/
settings-migration-v1-to-v2.sh
executable file
·216 lines (193 loc) · 6.98 KB
/
settings-migration-v1-to-v2.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
#!/bin/bash
#set -x
path_modules_conf="/etc/cobbler/modules.conf"
default_file=""
flag_regex_conversion=false
flag_static_conversion=false
flag_replace_conversion=false
read -r -d '' default_file <<EOM
# cobbler module configuration file
# =================================
# authentication:
# what users can log into the WebUI and Read-Write XMLRPC?
# choices:
# authentication.denyall -- no one (default)
# authentication.configfile -- use /etc/cobbler/users.digest (for basic setups)
# authentication.passthru -- ask Apache to handle it (used for kerberos)
# authentication.ldap -- authenticate against LDAP
# authentication.spacewalk -- ask Spacewalk/Satellite (experimental)
# authentication.pam -- use PAM facilities
# authentication.testing -- username/password is always testing/testing (debug)
# (user supplied) -- you may write your own module
# WARNING: this is a security setting, do not choose an option blindly.
# for more information:
# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
# https://github.com/cobbler/cobbler/wiki/Security-overview
# https://github.com/cobbler/cobbler/wiki/Kerberos
# https://github.com/cobbler/cobbler/wiki/Ldap
[authentication]
module = authentication.configfile
# authorization:
# once a user has been cleared by the WebUI/XMLRPC, what can they do?
# choices:
# authorization.allowall -- full access for all authneticated users (default)
# authorization.ownership -- use users.conf, but add object ownership semantics
# (user supplied) -- you may write your own module
# WARNING: this is a security setting, do not choose an option blindly.
# If you want to further restrict cobbler with ACLs for various groups,
# pick authz_ownership. authz_allowall does not support ACLs. configfile
# does but does not support object ownership which is useful as an additional
# layer of control.
# for more information:
# https://github.com/cobbler/cobbler/wiki/Cobbler-web-interface
# https://github.com/cobbler/cobbler/wiki/Security-overview
# https://github.com/cobbler/cobbler/wiki/Web-authorization
[authorization]
module = authorization.allowall
# dns:
# chooses the DNS management engine if manage_dns is enabled
# in /etc/cobbler/settings, which is off by default.
# choices:
# managers.bind -- default, uses BIND/named
# managers.dnsmasq -- uses dnsmasq, also must select dnsmasq for dhcp below
# managers.ndjbdns -- uses ndjbdns
# NOTE: more configuration is still required in /etc/cobbler
# for more information:
# https://github.com/cobbler/cobbler/wiki/Dns-management
[dns]
module = managers.bind
# dhcp:
# chooses the DHCP management engine if manage_dhcp is enabled
# in /etc/cobbler/settings, which is off by default.
# choices:
# managers.isc -- default, uses ISC dhcpd
# managers.dnsmasq -- uses dnsmasq, also must select dnsmasq for dns above
# NOTE: more configuration is still required in /etc/cobbler
# for more information:
# https://github.com/cobbler/cobbler/wiki/Dhcp-management
[dhcp]
module = managers.isc
# tftpd:
# chooses the TFTP management engine if manage_tftp is enabled
# in /etc/cobbler/settings, which is ON by default.
#
# choices:
# managers.in_tftpd -- default, uses the system's tftp server
# managers.tftpd_py -- uses cobbler's tftp server
#
[tftpd]
module = managers.in_tftpd
#--------------------------------------------------
EOM
print_help() {
echo "$(basename "$0") [-h] [-r] [-s] [-n] [-f absolute_filepath]"
echo "Script to migrate a Cobbler 3.0.0 or prior \"modules.conf\" to a 3.0.1 \"modules.conf\""
echo ""
echo "Usage:"
echo " One of the following arguments must be choosen [rsn] additionally you must hand over the absolute path of"
echo " the \"modules.conf\""
echo ""
echo "Options:"
echo " -h show this help text"
echo " -r Use the regex replace. I recommend this if you have custom modules and also have rearranged them."
echo " WARNING: This also alters the documentation in the settings file which is wrong to the current point"
echo " in time."
echo " -s Use the static replace. I recomment this if you use the default modules."
echo " -n Make a new start with Cobbler and just replace the whole settings file."
echo " -f Path to the \"modules.conf\""
}
regex_conversion() {
sed -i -e 's/authn_/authentication\./g' $path_modules_conf
sed -i -e 's/authz_/authorization\./g' $path_modules_conf
sed -i -e 's/manage_/managers\./g' $path_modules_conf
}
static_conversion() {
sed -i -e 's/authn_denyall/authentication.denyall/g' $path_modules_conf
sed -i -e 's/authn_configfile/authentication.configfile/g' $path_modules_conf
sed -i -e 's/authn_passthru/authentication.passthru/g' $path_modules_conf
sed -i -e 's/authn_ldap/authentication.ldap/g' $path_modules_conf
sed -i -e 's/authn_spacewalk/authentication.spacewalk/g' $path_modules_conf
sed -i -e 's/authn_pam/authentication.pam/g' $path_modules_conf
sed -i -e 's/authn_testing/authentication.testing/g' $path_modules_conf
sed -i -e 's/authz_allowall/authorization.allowall/g' $path_modules_conf
sed -i -e 's/authz_ownership/authorization.ownership/g' $path_modules_conf
sed -i -e 's/manage_bind/managers.bind/g' $path_modules_conf
sed -i -e 's/manage_dnsmasq/managers.dnsmasq/g' $path_modules_conf
sed -i -e 's/manage_ndjbdns/managers.ndjbdns/g' $path_modules_conf
sed -i -e 's/manage_isc/managers.isc/g' $path_modules_conf
sed -i -e 's/manage_dnsmasq/managers.dnsmasq/g' $path_modules_conf
sed -i -e 's/manage_in_tftpd/managers.in_tftpd/g' $path_modules_conf
sed -i -e 's/manage_tftpd_py/managers.tftpd_py/g' $path_modules_conf
}
replace_modules_conf() {
rm $path_modules_conf
touch $path_modules_conf
echo "$default_file" >$path_modules_conf
}
run() {
if $flag_regex_conversion; then
regex_conversion
elif $flag_static_conversion; then
static_conversion
elif $flag_replace_conversion; then
replace_modules_conf
fi
}
wrong_options() {
echo "Error:"
echo "You selected the wrong number of flags. Please read the usage!"
echo ""
print_help
}
validate_options() {
if $flag_regex_conversion && $flag_static_conversion && $flag_replace_conversion; then
print_help
exit 1
elif $flag_regex_conversion && $flag_static_conversion; then
print_help
exit 1
elif $flag_regex_conversion && $flag_replace_conversion; then
print_help
exit 1
fi
}
parse_options() {
while getopts 'hrsnf:' option; do
case "$option" in
h)
print_help
exit
;;
r)
flag_regex_conversion=true
;;
s)
flag_static_conversion=true
;;
n)
flag_replace_conversion=true
;;
f)
path_modules_conf=$OPTARG
;;
:)
printf "Error:"
printf "Missing argument for -%f\n" "$OPTARG" >&2
print_help
exit 1
;;
\?)
printf "Error:"
printf "Illegal option: -%s\n" "$OPTARG" >&2
echo ""
print_help
exit 1
;;
esac
done
shift $((OPTIND - 1))
}
# Main routine
parse_options "$@"
validate_options
run