Michael DeHaan wrote:
Peter Wright wrote:
Harry Hoffman wrote:
Hi Peter,
No, I don't think that'll work... but if you wrote a quick cgi to
accept
the args of mac addr and netboot then you could exec the cobbler
command...
something like
%post
wget
http://cobbler/cgi-bin/done_install?mac=00:11:22:33:44:55&netboot=n
<http://cobbler/cgi-bin/done_install?mac=00:11:22:33:44:55&netboot=n>
You'd of course want to do the normal sanitization of user data.
I've got a script that I could modify to do this, let me know if you
need/want it.
Cheers,
Harry
ok - i think i'm getting this thing now. nice - if you don't mind
posting that script i'd love to take a look at it.
-p
Harry has the right idea -- still though, CGI scripts should be
running as the apache user and not root. This means they won't (by
design) have access to modify the cobbler configuration. What you
would really want to do is write a simple script that can /only/
disable the netboot field and then grant SSH access for only that one
command. There is some example of that technique posted here, which
I personally haven't used, but I have it on good authority that it
works well :)
http://www.mythic-beasts.com/support/dyndns_howto.html
This way (writing a script that calls "cobbler system edit --name=name
--netboot-enabled=0") you make sure you've allowed remote access to
changing only that one
specific flag. (This particular flag has the result of removing the
per-system configuration file in /tftpboot that enables the system to
boot to a specific PXE target)
Incidentally, Matt Hyclak wrote a script to do this before you could
do this in the cobbler command line. That script is mentioned on this
page:
https://hosted.fedoraproject.org/projects/cobbler/wiki/CobblerApi
The alternative is to SSH is to make the cgi to do this setuid root,
which has security implications.
Another (perhaps simpler) option is set network boot lower in the BIOS
order (so hard drives first), and then when it comes time to reinstall
them, you can use
"koan --replace-self --server=bootserver.example.com --profile=name"
to do the reinstall rather than needing to PXE. If the Linux box is
already running, you can invoke that koan call over SSH followed by a
call to /sbin/reboot. That will essentially do the same thing, and
is what I do and generally recommend.
Talking on IRC,
We've decided we're going to implement the following:
When /var/lib/cobbler/settings parameter "pxe_just_once" is set to 1,
we're going to add a line to the bottom of the kickstart to call
a CGI script. (You'll also have to add a sudoers entry that we can
define in the manpage)
There's going to be a wget to a CGI script that takes a cobbler system
name as a parameter.
This script invokes cobbler_set_netboot via sudo, which can do nothing
else but toggle the netboot-enabled parameter.
cobbler_set_netboot has permissions to only toggle the netboot flag
So, in summary, all a user will need to do is:
-- flip the pxe_just_once switch in the settings file
-- add a sudoers entry (cobbler check can even show the user what this
entry must look like)
We can do this :)
> Harry Hoffman wrote:
>>
>> Hi Peter,
>>
>> I had this same problem... it should be said that with >=
cobbler-0.5
>> there is a option to edit the system:
>> cobbler system add --name=string --profile=string [--mac=macaddress]
>> [--ip=ipaddress] [--hostname=hostname] [--kopts=string]
[--ipad-
>> dress=string] [--ksmeta=string] [--netboot-enabled=Y/N
>>
>> The nice thing about cobbler via (git - yeah, it's a messed up
name) is
>> that a make in the d/l'd src directory will build you a rpm with
proper
>> version so that yum upgrades will overwrite it.
>>
>> It's a pretty trivial process, feel free to ask questions.
>>
>
> Awesome, thanks Harry - I'll start diving into this tomorrow
then. Just
> to make sure I understand clearly. With the newer version I
should be
> able to run something like this during %post:
>
> cobbler system edit --name=$MAC --netboot-enabled=N
>
> -pete
>
>>
>>
>> > hi all,
>> > i'm currently working on moving a cluster over from Xcat to
cobbler.
>> so
>> > far things have gone quite smoothly, i have imported several
distros -
>> > created my own distros and gotten my custom kickstart's working
quite
>> > easilly!
>> >
>> > my question is i have not figured out how one has an
installation dial
>> > back to the cobbler master node and tell it that it no longer
needs to
>> > to re-install itself. with Xcat during the %post phase your node
>> would
>> > set it's status on the Xcat master node to boot locally after
install
>> -
>> > is there something similar for cobbler?
>> >
>> > hopefully i'm missing something basic here, but have had no luck
>> reading
>> > through the man pages or mailing list archives.
>> >
>> > thanks!
>> > -pete
>> >
>> > --
>> > Peter Wright
>> > Systems Administrator
>> > Sony Pictures Imageworks
>> > wright@xxxxxxxxxxxxxx
>> > www.imageworks.com
>> >
>> >
>> > _______________________________________________
>> > et-mgmt-tools mailing list
>> > et-mgmt-tools@xxxxxxxxxx
>> > https://www.redhat.com/mailman/listinfo/et-mgmt-tools
>> >
>>
>>
>> _______________________________________________
>> et-mgmt-tools mailing list
>> et-mgmt-tools@xxxxxxxxxx
>> https://www.redhat.com/mailman/listinfo/et-mgmt-tools
>>
>
>
> --
> Peter Wright
> Systems Administrator
> Sony Pictures Imageworks
> wright@xxxxxxxxxxxxxx
> www.imageworks.com
>
>
>
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
_______________________________________________
et-mgmt-tools mailing list
et-mgmt-tools@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/et-mgmt-tools
