfaces}" ]; then\r
+ # get all available logical interfaces which the same name physical interface is not used\r
+ available_logical_interfaces=""\r
+ for logical_interface in \${logical_interfaces}; do\r
+ eval "mapped_logical_interface=\\${physical_interface_mapping_\${logical_interface}}"\r
+ if [ -z "\${mapped_logical_interface}" ]; then\r
+ eval "available_logical_interface_\${logical_interface}=\${logical_interface}"\r
+ if [ -z "\${available_logical_interfaces}" ]; then\r
+ available_logical_interfaces="\${logical_interface}"\r
+ else\r
+ available_logical_interfaces="\${available_logical_interfaces} \${logical_interface}"\r
+ fi\r
+ else\r
+ echo "ignore logical interface \${logical_interface} since the same name physical interface mapped to logical interface \${mapped_logical_interface}" >> /tmp/network_log\r
+ fi\r
+ done\r
+\r
+ # add extra logical interfaces name to physical interfaces\r
+ if [ -z "\${physical_interfaces}" ]; then\r
+ physical_interfaces="\${available_logical_interfaces}"\r
+ else\r
+ physical_interfaces="\${physical_interfaces} \${available_logical_interfaces}"\r
+ fi\r
+ echo "updated physical interfaces: \${physical_interfaces}" >> /tmp/network_log\r
+\r
+ #first map logical interface to the same name physical interface if that physical interface name is not used\r
+ unset_logical_interfaces=""\r
+ for logical_interface in \${sorted_unset_logical_interfaces}; do\r
+ eval "available_logical_interface=\\${available_logical_interface_\${logical_interface}}"\r
+ if [ ! -z "\${available_logical_interface}" ]; then\r
+ eval "physical_interface_mapping_\${available_logical_interface}=\${logical_interface}"\r
+ eval "logical_interface_mapping_\${logical_interface}=\${available_logical_interface}"\r
+ else\r
+ if [ -z "\${unset_logical_interfaces}" ]; then\r
+ unset_logical_interfaces="\${logical_interface}"\r
+ else\r
+ unset_logical_interfaces="\${unset_logical_interfaces} \${logical_interface}"\r
+ fi\r
+ fi\r
+ done\r
+ sorted_unset_logical_interfaces=\${unset_logical_interfaces}\r
+\r
+ # map remain unset logical interfaces to available logical interface names\r
+ for logical_interface in \${sorted_unset_logical_interfaces}; do\r
+ for available_logical_interface in \${available_logical_interfaces}; do\r
+ eval "mapped_logical_interface=\\${physical_interface_mapping_\${available_logical_interface}}"\r
+ if [ -z "\${mapped_logical_interface}" ]; then\r
+ eval "physical_interface_mapping_\${available_logical_interface}=\${logical_interface}"\r
+ eval "logical_interface_mapping_\${logical_interface}=\${available_logical_interface}"\r
+ break\r
+ fi\r
+ done\r
+ done\r
+fi\r
+unset_logical_interfaces=""\r
+sorted_unset_logical_interfaces=""\r
+\r
+echo "finish mapping ramaining unmapped logical interfaces" >> /tmp/network_log\r
+for key in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${key}}"\r
+ echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log\r
+done\r
+for key in \${physical_interfaces}; do\r
+ eval "logical_interface=\\${physical_interface_mapping_\${key}}"\r
+ echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log\r
+done\r
+\r
+# map remaining unmapped physical interfaces\r
+echo "map remaining unmapped physical interfaces" >> /tmp/network_log\r
+if [ ! -z "\${sorted_unset_physical_interfaces}" ]; then\r
+ # get all available physical interfaces which the same name logical interface is not used\r
+ available_physical_interfaces=""\r
+ for physical_interface in \${physical_interfaces}; do\r
+ eval "mapped_physical_interface=\\${logical_interface_mapping_\${physical_interface}}"\r
+ if [ -z "\${mapped_physical_interface}" ]; then\r
+ eval "available_physical_interface_\${physical_interface}=\${physical_interface}"\r
+ if [ -z "\${available_physical_interfaces}" ]; then\r
+ available_physical_interfaces="\${physical_interface}"\r
+ else\r
+ available_physical_interfaces="\${available_physical_interfaces} \${physical_interface}"\r
+ fi\r
+ else\r
+ echo "ignore physical interface \${physical_interface} since the same name logical interface mapped to physical interface \${mapped_physical_interface}" >> /tmp/network_log\r
+ fi\r
+ done\r
+\r
+ # add extra physical interfaces name to logical interfaces\r
+ if [ -z "\${logical_interfaces}" ]; then\r
+ logical_interfaces="\${available_physical_interfaces}"\r
+ else\r
+ logical_interfaces="\${logical_interfaces} \${available_physical_interfaces}"\r
+ fi\r
+ echo "updated logical interfaces: \${logical_interfaces}" >> /tmp/network_log\r
+\r
+ #first map physical interface to the same name logical interface if that logical interface name is not used\r
+ unset_physical_interfaces=""\r
+ for physical_interface in \${sorted_unset_physical_interfaces}; do\r
+ eval "available_physical_interface=\\${available_physical_interface_\${physical_interface}}"\r
+ if [ ! -z "\${available_physical_interface}" ]; then\r
+ eval "logical_interface_mapping_\${available_physical_interface}=\${physical_interface}"\r
+ eval "physical_interface_mapping_\${physical_interface}=\${available_physical_interface}"\r
+ else\r
+ if [ -z "\${unset_physical_interfaces}" ]; then\r
+ unset_physical_interfaces="\${physical_interface}"\r
+ else\r
+ unset_physical_interfaces="\${unset_physical_interfaces} \${physical_interface}"\r
+ fi\r
+ fi\r
+ done\r
+ sorted_unset_physical_interfaces=\${unset_physical_interfaces}\r
+\r
+ # map remain unset physical interfaces to logical interface name as available physical interface names\r
+ for physical_interface in \${sorted_unset_physical_interfaces}; do\r
+ for available_physical_interface in \${available_physical_interfaces}; do\r
+ eval "mapped_physical_interface=\\${logical_interface_mapping_\${available_physical_interface}}"\r
+ if [ -z "\${mapped_physical_interface}" ]; then\r
+ eval "logical_interface_mapping_\${available_physical_interface}=\${physical_interface}"\r
+ eval "physical_interface_mapping_\${physical_interface}=\${available_physical_interface}"\r
+ break\r
+ fi\r
+ done\r
+ done\r
+fi\r
+unset_physical_interfaces=""\r
+sorted_unset_physical_interfaces=""\r
+\r
+echo "finish mapping ramaining unmapped physical interfaces" >> /tmp/network_log\r
+for key in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${key}}"\r
+ echo "map logical interface \${key} to physical interface \${physical_interface}" >> /tmp/network_log\r
+done\r
+for key in \${physical_interfaces}; do\r
+ eval "logical_interface=\\${physical_interface_mapping_\${key}}"\r
+ echo "map physical interface \${key} to logical interface \${logical_interface}" >> /tmp/network_log\r
+done\r
+\r
+for key in \${logical_interfaces}; do\r
+ eval "physical_interface=\\${logical_interface_mapping_\${key}}"\r
+ if [ ! -z "\${physical_interface}" ]; then\r
+ eval "physical_mac=\\${physical_interface_mac_\${physical_interface}}"\r
+ else\r
+ physical_mac=""\r
+ fi\r
+ if [ ! -z "\${physical_mac}" ]; then\r
+ physical_mac=\$(echo \${physical_mac} | tr 'A-Z' 'a-z')\r
+ echo "SUBSYSTEM==\"net\", ACTION==\"add\", DRIVERS==\"?*\", ATTR{address}==\"\${physical_mac}\", ATTR{type}==\"1\", KERNEL==\"eth*\", NAME=\"\$key\"" >> /etc/udev/rules.d/70-persistent-net.rules.new\r
+ echo "add network interface \$key mac \${physical_mac} into udev rules" >> /tmp/network_log\r
+ else\r
+ echo "network interface \$key does not find mac address to add to udev rules" >> /tmp/network_log\r
+ fi\r
+done\r
+\r
+#if $numbondingdevs > 0\r
+# we have bonded interfaces, so set max_bonds\r
+if [ -f "/etc/modprobe.conf" ]; then\r
+ echo "options bonding max_bonds=$numbondingdevs" >> /etc/modprobe.conf\r
+fi\r
+#end if\r
+\r
+## =============================================================================\r
+## Rewrite the interfaces file and make sure we preserve the loopback device\r
+echo "auto lo" > /etc/network/interfaces\r
+echo " iface lo inet loopback" >> /etc/network/interfaces\r
+echo "" >> /etc/network/interfaces\r
+\r
+#set $nameserver_set = 0\r
+\r
+#for $iname in $ikeys\r
+ #set $idata = $interfaces[$iname]\r
+ #set $mac = $idata.get("mac_address", "").upper()\r
+ #set $iface_type = $idata.get("interface_type", "").lower()\r
+ #set $mtu = $idata.get("mtu", "")\r
+ #set $static = $idata.get("static", "")\r
+ #set $management = $idata.get("management", "")\r
+ #set $ip = $idata.get("ip_address", "")\r
+ #set $netmask = $idata.get("netmask", "")\r
+ #set $if_gateway = $idata.get("if_gateway", "")\r
+ #set $static_routes = $idata.get("static_routes", "")\r
+ #set $iface_master = $idata.get("interface_master", "")\r
+ #set $bonding_opts = $idata.get("bonding_opts", "")\r
+ #set $bridge_opts = $idata.get("bridge_opts", "")\r
+\r
+used_logical_interface_$iname=$iname\r
+\r
+ #if $iface_type in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")\r
+ #set $static = 1\r
+ #end if \r
+echo "auto $iname" >> /etc/network/interfaces\r
+\r
+ #if $static\r
+echo "iface $iname inet static" >> /etc/network/interfaces\r
+ #else\r
+echo "iface $iname inet dhcp" >> /etc/network/interfaces\r
+ #end if\r
+\r
+ #if $iface_type not in ("master","bond","bridge","bonded_bridge_slave")\r
+ #if $vlanpattern.match($iname)\r
+ #pass\r
+ #else\r
+ #set $interface_matched = $subinterfacepattern.match($iname)\r
+ #if $interface_matched\r
+ #set $interface_name = $interface_matched.group(1)\r
+logical_interface=$interface_name\r
+ #else\r
+logical_interface=$iname\r
+ #end if\r
+eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"\r
+if [ ! -z "\${physical_interface}" ]; then\r
+ eval "physical_mac=\\${physical_interface_mac_\${physical_interface}}"\r
+fi\r
+if [ ! -z "\${physical_mac}" ]; then\r
+ echo " hwaddress ether \${physical_mac}" >> /etc/network/interfaces\r
+fi\r
+ #if not $subinterfacepattern.match($iname)\r
+if [ -f "/etc/modprobe.conf" ] && [ ! -z "\${physical_interface}" ]; then\r
+ grep \${physical_interface} /etc/modprobe.conf | sed "s/\${physical_interface}/$iname/" >> /etc/modprobe.conf.cobbler\r
+ grep -v \${physical_interface} /etc/modprobe.conf >> /etc/modprobe.conf.new\r
+ rm -f /etc/modprobe.conf\r
+ mv /etc/modprobe.conf.new /etc/modprobe.conf\r
+fi\r
+ #end if\r
+ #end if\r
+ #end if\r
+\r
+ #if $iface_type in ("master","bond","bonded_bridge_slave")\r
+ ## if this is a bonded interface, configure it in modprobe.conf\r
+if [ -f "/etc/modprobe.conf" ]; then\r
+ #if $osversion == "rhel4"\r
+ echo "install $iname /sbin/modprobe bonding -o $iname $bonding_opts" >> /etc/modprobe.conf.cobbler\r
+ #else\r
+ echo "alias $iname bonding" >> /etc/modprobe.conf.cobbler\r
+ #end if\r
+fi\r
+ #set $bondslaves = ""\r
+ #for $bondiname in $ikeys\r
+ #set $bondidata = $interfaces[$bondiname]\r
+ #set $bondiface_type = $bondidata.get("interface_type", "").lower()\r
+ #set $bondiface_master = $bondidata.get("interface_master", "")\r
+ #if $bondiface_master == $iname\r
+ #set $bondslaves += $bondiname + " "\r
+ #end if\r
+ #end for\r
+echo " bond-slaves $bondslaves" >> /etc/network/interfaces\r
+\r
+ #if $bonding_opts != ""\r
+ #for $bondopts in $bonding_opts.split(" ")\r
+ #set [$bondkey, $bondvalue] = $bondopts.split("=")\r
+echo " bond-$bondkey $bondvalue" >> /etc/network/interfaces\r
+ #end for\r
+ #end if\r
+ #elif $iface_type in ("slave","bond_slave") and $iface_master != ""\r
+echo " bond-master $iface_master" >> /etc/network/interfaces\r
+ #end if\r
+\r
+ #if $iface_type == "bridge"\r
+ #set $bridgeslaves = ""\r
+ #for $bridgeiname in $ikeys\r
+ #set $bridgeidata = $interfaces[$bridgeiname]\r
+ #set $bridgeiface_type = $bridgeidata.get("interface_type", "").lower()\r
+ #set $bridgeiface_master = $bridgeidata.get("interface_master", "")\r
+ #if $bridgeiface_master == $iname\r
+ #set $bridgeslaves += $bridgeiname + " "\r
+ #end if\r
+ #end for\r
+echo " bridge_ports $bridgeslaves" >> /etc/network/interfaces\r
+ #if $bridge_opts != ""\r
+ #for $bridgeopts in $bridge_opts.split(" ")\r
+ #set [$bridgekey, $bridgevalue] = $bridgeopts.split("=")\r
+echo " bridge_$bridgekey $bridgevalue" >> /etc/network/interfaces\r
+ #end for\r
+ #end if\r
+ #elif $iface_type in ["bridge_slave", "bonded_bridge_slave"] and $iface_master != ""\r
+ #pass\r
+ #end if\r
+\r
+ #if $static\r
+ #if $iname in $promisc_interfaces\r
+echo " address 0.0.0.0" >> /etc/network/interfaces\r
+echo " up ip link set $iname up" >> /etc/network/interfaces\r
+echo " up ip link set $iname promisc on" >> /etc/network/interfaces\r
+echo " down ip link set $iname promisc off" >> /etc/network/interfaces\r
+echo " down ip link set $iname down" >> /etc/network/interfaces\r
+ #elif $ip != ""\r
+echo " address $ip" >> /etc/network/interfaces\r
+ #if $netmask == ""\r
+ ## Default to 255.255.255.0?\r
+ #set $netmask = "255.255.255.0"\r
+ #end if\r
+echo " netmask $netmask" >> /etc/network/interfaces\r
+ #import netaddr\r
+ #set interface_network = $netaddr.IPNetwork('%s/%s' % ($ip, $netmask))\r
+ #set interface_network_str = $str($interface_network)\r
+ #if $if_gateway != ""\r
+echo " gateway $if_gateway" >> /etc/network/interfaces\r
+ #elif $gateway != ""\r
+ #set gateway_address = $netaddr.IPAddress($gateway)\r
+ #if $gateway_address in $interface_network\r
+echo " gateway $gateway" >> /etc/network/interfaces\r
+ #end if\r
+ #end if\r
+ #end if\r
+ #else\r
+ #pass\r
+ #end if\r
+\r
+ #if $mtu != ""\r
+echo " mtu $mtu" >> /etc/network/interfaces\r
+ #end if\r
+\r
+ #if not $nameserver_set\r
+ #if $iface_type not in ("slave","bond_slave","bridge_slave","bonded_bridge_slave")\r
+ #set $nameservers = ' '.join($name_servers)\r
+ #set $nameserver_search = ' '.join($name_servers_search)\r
+ #if $nameservers != ""\r
+echo " dns-nameservers $nameservers" >> /etc/network/interfaces\r
+ #end if\r
+ #if $nameserver_search != ""\r
+echo " dns-search $nameserver_search" >> /etc/network/interfaces\r
+ #end if\r
+ #set $nameserver_set = 1\r
+ #end if\r
+ #end if\r
+\r
+ #for $route in $static_routes\r
+ #set routepattern = $re.compile("[0-9/.]+:[0-9.]+")\r
+ #if $routepattern.match($route)\r
+ #set [$network, $router] = $route.split(":")\r
+echo " up ip route add $network via $router dev $iname" >> /etc/network/interfaces\r
+ #else\r
+echo " # Warning: invalid route: $route" >> /etc/network/interfaces\r
+ #end if\r
+ #end for\r
+\r
+echo "" >> /etc/network/interfaces\r
+#end for\r
+\r
+for logical_interface in \${logical_interfaces}; do\r
+ eval "used_logical_interface=\\${used_logical_interface_\${logical_interface}}"\r
+ if [ ! -z "\${used_logical_interface}" ]; then\r
+ # ignore logical interface that is already generated in above\r
+ echo "ignore used logical interface \${logical_interface}" >> /tmp/network_log\r
+ continue\r
+ fi\r
+ echo "add logical interface \${logical_interface} into network config since it is not set above" >> /tmp/network_log\r
+ eval "physical_interface=\\${logical_interface_mapping_\${logical_interface}}"\r
+ if [ ! -z "\${physical_interface}" ]; then\r
+ echo "auto \${logical_interface}" >> /etc/network/interfaces\r
+ echo "iface \${logical_interface} inet static" >> /etc/network/interfaces\r
+ eval "mac=\\${physical_interface_mac_\${physical_interface}}"\r
+ if [ ! -z "\$mac" ]; then\r
+ echo " hwaddress ether \${mac}" >> /etc/network/interfaces\r
+ fi\r
+ echo "" >> /etc/network/interfaces\r
+ if [ -f "/etc/modprobe.conf" ] && [ ! -z "\${physical_interface}" ]; then\r
+ grep \${physical_interface} /etc/modprobe.conf | sed "s/\${physical_interface}/\${logical_interface}/" >> /etc/modprobe.conf.cobbler\r
+ grep -v \${physical_interface} /etc/modprobe.conf >> /etc/modprobe.conf.new\r
+ rm -f /etc/modprobe.conf\r
+ mv /etc/modprobe.conf.new /etc/modprobe.conf\r
+ fi\r
+ fi\r
+done\r
+\r
+if [ -f "/etc/modprobe.conf" ]; then\r
+ cat /etc/modprobe.conf.cobbler >> /etc/modprobe.conf\r
+ rm -f /etc/modprobe.conf.cobbler\r
+fi\r
+if [ -f "/etc/udev/rules.d/70-persistent-net.rules" ]; then\r
+ rm -f /etc/udev/rules.d/70-persistent-net.rules\r
+fi\r
+if [ -f "/etc/udev/rules.d/70-persistent-net.rules.new" ]; then\r
+ mv /etc/udev/rules.d/70-persistent-net.rules.new /etc/udev/rules.d/70-persistent-net.rules\r
+fi\r
+## End post_install_network_config generated code \r
--- /dev/null
+partitions=\$(pvs --noheadings --separator :| cut -d: -f1,2)\r
+vg_remove=0\r
+remove_partitions=''\r
+echo "partitions \$partitions" >> /tmp/post_partition.log\r
+\r
+for partition in \$partitions; do\r
+ set \$(echo \$partition | tr ':' ' ')\r
+ partition=\$1\r
+ vg=\$2\r
+ if [ "\$vg" = "reserved" ]; then\r
+ echo "prepare remove partition \$partition" >> /tmp/post_partition.log\r
+ remove_partitions="\${remove_partitions} \$partition"\r
+ vg_remove=1\r
+ else\r
+ echo "ignore \$vg since it is not reserved" >> /tmp/post_partition.log\r
+ fi\r
+done\r
+\r
+if [ "\${vg_remove}" != "0" ]; then\r
+ vgremove -f reserved\r
+fi\r
+\r
+for remove_partition in \${remove_partitions}; do\r
+ echo "remove pv \${remove_partition}" >> /tmp/post_partition.log\r
+ pvremove -ff -y \${remove_partition}\r
+ set \$(echo \${remove_partition} | sed -e 's/^\(.*\)\([0-9]\+\)\$/\1 \2/g')\r
+ partition_disk=\$1\r
+ partition_number=\$2\r
+ if [ ! -z "\${partition_disk}" ]; then\r
+ if [ ! -z "\${partition_number}" ]; then\r
+ echo "remove partition \${remove_partition} on \${partition_disk} number \${partition_number}" >> /tmp/post_partition.log \r
+ parted \${partition_disk} --script -- rm \${partition_number}\r
+ else\r
+ echo "no partition number found for \${remove_partition}" >> /tmp/post_partition.log\r
+ fi\r
+ else\r
+ echo "no partition disk found for \${remove_partition}" >> /tmp/post_partition.log\r
+ fi\r
+done\r
--- /dev/null
+#if $str($getVar('anamon_enabled','')) == "1"\r
+wget -O /tmp/anamon "http://$server:$http_port/cobbler/aux/anamon"\r
+## python /tmp/anamon --name "$name" --watchfiles "/var/log/syslog /var/log/partman /var/log/hareware_summary /var/log/status /tmp/preseed.log" --server "$server" --port "$http_port"\r
+#end if\r
--- /dev/null
+#if $getVar("system_name","") != ""\r
+ #if $getVar('management_nic', '') == ""\r
+ #set $management_nic=''\r
+ #end if\r
+echo "generate pre network config" > /tmp/network_log\r
+# Start pre_install_network_config generated code\r
+#raw\r
+# generic functions to be used later for discovering NICs\r
+mac_exists() {\r
+ if type ip; then\r
+ ip -o link | grep -i "$1" 2>/dev/null >/dev/null\r
+ return $?\r
+ elif type esxcfg-nics; then\r
+ esxcfg-nics -l | grep -i "$1" 2>/dev/null >/dev/null\r
+ return $?\r
+ else\r
+ ifconfig -a | grep -i "$1" 2>/dev/null >/dev/null\r
+ return $?\r
+ fi\r
+}\r
+get_ifname() {\r
+ if type ip; then\r
+ IFNAME=$(ip -o link | grep -i "$1" | sed -e 's/^[0-9]*: //' -e 's/:.*//')\r
+ elif type esxcfg-nics; then\r
+ IFNAME=$(esxcfg-nics -l | grep -i "$1" | cut -d " " -f 1)\r
+ else\r
+ IFNAME=$(ifconfig -a | grep -i "$1" | cut -d " " -f 1)\r
+ if [ -z "$IFNAME" ]; then\r
+ IFNAME=$(ifconfig -a | grep -i -B 2 "$1" | sed -n '/flags/s/:.*$//p')\r
+ fi\r
+ fi\r
+}\r
+#end raw\r
+ #set ikeys = $interfaces.keys()\r
+ #for $iname in $ikeys\r
+ #set $idata = $interfaces[$iname]\r
+ #set $management = $idata["management"]\r
+ #if $management\r
+ #set $management_nic = $iname\r
+ #end if\r
+ #end for\r
+ #for $iname in $ikeys\r
+ #set $idata = $interfaces[$iname]\r
+ #set $mac = $idata["mac_address"]\r
+ #set $static = $idata["static"]\r
+ #set $management = $idata["management"]\r
+ #set $ip = $idata["ip_address"]\r
+ #set $netmask = $idata["netmask"]\r
+ #set $iface_type = $idata["interface_type"]\r
+ #set $iface_master = $idata["interface_master"]\r
+ #set $static_routes = $idata["static_routes"]\r
+ #if $management_nic != ''\r
+ #if $iname != $management_nic\r
+ #continue\r
+ #end if\r
+ #end if\r
+ #if $mac == ""\r
+ #continue\r
+ #end if\r
+# Configuring $iname ($mac)\r
+if mac_exists $mac; then\r
+ get_ifname $mac\r
+ echo "d-i netcfg/choose_interface string \$IFNAME" >> /tmp/pre_install_network_config\r
+ #if $static and $ip != ""\r
+ echo "d-i netcfg/get_ipaddress string $ip" >> /tmp/pre_install_network_config\r
+ #if $netmask == ""\r
+ #set $netmask = "255.255.255.0"\r
+ #end if\r
+ echo "d-i netcfg/get_netmask string $netmask" >> /tmp/pre_install_network_config\r
+ #else\r
+ #continue\r
+ #end if\r
+fi\r
+ #end for\r
+#end if\r
--- /dev/null
+#set hostname=$getVar('hostname',None)\r
+#set partition = $getVar('partition', None)\r
+#set partition_size = $getVar('partition_size', None)\r
+#set partition_maxsize = $getVar('partition_maxsize', None)\r
+#set disk_reserve_size = $getVar('disk_reserve_size', None)\r
+#set disk_max_size = $getVar('disk_max_size', None)\r
+#set default_disk_reserve_size = $getVar('default_disk_reserve_size', '0')\r
+#set default_disk_max_size = $getVar('default_disk_max_size', '0')\r
+\r
+#if $hostname == None\r
+#set $vgname = "VolGroup00"\r
+#else\r
+#set $vgname = $hostname.split('.')[0]\r
+#end if\r
+\r
+echo "partman early script" >> /tmp/preseed.log\r
+if [ -e /dev/disk/by-path ]; then\r
+ set \$(ls -s -l /dev/disk/by-path | tr -s '\t' ' ' | cut -d' ' -f11,13)\r
+ disk_mapping_nums=\$((\$#/2))\r
+ disk_mapping_offset=0\r
+ echo "disk_mapping_nums: \$disk_mapping_nums" >> /tmp/preseed.log\r
+ echo "disk_mapping: \$@" >> /tmp/preseed.log\r
+ disk_mapping=""\r
+ disk_path_mapping=""\r
+ while [ \$disk_mapping_offset -lt \$disk_mapping_nums ]; do\r
+ found_disk_type=0\r
+#if $getVar('disk_type_only','') != ""\r
+ if expr match "\$1" ".*-${disk_type_only}-.*"; then\r
+ found_disk_type=1\r
+ fi\r
+#else\r
+ found_disk_type=1\r
+#end if\r
+ path_name=\$(basename \$1)\r
+ disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')\r
+ disk_name=\$(basename \$2)\r
+ disk_mapping_offset=\$((\${disk_mapping_offset}+1))\r
+ shift 2\r
+\r
+ if [ \$found_disk_type -gt 0 ]; then\r
+ if [ -z "\${disk_mapping}" ]; then\r
+ disk_mapping="\${disk_name}"\r
+ else\r
+ disk_mapping="\${disk_mapping} \${disk_name}"\r
+ fi\r
+ if [ -z "\${disk_path_mapping}" ]; then\r
+ disk_path_mapping="\${disk_path_name}"\r
+ else\r
+ disk_path_mapping="\${disk_path_mapping} \${disk_path_name}"\r
+ fi\r
+ eval "disk_\${disk_name}=/dev/disk/by-path/\${path_name}"\r
+ eval "disk_\${disk_path_name}=/dev/disk/by-path/\${path_name}"\r
+ eval "disk_path_\${disk_path_name}=/dev/\${disk_name}"\r
+ eval "disk_path_\${disk_name}=/dev/\${disk_name}"\r
+ else\r
+ eval "ignore_disk_\${disk_name}=/dev/disk/by-path/\${path_name}"\r
+ eval "ignore_disk_\${disk_path_name}=/dev/disk/by-path/\${path_name}"\r
+ eval "ignore_disk_path_\${disk_path_name}=/dev/\${disk_name}"\r
+ eval "ignore_disk_path_\${disk_name}=/dev/\${disk_name}"\r
+ fi\r
+ done\r
+\r
+ for key in \${disk_mapping}; do\r
+ eval "disk_path=\\${disk_\$key}"\r
+ echo "disk_mapping \$key => \${disk_path}" >> /tmp/preseed.log\r
+ done\r
+\r
+ for key in \${disk_path_mapping}; do\r
+ eval "disk=\\${disk_path_\$key}"\r
+ echo "disk path mapping \$key => \${disk}" >> /tmp/preseed.log\r
+ done\r
+else\r
+ echo "/dev/disk/by-path does not exist" >> /tmp/preseed.log\r
+fi\r
+\r
+partition_disks=""\r
+disks=""\r
+for disk in \$(list-devices disk); do\r
+ disk_name=\$(basename \$disk)\r
+ eval "disk_path=\\${disk_\${disk_name}}" \r
+ if [ -z "\${disk_path}" ]; then\r
+ eval "ignore_disk_path=\\${ignore_disk_\${disk_name}}"\r
+ if [ ! -z "\${ignore_disk_path}" ]; then\r
+ echo "ignore disk \${disk_name} since it is not in disk_mapping" >> /tmp/preseed.log\r
+ continue\r
+ else\r
+ echo "did not found disk path for \$disk but it is not ignored" >> /tmp/preseed.log\r
+ eval "disk_\${disk_name}=/dev/\${disk_name}"\r
+ eval "disk_path_\${disk_name}=/dev/\${disk_name}"\r
+ fi\r
+ fi\r
+ found_disk=0\r
+\r
+#if $getVar('partitions_only','') != ""\r
+ #for $partition_only in $partitions_only.split(',')\r
+ #if not $partition_only\r
+ #continue\r
+ #end if\r
+ if expr match "\${disk_name}" "$partition_only"; then\r
+ found_disk=1\r
+ else\r
+ echo "disk \${disk_name} does not match $partition_only" >> /tmp/preseed.log\r
+ fi\r
+ #end for\r
+#else\r
+ found_disk=1\r
+#end if\r
+\r
+#if $getVar('partition_by_path', '0') != "0"\r
+ eval "disk=\\${disk_\${disk_name}}"\r
+#end if\r
+\r
+ if [ \$found_disk -gt 0 ]; then\r
+ echo "add disk \${disk} in partitioning list" >> /tmp/preseed.log\r
+ if [ -z "\${partition_disks}" ]; then\r
+ partition_disks="\${disk}"\r
+ else\r
+ partition_disks="\${partition_disks} \${disk}"\r
+ fi\r
+ fi\r
+ if [ -z "\$disks" ]; then\r
+ disks="\${disk}"\r
+ else\r
+ disks="\${disks} \${disk}"\r
+ fi\r
+done\r
+echo "partition disks: \${partition_disks}" >> /tmp/preseed.log\r
+echo "disks \${disks}" >> /tmp/preseed.log\r
+\r
+#if $getVar('sort_disks', '0') != "0"\r
+sorted_disks=\$(printf '%s\n' \${partition_disks} | sort)\r
+#else\r
+sorted_disks=\${partition_disks}\r
+#end if\r
+echo "sorted disks \${sorted_disks}" >> /tmp/preseed.log\r
+\r
+#if $getVar('start_from_disk', '') != ""\r
+ #set $start_from_disk = $int($start_from_disk)\r
+ #if $start_from_disk > 0\r
+ #set $disk_start_offset = $start_from_disk - 1\r
+ #else\r
+ #set $disk_start_offset = 0\r
+ #end if\r
+set \${sorted_disks}\r
+shift $disk_start_offset\r
+sorted_disks=\$@\r
+echo "sorted disks begin from the $start_from_disk: \${sorted_disks}" >> /tmp/preseed.log\r
+#end if\r
+\r
+#if $getVar('disk_num', '') != ""\r
+set \${sorted_disks}\r
+sorted_disks=\$(printf '%s\n' \$@ | head -n${disk_num})\r
+echo "sorted disks for $disk_num disks: \${sorted_disks}" >> /tmp/preseed.log\r
+#end if\r
+\r
+first_disk=""\r
+for disk in \${sorted_disks}; do\r
+ if [ -z "\${first_disk}" ]; then\r
+ first_disk=\${disk}\r
+ break\r
+ fi\r
+done\r
+echo "first disk \${first_disk}" >> /tmp/preseed.log\r
+\r
+#if $getVar('keep_old_partitions', '0') != "0"\r
+for disk in \${sorted_disks}; do\r
+ dd if=/dev/zero of=\${disk} bs=512 count=1\r
+done\r
+remove_disks=\${sorted_disks}\r
+#else\r
+for disk in \$disks; do\r
+ dd if=/dev/zero of=\$disk bs=512 count=1\r
+done\r
+remove_disks=\${disks}\r
+#end if\r
+echo "remove disks \${remove_disks}" >> /tmp/preseed.log\r
+\r
+disk_partitions=\$(pvs --noheadings --separator :| cut -d: -f1)\r
+remove_partitions=""\r
+remove_vgs=""\r
+for disk_partition in \${disk_partitions}; do\r
+ vg=\$(pvs --noheadings --separator : \${disk_partition} | cut -d: -f2)\r
+ remove_vg=""\r
+ remove_partition=""\r
+ for remove_disk in \${remove_disks}; do\r
+#if $getVar('partition_by_path', '0') != "0"\r
+ path_name=\$(basename \${remove_disk})\r
+ disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')\r
+ remove_disk_path=\${remove_disk}\r
+ eval "remove_disk=\\${disk_path_\${disk_path_name}}"\r
+#else\r
+ disk_name=\$(basename \${remove_disk})\r
+ eval "remove_disk_path=\\${disk_\${disk_name}}"\r
+#end if\r
+ if [ -z "\${remove_disk}" ]; then\r
+ continue\r
+ fi\r
+ if [ -z "\${remove_disk_path}" ]; then\r
+ continue\r
+ fi\r
+ if expr match "\${disk_partition}" "\${remove_disk_path}.*"; then\r
+ remove_vg="\$vg"\r
+ remove_partition="\${disk_partition}"\r
+ else\r
+ echo "partition \${disk_partition} does not match \${remove_disk_path}.*" >> /tmp/preseed.log\r
+ fi\r
+ if expr match "\${disk_partition}" "\${remove_disk}.*"; then\r
+ remove_vg="\$vg"\r
+ remove_partition="\${disk_partition}"\r
+ else\r
+ echo "partition \${disk_partition} does not match \${remove_disk}.*" >> /tmp/preseed.log\r
+ fi\r
+ if [[ "\$vg" == "$vgname" ]]; then\r
+ remove_vg="\$vg"\r
+ remove_partition="\${disk_partition}"\r
+ fi\r
+ done\r
+ if [ ! -z "\${remove_vg}" ]; then\r
+ if [ -z "\${remove_vgs}" ]; then\r
+ remove_vgs="\${remove_vg}"\r
+ else\r
+ vg_removed=0\r
+ for vg in \${remove_vgs}; do\r
+ if [[ "\$vg" == "\${remove_vg}" ]]; then\r
+ vg_removed=1\r
+ fi\r
+ done\r
+ if [ \${vg_removed} -eq 0 ]; then\r
+ remove_vgs="\${remove_vgs} \${remove_vg}"\r
+ fi\r
+ fi\r
+ fi\r
+ if [ ! -z "\${remove_partition}" ]; then\r
+ if [ -z "\${remove_partitions}" ]; then\r
+ remove_partitions="\${remove_partition}"\r
+ else\r
+ pv_removed=0\r
+ for pv in ${remove_partitions}; do\r
+ if [[ "\$pv" == "\${remove_partition}" ]]; then\r
+ pv_removed=1\r
+ fi\r
+ done\r
+ if [ \${pv_removed} -eq 0 ]; then\r
+ remove_partitions="\${remove_partitions} \${remove_partition}"\r
+ fi\r
+ fi\r
+ fi\r
+done\r
+\r
+echo "remove vgs \${remove_vgs}" >> /tmp/preseed.log\r
+for remove_vg in \${remove_vgs}; do\r
+ vgremove -f \${remove_vg}\r
+done\r
+\r
+echo "remove partitions \${remove_partitions} from \${remove_vgs}" >> /tmp/preseed.log\r
+for remove_partition in \${remove_partitions}; do\r
+ pvremove -ff -y \${remove_partition}\r
+done\r
+\r
+echo "remove disks \${remove_disks}" >> /tmp/preseed.log\r
+\r
+partition_disks=""\r
+#if $getVar('keep_old_partitions', '0') != "0"\r
+for disk in \${sorted_disks}; do\r
+#else\r
+for disk in \${disks}; do\r
+#end if\r
+ if [ -z "\${partition_disks}" ]; then\r
+ partition_disks="\${disk}"\r
+ else\r
+ partition_disks="\${partition_disks} \${disk}"\r
+ fi\r
+done\r
+\r
+partition_disks_str=\$(echo \${partition_disks} | tr ' ' ',')\r
+echo "d-i partman-auto/select_disks multiselect \${partition_disks_str}" >> /tmp/part-include\r
+echo "d-i partman-auto/disk string \${partition_disks}" >> /tmp/part-include\r
+echo "disks \${partition_disks}" >> /tmp/preseed.log\r
+\r
+default_partition=$getVar('default_partition', '/')\r
+partition_fstype=$getVar('partition_fstype', 'ext3')\r
+\r
+echo "default partition \${default_partition}" >> /tmp/preseed.log\r
+echo "partition fstype \${partition_fstype}" >> /tmp/preseed.log\r
+\r
+#if $disk_reserve_size != None\r
+ #set disk_sizes = [disk_size.strip() for disk_size in $disk_reserve_size.split(';') if disk_size.strip()]\r
+ #for disk_and_size in $disk_sizes\r
+ #set disk_name, size = $disk_and_size.split(' ', 1)\r
+ #set disk_name = $disk_name.strip()\r
+ #if $size.endswith('K')\r
+ #set disk_size = $int($size[:-1]) / 1000\r
+ #elif $size.endswith('M')\r
+ #set disk_size = $int($size[:-1])\r
+ #elif $size.endswith('G')\r
+ #set disk_size = $int($size[:-1]) * 1000\r
+ #elif $size.endswith('T')\r
+ #set disk_size = $int($size[:-1]) * 1000000\r
+ #else\r
+ #set disk_size = $int($size)\r
+ #end if\r
+reserve_disk_size_${disk_name}=${disk_size}\r
+ #end for\r
+#end if\r
+\r
+#if $default_disk_reserve_size.endswith('K')\r
+ #set disk_size = $int($default_disk_reserve_size[:-1]) / 1000\r
+#elif $default_disk_reserve_size.endswith('M')\r
+ #set disk_size = $int($default_disk_reserve_size[:-1])\r
+#elif $default_disk_reserve_size.endswith('G')\r
+ #set disk_size = $int($default_disk_reserve_size[:-1]) * 1000\r
+#elif $default_disk_reserve_size.endswith('T')\r
+ #set disk_size = $int($default_disk_reserve_size[:-1]) * 1000000\r
+#else\r
+ #set disk_size = $int($default_disk_reserve_size)\r
+#end if\r
+default_reserve_disk_size=${disk_size}\r
+\r
+#if $disk_max_size != None\r
+ #set disk_sizes = [disk_size.strip() for disk_size in $disk_max_size.split(';') if disk_size.strip()]\r
+ #for disk_and_size in $disk_sizes\r
+ #set disk_name, size = $disk_and_size.split(' ', 1)\r
+ #set disk_name = $disk_name.strip()\r
+ #if $size.endswith('K')\r
+ #set disk_size = $int($size[:-1]) / 1000\r
+ #elif $size.endswith('M')\r
+ #set disk_size = $int($size[:-1])\r
+ #elif $size.endswith('G')\r
+ #set disk_size = $int($size[:-1]) * 1000\r
+ #elif $size.endswith('T')\r
+ #set disk_size = $int($size[:-1]) * 1000000\r
+ #else\r
+ #set disk_size = $int($size)\r
+ #end if\r
+max_disk_size_${disk_name}=${disk_size}\r
+ #end for\r
+#end if\r
+\r
+#if $default_disk_max_size.endswith('K')\r
+ #set disk_size = $int($default_disk_max_size[:-1]) / 1000\r
+#elif $default_disk_max_size.endswith('M')\r
+ #set disk_size = $int($default_disk_max_size[:-1])\r
+#elif $default_disk_max_size.endswith('G')\r
+ #set disk_size = $int($default_disk_max_size[:-1]) * 1000\r
+#elif $default_disk_max_size.endswith('T')\r
+ #set disk_size = $int($default_disk_max_size[:-1]) * 1000000\r
+#else\r
+ #set disk_size = $int($default_disk_max_size)\r
+#end if\r
+default_max_disk_size=${disk_size}\r
+\r
+partition_names=""\r
+default_partition_name=""\r
+#if $partition != None\r
+ #set vol_sizes = [part.strip() for part in $partition.split(';') if part.strip()]\r
+ #for vol_and_size in vol_sizes\r
+ #set vol, vol_size = $vol_and_size.split(' ', 1)\r
+ #set vol = $vol.strip()\r
+ #if $vol == '/'\r
+ #set volname = 'root'\r
+ #elif $vol == 'swap'\r
+ #set volname = 'swap'\r
+ #elif $vol.startswith('/')\r
+ #set volname = $vol[1:].replace('/', '_')\r
+ #else\r
+# $vol is not starts with /\r
+ #continue\r
+ #end if\r
+if [ -z "\${partition_names}" ]; then\r
+ partition_names="$volname"\r
+else\r
+ partition_names="\$partition_names $volname"\r
+fi\r
+if [[ "$vol" == "\$default_partition" ]]; then\r
+ default_partition_name=$volname\r
+fi\r
+partition_point_$volname=$vol\r
+ #set vol_size = $vol_size.strip()\r
+ #if $vol_size.endswith('%')\r
+ #set vol_percent = $vol_size[:-1]\r
+partition_percentage_$volname=$vol_percent\r
+ #else\r
+ #if $vol_size.endswith('K')\r
+ #set vol_min_size = $int($vol_size[:-1]) / 1000\r
+ #elif $vol_size.endswith('M')\r
+ #set vol_min_size = $int($vol_size[:-1])\r
+ #elif $vol_size.endswith('G')\r
+ #set vol_min_size = $int($vol_size[:-1]) * 1000\r
+ #elif $vol_size.endswith('T')\r
+ #set vol_min_size = $int($vol_size[:-1]) * 1000000\r
+ #else\r
+ #set vol_min_size = $int($vol_size)\r
+ #end if\r
+partition_size_$volname=$vol_min_size\r
+ #end if\r
+ #end for\r
+#end if\r
+\r
+#if $partition_size != None\r
+ #set vol_sizes = [part.strip() for part in $partition_size.split(';') if part.strip()]\r
+ #for vol_and_size in $vol_sizes\r
+ #set vol, vol_size = $vol_and_size.split(' ', 1)\r
+ #set vol = $vol.strip()\r
+ #if $vol == '/'\r
+ #set volname = 'root'\r
+ #elif $vol == 'swap'\r
+ #set volname = 'swap'\r
+ #elif $vol.startswith('/')\r
+ #set volname = $vol[1:].replace('/', '_')\r
+ #else\r
+# $vol is not starts with /\r
+ #continue\r
+ #end if\r
+ #if $vol_size.endswith('K')\r
+ #set vol_min_size = $int($vol_size[:-1]) / 1000\r
+ #elif $vol_size.endswith('M')\r
+ #set vol_min_size = $int($vol_size[:-1])\r
+ #elif $vol_size.endswith('G')\r
+ #set vol_min_size = $int($vol_size[:-1]) * 1000\r
+ #elif $vol_size.endswith('T')\r
+ #set vol_min_size = $int($vol_size[:-1]) * 1000000\r
+ #else\r
+ #set vol_min_size = $int($vol_size)\r
+ #end if\r
+partitions_size_$volname=${vol_min_size}\r
+ #end for\r
+#end if\r
+\r
+#if $partition_maxsize != None\r
+ #set vol_sizes = [part.strip() for part in $partition_maxsize.split(';') if part.strip()]\r
+ #for vol_and_size in $vol_sizes\r
+ #set vol, vol_size = $vol_and_size.split(' ', 1)\r
+ #set vol = $vol.strip()\r
+ #if $vol == '/'\r
+ #set volname = 'root'\r
+ #elif $vol == 'swap'\r
+ #set volname = 'swap'\r
+ #elif $vol.startswith('/')\r
+ #set volname = $vol[1:].replace('/', '_')\r
+ #else\r
+# $vol is not starts with /\r
+ #continue\r
+ #end if\r
+ #if $vol_size.endswith('K')\r
+ #set vol_max_size = $int($vol_size[:-1]) / 1000\r
+ #elif $vol_size.endswith('M')\r
+ #set vol_max_size = $int($vol_size[:-1])\r
+ #elif $vol_size.endswith('G')\r
+ #set vol_max_size = $int($vol_size[:-1]) * 1000\r
+ #elif $vol_size.endswith('T')\r
+ #set vol_max_size = $int($vol_size[:-1]) * 1000000\r
+ #else\r
+ #set vol_max_size = $int($vol_size)\r
+ #end if\r
+partition_maxsize_$volname=${vol_max_size}\r
+ #end for\r
+#end if\r
+\r
+echo "finish partition mapping" >> /tmp/preseed.log\r
+for key in \${partition_names}; do\r
+ eval "mountpoint=\\${partition_point_\$key}"\r
+ echo "partition names \$key => \${mountpoint}" >> /tmp/preseed.log\r
+ eval "partition_percentage=\\${partition_percentage_\$key}"\r
+ echo "partition percentage \$key => \${partition_percentage}" >> /tmp/preseed.log\r
+ eval "partition_size=\\${partition_size_\$key}"\r
+ echo "partition size \$key => \${partition_size}" >> /tmp/preseed.log\r
+ eval "partition_max_size=\\${partition_max_size_\$key}"\r
+ echo "partition max size \$key => \${partition_max_size}" >> /tmp/preseed.log\r
+done\r
+\r
+\r
+if [ -z "\${default_partition_name}" ]; then\r
+ default_partition_name=root\r
+fi\r
+\r
+default_partition_percentage=100\r
+for key in \${partition_names}; do\r
+ if [[ "\$key" == "\${default_partition_name}" ]]; then\r
+ continue\r
+ fi\r
+ if [[ "\$key" == "swap" ]]; then\r
+ continue\r
+ fi\r
+ eval "partition_percentage=\\${partition_percentage_\$key}"\r
+ if [ ! -z "\${partition_percentage}" ]; then\r
+ if [ \${default_partition_percentage} -gt \${partition_percentage} ]; then\r
+ default_partition_percentage=\$((\${default_partition_percentage}-\${partition_percentage}))\r
+ else\r
+ default_partition_percentage=0\r
+ fi\r
+ fi\r
+done\r
+eval "partition_percentage_\${default_partition_name}=\${default_partition_percentage}"\r
+\r
+if [ -z "\${partition_point_boot}" ]; then\r
+ partition_point_boot="/boot"\r
+ if [ -z "\${partition_names}" ]; then\r
+ partition_names="boot"\r
+ else\r
+ partition_names="\${partition_names} boot"\r
+ fi\r
+fi\r
+\r
+if [ -z "\${partition_size_boot}" ]; then\r
+ partition_size_boot=500\r
+fi\r
+\r
+if [ -z "\${partition_maxsize_boot}" ]; then\r
+ partition_maxsize_boot=\$partition_size_boot\r
+fi\r
+\r
+if [ -z "\${first_disk}" ]; then\r
+ first_disk=/dev/sda\r
+fi\r
+\r
+#if $getVar('keep_old_partitions', '0') != "0"\r
+echo "d-i grub-installer/with_other_os boolean true" >> /tmp/part-include\r
+#else\r
+echo "d-i grub-installer/only_debian boolean true" >> /tmp/part-include\r
+#end if\r
+\r
+echo "d-i grub-installer/bootdev string \${first_disk}" >> /tmp/part-include\r
+echo "setup bootloader on disk \${first_disk}" >> /tmp/preseed.log\r
+\r
+partition_param_boot="\${partition_fstype} \\r
+\\$primary{ } \\$bootable{ } method{ format } \\r
+format{ } use_filesystem{ } filesystem{ \${partition_fstype} } \\r
+mountpoint{ /boot } device{ \${first_disk} } \\r
+"\r
+\r
+if [ -z "\${partition_point_swap}" ]; then\r
+ partition_point_swap="swap"\r
+ if [ -z "\${partition_names}" ]; then\r
+ partition_names="swap"\r
+ else\r
+ partition_names="\${partition_names} swap"\r
+ fi\r
+fi\r
+\r
+if [ -z "\${partition_size_swap}" ]; then\r
+ partition_size_swap=256\r
+fi\r
+\r
+if [ -z "\${partition_percentage_swap}" ]; then\r
+ partition_percentage_swap=10\r
+fi\r
+\r
+if [ -z "\${partition_maxsize_swap}" ]; then\r
+ partition_maxsize_swap=200%\r
+fi\r
+\r
+partition_param_swap="linux-swap \\r
+\\$primary{ } method{ swap } format{ } \\r
+device{ \${first_disk} } \\r
+"\r
+\r
+if [ -z "\${partition_point_root}" ]; then\r
+ partition_point_root="/"\r
+ if [ -z "\${partition_names}" ]; then\r
+ partition_names="root"\r
+ else\r
+ partition_names="\$partition_names root"\r
+ fi\r
+fi\r
+\r
+recipe="boot-root ::"\r
+bios_partition_param="free method{ biosgrub } \\r
+\\$primary{ } device{ \${first_disk} } \\r
+"\r
+recipe="\$recipe 1 1 1 \${bios_partition_param} ."\r
+\r
+for key in \${partition_names}; do\r
+ eval "partition=\\${partition_point_\$key}"\r
+ echo "partition \$partition => \$key" >> /tmp/preseed.log\r
+ eval "partition_percentage=\\${partition_percentage_\$key}"\r
+ if [ -z "\${partition_percentage}" ]; then\r
+ partition_percentage=0\r
+ fi\r
+ echo "partition percentage \$partition => \${partition_percentage}" >> /tmp/preseed.log\r
+ eval "partition_size=\\${partition_size_\$key}"\r
+ if [ -z "\${partition_size}" ]; then\r
+ partition_size=1\r
+ fi\r
+ echo "partition size \$partition => \${partition_size}" >> /tmp/preseed.log\r
+ if [ \${partition_percentage} -ne 0 ]; then\r
+ partition_factor="\${partition_size}+\${partition_percentage}%"\r
+ else\r
+ partition_factor="\${partition_size}"\r
+ fi\r
+ echo "partition factor \$partition => \${partition_factor}" >> /tmp/preseed.log\r
+ eval "partition_maxsize=\\${partition_maxsize_\$key}"\r
+ if [ -z \${partition_maxsize} ]; then\r
+ partition_maxsize=-1\r
+ fi\r
+ echo "partition maxsize \$partition => \${partition_maxsize}" >> /tmp/preseed.log\r
+ eval "partition_param=\\${partition_param_\$key}"\r
+ if [ -z "\${partition_param}" ]; then\r
+ partition_param="\${partition_fstype} \\r
+\\$lvmok{ } method{ format } format{ } \\r
+use_filesystem{ } filesystem{ \${partition_fstype} } \\r
+in_vg{ $vgname } lv_name{ \${key}vol } \\r
+mountpoint{ \$partition }"\r
+ fi\r
+ echo "partition param \$partition => \${partition_param}" >> /tmp/preseed.log\r
+ recipe="\$recipe \${partition_size} \${partition_factor} \${partition_maxsize} \${partition_param} ." \r
+done\r
+\r
+for disk in \${sorted_disks}; do\r
+#if $getVar('partition_by_path', '0') != "0"\r
+ path_name=\$(basename \${disk})\r
+ disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')\r
+ eval "path_disk=\\${disk_path_\${disk_path_name}}"\r
+ disk_name=\$(basename \${path_disk})\r
+#else\r
+ disk_name=\$(basename \$disk)\r
+#end if\r
+ eval "used_disk_\${disk_name}=\$disk"\r
+ echo "add disk \$disk into disks" >> /tmp/preseed.log\r
+ eval "max_disk_size=\\${max_disk_size_\${disk_name}}"\r
+ if [ -z "\${max_disk_size}" ]; then\r
+ max_disk_size=\${default_max_disk_size}\r
+ fi\r
+ echo "disk \${disk} max disk size \${max_disk_size}" >> /tmp/preseed.log\r
+ if [ \${max_disk_size} -gt 0 ]; then\r
+ maxsize_param=\${max_disk_size}\r
+ else\r
+ maxsize_param=-1\r
+ fi\r
+ disk_param="\${partition_fstype} \\r
+\\$defaultignore{ } device{ \${disk} } \\r
+method{ lvm } vg_name{ $vgname }"\r
+ recipe="\$recipe 512 512+100% \${maxsize_param} \${disk_param} ."\r
+ echo "partition param \${disk_name} => \${disk_param}" >> /tmp/preseed.log\r
+ eval "reserve_disk_size=\\${reserve_disk_size_\${disk_name}}"\r
+ if [ -z "\${reserve_disk_size}" ]; then\r
+ reserve_disk_size=\${default_reserve_disk_size}\r
+ fi\r
+ echo "disk \${disk} reserve disk size \${reserve_disk_size}" >> /tmp/preseed.log\r
+ if [ \${reserve_disk_size} -gt 0 ]; then\r
+ reserve_disk_param="\${partition_fstype} \\r
+\\$defaultignore{ } device{ \${disk} } \\r
+method{ lvm } vg_name{ reserved }"\r
+ recipe="\$recipe \${reserve_disk_size} \${reserve_disk_size} \${reserve_disk_size} \${reserve_disk_param} ."\r
+ echo "reserve partition param \${disk_name} => \${reserve_disk_param}" >> /tmp/preseed.log\r
+ fi\r
+done\r
+\r
+\r
+#if $getVar('keep_old_partitions', '0') == "0"\r
+for disk in \$disks; do\r
+#if $getVar('partition_by_path', '0') != "0"\r
+ path_name=\$(basename \${disk})\r
+ disk_path_name=\$(echo \${path_name} | tr '-' '_' | tr ':' '_' | tr '.' '_')\r
+ eval "path_disk=\\${disk_path_\${disk_path_name}}"\r
+ disk_name=\$(basename \${path_disk})\r
+#else\r
+ disk_name=\$(basename \$disk)\r
+#end if\r
+ eval "used_disk=\\${used_disk_\${disk_name}}"\r
+ if [ -z "\${used_disk}" ]; then\r
+ reserve_disk_param="\${partition_fstype} \\r
+\\$defaultignore{ } device{ \${disk} } \\r
+method{ lvm } vg_name{ reserved }"\r
+ recipe="\$recipe 512 512+100% -1 \${reserve_disk_param} ."\r
+ echo "reserve partition param \${disk_name} => \${reserve_disk_param}" >> /tmp/preseed.log\r
+ fi\r
+done\r
+#end if\r
+\r
+echo "d-i partman-auto/expert_recipe string \$recipe" >> /tmp/part-include\r
+echo "d-i partman-auto/choose_recipe select boot-root" >> /tmp/part-include\r
+## echo "d-i partman-lvm/vgcreate string $vgname" >> /tmp/part-include\r
+## echo "d-i partman-auto-lvm/new_vg_name string $vgname" >> /tmp/part-include\r
--- /dev/null
+cat << EOL > /etc/rsyslog.conf\r
+\#\#\#\# MODULES \#\#\#\##\r
+ \r
+\\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)\r
+\\$ModLoad imfile\r
+\r
+\\$WorkDirectory /var/spool/rsyslog\r
+\\$ActionQueueType LinkedList\r
+\\$ActionQueueFileName srvrfwd\r
+\\$ActionResumeRetryCount -1\r
+\\$ActionQueueSaveOnShutDown on\r
+#if $getVar("compass_server", "") != ""\r
+\# *.* @@$compass_server:514\r
+#else\r
+\# *.* @@$server:514\r
+#end if\r
+\r
+\# Provides UDP syslog reception\r
+\#\\$ModLoad imudp\r
+\#\\$UDPServerRun 514\r
+\r
+\# Provides TCP syslog reception\r
+\\$ModLoad imtcp\r
+\\$InputTCPServerRun 514\r
+#set system_name = $getVar('system_name','')\r
+\\$LocalHostName $system_name\r
+\r
+\#\#\#\# GLOBAL DIRECTIVES \#\#\#\##\r
+\r
+\# Use default timestamp format\r
+\\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat\r
+\r
+\# File syncing capability is disabled by default. This feature is usually not required,\r
+\# not useful and an extreme performance hit\r
+\#\\$ActionFileEnableSync on\r
+\r
+\# Include all config files in /etc/rsyslog.d/\r
+\\$IncludeConfig /etc/rsyslog.d/*.conf\r
+\r
+\r
+\#\#\#\# RULES \#\#\#\##\r
+\r
+\# Log anything (except mail) of level info or higher.\r
+\# Don't log private authentication messages!\r
+syslog.*,daemon.* /var/log/messages\r
+\r
+\# The authpriv file has restricted access.\r
+authpriv.* /var/log/secure\r
+\r
+\# Log all the mail messages in one place.\r
+mail.* -/var/log/maillog\r
+\r
+\# Log cron stuff\r
+cron.* /var/log/cron\r
+\r
+\# Everybody gets emergency messages\r
+*.emerg *\r
+\r
+\# Save news errors of level crit and higher in a special file.\r
+uucp,news.crit /var/log/spooler\r
+\r
+\# Save boot messages also to boot.log\r
+local7.* /var/log/boot.log\r
+\r
+EOL\r
+\r
+update-rc.d rsyslog defaults 12 88\r
--- /dev/null
+d-i pkgsel/include string ntp ssh openssh-server wget vim\r
--- /dev/null
+d-i pkgsel/include string ntp ssh wget chef\r
--- /dev/null
+sed -i 's/PermitRootLogin.*/PermitRootLogin yes/g' /etc/ssh/sshd_config\r
+#set ssh_keys = $getVar("push_ssh_keys", "/root/.ssh/id_rsa.pub")\r
+#if $ssh_keys != ""\r
+ #set user_name = $getVar("username", "root")\r
+ #if $user_name == "root"\r
+ #set home = "/root"\r
+ #else\r
+ #set home = "/home/%s" % $user_name\r
+ #end if\r
+mkdir -p $home/.ssh\r
+\r
+chmod 700 -R $home/.ssh\r
+ #set $firstline = True\r
+ #for $ssh_key in $ssh_keys.split(',')\r
+ #if not $ssh_key\r
+ #continue\r
+ #end if\r
+ #try\r
+ #set $f = $open($ssh_key)\r
+ #if firstline\r
+cat << EOF > $home/.ssh/authorized_keys\r
+ #echo $f.read()\r
+EOF\r
+ #else\r
+cat << EOF >> $home/.ssh/authorized_keys\r
+ #echo $f.read()\r
+EOF\r
+ #end if\r
+ #set $firstline = False\r
+ #silent $f.close()\r
+ #except\r
+# failed to read from $ssh_key\r
+ #end try\r
+ #end for\r
+chmod 600 $home/.ssh/authorized_keys\r
+#end if\r
--- /dev/null
+cat << EOF > /etc/sysctl.conf\r
+#raw\r
+# Kernel sysctl configuration file for Red Hat Linux\r
+#\r
+# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and\r
+# sysctl.conf(5) for more details.\r
+\r
+# Controls IP packet forwarding\r
+net.ipv4.ip_forward = 0\r
+\r
+# Controls source route verification\r
+net.ipv4.conf.default.rp_filter = 1\r
+\r
+# Do not accept source routing\r
+net.ipv4.conf.default.accept_source_route = 0\r
+\r
+# Controls the System Request debugging functionality of the kernel\r
+kernel.sysrq = 0\r
+\r
+# Controls whether core dumps will append the PID to the core filename.\r
+# Useful for debugging multi-threaded applications.\r
+kernel.core_uses_pid = 1\r
+\r
+# Controls the use of TCP syncookies\r
+net.ipv4.tcp_syncookies = 1\r
+\r
+# Controls the default maxmimum size of a mesage queue\r
+kernel.msgmnb = 65536\r
+\r
+# Controls the maximum size of a message, in bytes\r
+kernel.msgmax = 65536\r
+\r
+# Controls the maximum shared segment size, in bytes\r
+kernel.shmmax = 68719476736\r
+\r
+# Controls the maximum number of shared memory segments, in pages\r
+kernel.shmall = 4294967296\r
+\r
+# increase TCP max buffer size settable using setsockopt()\r
+net.core.rmem_max = 16777216\r
+net.core.wmem_max = 16777216 \r
+\r
+# increase Linux autotuning TCP buffer limit \r
+net.ipv4.tcp_rmem = 4096 87380 16777216\r
+net.ipv4.tcp_wmem = 4096 65536 16777216\r
+\r
+# increase the length of the processor input queue\r
+net.core.netdev_max_backlog = 30000\r
+net.ipv4.tcp_max_syn_backlog = 4096\r
+\r
+# recommended default congestion control is htcp \r
+net.ipv4.tcp_congestion_control=htcp\r
+\r
+# recommended for hosts with jumbo frames enabled\r
+net.ipv4.tcp_mtu_probing=1\r
+\r
+# increase client parallel connections\r
+net.ipv4.ip_local_port_range = 15000 61000\r
+net.ipv4.tcp_fin_timeout=30\r
+\r
+# fast cycling of sockets in time_wait state and re-using them\r
+net.ipv4.tcp_tw_recycle = 1\r
+net.ipv4.tcp_tw_reuse = 1 \r
+\r
+# increase the maximum number of requests queued to a listen socket\r
+net.core.somaxconn = 8192\r
+\r
+# avoid caching tcp network transfer statistics \r
+net.ipv4.route.flush=1\r
+#end raw\r
+EOF\r
+sysctl -p\r
--- /dev/null
+<proxy>\r
+ <enabled config:type="boolean">true</enabled>\r
+ <ftp_proxy></ftp_proxy>\r
+ <http_proxy>$proxy</http_proxy>\r
+ <https_proxy></https_proxy>\r
+ <no_proxy>localhost, 127.0.0.1</no_proxy>\r
+ <proxy_password></proxy_password>\r
+ <proxy_user></proxy_user>\r
+</proxy>\r
--- /dev/null
+#if $str($getVar('puppet_auto_setup','')) == "1"\r
+puppet\r
+#end if\r
+\r
--- /dev/null
+# start puppet registration \r
+#if $str($getVar('puppet_auto_setup','')) == "1"\r
+# generate puppet certificates and trigger a signing request, but\r
+# don't wait for signing to complete\r
+#if $int($getVar('puppet_version',2)) >= 3\r
+/usr/bin/puppet agent --test --waitforcert 0 #echo (($str($getVar('puppet_server','')) != '') and "--server '"+$str($getVar('puppet_server',''))+"'" or '')\r
+#else\r
+/usr/sbin/puppetd --test --waitforcert 0 #echo (($str($getVar('puppet_server','')) != '') and "--server '"+$str($getVar('puppet_server',''))+"'" or '')\r
+#end if\r
+\r
+# turn puppet service on for reboot\r
+/sbin/chkconfig puppet on\r
+\r
+#end if\r
+# end puppet registration\r
--- /dev/null
+# begin Red Hat management server registration\r
+#if $redhat_management_type != "off" and $redhat_management_key != ""\r
+mkdir -p /usr/share/rhn/\r
+ #if $redhat_management_type == "site"\r
+ #set $mycert_file = "RHN-ORG-TRUSTED-SSL-CERT"\r
+ #set $mycert = "/usr/share/rhn/" + $mycert_file\r
+wget http://$redhat_management_server/pub/RHN-ORG-TRUSTED-SSL-CERT -O $mycert \r
+perl -npe 's/RHNS-CA-CERT/$mycert_file/g' -i /etc/sysconfig/rhn/* \r
+ #end if\r
+ #if $redhat_management_type == "hosted"\r
+ #set $mycert = "/usr/share/rhn/RHNS-CA-CERT"\r
+ #end if \r
+ #set $endpoint = "https://%s/XMLRPC" % $redhat_management_server\r
+rhnreg_ks --serverUrl=$endpoint --sslCACert=$mycert --activationkey=$redhat_management_key\r
+#else\r
+# not configured to register to any Red Hat management server (ok)\r
+#end if\r
+# end Red Hat management server registration\r
--- /dev/null
+# Repository Config\r
+#set $repo_data = $getVar("repo_data",[])\r
+#for $repo in $repo_data\r
+<listentry>\r
+ #if $repo.mirror_locally\r
+ <media_url>http://$http_server/cobbler/repo_mirror/${repo.name}</media_url>\r
+ #else\r
+ <media_url>${repo.mirror}</media_url>\r
+ #end if\r
+ <product>${repo.name}</product>\r
+ <product_dir>/</product_dir>\r
+ <ask_on_error config:type="boolean">false</ask_on_error>\r
+ <name>${repo.name}</name> \r
+</listentry>\r
+#end for\r
+\r
+\r
--- /dev/null
+if [ "$os_version" == "sles11" ]; then\r
+ nvsetenv boot-device "$(cat /root/inst-sys/boot-device.bak)"\r
+elif [ "$os_version" == "fedora17" ]; then\r
+ # must be run from a %post --nochroot section\r
+ nvsetenv boot-device "$(cat /tmp/boot-device.bak)"\r
+fi\r
--- /dev/null
+# begin Red Hat Network certificate-based server registration\r
+#if $redhat_management_type == "cert" and $redhat_register_user != "" and $redhat_register_password != ""\r
+# Subscribe (register) the system\r
+subscription-manager register --autosubscribe --username=$redhat_register_user --password=$redhat_register_password\r
+# Add what used to be called channels\r
+yum -y install yum-utils\r
+yum-config-manager --enable rhel-6-server-optional-rpms\r
+yum-config-manager --enable rhel-6-server-supplementary\r
+#else\r
+# not configured to use Certificate-based RHN (ok)\r
+#end if\r
+# end Red Hat Network certificate-based server registration\r
--- /dev/null
+<file>\r
+ <file_path>/etc/rsyslog.conf</file_path>\r
+ <file_contents>\r
+<![CDATA[\r
+\#\#\#\# MODULES \#\#\#\##\r
+ \r
+\$ModLoad imuxsock # provides support for local system logging (e.g. via logger command)\r
+\$ModLoad imfile\r
+\r
+\$WorkDirectory /var/spool/rsyslog\r
+\$ActionQueueType LinkedList\r
+\$ActionQueueFileName srvrfwd\r
+\$ActionResumeRetryCount -1\r
+\$ActionQueueSaveOnShutDown on\r
+#if $getVar("compass_server", "") != ""\r
+\# *.* @@$compass_server:514\r
+#else\r
+\# *.* @@$server:514\r
+#end if\r
+\r
+\# Provides UDP syslog reception\r
+\#\$ModLoad imudp\r
+\#\$UDPServerRun 514\r
+\r
+\# Provides TCP syslog reception\r
+\$ModLoad imtcp\r
+\$InputTCPServerRun 514\r
+#set system_name = $getVar('system_name','')\r
+\$LocalHostName $system_name\r
+\r
+\#\#\#\# GLOBAL DIRECTIVES \#\#\#\##\r
+\r
+\# Use default timestamp format\r
+\$ActionFileDefaultTemplate RSYSLOG_TraditionalFileFormat\r
+\r
+\# File syncing capability is disabled by default. This feature is usually not required,\r
+\# not useful and an extreme performance hit\r
+\#\$ActionFileEnableSync on\r
+\r
+\# Include all config files in /etc/rsyslog.d/\r
+\$IncludeConfig /etc/rsyslog.d/*.conf\r
+\r
+\r
+\#\#\#\# RULES \#\#\#\##\r
+\r
+\# Log anything (except mail) of level info or higher.\r
+\# Don't log private authentication messages!\r
+syslog.*,daemon.* /var/log/messages\r
+\r
+\# The authpriv file has restricted access.\r
+authpriv.* /var/log/secure\r
+\r
+\# Log all the mail messages in one place.\r
+mail.* -/var/log/maillog\r
+\r
+\# Log cron stuff\r
+cron.* /var/log/cron\r
+\r
+\# Everybody gets emergency messages\r
+*.emerg *\r
+\r
+\# Save news errors of level crit and higher in a special file.\r
+uucp,news.crit /var/log/spooler\r
+\r
+\# Save boot messages also to boot.log\r
+local7.* /var/log/boot.log\r
+]]>\r
+ </file_contents>\r
+ <file_owner>root.root</file_owner>\r
+ <file_permissions>600</file_permissions>\r
+</file>\r
--- /dev/null
+if [ "$os_version" == "sles11" ]; then\r
+ nvram --print-config=boot-device > /root/boot-device.bak\r
+elif [ "$os_version" == "fedora17" ]; then\r
+ nvram --print-config=boot-device > /tmp/boot-device.bak\r
+fi\r
--- /dev/null
+ <package>chef</package>\r
+\r
--- /dev/null
+#set ssh_keys = $getVar("push_ssh_keys", "/root/.ssh/id_rsa.pub")\r
+#if $ssh_keys != ""\r
+ #set user_name = $getVar("username", "root")\r
+ #if $user_name == "root"\r
+ #set home = "/root"\r
+ #else\r
+ #set home = "/home/%s" % $user_name\r
+ #end if\r
+<file>\r
+ <file_path>$home/.ssh/authorized_keys</file_path>\r
+ <file_owner>${user_name}.${user_name}</file_owner>\r
+ <file_permissions>600</file_permissions>\r
+ <file_script>\r
+ <interpreter>shell</interpreter>\r
+ <source>\r
+<![CDATA[\r
+\#!/bin/bash\r
+mkdir -p $home/.ssh\r
+chmod 700 -R $home/.ssh\r
+ #set $firstline = True\r
+ #for $ssh_key in $ssh_keys.split(',') \r
+ #if not $ssh_key\r
+ #continue\r
+ #end if\r
+ #try\r
+ #set f = $open($ssh_key)\r
+ #if $firstline\r
+cat << EOL > $home/.ssh/authorized_keys\r
+ #echo $f.read()\r
+EOL\r
+ #else\r
+cat << EOL >> $home/.ssh/authorized_keys\r
+ #echo $f.read()\r
+EOL\r
+ #end if\r
+ #set $firstline = False\r
+ #silent $f.close()\r
+ #except\r
+# failed to read from $ssh_key\r
+ #end try\r
+ #end for\r
+]]>\r
+ </source>\r
+ </file_script>\r
+</file>\r
+#end if\r
--- /dev/null
+<file>\r
+ <file_path>/etc/ssh/sshd_config</file_path>\r
+ <file_contents>\r
+<![CDATA[\r
+#raw\r
+# The strategy used for options in the default sshd_config shipped with\r
+# OpenSSH is to specify options with their default value where\r
+# possible, but leave them commented. Uncommented options override the\r
+# default value.\r
+\r
+#Port 22\r
+#AddressFamily any\r
+#ListenAddress 0.0.0.0\r
+#ListenAddress ::\r
+\r
+# The default requires explicit activation of protocol 1\r
+#Protocol 2\r
+\r
+# HostKey for protocol version 1\r
+#HostKey /etc/ssh/ssh_host_key\r
+# HostKeys for protocol version 2\r
+#HostKey /etc/ssh/ssh_host_rsa_key\r
+#HostKey /etc/ssh/ssh_host_dsa_key\r
+#HostKey /etc/ssh/ssh_host_ecdsa_key\r
+\r
+# Lifetime and size of ephemeral version 1 server key\r
+#KeyRegenerationInterval 1h\r
+#ServerKeyBits 1024\r
+\r
+# Logging\r
+# obsoletes QuietMode and FascistLogging\r
+#SyslogFacility AUTH\r
+#LogLevel INFO\r
+\r
+# Authentication:\r
+\r
+#LoginGraceTime 2m\r
+#PermitRootLogin yes\r
+#StrictModes yes\r
+#MaxAuthTries 6\r
+#MaxSessions 10\r
+\r
+RSAAuthentication yes\r
+PubkeyAuthentication yes\r
+\r
+# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2\r
+# but this is overridden so installations will only check .ssh/authorized_keys\r
+AuthorizedKeysFile .ssh/authorized_keys\r
+\r
+#AuthorizedPrincipalsFile none\r
+\r
+#AuthorizedKeysCommand none\r
+#AuthorizedKeysCommandUser nobody\r
+\r
+# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts\r
+#RhostsRSAAuthentication no\r
+# similar for protocol version 2\r
+#HostbasedAuthentication no\r
+# Change to yes if you don't trust ~/.ssh/known_hosts for\r
+# RhostsRSAAuthentication and HostbasedAuthentication\r
+#IgnoreUserKnownHosts no\r
+# Don't read the user's ~/.rhosts and ~/.shosts files\r
+#IgnoreRhosts yes\r
+\r
+# To disable tunneled clear text passwords, change to no here!\r
+PasswordAuthentication yes\r
+#PermitEmptyPasswords no\r
+\r
+# Change to no to disable s/key passwords\r
+#ChallengeResponseAuthentication yes\r
+\r
+# Kerberos options\r
+#KerberosAuthentication no\r
+#KerberosOrLocalPasswd yes\r
+#KerberosTicketCleanup yes\r
+#KerberosGetAFSToken no\r
+\r
+# GSSAPI options\r
+#GSSAPIAuthentication no\r
+#GSSAPICleanupCredentials yes\r
+\r
+# Set this to 'yes' to enable support for the deprecated 'gssapi' authentication\r
+# mechanism to OpenSSH 3.8p1. The newer 'gssapi-with-mic' mechanism is included\r
+# in this release. The use of 'gssapi' is deprecated due to the presence of\r
+# potential man-in-the-middle attacks, which 'gssapi-with-mic' is not susceptible to.\r
+#GSSAPIEnableMITMAttack no\r
+\r
+# Set this to 'yes' to enable PAM authentication, account processing, \r
+# and session processing. If this is enabled, PAM authentication will \r
+# be allowed through the ChallengeResponseAuthentication and\r
+# PasswordAuthentication. Depending on your PAM configuration,\r
+# PAM authentication via ChallengeResponseAuthentication may bypass\r
+# the setting of "PermitRootLogin without-password".\r
+# If you just want the PAM account and session checks to run without\r
+# PAM authentication, then enable this but set PasswordAuthentication\r
+# and ChallengeResponseAuthentication to 'no'.\r
+UsePAM yes\r
+\r
+#AllowAgentForwarding yes\r
+#AllowTcpForwarding yes\r
+#GatewayPorts no\r
+X11Forwarding yes\r
+#X11DisplayOffset 10\r
+#X11UseLocalhost yes\r
+#PrintMotd yes\r
+#PrintLastLog yes\r
+#TCPKeepAlive yes\r
+#UseLogin no\r
+UsePrivilegeSeparation sandbox # Default for new installations.\r
+#PermitUserEnvironment no\r
+#Compression delayed\r
+#ClientAliveInterval 0\r
+#ClientAliveCountMax 3\r
+#UseDNS yes\r
+#PidFile /run/sshd.pid\r
+#MaxStartups 10:30:100\r
+#PermitTunnel no\r
+#ChrootDirectory none\r
+#VersionAddendum none\r
+\r
+# no default banner path\r
+#Banner none\r
+\r
+# override default of no subsystems\r
+Subsystem sftp /usr/lib/ssh/sftp-server\r
+\r
+# This enables accepting locale enviroment variables LC_* LANG, see sshd_config(5).\r
+AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES\r
+AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT\r
+AcceptEnv LC_IDENTIFICATION LC_ALL\r
+\r
+# Example of overriding settings on a per-user basis\r
+#Match User anoncvs\r
+# X11Forwarding no\r
+# AllowTcpForwarding no\r
+# ForceCommand cvs server\r
+#end raw\r
+]]>\r
+ </file_contents>\r
+ <file_owner>root.root</file_owner>\r
+ <file_permissions>640</file_permissions>\r
+</file>\r
--- /dev/null
+#!/usr/bin/python\r
+"""script to migrate rendered kickstart files from cobbler to outside."""\r
+import logging\r
+\r
+from cobbler import api\r
+\r
+\r
+def main():\r
+ """main entry"""\r
+ cobbler_api = api.BootAPI()\r
+ for system in cobbler_api.systems():\r
+ cobbler_api.kickgen.generate_kickstart_for_system(system.name)\r
+ try:\r
+ with open(\r
+ '/var/www/cblr_ks/%s' % system.name, 'w'\r
+ ) as kickstart_file:\r
+ logging.info("Migrating kickstart for %s", system.name)\r
+ data = cobbler_api.kickgen.generate_kickstart_for_system(\r
+ system.name)\r
+ kickstart_file.write(data)\r
+ except Exception as error:\r
+ logging.error("Directory /var/www/cblr_ks/ does not exist.")\r
+ logging.exception(error)\r
+ raise error\r
+\r
+\r
+if __name__ == '__main__':\r
+ logging.info("Running kickstart migration")\r
+ main()\r
Code Review / compass4nfv.git / commitdiff