Project

General

Profile

Actions

Bug #4463

closed

Default profiles templates default to https:// connection for kickstart

Added by Matt Darcy over 10 years ago. Updated almost 6 years ago.

Status:
Closed
Priority:
Normal
Category:
Templates
Target version:
Difficulty:
Triaged:
Fixed in Releases:
Found in Releases:

Description

the default pxe template in foreman 1.4 creates the boot profiles URL based upon the state of the actual web interface page used to generate it,

eg:

if the user is viewing

https://foreman-host/config_templates then the default pxe parameters are generated in the pxelinux default config as

LABEL test - test/virtual
kernel boot/CentOS-6.5-x86_64-vmlinuz
append initrd=boot/CentOS-6.5-x86_64-initrd.img ks=https://foreman-host/unattended/template/test/virtual ksdevice=bootif network kssendmac

which doesn't work as the kickstart connection will try to be made on https, which requires a valid SSL certificate.

if the user generates the pxe menu with the web url

http://foreman-host/config_templates

then the pxe menu will be generated thus
LABEL test - test/virtual
kernel boot/CentOS-6.5-x86_64-vmlinuz
append initrd=boot/CentOS-6.5-x86_64-initrd.img ks=http://foreman-host/unattended/template/test/virtual ksdevice=bootif network kssendmac

to get the kickstart functioning on http - not https I have to set " :require_ssl: false " in /etc/foreman/settings.yaml

which is a security risk and a bit of a dirty hack.

the functionality should be that kickstart/build process is always done over http, unless https is configured for build operations in the unattended_url parameter.


Related issues 4 (0 open4 closed)

Related to Foreman - Bug #8228: default_template_url removed from API controllers, causes PXE menu build failureClosedShlomi Zadok10/31/2014Actions
Related to Foreman - Bug #9773: Default profiles templates create invalid URL'sClosedStephen Benjamin03/16/2015Actions
Has duplicate Foreman - Bug #6833: PXE default menu doesn't honour unattended_url settingDuplicate07/30/2014Actions
Has duplicate Foreman - Bug #7318: Hostgroup provisioning provides HTTPS URLDuplicate09/01/2014Actions
Actions #1

Updated by Dominic Cleal over 10 years ago

  • Subject changed from kickstart templates default to https:// connection to Default profiles templates default to https:// connection for kickstart
  • translation missing: en.field_release deleted (7)

Note, this is the PXE default menu list of hostgroup profiles, not the usual per-host templates.

Actions #2

Updated by Greg Sutcliffe over 10 years ago

The profile code is very old, and pretty unmaintained. Should we consider removing it? I think it's main application could be adequately handled by Discovery these days...

Failing that, it seems default_pxe_template() is a pretty old helper. Given we already have two copies of foreman_url(), I think we should merge all of this into one url-writer for templates that takes a variety of options.

Actions #3

Updated by Dominic Cleal over 10 years ago

I think it should be fixed, not removed.

Actions #4

Updated by Dominic Cleal almost 10 years ago

  • Has duplicate Bug #6833: PXE default menu doesn't honour unattended_url setting added
Actions #5

Updated by Dominic Cleal almost 10 years ago

  • Bugzilla link set to 1124386
Actions #6

Updated by Dominic Cleal almost 10 years ago

  • Has duplicate Bug #7318: Hostgroup provisioning provides HTTPS URL added
Actions #7

Updated by The Foreman Bot over 9 years ago

  • Status changed from New to Ready For Testing
  • Target version set to 1.7.2
  • Pull request https://github.com/theforeman/foreman/pull/1859 added
Actions #8

Updated by Anonymous over 9 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100
Actions #9

Updated by Dominic Cleal over 9 years ago

  • Related to Bug #8228: default_template_url removed from API controllers, causes PXE menu build failure added
Actions #10

Updated by Dominic Cleal over 9 years ago

  • Assignee set to Stephen Benjamin
  • translation missing: en.field_release set to 28

More likely in 1.7.x subject to #8228 being resolved.

Actions #11

Updated by Dominic Cleal over 9 years ago

  • translation missing: en.field_release changed from 28 to 29
Actions #12

Updated by Stephen Benjamin over 9 years ago

  • Bugzilla link deleted (1124386)
Actions #13

Updated by Stephen Benjamin over 9 years ago

  • Related to Bug #9773: Default profiles templates create invalid URL's added
Actions

Also available in: Atom PDF