* Login * Systems * Kickstarts * Snippets * create new snippet * Try to save it: 2009-04-15 12:47:54,693 [TP-Processor1] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/rhn].[action] - Servlet.service() for servlet action threw exception java.io.FileNotFoundException: /var/lib/cobbler/snippets/bloop (Permission denied)
This issue should now be resolved... as off. http://git.fedorahosted.org/git/spacewalk.git?p=spacewalk.git;a=commit;h=b7f234e5fd5f425ceccf40bcd9a9f8948f3b5f64 Following changes were made.. 1) A new spacewalk subdirectory was added to /var/lib/cobbler/snippets which will host all the spacewalk specific snippets.. 2) /var/lib/cobbler/snippets/spacewalk/org.id will host snippets specfic to that org. 3) A user without root access to the actual box will be only able to update scripts or snippets listed under /var/lib/cobbler/snippets/spacewalk/org.id 4) All other snippets under /var/lib/cobbler/snippets other than snippets under /var/lib/cobbler/snippets/spacewalk will be Read Only to config admins of all orgs... (readable through the UI that is...) 5) The snippets are only one level deep. as in /var/lib/cobbler/snippets/spacewalk/org.id/snippet_name One cannot now generate snippets that look like /var/lib/cobbler/snippets/spacewalk/org.id/my_dir/snippet_name This was done to prevent issues like /var/lib/cobbler/snippets/spacewalk/org.id/../../../../tmp/xyz... leaving security holes like that..
moving to On_QA
Moving to ON_QA
Moving to VERIFIED, tested on 5/29 build.
Moving to RELEASE_PENDING Able to create a snippet and save it. Added it to kickstart profile by putting it as a script and clicking "template" Verified the snippet shows up in the kickstrt file ISO: Satellite-5.3.0-RHEL4-re20090724.0-s390x.iso
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHEA-2009-1434.html