Bryan Kearney
2008-Dec-19 20:26 UTC
[Ovirt-devel] [PATCH PuppetInstaller] Drop a modules.conf file so that the username and password are checked
---
ace-ovirt/modules/ovirt/files/modules.conf | 96 ++++++++++++++++++++++++++
ace-ovirt/modules/ovirt/manifests/cobbler.pp | 5 ++
2 files changed, 101 insertions(+), 0 deletions(-)
create mode 100644 ace-ovirt/modules/ovirt/files/modules.conf
diff --git a/ace-ovirt/modules/ovirt/files/modules.conf
b/ace-ovirt/modules/ovirt/files/modules.conf
new file mode 100644
index 0000000..236ef4c
--- /dev/null
+++ b/ace-ovirt/modules/ovirt/files/modules.conf
@@ -0,0 +1,96 @@
+# specifies what cobbler modules to load.
+
+# what file/data formats to use for metadata
+#
+# choices:
+# serializer_catalog (fast, uses .d directories in /var/lib/cobbler/config)
+# serializer_yaml (original serializer, uses a few text files)
+#
+# for 99% or more of all installations, use serializer_catalog.
+#
+# NOTE: serializer changes may remove your ability to access old data.
+# serializer_yaml users can change to serializer_catalog w/o manual
+# migration steps. Other changes are for new installs only.
+
+[serializers]
+settings = serializer_catalog
+distro = serializer_catalog
+profile = serializer_catalog
+system = serializer_catalog
+repo = serializer_catalog
+image = serializer_catalog
+
+# policy: what users can log into the WebUI and Read-Write XMLRPC?
+#
+# choices:
+# authn_denyall -- no one (default)
+# authn_configfile -- use /etc/cobbler/users.digest (for basic setups)
+# authn_passthru -- ask Apache to handle it (used for kerberos)
+# authn_ldap -- authenticate against LDAP
+# authn_spacewalk -- ask Spacewalk/Satellite (experimental)
+# authn_testing -- username/password is always testing/testing (debug)
+# (user supplied) -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CobblerWithKerberos
+# https://fedorahosted.org/cobbler/wiki/CobblerWithLdap
+
+[authentication]
+module = authn_configfile
+
+# policy: once a user has been cleared by the WebUI/XMLRPC, what can they do?
+#
+# choices:
+# authz_allowall -- full access for all authneticated users (default)
+# authz_configfile -- determined by /etc/cobbler/users.conf
+# authz_ownership -- use users.conf, but add object ownership semantics
+# (user supplied) -- you may write your own module
+#
+# WARNING: this is a security setting, do not choose an option blindly.
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/CobblerWebInterface
+# https://fedorahosted.org/cobbler/wiki/CustomizableSecurity
+# https://fedorahosted.org/cobbler/wiki/CustomizableAuthorization
+# https://fedorahosted.org/cobbler/wiki/AuthorizationWithOwnership
+
+[authorization]
+module = authz_allowall
+
+# chooses the DNS management engine if manage_dns is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+# manage_bind -- default, uses BIND/named
+# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDns
+
+[dns]
+module = manage_bind
+
+# chooses the DHCP management engine if manage_dhcp is enabled
+# in /etc/cobbler/settings, which is off by default.
+#
+# choices:
+# manage_isc -- default, uses ISC dhcpd
+# manage_dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
+#
+# NOTE: more configuration is still required in /etc/cobbler
+#
+# for more information:
+# https://fedorahosted.org/cobbler/wiki/ManageDhcp
+
+[dhcp]
+module = manage_isc
+
+
+
+
diff --git a/ace-ovirt/modules/ovirt/manifests/cobbler.pp
b/ace-ovirt/modules/ovirt/manifests/cobbler.pp
index e4aae62..e3f3698 100644
--- a/ace-ovirt/modules/ovirt/manifests/cobbler.pp
+++ b/ace-ovirt/modules/ovirt/manifests/cobbler.pp
@@ -97,6 +97,11 @@ class cobbler::bundled {
enable => true,
require => File_replacement[settings_ip_address]
}
+
+ file {"/etc/cobbler/modules.conf":
+ source => "puppet:///ovirt/modules.conf",
+ notify => Service[cobblerd]
+ }
# firewall_rule{"69": destination_port => "69"}
# firewall_rule{"25150": destination_port => "25150"}
--
1.6.0.4