Foreman » Smart Proxy

06/16/2014

05:49 PM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Thanks for the tests Greg - unfortunately they fail on 1.8.7 as it's using File.absolute_path, which is only availabl... Dominic Cleal

11:57 AM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Updated patch attached with a to_s added, as escape_for_shell cannot take direct Pathname objects, and two tests for ... Greg Sutcliffe

09:17 AM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Patch looks fine, but could you add some unit tests of this method please? Just stub out CommandTask and check that ... Dominic Cleal

04:18 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Dominic Cleal wrote:
> As per my above comment(s), directory environments are *not* supported at the moment and this... Elisiano Petrini

03:42 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

As per my above comment(s), directory environments are *not* supported at the moment and this patch does *not* provid... Dominic Cleal

03:39 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Dominic Cleal wrote:
> Don't worry about puppet.conf, I got what I needed from the foreman-users list.
>
> If you... Elisiano Petrini

06/14/2014

11:21 PM Feature #2736: implement a Wake On Lan function/button

+1 Arnold Bechtoldt

11:18 PM Feature #6225 (Resolved): As an admin I would like to bind foreman-proxy service to a specific IP address for security reasons

Port setting is available only so far. Arnold Bechtoldt

06/13/2014

09:54 AM Bug #6208 (Rejected): Unable to overwrite/delete previously created DHCP entry

Using version 9999-trusty+scratchbuild+201406122210
Client side:... Jon Skarpeteig

06/12/2014

11:05 AM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Here is my second attempt. It does fix the remote execution and in addition, it does check if the resulting file is w... Lukas Zapletal

08:43 AM Bug #5995: Windows AD DHCP reservation creation fails with "The specified option does not exist"

Hi Dominic,
must have missed the email about your update on this ticket. Thanks a lot the fix works. I have update... Oliver Weinmann

08:42 AM Bug #2870: DHCP reservations on MS DHCP servers with PXEClient defined

Hi Guys,
I opened a ticket for another MS dhcp issue: http://projects.theforeman.org/issues/5995. It seems that th... Oliver Weinmann

06/11/2014

07:55 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

I didn't have to downgrade to an earlier version of Puppet to resolve this issue. I'm on 3.6.2 and I'm working fine. ... Paul Calabro

05:52 PM Bug #5675 (Closed): DNS Proxy Issues

Applied in changeset commit:62c7320bbdedeb3d983addc1f78d8fe20b0d6f71. Dominic Cleal

05:27 PM Revision 62c7320b: fixes #5675 - expect dns_key setting to be nil if not set

Dominic Cleal

02:20 PM Bug #6086 (Ready For Testing): CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Ready for review too. Lukas Zapletal

06/10/2014

09:04 PM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

It looks like a consequence of the API between Foreman and the proxy, but the patch has a bad effect on normal TFTP f... Dominic Cleal

06/09/2014

06:52 PM Bug #5856 (Closed): Cannot import environments, classes even with foreman 1.5.0

Applied in changeset commit:1dc369d4297c5b9a8106d8908ebac6a8ccfa7437. Dominic Cleal

06:36 PM Revision 1dc369d4: fixes #5856 - use public initializer for Puppet settings

Dominic Cleal

06/06/2014

02:56 PM Bug #5995 (New): Windows AD DHCP reservation creation fails with "The specified option does not exist"

We generally don't actively maintain AD support, so any help to track it down and submit patches would be welcomed.
... Dominic Cleal

02:41 PM Bug #5995: Windows AD DHCP reservation creation fails with "The specified option does not exist"

Hi Guys,
this is really becoming urgent as I can't deploy any new hosts, neither can I change / update existing ho... Oliver Weinmann

01:20 PM Bug #5677 (Closed): Delete Host Failing

Dominic Cleal

10:36 AM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Created: http://projects.theforeman.org/issues/6089 (not linking the issues yet). Lukas Zapletal

10:31 AM Bug #6086: CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Ok here is my analysis and patch.
Foreman application calls this API with two parameters. The source is URL from w... Lukas Zapletal

08:53 AM Bug #6086 (Assigned): CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

It's my honour :-)
I guess we want shortest possible fix, which is escape_for_shell or something similar. Lukas Zapletal

08:33 AM Bug #6086 (Closed): CVE-2014-0007 - TFTP boot file fetch API permits remote code execution

Reported by Lukas Zapletal to the security team and assigned CVE-2014-0007.
The smart proxy's API for fetching fil... Dominic Cleal

07:49 AM Bug #6085 (Closed): Virsh provider is not interpreting DHCP netmask correctly

The virsh.rb loadSubnets method was only looking for a definition of a netmask inside the libvirt network XML, despit... Lukas Zapletal

06/05/2014

10:01 AM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Ollie Lawson wrote:
> I have applied the patch above with Foreman 1.5.0 and Puppet 3.6.1 but the environments still ... Dominic Cleal

09:58 AM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

I have applied the patch above with Foreman 1.5.0 and Puppet 3.6.1 but the environments still do not import.
Prox... Ollie Lawson

06/02/2014

08:13 PM Bug #6022 (Closed): puppetssh fails due to host key prompt when trying to do puppetrun

I've configured settings.yml to allow puppet runs over ssh
But on the remote server I just get "Connection Closed ... Stephen Herd

08:28 AM Bug #5995: Windows AD DHCP reservation creation fails with "The specified option does not exist"

Problem also occurs on a second proxy where we only have one subnet. :( I thought maybe it's a timeout issue due too ... Oliver Weinmann

07:18 AM Revision 00073661: refs #5987 - remove unused packaging files

Dominic Cleal

05/30/2014

11:52 AM Bug #5907 (Closed): ip auto-suggestion broken after dhcp changes

Applied in changeset commit:ee9b08d01ead2c7e13bd54186fd02cc22392fb6f. Anonymous

11:06 AM Bug #5907 (Ready For Testing): ip auto-suggestion broken after dhcp changes

Dominic Cleal

11:05 AM Revision ee9b08d0: Fixes #5907 - Look at all records when suggesting IPs

Greg Sutcliffe

07:39 AM Bug #5995: Windows AD DHCP reservation creation fails with "The specified option does not exist"

Hi,
I looked in the logs and found this:... Oliver Weinmann

07:14 AM Bug #5995 (Need more information): Windows AD DHCP reservation creation fails with "The specified option does not exist"

This error message is simply reporting there's an error on your proxy server.
Please read and provide the logs fro... Dominic Cleal

07:11 AM Bug #5995 (Duplicate): Windows AD DHCP reservation creation fails with "The specified option does not exist"

Hi,
I upgraded from 1.3x to 1.5 two days ago and now I'm no longer able to create new hosts. :(
I always get an... Oliver Weinmann

05/27/2014

08:49 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Thanks! That worked w/o error! :) Paul Calabro

04:12 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

That patch worked for us.
Thanks! Dis McCarthy

01:09 PM Bug #5677 (Resolved): Delete Host Failing

Lukas Zapletal

01:08 PM Revision 79699411: fixes #5677 - handle booleans from settings.yml as bools

Dominic Cleal

11:33 AM Bug #5907 (Resolved): ip auto-suggestion broken after dhcp changes

I believe this was merged with: https://github.com/witlessbird/smart-proxy/pull/4 Lukas Zapletal

11:28 AM Revision 9f019d1e: refs #5793 - add pkg:generate_source rake task to create tar.bz2

Dominic Cleal

05/23/2014

12:58 PM Bug #5856 (Ready For Testing): Cannot import environments, classes even with foreman 1.5.0

Don't worry about puppet.conf, I got what I needed from the foreman-users list.
If you want to try the patch:
* c... Dominic Cleal

10:39 AM Bug #5856 (Assigned): Cannot import environments, classes even with foreman 1.5.0

Paul, as a workaround, uncommenting the production environment in your puppet.conf seems to get it working.
Xesc, ... Dominic Cleal

11:46 AM Bug #5907 (Ready For Testing): ip auto-suggestion broken after dhcp changes

https://github.com/theforeman/smart-proxy/pull/160 Greg Sutcliffe

11:43 AM Bug #5907 (Closed): ip auto-suggestion broken after dhcp changes

I missed an instance of has_mac? - fix incoming Greg Sutcliffe

10:02 AM Bug #5903 (Duplicate): Deleting smart proxy from GUI fails

We've just made a change in #5788 which will show a proper error message indicating which other resources rely on tha... Dominic Cleal

09:53 AM Bug #5903: Deleting smart proxy from GUI fails

Or better yet, remove the proxy from the hostgroup Jon Skarpeteig

09:51 AM Bug #5903 (Duplicate): Deleting smart proxy from GUI fails

A proper error message should be generated instead, saying that an existing hostgroup is using the proxy.
Oops, ... Jon Skarpeteig

09:40 AM Bug #5902 (Duplicate): VMware profile for disk doesn't stick

Thanks for the report, this is issue #5652, will be fixed in 1.5.1. Dominic Cleal

09:38 AM Bug #5902 (Duplicate): VMware profile for disk doesn't stick

Editing compute profile for VMware under Storage doesn't save/read properly.
Example:
Changing data store, and ... Jon Skarpeteig

05/22/2014

02:36 PM Bug #5677: Delete Host Failing

Adam Behn wrote:
> I'm seeing this issue as well and adding the quotes did not resolve the issue in my case.
>
> ... Dominic Cleal

02:30 PM Bug #5677: Delete Host Failing

I'm seeing this issue as well and adding the quotes did not resolve the issue in my case.
"Delete PuppetCA certifi... Adam Behn

02:27 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Jon Skarpeteig wrote:
> No way to edit posts?
You should be able to now, you weren't "joined" to the project as a... Dominic Cleal

02:23 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

No way to edit posts? Jon Skarpeteig

02:20 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Using Foreman 1.5.0 and Puppet 3.6.0 on remote node
From foreman-proxy.log... Jon Skarpeteig

07:37 AM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Hi,
I've run into the same issue, and solve it by downgrading puppet to version 3.5.1.
curl -k -H "Content-Typ... Xesc Arbona

08:21 AM Feature #4699: Support Puppet environmentpath and environment config files

It seems there's a bug when *not* using environmentpath which gives the same error - we'll work on this under #5856, ... Dominic Cleal

12:49 AM Feature #4699: Support Puppet environmentpath and environment config files

I'm seeing the exact same issue!
Please let me know if you need anything. Paul Calabro

08:20 AM Bug #5867 (Duplicate): Cannot Import Puppet Envioronments

Dominic Cleal

08:19 AM Bug #5867: Cannot Import Puppet Envioronments

Thanks for the report, we're tracking this in #5856. Dominic Cleal

12:46 AM Bug #5867 (Duplicate): Cannot Import Puppet Envioronments

I'm currently unable to import Puppet Environments. When doing so, I receive the following error:
Warning!
ER... Paul Calabro

05/21/2014

05:07 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

It was installed originally with a puppet-apply based installer but is maintained manually.... Dis McCarthy

04:42 PM Bug #5856: Cannot import environments, classes even with foreman 1.5.0

Could you attach your puppet.conf? I think this might happen if you don't have explicit environment sections. Dominic Cleal

03:51 PM Bug #5856 (Closed): Cannot import environments, classes even with foreman 1.5.0

Superficially similar to #5792, but we are running Foreman and proxy at 1.5.0.
Clicking 'import classes from puppe... Dis McCarthy

09:30 AM Feature #4699: Support Puppet environmentpath and environment config files

Just wanted to say that I just came upon this. I switched Puppet to use directory environments and Foreman proxy star... Alexandros Tsourakis

05/20/2014

10:52 AM Bug #5739 (Closed): Host deletion finds irrelevant old leases

Applied in changeset commit:ad2b4651b4b759f6c4c8454acf852cc541f2ec69. Anonymous

10:52 AM Bug #5648 (Closed): DHCP lease reading is done in the wrong order

Applied in changeset commit:2080b2eb85162c76e0edf2e4630a0f9a3a23b494. Anonymous

10:52 AM Feature #5712 (Closed): ISC DHCP server times out

Applied in changeset smart-proxy:commit:cabb60bced3d0f255721401f25c0cc792d9019a0. Anonymous

10:25 AM Revision ad2b4651: Fixes #5739 - Only look at reservations when deleting a DHCP record

Greg Sutcliffe

10:25 AM Revision 2080b2eb: Fixes #5648 - Match the DHCP specification of last-lease-wins

Greg Sutcliffe

10:24 AM Revision cabb60bc: Fixes #5712: Limit DHCP subnets for ISC if necessary

Jimmi Dyson

05/19/2014

12:47 PM Refactor #4867 (Closed): As a developer I'd like to have api to selectively load sub-components of modules

Anonymous

09:52 AM Feature #5712: ISC DHCP server times out

Doh, no assigned state! Lukas Zapletal