Don's Pages and my Music

Saturday, October 15, 2011

SetPXEBootPasswd - cobbler - Trac

I have Cobbler installed on my Fedora 14 System. It's in the Repositories. So, it's easy to install. I just spent some time trying to get the password setup. So that I can get into the setup of the Server and get it up and running. But, I had no luck. It sounds simple. But, I couldn't ever successfully log in. So, I guess I will try again later...

Don

Cobbler

Cobbler is an install server; batteries are included

Cobbler is a Linux installation server that allows for rapid setup of network installation environments. It glues together and automates many associated Linux tasks so you do not have to hop between lots of various commands and applications when rolling out new systems, and, in some cases, changing existing ones.

With a simple series of commands, network installs can be configured for PXE, reinstallations, media-based net-installs, and virtualized installs (supporting Xen, qemu, KVM, and some variants of VMware). Cobbler uses a helper program called 'koan' (which interacts with Cobbler) for reinstallation and virtualization support.

Cobbler is a small and lightweight application (about 15k lines of Python code). It tries to be extremely simple to use both for very small and very large installations -- as well as easy to work on, extend, and hack. It avoids being "enterprisey" (as in complicated) whenever possible, but is highly useful in all sorts of enterprises by having a lot of advanced features and doing small things to save a large amount of time in repeated tasks.

Cobbler can also optionally help with managing DHCP, DNS, and yum package mirroring infrastructure -- in this regard, it is a more generalized automation app, rather than just dealing specifically with installations. There is also a lightweight built-in configuration management system, as well as support for integrating with configuration management systems like Puppet. Cobbler has a command line interface, a web interface (screenshot), and also several API access options. That sounds like a lot, but it's really pretty simple. New users may like to start with the web app after doing the initial setup steps on the command line (cobbler check; cobbler import) as it will give them a good idea of all of the features available. Advanced features don't have to be understood all at once, they can be incorporated over time as the need for them arises.

You can read more at the various links below to understand all that Cobbler can do.

Start Here

Read More...
https://fedorahosted.org/cobbler/#StartHere

 

How to create a PXE boot menu password

There are two different levels of password:

MENU MASTER PASSWD passwd

Sets a master password. This password can be used to boot any menu entry, and is required for the [Tab] and [Esc] keys to work.

MENU PASSWD passwd

(Only valid after a LABEL statement.) Sets a password on this menu entry. "passwd" can be either a cleartext password or a SHA-1 encrypted password; use the included Perl script "sha1pass" to encrypt passwords. (Obviously, if you don't encrypt your passwords they will not be very secure at all.)

If you are using passwords, you want to make sure you also use the settings "NOESCAPE 1", "PROMPT 0", and either set "ALLOWOPTIONS 0" or use a master password (see below.)

If passwd is an empty string, this menu entry can only be unlocked with the master password.

Creating the password hash

If you have sha1pass on your system (you probably don't, but it's supposed to come with syslinux) you can do:

sha1pass mypassword

If you do _not_ have sha1pass, you can use openssl to create the pasword (the hashes appear to be compatible):

openssl passwd -1 -salt sXiKzkus mypassword

Files to edit

  • for master menu password: /etc/cobbler/pxe/pxedefault.template
  • for individual entries: /etc/cobbler/pxe/pxeprofile.template

Sample usage

In this example, the master menu password will be used for all the entries (because the profile entry is blank). I have not looked into a way to dynamically set a different password based on the profile variables yet.

pxedefault.template:

DEFAULT menu PROMPT 0 MENU TITLE Cobbler | http://fedorahosted.org/cobbler MENU MASTER PASSWD $1$sXiKzkus$haDZ9JpVrRHBznY5OxB82.  TIMEOUT 200 TOTALTIMEOUT 6000 ONTIMEOUT $pxe_timeout_profile  LABEL local         MENU LABEL (local)         MENU DEFAULT         LOCALBOOT 0  $pxe_menu_items  MENU end 

pxeprofile.template:

LABEL $profile_name         MENU PASSWD         kernel $kernel_path         $menu_label         $append_line         ipappend 2 

References

  • /usr/share/doc/syslinux*/syslinux.doc
  • /usr/share/doc/syslinux*/README.menu

Read More...
https://fedorahosted.org/cobbler/wiki/SetPXEBootPasswd


Learn more about Cobbler. See how to set it up and perform tasks. Explore advanced features that may be useful in your environment.

Installation And Basics

Start here to learn about what Cobbler can do and how to set it up.

Manpage documentation

Read More...
https://fedorahosted.org/cobbler/wiki/UserDocs



No comments:

Post a Comment