Ubuntu
cobbler package

Merge lp:~racb/ubuntu/oneiric/cobbler/858878_858883 into lp:ubuntu/oneiric/cobbler

Oneiric (11.10)
858878_858883
Merge into oneiric

Proposed by Robie Basak on 2011-11-11

Status:

Rejected

Rejected by:

Robie Basak on 2016-06-08

Proposed branch:

lp:~racb/ubuntu/oneiric/cobbler/858878_858883

Merge into:

lp:ubuntu/oneiric/cobbler

Diff against target:

11280 lines (+10424/-53)

55 files modified

.pc/58_fix_egg_cache.patch/web/cobbler.wsgi (+10/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/filter.tmpl (+155/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_edit.tmpl (+481/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_list.tmpl (+192/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/import.tmpl (+47/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/ksfile_edit.tmpl (+58/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/login.tmpl (+29/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/master.tmpl (+66/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/paginate.tmpl (+22/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/snippet_edit.tmpl (+54/-0)
.pc/59_add_csrf_protection.patch/web/cobbler_web/views.py (+1162/-0)
.pc/59_add_csrf_protection.patch/web/settings.py (+69/-0)
.pc/60_yaml_safe_load.patch/cobbler/api.py (+947/-0)
.pc/60_yaml_safe_load.patch/cobbler/item.py (+427/-0)
.pc/60_yaml_safe_load.patch/cobbler/modules/serializer_catalog.py (+241/-0)
.pc/60_yaml_safe_load.patch/cobbler/modules/serializer_couch.py (+136/-0)
.pc/60_yaml_safe_load.patch/cobbler/remote.py (+2547/-0)
.pc/60_yaml_safe_load.patch/cobbler/services.py (+462/-0)
.pc/60_yaml_safe_load.patch/cobbler/utils.py (+2074/-0)
.pc/60_yaml_safe_load.patch/scripts/cobbler-ext-nodes (+21/-0)
.pc/60_yaml_safe_load.patch/scripts/index.py (+199/-0)
.pc/60_yaml_safe_load.patch/scripts/services.py (+99/-0)
.pc/applied-patches (+3/-0)
cobbler/api.py (+1/-1)
cobbler/item.py (+1/-1)
cobbler/modules/serializer_catalog.py (+4/-4)
cobbler/modules/serializer_couch.py (+1/-1)
cobbler/remote.py (+2/-2)
cobbler/services.py (+1/-1)
cobbler/utils.py (+2/-2)
debian/changelog (+21/-0)
debian/cobbler-common.install (+0/-1)
debian/cobbler-web.dirs (+1/-0)
debian/cobbler-web.postinst (+3/-0)
debian/cobbler.postinst (+1/-0)
debian/control (+4/-4)
debian/patches/58_fix_egg_cache.patch (+19/-0)
debian/patches/59_add_csrf_protection.patch (+569/-0)
debian/patches/60_yaml_safe_load.patch (+158/-0)
debian/patches/series (+3/-0)
scripts/cobbler-ext-nodes (+1/-1)
scripts/index.py (+1/-1)
scripts/services.py (+1/-1)
web/cobbler.wsgi (+1/-1)
web/cobbler_web/templates/filter.tmpl (+8/-2)
web/cobbler_web/templates/generic_edit.tmpl (+1/-0)
web/cobbler_web/templates/generic_list.tmpl (+14/-4)
web/cobbler_web/templates/import.tmpl (+1/-0)
web/cobbler_web/templates/ksfile_edit.tmpl (+1/-0)
web/cobbler_web/templates/login.tmpl (+1/-0)
web/cobbler_web/templates/master.tmpl (+13/-6)
web/cobbler_web/templates/paginate.tmpl (+16/-4)
web/cobbler_web/templates/snippet_edit.tmpl (+1/-0)
web/cobbler_web/views.py (+70/-16)
web/settings.py (+2/-0)

To merge this branch:

bzr merge lp:~racb/ubuntu/oneiric/cobbler/858878_858883

Related bugs:

Bug #858878: lack of csrf protection in cobbler-web	High	Invalid
Bug #858883: "Management Parameters" (for example a system) which can be set in the web interface can result in arbitrary code execution on the host due to the use of yaml.loads instead of yaml.safe_loads in item.py on line 248:	High	Won't Fix

Link a bug report

Reviewer	Review Type	Date Requested	Status
Dave Walker		2011-11-11	Pending
Review via email: mp+81996@code.launchpad.net

Description of the change

This is based on top of Clint's branch which is already awaiting review.

Unmerged revisions

54. By Robie Basak on 2011-11-11: Backport safe YAML load from upstream. (LP: #858883)
53. By Robie Basak on 2011-11-11: Backport CSRF protection from upstream. (LP: #858878)
52. By Clint Byrum on 2011-10-01: debian/cobbler-web.postinst: fix perms on webui_sessions to
be more secure (LP: #863755)
51. By Clint Byrum on 2011-10-01: debian/cobbler-common.install: remove users.digest as it is
not required and contains a known password that would leave
cobblerd vulnerable if started before configuration is done.
50. By Clint Byrum on 2011-10-01: * debian/cobbler.postinst: create users.digest mode 0600 so it
  is not world readable. (LP: #858860)
* debian/control: cobbler needs to depend on python-cobbler
  (LP: #863738)
* debian/patches/58_fix_egg_cache.patch: Do not point dangerous
  PYTHON_EGG_CACHE at world writable directory. (LP: #858875)

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk

The diff has been truncated for viewing.

Subscribers

People subscribed via source and target branches

to all changes:

Robie Basak

Ubuntu branches

 === added directory '.pc/58_fix_egg_cache.patch'
 === added file '.pc/58_fix_egg_cache.patch/.timestamp'
 === added directory '.pc/58_fix_egg_cache.patch/web'
 === added file '.pc/58_fix_egg_cache.patch/web/cobbler.wsgi'
 --- .pc/58_fix_egg_cache.patch/web/cobbler.wsgi	1970-01-01 00:00:00 +0000
 +++ .pc/58_fix_egg_cache.patch/web/cobbler.wsgi	2011-11-11 16:30:32 +0000
@@ -0,0 +1,10 @@
++import os
++import sys
++
++os.environ['DJANGO_SETTINGS_MODULE'] = 'settings'
++os.environ['PYTHON_EGG_CACHE'] = '/tmp'
++sys.path.append('/usr/share/cobbler/web')
++sys.path.append('/usr/share/cobbler/web/cobbler_web')
++
++import django.core.handlers.wsgi
++application = django.core.handlers.wsgi.WSGIHandler()
 === added directory '.pc/59_add_csrf_protection.patch'
 === added file '.pc/59_add_csrf_protection.patch/.timestamp'
 === added directory '.pc/59_add_csrf_protection.patch/web'
 === added directory '.pc/59_add_csrf_protection.patch/web/cobbler_web'
 === added directory '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates'
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/filter.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/filter.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/filter.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,155 @@
++{% if pageinfo %}
++<script type="text/javascript">
++function add_filter() {
++    field_name = document.getElementById("filter_field");
++    field_value = document.getElementById("filter_value");
++    if (field_name.value == "") {
++        alert("You must select a field to filter on.");
++    } else if (field_value.value == "") {
++        alert("You must select a filter value.");
++    } else {
++        location = '/cobbler_web/{{ what }}/modifylist/addfilter/'+field_name.value+':'+field_value.value;
++    }
++}
++</script>
++<ul id="filter-adder">
++  <li>
++    <label for="filter_field">Filter</label>
++    <select id="filter_field" name="filter_field" class="filter">
++      <option value=""></option>
++      <option value="name">name</option>
++      {% ifequal what "distro" %}<option value="arch">arch</option>
++      <option value="breed">breed</option>
++      <option value="comment">comment</option>
++      <option value="kernel">kernel</option>
++      <option value="initrd">initrd</option>
++      <option value="kernel_options">kernel options</option>
++      <option value="kernel_options_post">kernel options (post install)</option>
++      <option value="ks_meta">kickstart metadata</option>
++      <option value="mgmt_classes">management classes</option>
++      <option value="os_version">os version</option>
++      <option value="owners">owners</option>
++      <option value="redhat_management_key">red hat management key</option>
++      <option value="redhat_management_server">red hat management server</option>
++      <option value="fetchable_files">fetchable files</option>
++      <option value="template_files">template files</option>{% endifequal %}
++      {% ifequal what "profile" %}<option value="comment">comment</option>
++      <option value="dhcp_tag">dhcp tag</option>
++      <option value="distro">distro</option>
++      <option value="owners">owners</option>
++      <option value="kickstart">kickstart</option>
++      <option value="kernel_options">kernel options</option>
++      <option value="kernel_options_post">kernel options (post install)</option>
++      <option value="ks_meta">kickstart metadata</option>
++      <option value="mgmt_classes">management classes</option>
++      <option value="mgmt_parameters">management parameters</option>
++      <option value="name_servers">name servers</option>
++      <option value="name_servers_search">name servers search</option>
++      <option value="parent">parent (subprofiles only)</option>
++      <option value="redhat_management_key">red hat management key</option>
++      <option value="redhat_management_server">red hat management server</option>
++      <option value="repos">repos</option>
++      <option value="fetchable_files">fetchable files</option>
++      <option value="template_files">template files</option>
++      <option value="virt_auto_boot">virt autoboot</option>
++      <option value="virt_bridge">virt bridge</option>
++      <option value="virt_cpus">virt cpus</option>
++      <option value="virt_file_size">virt file size (GB)</option>
++      <option value="virt_path">virt path</option>
++      <option value="virt_ram">virt ram (MB)</option>
++      <option value="virt_type">virt type</option>
++      <option value="server">server override</option>{% endifequal %}
++      {% ifequal what "system" %}<option value="bonding">bonding</option>
++      <option value="bonding_master">bonding master</option>
++      <option value="bonding_opts">bonding opts</option>
++      <option value="comment">comment</option>
++      <option value="dhcp_tag">dhcp tag</option>
++      <option value="distro">distro</option>
++      <option value="dns_name">dns name</option>
++      <option value="gateway">gateway</option>
++      <option value="hostname">hostname</option>
++      <option value="image">image</option>
++      <option value="ip_address">ip address</option>
++      <option value="kickstart">kickstart</option>
++      <option value="kernel_options">kernel options</option>
++      <option value="kernel_options_post">kernel options (post install)</option>
++      <option value="ks_meta">kickstart metadata</option>
++      <option value="mac_address">mac address</option>
++      <option value="mgmt_classes">management classes</option>
++      <option value="name_servers">name servers</option>
++      <option value="name_servers_search">name servers search</option>
++      <option value="netboot_enabled">netboot enabled</option>
++      <option value="owners">owners</option>
++      <option value="power_address">power address</option>
++      <option value="power_id">power id</option>
++      <option value="power_pass">power password</option>
++      <option value="power_type">power type</option>
++      <option value="power_user">power user</option>
++      <option value="profile">profile</option>
++      <option value="redhat_management_key">red hat management key</option>
++      <option value="redhat_management_server">red hat management server</option>
++      <option value="repos">repos</option>
++      <option value="server">server override</option>
++      <option value="subnet">subnet</option>
++      <option value="static">static</option>
++      <option value="static_routes">static_routes</option>
++      <option value="fetchable_files">fetchable files</option>
++      <option value="template_files">template files</option>
++      <option value="virt_auto_boot">virt autoboot</option>
++      <option value="virt_bridge">virt bridge</option>
++      <option value="virt_cpus">virt cpus</option>
++      <option value="virt_file_size">virt file size (GB)</option>
++      <option value="virt_path">virt path</option>
++      <option value="virt_ram">virt ram (MB)</option>
++      <option value="virt_type">virt type</option>{% endifequal %}
++      {% ifequal what "repo" %}<option value="arch">arch</option>
++      <option value="breed">breed</option>
++      <option value="comment">comment</option>
++      <option value="createrepo_flags">createrepo flags</option>
++      <option value="environment">environment</option>
++      <option value="keep_updated">keep updated</option>
++      <option value="mirror">mirror</option>
++      <option value="mirror_locally">mirror locally</option>
++      <option value="owners">owners</option>
++      <option value="priority">priority</option>
++      <option value="rpm_list">rpm list</option>
++      <option value="yumopts">yum options</option>{% endifequal %}
++      {% ifequal what "image" %}<option value="arch">arch</option>
++      <option value="breed">breed</option>
++      <option value="comment">comment</option>
++      <option value="file">file</option>
++      <option value="image_type">image type</option>
++      <option value="network_count">network count</option>
++      <option value="os_version">os version</option>
++      <option value="owners">owners</option>
++      <option value="virt_auto_boot">virt autoboot</option>
++      <option value="virt_ram">virt ram (MB)</option>
++      <option value="virt_path">virt path</option>
++      <option value="virt_type">virt type</option>
++      <option value="virt_cpus">virt cpus</option>
++      <option value="virt_bridge">virt bridge</option>
++      <option value="virt_file_size">virt file size (GB)</option>{% endifequal %}
++      {% ifequal what "mgmtclass" %}<option value="comment">comment</option>
++      <option value="owners">owners</option>
++      <option value="packages">packages</option>
++      <option value="files">files</option>{% endifequal %}
++      {% ifequal what "network" %}<option value="address">address</option>
++      <option value="broadcast">broadcast</option>
++      <option value="cidr">cidr</option>
++      <option value="gateway">gateway</option>
++      <option value="name_servers">name servers</option>
++      <option value="owners">owners</option>
++  {% endifequal %}
++    </select>
++    <label for="filter_value">on</label><input type="text" name="filter_value" id="filter_value" onkeypress="javascript:if (event.keyCode == 13) add_filter();" />
++    <input class="button" type="button" name="filter_add" id="filter_add" onclick="javascript: add_filter();" value="Add" />
++  </li>
++</ul>
++  {% if filters %}
++<ul id="filter-remover">
++    {% for key,value in filters.items %}
++  <li><a href="/cobbler_web/{{ what }}/modifylist/removefilter/{{ key }}" title="remove">✖</a> {{ key }} = {{ value }}</li>
++    {% endfor %}
++</ul>
++  {% endif %}
++{% endif %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_edit.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_edit.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_edit.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,481 @@
++{% extends "master.tmpl" %}
++{% load site %}
++{% block content %}
++<script type="text/javascript">
++{% ifequal what "system" %}
++function intf_enable_field(field,enabled)
++{
++    if (enabled) {
++        document.getElementById(field+"_row").style.display="table-row"
++    } else {
++        document.getElementById(field+"_row").style.display="none"
++    }
++}
++
++function intf_update_visibility()
++{
++    is_slave  = false
++    is_master = false
++    value = document.getElementById("bonding").value
++    if (value == "slave") {
++        is_slave = true;
++    }
++    else if (value == "master") {
++        is_master = true;
++    }
++
++    is_static = document.getElementById("static").checked
++
++    intf_enable_field("static",!is_slave)
++    intf_enable_field("ip_address",(!is_slave))
++    intf_enable_field("subnet",(!is_slave) && is_static)
++    intf_enable_field("dns_name",!is_slave)
++    intf_enable_field("static_routes",!is_slave)
++    intf_enable_field("dhcp_tag",!is_slave)
++    intf_enable_field("virt_bridge",!is_master)
++    intf_enable_field("bonding_opts",is_master)
++    intf_enable_field("bonding_master",is_slave)
++    intf_enable_field("mtu",!is_slave)
++    intf_enable_field("ipv6_address",!is_slave)
++    intf_enable_field("ipv6_secondaries",!is_slave)
++    intf_enable_field("ipv6_mtu",!is_slave)
++    intf_enable_field("ipv6_static_routes",!is_slave)
++    intf_enable_field("ipv6_default_gateway",!is_slave)
++}
++
++function get_selected_interface()
++{
++   return document.getElementById("interfaces").value
++}
++
++last_interface = ""
++
++function on_interface_change()
++{
++    // called when the user picks something new from the interface selector
++    save_intf(last_interface);
++    clear_intf();
++    last_interface = get_selected_interface()
++    load_intf()
++}
++
++function populate_widgets()
++{
++    var buf = "";
++    buf = buf + "<input type='text' name='newinterfacename' id='newinterfacename' value=''>";
++    buf = buf + "<input class='button' type='button' name='addinterface' value='Add' onclick='javascript:on_interface_add()' />";
++    document.getElementById("widget_network_widget_a").innerHTML = buf;
++
++    buf = "";
++    buf = buf + "<select name='interfaces' id='interfaces' onchange='javascript:on_interface_change()'>";
++    buf = buf + "</select>";
++    buf = buf + "<input class='button' type='button' name='deleteinterface' value='Delete' onclick='javascript:on_interface_delete()' />";
++    document.getElementById("widget_network_widget_b").innerHTML = buf;
++}
++
++function on_interface_add()
++{
++    // called when the user hits the "new interface" button
++
++    var iname = document.getElementById("newinterfacename").value
++
++    if ((iname == "") || (iname == " ")) {
++        alert("invalid interface name")
++        return
++    }
++
++    if (interface_table[iname] != null) {
++        alert("interface already exists")
++        return
++    }
++
++    if (interface_table[iname] == null) {
++        interface_table[iname] = new Array()
++    }
++
++    // fixme: would be nice to have this more autogenerated from the template
++    interface_table[iname]["mac_address"] = ""
++    interface_table[iname]["bonding"] = ""
++    interface_table[iname]["bonding_master"] = ""
++    interface_table[iname]["bonding_opts"] = ""
++    interface_table[iname]["ip_address"] = ""
++    interface_table[iname]["dns_name"] = ""
++    interface_table[iname]["static_routes"] = ""
++    interface_table[iname]["dhcp_tag"] = ""
++    interface_table[iname]["virt_bridge"] = ""
++    interface_table[iname]["subnet"] = ""
++    interface_table[iname]["static"] = false
++    interface_table[iname]["present"] = "1"
++    interface_table[iname]["original"] = "0"
++    interface_table[iname]["mtu"] = ""
++    interface_table[iname]["ipv6_address"] = ""
++    interface_table[iname]["ipv6_secondaries"] = ""
++    interface_table[iname]["ipv6_mtu"] = ""
++    interface_table[iname]["ipv6_static_routes"] = ""
++    interface_table[iname]["ipv6_default_gateway"] = ""
++
++    var interfaces = document.getElementById("interfaces")
++    ilen = interfaces.length
++    var new_option = new Option(iname,iname)
++    interfaces.options[ilen] = new_option
++    interfaces.selectedIndex = ilen
++    on_interface_change() // explicit firing required
++}
++
++function on_interface_delete()
++{
++    selected = get_selected_interface()
++    interfaces = document.getElementById("interfaces")
++
++    if (interfaces.length == 1) {
++        alert("systems must always have at least one interface")
++        return
++    }
++
++    clear_intf()
++    for (i = interfaces.options.length - 1; i>=0; i--) {
++        if (interfaces.options[i].value == selected) {
++            interfaces.remove(i)
++        }
++    }
++    interface_table[selected]["present"] = 0
++    interfaces.selectedIndex = 0
++    load_intf()
++}
++
++function get_enabled_field(field,enabled)
++{
++    if (enabled) {
++        return document.getElementById(field).value
++    } else {
++        return ""
++    }
++}
++
++function save_intf(which)
++{
++    // this populates the interface widget with the data for the currently selected interface
++    // and is called when the user picks a certain interface from the drop-down
++
++    iname = which
++    var itable = interface_table[iname]
++    if (itable == null) {
++        interface_table[iname] = new Array()
++        itable = interface_table[iname]
++    }
++
++    var bond = document.getElementById("bonding").value
++    var is_slave  = false;
++    var is_master = false;
++    if (bond == "master") {
++        is_master  = true;
++    }
++    if (bond == "slave") {
++        is_slave   = true;
++    }
++    is_static=document.getElementById("static").checked
++
++    itable["name"]           = iname
++    itable["mac_address"]    = document.getElementById("mac_address").value
++    itable["bonding"]        = bond
++    itable["bonding_master"] = get_enabled_field("bonding_master",is_slave)
++    itable["bonding_opts"]   = get_enabled_field("bonding_opts",is_master)
++    itable["static"]         = is_static
++    itable["ip_address"]     = get_enabled_field("ip_address",(!is_slave))
++    itable["subnet"]         = get_enabled_field("subnet",(!is_slave) && is_static)
++    itable["dns_name"]       = get_enabled_field("dns_name",!is_slave)
++    itable["static_routes"]  = get_enabled_field("static_routes",!is_slave)
++    itable["dhcp_tag"]       = get_enabled_field("dhcp_tag",!is_slave)
++    itable["virt_bridge"]    = get_enabled_field("virt_bridge",!is_master)
++    itable["present"]        = document.getElementById("present").value
++    itable["original"]       = document.getElementById("original").value
++    itable["mtu"]                  = get_enabled_field("mtu",!is_slave)
++    itable["ipv6_address"]         = get_enabled_field("ipv6_address",!is_slave)
++    itable["ipv6_secondaries"]     = get_enabled_field("ipv6_secondaries",!is_slave)
++    itable["ipv6_mtu"]             = get_enabled_field("ipv6_mtu",!is_slave)
++    itable["ipv6_static_routes"]   = get_enabled_field("ipv6_static_routes",!is_slave)
++    itable["ipv6_default_gateway"] = get_enabled_field("ipv6_default_gateway",!is_slave)
++}
++
++function load_intf()
++{
++    // this populates the interface widget with the data for the currently selected interface
++    // and is called when the user picks a certain interface from the drop-down
++    // FIXME: can we load this up from the template data?
++    intf = get_selected_interface()
++    document.getElementById("mac_address").value    = interface_table[intf]["mac_address"]
++    document.getElementById("bonding").value        = interface_table[intf]["bonding"]
++    document.getElementById("bonding_master").value = interface_table[intf]["bonding_master"]
++    document.getElementById("bonding_opts").value   = interface_table[intf]["bonding_opts"]
++    document.getElementById("static").checked       = interface_table[intf]["static"]
++    document.getElementById("ip_address").value     = interface_table[intf]["ip_address"]
++    document.getElementById("subnet").value         = interface_table[intf]["subnet"]
++    document.getElementById("dns_name").value       = interface_table[intf]["dns_name"]
++    document.getElementById("static_routes").value  = interface_table[intf]["static_routes"]
++    document.getElementById("dhcp_tag").value       = interface_table[intf]["dhcp_tag"]
++    document.getElementById("virt_bridge").value    = interface_table[intf]["virt_bridge"]
++    document.getElementById("present").value        = interface_table[intf]["present"]
++    document.getElementById("original").value       = interface_table[intf]["original"]
++    document.getElementById("mtu").value                  = interface_table[intf]["mtu"]
++    document.getElementById("ipv6_address").value         = interface_table[intf]["ipv6_address"]
++    document.getElementById("ipv6_secondaries").value     = interface_table[intf]["ipv6_secondaries"]
++    document.getElementById("ipv6_mtu").value             = interface_table[intf]["ipv6_mtu"]
++    document.getElementById("ipv6_static_routes").value   = interface_table[intf]["ipv6_static_routes"]
++    document.getElementById("ipv6_default_gateway").value = interface_table[intf]["ipv6_default_gateway"]
++
++    intf_update_visibility()
++}
++
++function clear_intf()
++{
++    // this clears the interface list and populates it with the currently selected interface data
++
++    document.getElementById("mac_address").value          = ""
++    document.getElementById("bonding").value              = "na"
++    document.getElementById("bonding_master").value       = ""
++    document.getElementById("bonding_opts").value         = ""
++    document.getElementById("static").checked             = true
++    document.getElementById("ip_address").value           = ""
++    document.getElementById("subnet").value               = ""
++    document.getElementById("dns_name").value             = ""
++    document.getElementById("static_routes").value        = ""
++    document.getElementById("dhcp_tag").value             = ""
++    document.getElementById("virt_bridge").value          = ""
++    document.getElementById("present").value              = "1"
++    document.getElementById("original").value             = "0"
++    document.getElementById("mtu").value                  = ""
++    document.getElementById("ipv6_address").value         = ""
++    document.getElementById("ipv6_secondaries").value     = ""
++    document.getElementById("ipv6_mtu").value             = ""
++    document.getElementById("ipv6_static_routes").value   = ""
++    document.getElementById("ipv6_default_gateway").value = ""
++
++
++}
++
++function build_interface_table()
++{
++    // called during onload, this stores all of the interfaces from Cheetah in javascript
++    // so that we can manipulate them dynamically in more interesting ways
++    interface_table = new Array()
++    var last = ""
++  {% smart_if interface_length > 0 %}
++    var ifound = 0
++    {% for key,value in interfaces.items %}
++    interface_table['{{ key }}'] = new Array()
++    interface_table['{{ key }}']["mac_address"]          = "{{ value.mac_address }}"
++    interface_table['{{ key }}']["bonding"]              = "{{ value.bonding }}"
++    interface_table['{{ key }}']["bonding_master"]       = "{{ value.bonding_master }}"
++    interface_table['{{ key }}']["bonding_opts"]         = "{{ value.bonding_opts }}"
++    interface_table['{{ key }}']["static"]               = {{ value.static|lower }}
++    interface_table['{{ key }}']["ip_address"]           = "{{ value.ip_address }}"
++    interface_table['{{ key }}']["subnet"]               = "{{ value.subnet }}"
++    interface_table['{{ key }}']["dns_name"]             = "{{ value.dns_name }}"
++    interface_table['{{ key }}']["static_routes"]        = "{{ value.static_routes|join:" " }}"
++    interface_table['{{ key }}']["dhcp_tag"]             = "{{ value.dhcp_tag }}"
++    interface_table['{{ key }}']["virt_bridge"]          = "{{ value.virt_bridge }}"
++    interface_table['{{ key }}']["present"]              = "1"
++    interface_table['{{ key }}']["original"]             = "1"
++    interface_table['{{ key }}']["mtu"]                  = "{{ value.mtu }}"
++    interface_table['{{ key }}']["ipv6_address"]         = "{{ value.ipv6_address }}"
++    interface_table['{{ key }}']["ipv6_secondaries"]     = "{{ value.ipv6_secondaries|join:" " }}"
++    interface_table['{{ key }}']["ipv6_mtu"]             = "{{ value.ipv6_mtu }}"
++    interface_table['{{ key }}']["ipv6_static_routes"]   = "{{ value.ipv6_static_routes|join:" " }}"
++    interface_table['{{ key }}']["ipv6_default_gateway"] = "{{ value.ipv6_default_gateway }}"
++    last = "{{ key }}"
++    {% endfor %}
++  {% endsmart_if %}
++    return interface_table
++}
++
++function populate_interfaces() {
++    interfaces = document.getElementById("interfaces")
++    ilen = interfaces.length
++  {% for x in interface_names %}
++    var new_option = new Option("{{ x }}","{{ x }}")
++    interfaces.options[ilen] = new_option
++    interfaces.selectedIndex = ilen
++    ilen = ilen + 1
++  {% endfor %}
++    interfaces.selectedIndex = 0
++    document.getElementById("static").onchange=intf_update_visibility;
++    document.getElementById("bonding").onchange=intf_update_visibility;
++}
++{% endifequal %}
++function on_form_submit()
++{
++{% ifequal what "system" %}
++    // form submission handler
++    save_intf(get_selected_interface())
++    var listing = ""
++    for (var iname in interface_table) {
++        if (listing == "") {
++            listing = iname
++        } else {
++            listing = iname + "," + listing
++        }
++        for (var ikey in interface_table[iname]) {
++            var field_name = ikey + "-" + iname
++            var current_value = interface_table[iname][ikey]
++            var new_input=document.createElement('input')
++            new_input.name=field_name
++            new_input.value=current_value
++            new_input.style.display='none'
++            document.forms[0].appendChild(new_input)
++        }
++    }
++    document.getElementById("interface_list").value = listing
++    document.getElementById("name").disabled= false
++{% endifequal %}
++    // we have to select all items all multiselects
++    // so they'll be submitted and saved correctly
++{% for item in fields %}
++  {% ifequal item.html_element "multiselect" %}
++    var cur_multi = document.getElementById("{{ item.dname }}");
++    if (cur_multi) {
++        for (i=0; i <= cur_multi.options.length - 1; i++) {
++            cur_multi.options[i].selected = true;
++        }
++    }
++  {% endifequal %}
++{% endfor %}
++    document.forms[0].submit()
++}
++
++function page_onload() {
++{% ifequal what "system" %}
++    populate_widgets();
++    interface_table = build_interface_table();
++    populate_interfaces();
++    last_interface = get_selected_interface();
++    load_intf();
++{% endifequal %}
++}
++</script>
++
++<script type="text/javascript">
++$(document).ready(function()
++{
++  //hide the all of the element with class msg_body
++  $(".sectionbody").hide();
++  $("#block_General").show();
++  //toggle the componenet with class sectionbody
++  $(".sectionheader").click(function()
++  {
++    $(this).next(".sectionbody").slideToggle(500);
++  });
++});
++</script>
++
++<h1>{% ifequal editmode 'edit'  %}Editing{% else %}Adding{% endifequal %} a {{ what|capfirst }}{%ifequal editmode 'edit' %}: {{ name }}{% endifequal %}</h1>
++<hr />
++<form method="post" action="/cobbler_web/{{ what }}/save">
++  <input type="hidden" name="editmode" value="{{ editmode }}" />
++  <input type="hidden" name="subobject" value="{{ subobject }}" />
++  <ol>
++    <li class="hidden"></li>
++{% for item in fields %}
++  {% ifchanged item.block_section %}
++  </ol>
++  <fieldset><legend class="sectionheader">&rArr; {{ item.block_section }}</legend>
++  <ol class="sectionbody" id="block_{{ item.block_section }}">
++  {% endifchanged %}
++    <li id="{{ item.dname  }}_row" class="editrow">
++      <label for="{{ item.dname }}" id="{{ item.dname }}_caption">{{ item.caption }}</label>
++  {% ifequal item.html_element "widget" %}
++      <span id="widget_{{ item.dname }}"></span>
++  {% else %}
++    {% ifequal item.html_element "text" %}
++      {% smart_if editmode == "edit" and item.dname == "name" %}
++      {{ item.value }} (editing, value is read-only)
++      <input type="hidden" name="{{ item.dname }}" id="{{ item.dname }}" value="{{ item.value }}" />
++      {% else %}
++      <input type="text" name="{{ item.dname }}" id="{{ item.dname }}" value="{{ item.value }}" />
++      {% endsmart_if %}
++    {% endifequal %}
++    {% ifequal item.html_element "textarea" %}
++      <textarea name="{{ item.dname }}" id="{{ item.dname }}">{{ item.value }}</textarea>
++    {% endifequal %}
++    {% ifequal item.html_element "radio" %}
++      {% for choice in item.choices %}
++        {% ifequal item.value choice %}
++      <input type="radio" name="{{ item.dname }}" id="{{ item.dname }}" value="{{ choice }}" checked="checked">{{ choice }}&nbsp;
++        {% else %}
++      <input type="radio" name="{{ item.dname }}" id="{{ item.dname }}" value="{{ choice }}">{{ choice }}&nbsp;
++        {% endifequal %}
++      {% endfor %}
++    {% endifequal %}
++    {% ifequal item.html_element "checkbox" %}
++      {% ifequal item.value 1 %}
++      <input type="checkbox" name="{{ item.dname }}" id="{{ item.dname }}" value="{{ item.dname }}" checked="checked" />
++      {% else %}
++      <input type="checkbox" name="{{ item.dname }}" id="{{ item.dname }}" value="{{ item.dname }}" />
++      {% endifequal %}
++    {% endifequal %}
++    {% ifequal item.html_element "select" %}
++      <select id="{{ item.dname }}" name="{{ item.dname }}">
++      {% for choice in item.choices %}
++        {% ifequal item.value choice %}
++        <option value="{{ choice }}" selected>{{ choice }}</A>
++        {% else %}
++        <option value="{{ choice }}">{{ choice }}</A>
++        {% endifequal %}
++      {% endfor %}
++      </select>
++    {% endifequal %}
++    {% ifequal item.html_element "multiselect" %}
++      <div class="multiselect">
++        <div class="multileft">
++          <label for="from_{{ item.dname }}">Available:</label>
++          <select multiple id="from_{{ item.dname }}" name="from_{{ item.dname }}" class="edit">
++      {% for choice in item.choices %}
++        {% smart_if choice not in item.value_raw %}
++            <option value="{{ choice }}">{{ choice }}</a>
++        {% endsmart_if %}
++      {% endfor %}
++          </select>
++        </div>
++        <div class="multibuttons">
++          <input class="button" type="button" value="&gt;&gt;" id="add_{{ item.dname }}" onclick="$('#from_{{ item.dname }} option:selected').remove().appendTo('#{{ item.dname }}');" />
++          <input class="button" type="button" value="&lt;&lt;" id="remove_{{ item.dname }}" onclick="$('#{{ item.dname }} option:selected').remove().appendTo('#from_{{ item.dname }}');" />
++        </div>
++        <div class="multiright">
++          <label for="{{ item.dname }}">Selected:</label>
++          <select multiple id="{{ item.dname }}" name="{{ item.dname }}" class="edit">
++      {% for choice in item.choices %}
++        {% smart_if choice in item.value_raw %}
++            <option value="{{ choice }}">{{ choice }}</a>
++        {% endsmart_if %}
++      {% endfor %}
++          </select>
++        </div>
++      </div>
++    {% endifequal %}
++    {% smart_if editmode == "edit" and item.dname != "name" %}
++      {% if item.tooltip %}
++      <span class="context-tip">{{ item.tooltip }}</span>
++      {% endif %}
++    {% endsmart_if %}
++    </li>
++  {% endifequal %}
++{% endfor %}
++  </ol>
++  </fieldset>
++
++{% ifequal what "system" %}
++  <input type="hidden" id="interface_list" name="interface_list" value="1" />
++  <input type="hidden" id="present" name="present" value="1" />
++  <input type="hidden" id="original" name="original" value="1" />
++{% endifequal %}
++
++  <div>
++{% if editable %}
++    <input class="button" type="submit" name="submit" onClick="on_form_submit();" value="Save" />
++    <input class="button" type="reset" name="reset" value="Reset" />
++{% else %}
++    This user does not have permissions to edit this object.
++{% endif %}
++  </div>
++
++</form>
++{% endblock content %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_list.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_list.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/generic_list.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,192 @@
++{% extends "master.tmpl" %}
++{% load site %}
++{% block content %}
++
++<script type="text/javascript">
++function items_check_all(){
++    var checkall = document.getElementById("itemsall").checked
++    var items    = document.getElementsByName("items")
++    for(i=0; i<items.length; ++i) {
++        items[i].checked=checkall;
++        items_check(items[i])
++    }
++}
++
++function items_check(obj) {
++    obj.parentNode.parentNode.className=(obj.checked)? 'selected' : '';
++}
++
++function items_checked_values() {
++    var items = document.getElementsByName("items")
++    var values = new Array();
++    for(i=0; i<items.length; ++i) {
++        if (items[i].checked) {
++            values.push(items[i].value)
++        }
++    }
++    s = values.join(" ")
++    return s;
++}
++
++function obj_rename(old) {
++    var newname = window.prompt("Change {{ what }} name to?",old);
++    if (newname != null) {
++        window.location = "/cobbler_web/{{ what }}/rename/" + old + "/" + newname;
++    }
++}
++function obj_copy(old) {
++    var newname = window.prompt("Name for the new {{ what }}?",old);
++    if (newname != null) {
++        window.location = "/cobbler_web/{{ what }}/copy/" + old + "/" + newname;
++    }
++}
++function obj_delete(old) {
++    if (confirm("Delete {{ what }} (" + old + ") and all child objects?")) {
++        window.location = "/cobbler_web/{{ what }}/delete/" + old;
++    }
++}
++
++function action(otype) {
++    sel_action = document.getElementById("actions").value
++    what   = sel_action.split("|")[0]
++    action = sel_action.split("|")[1]
++    document.location = "/cobbler_web/" + what + "/" + action
++}
++
++function action_multi(otype) {
++    var values = items_checked_values()
++    if (values == "") {
++       return
++    }
++    document.getElementById("names").value = values
++
++    sel_batchaction = document.getElementById("batchactions").value
++    action = sel_batchaction.split("|")[0]
++    param  = sel_batchaction.split("|")[1]
++
++    if (action == "profile") {
++        param = window.prompt("New installation profile name for checked systems?","")
++        if ((param == null) || (param == "")) {
++            return
++        }
++        value = 1
++    }
++    else {
++        value = null
++    }
++    if ((action == "power") && (param == "on")) {
++        value = confirm("Confirm: Really power up all checked systems?")
++    }
++    if ((action == "power") && (param == "off")) {
++        value = confirm("Confirm: Really power down all checked systems?")
++    }
++    if ((action == "power") && (param == "reboot")) {
++        value = confirm("Confirm: Really reboot all checked systems?")
++    }
++    if ((action == "netboot") && (param == "enable")) {
++        value = confirm("Confirm: Really flag all checked systems for PXE reinstallation?")
++    }
++    if ((action == "netboot") && (param == "disable")) {
++        value = confirm("Confirm: Really disable all checked systems for PXE reinstallation?")
++    }
++    if ((action == "delete" ) && (param == "delete")) {
++        value = confirm("Confirm: Really delete all checked " + otype + "?" )
++    }
++    if ((action == "reposync")) {
++        value = "reposync"
++    }
++
++    if (value) {
++        document.myform.action = "/cobbler_web/" + otype + "/multi/" + action + "/" + param
++        document.myform.submit()
++    }
++    else {
++        alert("Operation aborted.")
++    }
++}
++</script>
++<h1>{{ what|title }}s</h1>
++<hr />
++<ul id="submenubar">
++  <li>
++    <a class="action" href="/cobbler_web/{{what}}/edit">Create new {{ what }}</a>
++    {% ifequal what "profile" %}<a class="action" href="/cobbler_web/sub{{what}}/edit">Create new sub-{{ what }}</a>{% endifequal %}
++  </li>
++  <li>
++    <select id="batchactions">
++      <option value="" selected="selected">Batch Actions</option>
++      {% for title,action,value in batchactions %}<option value="{{ action }}|{{ value }}">{{ title }}</option>{% endfor %}
++    </select>
++    <input class="button" type="button" value="go" onclick="javascript:action_multi('{{ what }}')" />
++  </li>
++  {% include "paginate.tmpl" %}
++</ul>
++
++<form name="myform" method="post" action="/cobbler_web/{{ what }}/action">
++  <table id="listitems" cellspacing="0">
++    <thead>
++      <tr>
++        <th>
++          <input type="checkbox" id="itemsall" onclick="javascript:items_check_all();" />
++        </th>
++{% for value in columns %}
++        <th>
++          <a href="/cobbler_web/{{ what }}/modifylist/sort/{{ value.0 }}">{{ value.0|title }}</a>
++  {% ifequal value.1 "asc" %}
++          &darr;
++  {% endifequal %}
++  {% ifequal value.1 "desc" %}
++          &uarr;
++  {% endifequal %}
++        </th>
++{% endfor %}
++        <th>Actions</th>
++      </tr>
++    </thead>
++    <tbody>
++{% for item in items %}
++      <tr class="{% cycle 'rowodd' 'roweven' %}">
++        <td><input type="checkbox" name="items" value="{{ item.0.1 }}" onclick="javascript:items_check(this);" /></td>
++  {% for value in item %}
++        <td>
++    {% ifequal value.0 "name" %}
++          <a href="/cobbler_web/{{ what }}/edit/{{ value.1 }}">{{ value.1 }}</a>
++    {% endifequal %}
++    {% ifequal value.2 "editlink" %}
++      {% ifnotequal value.1 "~" %}
++          <a href="/cobbler_web/{{ value.0 }}/edit/{{ value.1 }}">{{ value.1 }}</a>
++      {% endifnotequal %}
++    {% endifequal %}
++    {% ifequal value.2 "checkbox" %}
++      {% ifequal value.1 1 %}
++          <input type="checkbox" name="{{ item.name }}" id="{{ item.name }}" value="{{ item.name }}" disabled="disabled" checked="checked" />
++      {% else %}
++          <input type="checkbox" name="{{ item.name }}" id="{{ item.name }}" value="{{ item.name }}" disabled="disabled" />
++      {% endifequal %}
++    {% endifequal %}
++    {% ifequal value.2 "text" %}
++          {{ value.1 }}
++    {% endifequal %}
++        </td>
++  {% endfor %}
++        <td>
++          <a class="action" href="/cobbler_web/{{ what }}/edit/{{ item.0.1 }}">Edit</a>
++          <span class="action" onClick="javascript:obj_copy('{{ item.0.1 }}')">Copy</span>
++          <span class="action" onClick="javascript:obj_rename('{{ item.0.1 }}')">Rename</span>
++          <span class="action" onClick="javascript:obj_delete('{{ item.0.1 }}')">Delete</span>
++  {% ifequal what "system" %}
++          <span class="action" onClick="window.location='/cblr/svc/op/ks/system/{{ item.0.1 }}'">View kickstart</span>
++  {% endifequal %}
++  {% ifequal what "profile" %}
++          <span class="action" onClick="window.location='/cblr/svc/op/ks/profile/{{ item.0.1 }}'">View kickstart</span>
++  {% endifequal %}
++        </td>
++      </tr>
++{% endfor %}
++    </tbody>
++  </table>
++  <input type="hidden" name="names" id="names" value=""/>
++</form>
++{% include "filter.tmpl" %}
++
++{% endblock content %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/import.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/import.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/import.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,47 @@
++{% extends 'master.tmpl' %}
++{% block content %}
++<h1>DVD Importer</h1>
++<hr />
++<form method="post" action="/cobbler_web/import/run">
++  <div class="sectionbody">
++  <ul>
++    <li class="editrow">
++      <label for="name" class="inputlabel">Prefix</label>
++      <input type="text" size="128" name="name" id="name" />
++      <span class="context-tip">Example:  rhel5u3, fedora11 (do not include the arch name)</span>
++    </li>
++    <li class="editrow">
++      <label for="arch" class="inputlabel">Arch</label>
++      <select name="arch" id="arch">
++        <option value="i386">i386</option>
++        <option value="x86_64">x86_64</option>
++        <option value="ia64">ia64</option>
++        <option value="ppc">ppc</option>
++        <option value="ppc64">ppc64</option>
++        <option value="s390">s390</option>
++        <option value="s390x">s390x</option>
++        <option value="arm">arm</option>
++      </select>
++      <span class="context-tip">Architecture of the DVD you are importing</span>
++    </li>
++    <li class="editrow">
++      <label for="breed" class="inputlabel">Breed</label>
++      <select name="breed" id="breed">
++        <option value="redhat">Red Hat based (includes Fedora, CentOS, Scientific Linux)</option>
++        <option value="debian">Debian</option>
++        <option value="ubuntu">Ubuntu</option>
++        <option value="suse">SUSE</option>
++      </select>
++      <span class="context-tip">Type of OS you are importing.  If yours is not listed here (ex: SUSE), you will have to add a distro manually.  Other distro imports may be supported in the future.  Non Red Hat based distros may require additional instructions, see the <a href="http://fedorahosted.org/cobbler">Wiki</a> for details.</span>
++    </li>
++    <li class="editrow">
++      <label for="path" class="inputlabel">Path</label>
++      <input type="text" size="128" name="path" id="path" />
++      <span class="context-tip">Full path to mounted DVD contents only (ex: /mnt/cdrom).  No CD ISOs!.  Content will be copied by Cobbler to /var/www/cobbler/ks_mirror automatically and then cobbler will create distro and profile objects for each ISO imported.  If you need more control about where files are sourced or end up, create new distro and profile object manually.</span>
++    </li>
++    <li class="editrow">
++      <input class="button" type="submit" name="submit" value="Run" />
++    </li>
++  </ul>
++</form>
++{% endblock content %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/ksfile_edit.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/ksfile_edit.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/ksfile_edit.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,58 @@
++{% extends 'master.tmpl' %}
++{% block content %}
++
++{% if not editable %}
++<blockquote>
++  NOTE: You do not have permission to make changes to this
++  kickstart template and can only read it.  It is possible that
++  other Cobbler users has secured permissions on Cobbler
++  profiles/systems that depend on this template -- changing this
++  template would ultimately affect those profile/system records which
++  you do not have access to.  Alternatively, you may not have access
++  to edit *any* kickstart templates.  Contact your Cobbler server administrator
++  if you need to resolve this.
++</blockquote>
++<br />
++{% else %}
++<h1>{% ifequal editmode 'edit' %}Editing{% else %}Adding{% endifequal %} a Kickstart Template</h1>
++<hr />
++<form id="ksform" method="post" action="/cobbler_web/ksfile/save">
++  <ol>
++    <li>
++      <label for="ksdata">{% if ksfile_name %}Editing: {{ ksfile_name }}{% else %}Filename:{% endif %}</label>
++  {% ifnotequal editmode 'edit' %}
++      <input type="text" name="ksfile_name" id="ksfile_name" />
++      <span class="context-tip">Example:  foo.ks (to be saved in /var/lib/cobbler/kickstarts/)</span>
++  {% else %}
++      <input type="hidden" name="ksfile_name" value="{{ ksfile_name }}" />
++  {% endifnotequal %}
++    </li>
++    <li>
++      <pre><textarea name="ksdata" id="ksdata">{{ ksdata }}</textarea></pre>
++    </li>
++  {% if deleteable %}
++    <li>
++      <label class="delete" for="delete1">Delete</label>
++      <input type="checkbox" name="delete1" value="delete1" />
++      <label class="delete" for="delete2">Really?</label>
++      <input type="checkbox" name="delete2" value="delete2" />
++      <span class="context-tip">Check both buttons and click save to delete this object</span>
++    </li>
++  {% else %}
++    {% ifequal editmode "edit" %}
++    <li>
++      <span class="warn">NOTE: This kickstart template is currently in-use.</span>
++    </li>
++    {% endifequal %}
++  {% endif %}
++  {% if editable %}
++    <li>
++      <input type="hidden" name="editmode" value="{{ editmode }}" />
++      <input class="button" type="submit" name="submit" value="Save" />
++      <input class="button" type="reset" name="reset" value="Reset" />
++    </li>
++  {% endif %}
++  </ol>
++</form>
++{% endif %}
++{% endblock content %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/login.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/login.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/login.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,29 @@
++<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
++<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
++<head>
++    <title>{% block title %}Cobbler Web Interface{% endblock %}</title>
++    <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/>
++    <link rel="stylesheet" type="text/css" media="all" href="/cobbler_webui_content/style.css" />
++</head>
++<body class="loginscreen">
++  <div id="login">
++    <img src="/cobbler_webui_content/logo-ubuntu.png" width="185" />
++    <b><big>Orchestra</big></b><br/>(powered by <a href="https://fedorahosted.org/cobbler/">Cobbler</a>)<br/><br/>
++{% if form.errors %}
++    <p class="error">Sorry, that's not a valid username or password</p>
++{% endif %}
++    <form action="/cobbler_web/do_login" method="post">
++      {% if next %}<input type="hidden" name="next" value="{{ next|escape }}" />{% endif %}
++      <div id="username">
++        <label for="username">Username: </label>
++        <input type="text" name="username" value="" id="username" autofocus>
++      </div>
++      <div id="password">
++        <label for="password">Password: </label>
++        <input type="password" name="password" value="" id="password">
++      </div>
++      <input class="button" type="submit" value="login" />
++    </form>
++  </div>
++</body>
++</html>
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/master.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/master.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/master.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,66 @@
++<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
++<html xml:lang="en" lang="en" xmlns="http://www.w3.org/1999/xhtml">
++<head>
++  <title>{% block title %}Cobbler Web Interface{% endblock %}</title>
++  <meta http-equiv="Content-Type" content="text/html;charset=utf-8" />
++  <script src="/cobbler_webui_content/jquery-1.3.2.js" type="text/javascript"></script>
++  <script src="/cobbler_webui_content/jsGrowl.js" type="text/javascript"></script>
++  <script src="/cobbler_webui_content/jsGrowl_jquery.js" type="text/javascript"></script>
++  <script src="/cobbler_webui_content/cobbler.js" type="text/javascript"></script>
++  <link rel="stylesheet" type="text/css" media="all" href="/cobbler_webui_content/style.css" />
++  <link rel="stylesheet" type="text/css" media="all" href="/cobbler_webui_content/jsGrowl.css" />
++</head>
++<body onload="go_go_gadget()">
++<div id="container">
++  <div id='user'>
++    <input type="hidden" name="username" id="username" value="{{ username }}" />
++    Logged in: <b>{{ username }}</b> <a class="action" href="/cobbler_web/logout">Logout</a>
++  </div>
++    <div id="menubar">
++      <big><b>Orchestra</b></big><br/><i>powered by <a href="https://fedorahosted.org/cobbler/">Cobbler</a></i><br/><br/>
++      <h1>Configuration</h1>
++      <ul>
++        <li><a href="/cobbler_web/distro/list" class="edit">Distros</a></li>
++        <li><a href="/cobbler_web/profile/list" class="edit">Profiles</a></li>
++        <li><a href="/cobbler_web/system/list" class="edit">Systems</a></li>
++        <li><a href="/cobbler_web/repo/list" class="edit">Repos</a></li>
++        <li><a href="/cobbler_web/image/list" class="edit">Images</a></li>
++        <li><a href="/cobbler_web/ksfile/list" class="edit">Kickstart Templates</a></li>
++        <li><a href="/cobbler_web/snippet/list" class="edit">Snippets</a></li>
++        <li><a href="/cobbler_web/mgmtclass/list" class="edit">Management Classes</a></li>
++      </ul>
++      <h1>Resources</h1>
++      <ul>
++        <li><a href="/cobbler_web/package/list" class="edit">Packages</a></li>
++        <li><a href="/cobbler_web/file/list" class="edit">Files</a></li>
++      </ul>
++      <h1>Actions</h1>
++      <ul>
++        <li><a href="/cobbler_web/import/prompt">Import DVD</a></li>
++        <li><a href="/cobbler_web/sync">Sync</a> ☼</li>
++        <li><a href="/cobbler_web/reposync">Reposync</a> ☼ </li>
++        <li><a href="/cobbler_web/hardlink">Hardlink</a> ☼ </li>
++        <!-- <li><a href="/cobbler_web/replicate">Replicate</a> ☼ </li> -->
++        <li><a href="/cobbler_web/buildiso">Build ISO</a> ☼ </li>
++      </ul>
++      <h1>Cobbler</h1>
++      <ul>
++        <li><a href="/cobbler_web/settings" class="menu">Settings</a></li>
++        <li><a href="/cobbler_web/check" class="menu">Check</a></li>
++        <li><a href="/cobbler_web/events" class="menu">Events</a></li>
++        <li><a href="https://fedorahosted.org/cobbler/wiki/UserDocs">Online Documentation</a></li>
++        <li><a href="http://webchat.freenode.net?channels=#cobbler">Online Help Chat</a></li>
++      </ul>
++    </div>
++    <div id="content">
++{% block content %}
++      <h1 class="error">Template Failure</h1>
++{% endblock %}
++    </div>
++    <div id="jsGrowl"></div>
++</div>
++<div id="footer">
++  <a href="http://fedorahosted.org/cobbler">Cobbler {{ version }}</a>
++</div>
++</body>
++</html>
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/paginate.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/paginate.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/paginate.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,22 @@
++{% if pageinfo %}
++<li class="paginate"><label for="limit">Items/page:</label>
++  <select name="limit" id="limit" onchange="javascript:location='/cobbler_web/{{ what }}/modifylist/limit/'+this.value">
++  {% for p in pageinfo.items_per_page_list %}
++    <option value="{{ p }}"{% ifequal pageinfo.items_per_page p %} selected="selected"{% endifequal %}>{{ p }}</option>
++  {% endfor %}
++  </select>
++  {% ifnotequal pageinfo.prev_page "~" %}
++  <a href="/cobbler_web/{{ what }}/modifylist/page/{{ pageinfo.prev_page }}"><span class="lpointers">&lArr;</span></a>
++  {% else %}
++  <span class="lpointers">&lArr;</span>
++  {% endifnotequal %}
++  <select name="page" id="page" onchange="javascript:location='/cobbler_web/{{ what }}/modifylist/page/'+this.value">
++    {% for p in pageinfo.pages %}<option value="{{ p }}"{% ifequal pageinfo.page p %} selected="selected"{% endifequal %}>Page {{ p }}</option>{% endfor %}
++  </select>
++  {% ifnotequal pageinfo.next_page "~" %}
++  <a href="/cobbler_web/{{ what }}/modifylist/page/{{ pageinfo.next_page }}"><span class="rpointers">&rArr;</span></a>
++  {% else %}
++  <span class="rpointers">&rArr;</span>
++  {% endifnotequal %}
++</li>
++{% endif %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/templates/snippet_edit.tmpl'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/snippet_edit.tmpl	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/templates/snippet_edit.tmpl	2011-11-11 16:30:32 +0000
@@ -0,0 +1,54 @@
++{% extends 'master.tmpl' %}
++{% block content %}
++
++{% if not editable %}
++<blockquote>
++NOTE: You do not have permission to make changes to this
++snippet and can only read it.
++
++Contact your Cobbler server administrator
++if you need to resolve this.
++</blockquote>
++<br />
++{% endif %}
++<h1>{% ifequal editmode 'edit' %}Editing{% else %}Adding{% endifequal %} a Snippet</h1>
++<hr />
++<form id="snippetform" method="post" action="/cobbler_web/snippet/save">
++  <ol>
++    <li>
++      <label for="snippetdata">{% if snippet_name %}Snippet: {{ snippet_name }}{% else %}Filename:{% endif %}</label>
++{% ifnotequal editmode 'edit' %}
++      <input type="text" name="snippet_name" id="snippet_name" />
++      <span class="context-tip">Example:  foo.ks (to be saved in /var/lib/cobbler/snippets/)</span>
++{% else %}
++      <input type="hidden" name="snippet_name" value="{{ snippet_name }}" />
++{% endifnotequal %}
++    </li>
++    <li>
++      <pre><textarea name="snippetdata" id="snippetdata">{{ snippetdata }}</textarea></pre>
++    </li>
++{% if deleteable %}
++    <li>
++      <label class="delete" for="delete1">Delete</label>
++      <input type="checkbox" name="delete1" value="delete1" />
++      <label class="delete" for="delete2">Really?</label>
++      <input type="checkbox" name="delete2" value="delete2" />
++      <span class="context-tip">Check both buttons and click save to delete this object</span>
++    </li>
++{% else %}
++  {% ifequal editmode "edit" %}
++    <li>
++      <span class="warn">NOTE: This kickstart template is currently in-use.</span>
++    </li>
++  {% endifequal %}
++{% endif %}
++{% if editable %}
++    <li>
++      <input type="hidden" name="editmode" value="{{ editmode }}" />
++      <input class="button" type="submit" name="submit" value="Save" />
++      <input class="button" type="reset" name="reset" value="Reset" />
++    </li>
++{% endif %}
++  </ol>
++</form>
++{% endblock content %}
 === added file '.pc/59_add_csrf_protection.patch/web/cobbler_web/views.py'
 --- .pc/59_add_csrf_protection.patch/web/cobbler_web/views.py	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/cobbler_web/views.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,1162 @@
++from django.template.loader import get_template
++from django.template import Context
++from django.template import RequestContext
++from django.http import HttpResponse
++from django.http import HttpResponseRedirect
++from django.shortcuts import render_to_response
++
++import xmlrpclib
++import time
++import simplejson
++import string
++import distutils
++import exceptions
++import time
++
++import cobbler.item_distro    as item_distro
++import cobbler.item_profile   as item_profile
++import cobbler.item_system    as item_system
++import cobbler.item_repo      as item_repo
++import cobbler.item_image     as item_image
++import cobbler.item_mgmtclass as item_mgmtclass
++import cobbler.item_package   as item_package
++import cobbler.item_file      as item_file
++import cobbler.field_info     as field_info
++import cobbler.utils          as utils
++
++url_cobbler_api = None
++remote = None
++username = None
++
++#==================================================================================
++
++def index(request):
++   """
++   This is the main greeting page for cobbler web.
++   """
++   if not test_user_authenticated(request): return login(request,next="/cobbler_web")
++
++   t = get_template('index.tmpl')
++   html = t.render(Context({
++        'version' : remote.version(request.session['token']),
++        'username': username,
++   }))
++   return HttpResponse(html)
++
++#========================================================================
++
++def task_created(request):
++   """
++   Let's the user know what to expect for event updates.
++   """
++   if not test_user_authenticated(request): return login(request)
++   t = get_template("task_created.tmpl")
++   html = t.render(Context({
++       'version'  : remote.version(request.session['token']),
++       'username' : username
++   }))
++   return HttpResponse(html)
++
++#========================================================================
++
++def error_page(request,message):
++   """
++   This page is used to explain error messages to the user.
++   """
++   if not test_user_authenticated(request): return login(request)
++   # FIXME: test and make sure we use this rather than throwing lots of tracebacks for
++   # field errors
++   t = get_template('error_page.tmpl')
++   message = message.replace("<Fault 1: \"<class 'cobbler.cexceptions.CX'>:'","Remote exception: ")
++   message = message.replace("'\">","")
++   html = t.render(Context({
++       'version' : remote.version(request.session['token']),
++       'message' : message,
++       'username': username
++   }))
++   return HttpResponse(html)
++
++#==================================================================================
++
++def get_fields(what, is_subobject, seed_item=None):
++
++    """
++    Helper function.  Retrieves the field table from the cobbler objects
++    and formats it in a way to make it useful for Django templating.
++    The field structure indicates what fields to display and what the default
++    values are, etc.
++    """
++
++    if what == "distro":
++       field_data = item_distro.FIELDS
++    if what == "profile":
++       field_data = item_profile.FIELDS
++    if what == "system":
++       field_data = item_system.FIELDS
++    if what == "repo":
++       field_data = item_repo.FIELDS
++    if what == "image":
++       field_data =  item_image.FIELDS
++    if what == "mgmtclass":
++        field_data = item_mgmtclass.FIELDS
++    if what == "package":
++        field_data = item_package.FIELDS
++    if what == "file":
++        field_data = item_file.FIELDS
++
++    settings = remote.get_settings()
++
++    fields = []
++    for row in field_data:
++
++        # if we are subprofile and see the field "distro", make it say parent
++        # with this really sneaky hack here
++        if is_subobject and row[0] == "distro":
++            row[0] = "parent"
++            row[3] = "Parent object"
++            row[5] = "Inherit settings from this profile"
++            row[6] = []
++
++        elem = {
++            "name"                    : row[0],
++            "dname"                   : row[0].replace("*",""),
++            "value"                   : "?",
++            "caption"                 : row[3],
++            "editable"                : row[4],
++            "tooltip"                 : row[5],
++            "choices"                 : row[6],
++            "css_class"               : "generic",
++            "html_element"            : "generic",
++        }
++
++
++        if not elem["editable"]:
++            continue
++
++        if seed_item is not None:
++            if row[0].startswith("*"):
++                # system interfaces are loaded by javascript, not this
++                elem["value"]             = ""
++                elem["name"]              = row[0].replace("*","")
++            elif row[0].find("widget") == -1:
++                elem["value"]             = seed_item[row[0]]
++        elif is_subobject:
++            elem["value"]             = row[2]
++        else:
++            elem["value"]             = row[1]
++
++        if elem["value"] is None:
++            elem["value"] = ""
++
++        # we'll process this for display but still need to present the original to some
++        # template logic
++        elem["value_raw"]             = elem["value"]
++
++        if isinstance(elem["value"],basestring) and elem["value"].startswith("SETTINGS:"):
++            key = elem["value"].replace("SETTINGS:","",1)
++            elem["value"] = settings[key]
++
++        # flatten hashes of all types, they can only be edited as text
++        # as we have no HTML hash widget (yet)
++        if type(elem["value"]) == type({}):
++            if elem["name"] == "mgmt_parameters":
++                #Render dictionary as YAML for Management Parameters field
++                tokens = []
++                for (x,y) in elem["value"].items():
++                   if y is not None:
++                      tokens.append("%s: %s" % (x,y))
++                   else:
++                      tokens.append("%s: " % x)
++                elem["value"] = "{ %s }" % ", ".join(tokens)
++            else:
++                tokens = []
++                for (x,y) in elem["value"].items():
++                   if y is not None:
++                      tokens.append("%s=%s" % (x,y))
++                   else:
++                      tokens.append("%s" % x)
++                elem["value"] = " ".join(tokens)
++
++        name = row[0]
++        if name.find("_widget") != -1:
++            elem["html_element"] = "widget"
++        elif name in field_info.USES_SELECT:
++            elem["html_element"] = "select"
++        elif name in field_info.USES_MULTI_SELECT:
++            elem["html_element"] = "multiselect"
++        elif name in field_info.USES_RADIO:
++            elem["html_element"] = "radio"
++        elif name in field_info.USES_CHECKBOX:
++            elem["html_element"] = "checkbox"
++        elif name in field_info.USES_TEXTAREA:
++            elem["html_element"] = "textarea"
++        else:
++            elem["html_element"] = "text"
++
++        elem["block_section"] = field_info.BLOCK_MAPPINGS.get(name, "General")
++
++        # flatten lists for those that aren't using select boxes
++        if type(elem["value"]) == type([]):
++            if elem["html_element"] != "select":
++                elem["value"] = string.join(elem["value"], sep=" ")
++
++        # FIXME: need to handle interfaces special, they are prefixed with "*"
++
++        fields.append(elem)
++
++    return fields
++
++#==================================================================================
++
++def __tweak_field(fields,field_name,attribute,value):
++    """
++    Helper function to insert extra data into the field list.
++    """
++    # FIXME: eliminate this function.
++    for x in fields:
++       if x["name"] == field_name:
++           x[attribute] = value
++
++#==================================================================================
++
++
++def __format_columns(column_names,sort_field):
++    """
++    Format items retrieved from XMLRPC for rendering by the generic_edit template
++    """
++    dataset = []
++
++    # Default is sorting on name
++    if sort_field is not None:
++        sort_name = sort_field
++    else:
++        sort_name = "name"
++
++    if sort_name.startswith("!"):
++        sort_name = sort_name[1:]
++        sort_order = "desc"
++    else:
++        sort_order = "asc"
++
++    for fieldname in column_names:
++        fieldorder = "none"
++        if fieldname == sort_name:
++            fieldorder = sort_order
++        dataset.append([fieldname,fieldorder])
++    return dataset
++
++
++#==================================================================================
++
++def __format_items(items, column_names):
++    """
++    Format items retrieved from XMLRPC for rendering by the generic_edit template
++    """
++    dataset = []
++    for itemhash in items:
++        row = []
++        for fieldname in column_names:
++            if fieldname == "name":
++                html_element = "name"
++            elif fieldname in [ "system", "repo", "distro", "profile", "image", "mgmtclass", "package", "file" ]:
++                html_element = "editlink"
++            elif fieldname in field_info.USES_CHECKBOX:
++                html_element = "checkbox"
++            else:
++                html_element = "text"
++            row.append([fieldname,itemhash[fieldname],html_element])
++        dataset.append(row)
++    return dataset
++
++#==================================================================================
++
++def genlist(request, what, page=None):
++    """
++    Lists all object types, complete with links to actions
++    on those objects.
++    """
++    if not test_user_authenticated(request): return login(request)
++
++    # get details from the session
++    if page == None:
++        page = int(request.session.get("%s_page" % what, 1))
++    limit = int(request.session.get("%s_limit" % what, 50))
++    sort_field = request.session.get("%s_sort_field" % what, "name")
++    filters = simplejson.loads(request.session.get("%s_filters" % what, "{}"))
++    pageditems = remote.find_items_paged(what,utils.strip_none(filters),sort_field,page,limit)
++
++    # what columns to show for each page?
++    # we also setup the batch actions here since they're dependent
++    # on what we're looking at
++
++    # everythng gets batch delete
++    batchactions = [
++        ["Delete","delete","delete"],
++    ]
++
++    if what == "distro":
++       columns = [ "name" ]
++    if what == "profile":
++       columns = [ "name", "distro" ]
++    if what == "system":
++       # FIXME: also list network, once working
++       columns = [ "name", "profile", "netboot_enabled" ]
++       batchactions += [
++           ["Power on","power","on"],
++           ["Power off","power","off"],
++           ["Reboot","power","reboot"],
++           ["Change profile","profile",""],
++           ["Netboot enable","netboot","enable"],
++           ["Netboot disable","netboot","disable"],
++       ]
++    if what == "repo":
++       columns = [ "name", "mirror" ]
++       batchactions += [
++           ["Reposync","reposync","go"],
++       ]
++    if what == "image":
++       columns = [ "name", "file" ]
++    if what == "network":
++       columns = [ "name" ]
++    if what == "mgmtclass":
++        columns = [ "name" ]
++    if what == "package":
++        columns = [ "name", "installer" ]
++    if what == "file":
++        columns = [ "name" ]
++
++    # render the list
++    t = get_template('generic_list.tmpl')
++    html = t.render(RequestContext(request,{
++        'what'           : what,
++        'columns'        : __format_columns(columns,sort_field),
++        'items'          : __format_items(pageditems["items"],columns),
++        'pageinfo'       : pageditems["pageinfo"],
++        'filters'        : filters,
++        'version'        : remote.version(request.session['token']),
++        'username'       : username,
++        'limit'          : limit,
++        'batchactions'   : batchactions,
++    }))
++    return HttpResponse(html)
++
++
++def modify_list(request, what, pref, value=None):
++    """
++    This function is used in the generic list view
++    to modify the page/column sort/number of items
++    shown per page, and also modify the filters.
++
++    This function modifies the session object to
++    store these preferences persistently.
++    """
++    if not test_user_authenticated(request): return login(request)
++
++
++    # what preference are we tweaking?
++
++    if pref == "sort":
++
++        # FIXME: this isn't exposed in the UI.
++
++        # sorting list on columns
++        old_sort = request.session.get("%s_sort_field" % what,"name")
++        if old_sort.startswith("!"):
++            old_sort = old_sort[1:]
++            old_revsort = True
++        else:
++            old_revsort = False
++        # User clicked on the column already sorted on,
++        # so reverse the sorting list
++        if old_sort == value and not old_revsort:
++            value = "!" + value
++        request.session["%s_sort_field" % what] = value
++        request.session["%s_page" % what] = 1
++
++    elif pref == "limit":
++        # number of items to show per page
++        request.session["%s_limit" % what] = int(value)
++        request.session["%s_page" % what] = 1
++
++    elif pref == "page":
++        # what page are we currently on
++        request.session["%s_page" % what] = int(value)
++
++    elif pref in ("addfilter","removefilter"):
++        # filters limit what we show in the lists
++        # they are stored in json format for marshalling
++        filters = simplejson.loads(request.session.get("%s_filters" % what, "{}"))
++        if pref == "addfilter":
++            (field_name, field_value) = value.split(":", 1)
++            # add this filter
++            filters[field_name] = field_value
++        else:
++            # remove this filter, if it exists
++            if filters.has_key(value):
++                del filters[value]
++        # save session variable
++        request.session["%s_filters" % what] = simplejson.dumps(filters)
++        # since we changed what is viewed, reset the page
++        request.session["%s_page" % what] = 1
++
++    else:
++        return error_page(request, "Invalid preference change request")
++
++    # redirect to the list page
++    return HttpResponseRedirect("/cobbler_web/%s/list" % what)
++
++# ======================================================================
++
++def generic_rename(request, what, obj_name=None, obj_newname=None):
++
++   """
++   Renames an object.
++   """
++   if not test_user_authenticated(request): return login(request)
++
++   if obj_name == None:
++      return error_page(request,"You must specify a %s to rename" % what)
++   if not remote.has_item(what,obj_name):
++      return error_page(request,"Unknown %s specified" % what)
++   elif not remote.check_access_no_fail(request.session['token'], "modify_%s" % what, obj_name):
++      return error_page(request,"You do not have permission to rename this %s" % what)
++   else:
++      obj_id = remote.get_item_handle(what, obj_name, request.session['token'])
++      remote.rename_item(what, obj_id, obj_newname, request.session['token'])
++      return HttpResponseRedirect("/cobbler_web/%s/list" % what)
++
++# ======================================================================
++
++def generic_copy(request, what, obj_name=None, obj_newname=None):
++   """
++   Copies an object.
++   """
++   if not test_user_authenticated(request): return login(request)
++   # FIXME: shares all but one line with rename, merge it.
++   if obj_name == None:
++      return error_page(request,"You must specify a %s to rename" % what)
++   if not remote.has_item(what,obj_name):
++      return error_page(request,"Unknown %s specified" % what)
++   elif not remote.check_access_no_fail(request.session['token'], "modify_%s" % what, obj_name):
++      return error_page(request,"You do not have permission to copy this %s" % what)
++   else:
++      obj_id = remote.get_item_handle(what, obj_name, request.session['token'])
++      remote.copy_item(what, obj_id, obj_newname, request.session['token'])
++      return HttpResponseRedirect("/cobbler_web/%s/list" % what)
++
++# ======================================================================
++
++def generic_delete(request, what, obj_name=None):
++   """
++   Deletes an object.
++   """
++   if not test_user_authenticated(request): return login(request)
++   # FIXME: consolidate code with above functions.
++   if obj_name == None:
++      return error_page(request,"You must specify a %s to delete" % what)
++   if not remote.has_item(what,obj_name):
++      return error_page(request,"Unknown %s specified" % what)
++   elif not remote.check_access_no_fail(request.session['token'], "remove_%s" % what, obj_name):
++      return error_page(request,"You do not have permission to delete this %s" % what)
++   else:
++      remote.remove_item(what, obj_name, request.session['token'])
++      return HttpResponseRedirect("/cobbler_web/%s/list" % what)
++
++
++# ======================================================================
++
++def generic_domulti(request, what, multi_mode=None, multi_arg=None):
++
++    """
++    Process operations like profile reassignment, netboot toggling, and deletion
++    which occur on all items that are checked on the list page.
++    """
++    if not test_user_authenticated(request): return login(request)
++
++    # FIXME: cleanup
++    # FIXME: COMMENTS!!!11111???
++
++    names = request.POST.get('names', '').strip().split()
++    if names == "":
++        return error_page(request, "Need to select some systems first")
++
++    if multi_mode == "delete":
++         for obj_name in names:
++            remote.remove_item(what,obj_name, request.session['token'])
++    elif what == "system" and multi_mode == "netboot":
++        netboot_enabled = multi_arg # values: enable or disable
++        if netboot_enabled is None:
++            return error_page(request,"Cannot modify systems without specifying netboot_enabled")
++        if netboot_enabled == "enable":
++            netboot_enabled = True
++        elif netboot_enabled == "disable":
++            netboot_enabled = False
++        else:
++            return error_page(request,"Invalid netboot option, expect enable or disable")
++        for obj_name in names:
++            obj_id = remote.get_system_handle(obj_name, request.session['token'])
++            remote.modify_system(obj_id, "netboot_enabled", netboot_enabled, request.session['token'])
++            remote.save_system(obj_id, request.session['token'], "edit")
++    elif what == "system" and multi_mode == "profile":
++        profile = multi_arg
++        if profile is None:
++            return error_page(request,"Cannot modify systems without specifying profile")
++        for obj_name in names:
++            obj_id = remote.get_system_handle(obj_name, request.session['token'])
++            remote.modify_system(obj_id, "profile", profile, request.session['token'])
++            remote.save_system(obj_id, request.session['token'], "edit")
++    elif what == "system" and multi_mode == "power":
++        # FIXME: power should not loop, but send the list of all systems
++        # in one set.
++        power = multi_arg
++        if power is None:
++            return error_page(request,"Cannot modify systems without specifying power option")
++        options = { "systems" : names, "power" : power }
++        remote.background_power_system(options, request.session['token'])
++    elif what == "profile" and multi_mode == "reposync":
++        options = { "repos" : names, "tries" : 3 }
++        remote.background_reposync(options,request.session['token'])
++    else:
++        return error_page(request,"Unknown batch operation on %ss: %s" % (what,str(multi_mode)))
++
++    # FIXME: "operation complete" would make a lot more sense here than a redirect
++    return HttpResponseRedirect("/cobbler_web/%s/list"%what)
++
++# ======================================================================
++
++def import_prompt(request):
++   if not test_user_authenticated(request): return login(request)
++   t = get_template('import.tmpl')
++   html = t.render(Context({
++       'version'  : remote.version(request.session['token']),
++       'username' : username,
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def check(request):
++   """
++   Shows a page with the results of 'cobbler check'
++   """
++   if not test_user_authenticated(request): return login(request)
++   results = remote.check(request.session['token'])
++   t = get_template('check.tmpl')
++   html = t.render(Context({
++       'version': remote.version(request.session['token']),
++       'username' : username,
++       'results'  : results
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def buildiso(request):
++    if not test_user_authenticated(request): return login(request)
++    remote.background_buildiso({},request.session['token'])
++    return HttpResponseRedirect('/cobbler_web/task_created')
++
++# ======================================================================
++
++def import_run(request):
++    if not test_user_authenticated(request): return login(request)
++    options = {
++        "name"  : request.POST.get("name",""),
++        "path"  : request.POST.get("path",""),
++        "breed" : request.POST.get("breed",""),
++        "arch"  : request.POST.get("arch","")
++        }
++    remote.background_import(options,request.session['token'])
++    return HttpResponseRedirect('/cobbler_web/task_created')
++
++# ======================================================================
++
++def ksfile_list(request, page=None):
++   """
++   List all kickstart templates and link to their edit pages.
++   """
++   if not test_user_authenticated(request): return login(request)
++   ksfiles = remote.get_kickstart_templates(request.session['token'])
++
++   ksfile_list = []
++   for ksfile in ksfiles:
++      if ksfile.startswith("/var/lib/cobbler/kickstarts") or ksfile.startswith("/etc/cobbler"):
++         ksfile_list.append((ksfile,ksfile.replace('/var/lib/cobbler/kickstarts/',''),'editable'))
++      elif ksfile.startswith("http://") or ksfile.startswith("ftp://"):
++         ksfile_list.append((ksfile,ksfile,'','viewable'))
++      else:
++         ksfile_list.append((ksfile,ksfile,None))
++
++   t = get_template('ksfile_list.tmpl')
++   html = t.render(Context({
++       'what':'ksfile',
++       'ksfiles': ksfile_list,
++       'version': remote.version(request.session['token']),
++       'username': username,
++       'item_count': len(ksfile_list[0]),
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++
++def ksfile_edit(request, ksfile_name=None, editmode='edit'):
++   """
++   This is the page where a kickstart file is edited.
++   """
++   if not test_user_authenticated(request): return login(request)
++   if editmode == 'edit':
++      editable = False
++   else:
++      editable = True
++   deleteable = False
++   ksdata = ""
++   if not ksfile_name is None:
++      editable = remote.check_access_no_fail(request.session['token'], "modify_kickstart", ksfile_name)
++      deleteable = not remote.is_kickstart_in_use(ksfile_name, request.session['token'])
++      ksdata = remote.read_or_write_kickstart_template(ksfile_name, True, "", request.session['token'])
++
++   t = get_template('ksfile_edit.tmpl')
++   html = t.render(Context({
++       'ksfile_name' : ksfile_name,
++       'deleteable'  : deleteable,
++       'ksdata'      : ksdata,
++       'editable'    : editable,
++       'editmode'    : editmode,
++       'version'     : remote.version(request.session['token']),
++       'username'    : username
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def ksfile_save(request):
++   """
++   This page processes and saves edits to a kickstart file.
++   """
++   if not test_user_authenticated(request): return login(request)
++   # FIXME: error checking
++
++   editmode = request.POST.get('editmode', 'edit')
++   ksfile_name = request.POST.get('ksfile_name', None)
++   ksdata = request.POST.get('ksdata', "").replace('\r\n','\n')
++
++   if ksfile_name == None:
++      return HttpResponse("NO KSFILE NAME SPECIFIED")
++   if editmode != 'edit':
++      ksfile_name = "/var/lib/cobbler/kickstarts/" + ksfile_name
++
++   delete1   = request.POST.get('delete1', None)
++   delete2   = request.POST.get('delete2', None)
++
++   if delete1 and delete2:
++      remote.read_or_write_kickstart_template(ksfile_name, False, -1, request.session['token'])
++      return HttpResponseRedirect('/cobbler_web/ksfile/list')
++   else:
++      remote.read_or_write_kickstart_template(ksfile_name,False,ksdata,request.session['token'])
++      return HttpResponseRedirect('/cobbler_web/ksfile/edit/file:%s' % ksfile_name)
++
++# ======================================================================
++
++def snippet_list(request, page=None):
++   """
++   This page lists all available snippets and has links to edit them.
++   """
++   if not test_user_authenticated(request): return login(request)
++   snippets = remote.get_snippets(request.session['token'])
++
++   snippet_list = []
++   for snippet in snippets:
++      if snippet.startswith("/var/lib/cobbler/snippets"):
++         snippet_list.append((snippet,snippet.replace("/var/lib/cobbler/snippets/",""),'editable'))
++      else:
++         snippet_list.append((snippet,snippet,None))
++
++   t = get_template('snippet_list.tmpl')
++   html = t.render(Context({
++       'what'     : 'snippet',
++       'snippets' : snippet_list,
++       'version'  : remote.version(request.session['token']),
++       'username' : username
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def snippet_edit(request, snippet_name=None, editmode='edit'):
++   """
++   This page edits a specific snippet.
++   """
++   if not test_user_authenticated(request): return login(request)
++   if editmode == 'edit':
++      editable = False
++   else:
++      editable = True
++   deleteable = False
++   snippetdata = ""
++   if not snippet_name is None:
++      editable = remote.check_access_no_fail(request.session['token'], "modify_snippet", snippet_name)
++      deleteable = True
++      snippetdata = remote.read_or_write_snippet(snippet_name, True, "", request.session['token'])
++
++   t = get_template('snippet_edit.tmpl')
++   html = t.render(Context({
++       'snippet_name' : snippet_name,
++       'deleteable'   : deleteable,
++       'snippetdata'  : snippetdata,
++       'editable'     : editable,
++       'editmode'     : editmode,
++       'version'      : remote.version(request.session['token']),
++       'username'     : username
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def snippet_save(request):
++   """
++   This snippet saves a snippet once edited.
++   """
++   if not test_user_authenticated(request): return login(request)
++   # FIXME: error checking
++
++   editmode = request.POST.get('editmode', 'edit')
++   snippet_name = request.POST.get('snippet_name', None)
++   snippetdata = request.POST.get('snippetdata', "").replace('\r\n','\n')
++
++   if snippet_name == None:
++      return HttpResponse("NO SNIPPET NAME SPECIFIED")
++   if editmode != 'edit':
++      snippet_name = "/var/lib/cobbler/snippets/" + snippet_name
++
++   delete1   = request.POST.get('delete1', None)
++   delete2   = request.POST.get('delete2', None)
++
++   if delete1 and delete2:
++      remote.read_or_write_snippet(snippet_name, False, -1, request.session['token'])
++      return HttpResponseRedirect('/cobbler_web/snippet/list')
++   else:
++      remote.read_or_write_snippet(snippet_name,False,snippetdata,request.session['token'])
++      return HttpResponseRedirect('/cobbler_web/snippet/edit/file:%s' % snippet_name)
++
++# ======================================================================
++
++def settings(request):
++   """
++   This page presents a list of all the settings to the user.  They are not editable.
++   """
++   if not test_user_authenticated(request): return login(request)
++   settings = remote.get_settings()
++   skeys = settings.keys()
++   skeys.sort()
++
++   results = []
++   for k in skeys:
++      results.append([k,settings[k]])
++
++   t = get_template('settings.tmpl')
++   html = t.render(Context({
++        'settings' : results,
++        'version'  : remote.version(request.session['token']),
++        'username' : username,
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def events(request):
++   """
++   This page presents a list of all the events and links to the event log viewer.
++   """
++   if not test_user_authenticated(request): return login(request)
++   events = remote.get_events()
++
++   events2 = []
++   for id in events.keys():
++      (ttime, name, state, read_by) = events[id]
++      events2.append([id,time.asctime(time.gmtime(ttime)),name,state])
++
++   def sorter(a,b):
++      return cmp(a[2],b[2])
++   events2.sort(sorter)
++
++   t = get_template('events.tmpl')
++   html = t.render(Context({
++       'results'  : events2,
++       'version'  : remote.version(request.session['token']),
++       'username' : username
++   }))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def eventlog(request, event=0):
++   """
++   Shows the log for a given event.
++   """
++   if not test_user_authenticated(request): return login(request)
++   event_info = remote.get_events()
++   if not event_info.has_key(event):
++      return HttpResponse("event not found")
++
++   data       = event_info[event]
++   eventname  = data[0]
++   eventtime  = data[1]
++   eventstate = data[2]
++   eventlog   = remote.get_event_log(event)
++
++   t = get_template('eventlog.tmpl')
++   vars = {
++      'eventlog'   : eventlog,
++      'eventname'  : eventname,
++      'eventstate' : eventstate,
++      'eventid'    : event,
++      'eventtime'  : eventtime,
++      'version'    : remote.version(request.session['token']),
++      'username'  : username
++   }
++   html = t.render(Context(vars))
++   return HttpResponse(html)
++
++# ======================================================================
++
++def random_mac(request, virttype="xenpv"):
++   """
++   Used in an ajax call to fill in a field with a mac address.
++   """
++   # FIXME: not exposed in UI currently
++   if not test_user_authenticated(request): return login(request)
++   random_mac = remote.get_random_mac(virttype, request.session['token'])
++   return HttpResponse(random_mac)
++
++# ======================================================================
++
++def sync(request):
++   """
++   Runs 'cobbler sync' from the API when the user presses the sync button.
++   """
++   if not test_user_authenticated(request): return login(request)
++   remote.background_sync({"verbose":"True"},request.session['token'])
++   return HttpResponseRedirect("/cobbler_web/task_created")
++
++# ======================================================================
++
++def reposync(request):
++   """
++   Syncs all repos that are configured to be synced.
++   """
++   if not test_user_authenticated(request): return login(request)
++   remote.background_reposync({ "names":"", "tries" : 3},request.session['token'])
++   return HttpResponseRedirect("/cobbler_web/task_created")
++
++# ======================================================================
++
++def hardlink(request):
++   """
++   Hardlinks files between repos and install trees to save space.
++   """
++   if not test_user_authenticated(request): return login(request)
++   remote.background_hardlink({},request.session['token'])
++   return HttpResponseRedirect("/cobbler_web/task_created")
++
++# ======================================================================
++
++def replicate(request):
++   """
++   Replicate configuration from the central cobbler server, configured
++   in /etc/cobbler/settings (note: this is uni-directional!)
++
++   FIXME: this is disabled because we really need a web page to provide options for
++   this command.
++
++   """
++   #settings = remote.get_settings()
++   #options = settings # just load settings from file until we decide to ask user (later?)
++   #remote.background_replicate(options, request.session['token'])
++   if not test_user_authenticated(request): return login(request)
++   return HttpResponseRedirect("/cobbler_web/task_created")
++
++# ======================================================================
++
++def __names_from_dicts(loh,optional=True):
++   """
++   Tiny helper function.
++   Get the names out of an array of hashes that the remote interface returns.
++   """
++   results = []
++   if optional:
++      results.append("<<None>>")
++   for x in loh:
++      results.append(x["name"])
++   results.sort()
++   return results
++
++# ======================================================================
++
++def generic_edit(request, what=None, obj_name=None, editmode="new"):
++
++   """
++   Presents an editor page for any type of object.
++   While this is generally standardized, systems are a little bit special.
++   """
++   if not test_user_authenticated(request): return login(request)
++
++   obj = None
++
++   settings = remote.get_settings()
++
++   child = False
++   if what == "subprofile":
++      what = "profile"
++      child = True
++
++
++   if not obj_name is None:
++      editable = remote.check_access_no_fail(request.session['token'], "modify_%s" % what, obj_name)
++      obj = remote.get_item(what, obj_name, True)
++   #
++   #   if obj.has_key('ctime'):
++   #      obj['ctime'] = time.ctime(obj['ctime'])
++   #   if obj.has_key('mtime'):
++   #      obj['mtime'] = time.ctime(obj['mtime'])
++
++   else:
++       editable = remote.check_access_no_fail(request.session['token'], "new_%s" % what, None)
++       obj = None
++
++
++   interfaces = {}
++   if what == "system":
++       if obj:
++           interfaces = obj.get("interfaces",{})
++       else:
++           interfaces = {}
++
++   fields = get_fields(what, child, obj)
++
++   # populate some select boxes
++   # FIXME: we really want to just populate with the names, right?
++   if what == "profile":
++      if (obj and obj["parent"] not in (None,"")) or child:
++         __tweak_field(fields, "parent", "choices", __names_from_dicts(remote.get_profiles()))
++      else:
++         __tweak_field(fields, "distro", "choices", __names_from_dicts(remote.get_distros()))
++      __tweak_field(fields, "repos", "choices",     __names_from_dicts(remote.get_repos()))
++   elif what == "system":
++      __tweak_field(fields, "profile", "choices",      __names_from_dicts(remote.get_profiles()))
++      __tweak_field(fields, "image", "choices",        __names_from_dicts(remote.get_images(),optional=True))
++   elif what == "mgmtclass":
++        __tweak_field(fields, "packages", "choices", __names_from_dicts(remote.get_packages()))
++        __tweak_field(fields, "files", "choices",    __names_from_dicts(remote.get_files()))
++
++   if what in ("distro","profile","system"):
++       __tweak_field(fields, "mgmt_classes", "choices", __names_from_dicts(remote.get_mgmtclasses(),optional=False))
++
++   # save the fields in the session for comparison later
++   request.session['%s_%s' % (what,obj_name)] = fields
++
++   t = get_template('generic_edit.tmpl')
++   inames = interfaces.keys()
++   inames.sort()
++   html = t.render(Context({
++       'what'            : what,
++       'fields'          : fields,
++       'subobject'       : child,
++       'editmode'        : editmode,
++       'editable'        : editable,
++       'interfaces'      : interfaces,
++       'interface_names' : inames,
++       'interface_length': len(inames),
++       'version'         : remote.version(request.session['token']),
++       'username'        : username,
++       'name'            : obj_name
++   }))
++
++   return HttpResponse(html)
++
++# ======================================================================
++
++def generic_save(request,what):
++
++    """
++    Saves an object back using the cobbler API after clearing any 'generic_edit' page.
++    """
++    if not test_user_authenticated(request): return login(request)
++
++    # load request fields and see if they are valid
++    editmode  = request.POST.get('editmode', 'edit')
++    obj_name  = request.POST.get('name', "")
++    subobject = request.POST.get('subobject', "False")
++
++    if subobject == "False":
++       subobject = False
++    else:
++       subobject = True
++
++    if obj_name == "":
++        return error_page(request,"Required field name is missing")
++
++    prev_fields = []
++    if request.session.has_key("%s_%s" % (what,obj_name)):
++        prev_fields = request.session["%s_%s" % (what,obj_name)]
++
++    # grab the remote object handle
++    # for edits, fail in the object cannot be found to be edited
++    # for new objects, fail if the object already exists
++    if editmode == "edit":
++        if not remote.has_item(what, obj_name):
++            return error_page(request,"Failure trying to access item %s, it may have been deleted." % (obj_name))
++        obj_id = remote.get_item_handle( what, obj_name, request.session['token'] )
++    else:
++        if remote.has_item(what, obj_name):
++            return error_page(request,"Could not create a new item %s, it already exists." % (obj_name))
++        obj_id = remote.new_item( what, request.session['token'] )
++
++    # walk through our fields list saving things we know how to save
++    fields = get_fields(what, subobject)
++
++    for field in fields:
++
++        if field['name'] == 'name' and editmode == 'edit':
++            # do not attempt renames here
++            continue
++        elif field['name'].startswith("*"):
++            # interface fields will be handled below
++            continue
++        else:
++            # check and see if the value exists in the fields stored in the session
++            prev_value = None
++            for prev_field in prev_fields:
++                if prev_field['name'] == field['name']:
++                    prev_value = prev_field['value']
++                    break
++
++            value = request.POST.get(field['name'],None)
++            # Checkboxes return the value of the field if checked, otherwise None
++            # convert to True/False
++            if field["html_element"] == "checkbox":
++                if value==field['name']:
++                    value=True
++                else:
++                    value=False
++
++            # Multiselect fields are handled differently
++            if field["html_element"] == "multiselect":
++                values=request.POST.getlist(field['name'])
++                value=[]
++                if '<<inherit>>' in values:
++                    value='<<inherit>>'
++                else:
++                    for single_value in values:
++                        if single_value != "<<None>>":
++                            value.insert(0,single_value)
++
++            if value != None:
++                if value == "<<None>>":
++                    value = ""
++                if value is not None and (not subobject or field['name'] != 'distro') and value != prev_value:
++                    try:
++                        remote.modify_item(what,obj_id,field['name'],value,request.session['token'])
++                    except Exception, e:
++                        return error_page(request, str(e))
++
++    # special handling for system interface fields
++    # which are the only objects in cobbler that will ever work this way
++    if what == "system":
++        interface_field_list = []
++        for field in fields:
++            if field['name'].startswith("*"):
++                field = field['name'].replace("*","")
++                interface_field_list.append(field)
++        interfaces = request.POST.get('interface_list', "").split(",")
++        for interface in interfaces:
++            if interface == "":
++                continue
++            ifdata = {}
++            for item in interface_field_list:
++                ifdata["%s-%s" % (item,interface)] = request.POST.get("%s-%s" % (item,interface), "")
++            ifdata=utils.strip_none(ifdata)
++            # FIXME: I think this button is missing.
++            present  = request.POST.get("present-%s" % interface, "")
++            original = request.POST.get("original-%s" % interface, "")
++            try:
++                if present == "0" and original == "1":
++                    remote.modify_system(obj_id, 'delete_interface', interface, request.session['token'])
++                elif present == "1":
++                    remote.modify_system(obj_id, 'modify_interface', ifdata, request.session['token'])
++            except Exception, e:
++                return error_page(request, str(e))
++
++    try:
++        remote.save_item(what, obj_id, request.session['token'], editmode)
++    except Exception, e:
++        return error_page(request, str(e))
++
++    return HttpResponseRedirect('/cobbler_web/%s/list' % what)
++
++
++# ======================================================================
++# Login/Logout views
++
++def test_user_authenticated(request):
++    global remote
++    global username
++    global url_cobbler_api
++
++    if url_cobbler_api is None:
++        url_cobbler_api = utils.local_get_cobbler_api_url()
++
++    remote = xmlrpclib.Server(url_cobbler_api, allow_none=True)
++
++    # if we have a token, get the associated username from
++    # the remote server via XMLRPC. We then compare that to
++    # the value stored in the session.  If everything matches up,
++    # the user is considered successfully authenticated
++    if request.session.has_key('token') and request.session['token'] != '':
++        try:
++            if remote.token_check(request.session['token']):
++                token_user = remote.get_user_from_token(request.session['token'])
++                if request.session.has_key('username') and request.session['username'] == token_user:
++                    username = request.session['username']
++                    return True
++        except:
++            # just let it fall through to the 'return False' below
++            pass
++    return False
++
++def login(request, next=None):
++    return render_to_response('login.tmpl', {'next':next})
++
++def do_login(request):
++    global remote
++    global username
++    global url_cobbler_api
++
++    username = request.POST.get('username', '').strip()
++    password = request.POST.get('password', '')
++    nextsite = request.POST.get('next',None)
++
++    if url_cobbler_api is None:
++        url_cobbler_api = utils.local_get_cobbler_api_url()
++
++    remote = xmlrpclib.Server(url_cobbler_api, allow_none=True)
++
++    try:
++        token = remote.login(username, password)
++    except:
++        token = None
++
++    if token:
++        request.session['username'] = username
++        request.session['token'] = token
++        if nextsite:
++           return HttpResponseRedirect(nextsite)
++        else:
++           return HttpResponseRedirect("/cobbler_web")
++    else:
++        return login(request,nextsite)
++
++def do_logout(request):
++    request.session['username'] = ""
++    request.session['token'] = ""
++    return HttpResponseRedirect("/cobbler_web")
 === added file '.pc/59_add_csrf_protection.patch/web/settings.py'
 --- .pc/59_add_csrf_protection.patch/web/settings.py	1970-01-01 00:00:00 +0000
 +++ .pc/59_add_csrf_protection.patch/web/settings.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,69 @@
++# Django settings for cobbler-web project.
++
++DEBUG = True
++TEMPLATE_DEBUG = DEBUG
++
++ADMINS = (
++    # ('Your Name', 'your_email@domain.com'),
++)
++
++MANAGERS = ADMINS
++
++DATABASE_ENGINE = ''     # cobbler-web does not use a database
++DATABASE_NAME = ''
++DATABASE_USER = ''
++DATABASE_PASSWORD = ''
++DATABASE_HOST = ''
++DATABASE_PORT = ''
++
++# this is not used by cobbler-web
++TIME_ZONE = None
++
++# Language section
++# TBD.
++LANGUAGE_CODE = 'en-us'
++USE_I18N = False
++
++SITE_ID = 1
++
++# not used
++MEDIA_ROOT = ''
++MEDIA_URL = ''
++ADMIN_MEDIA_PREFIX = '/media/'
++
++# FIXME: ???
++SECRET_KEY = 'w&x*74x-b=ycigsdya03699o!9kt4(z4wyx-us9q=--&7clv4='
++
++# code config
++
++TEMPLATE_LOADERS = (
++    'django.template.loaders.filesystem.load_template_source',
++    'django.template.loaders.app_directories.load_template_source',
++)
++MIDDLEWARE_CLASSES = (
++    'django.middleware.common.CommonMiddleware',
++    'django.contrib.sessions.middleware.SessionMiddleware',
++    'django.contrib.auth.middleware.AuthenticationMiddleware',
++)
++ROOT_URLCONF = 'urls'
++
++TEMPLATE_DIRS = (
++    '/usr/share/cobbler/web/templates',
++)
++INSTALLED_APPS = (
++    'django.contrib.auth',
++    'django.contrib.contenttypes',
++    'django.contrib.sessions',
++    'django.contrib.sites',
++    'cobbler_web',
++)
++
++from django.conf.global_settings import TEMPLATE_CONTEXT_PROCESSORS
++
++TEMPLATE_CONTEXT_PROCESSORS += (
++     'django.core.context_processors.request',
++)
++
++SESSION_ENGINE = 'django.contrib.sessions.backends.file'
++SESSION_FILE_PATH = '/var/lib/cobbler/webui_sessions'
++
 === added directory '.pc/60_yaml_safe_load.patch'
 === added file '.pc/60_yaml_safe_load.patch/.timestamp'
 === added directory '.pc/60_yaml_safe_load.patch/cobbler'
 === added file '.pc/60_yaml_safe_load.patch/cobbler/api.py'
 --- .pc/60_yaml_safe_load.patch/cobbler/api.py	1970-01-01 00:00:00 +0000
 +++ .pc/60_yaml_safe_load.patch/cobbler/api.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,947 @@
++"""
++python API module for Cobbler
++see source for cobbler.py, or pydoc, for example usage.
++CLI apps and daemons should import api.py, and no other cobbler code.
++
++Copyright 2006-2009, Red Hat, Inc
++Michael DeHaan <mdehaan@redhat.com>
++
++This program is free software; you can redistribute it and/or modify
++it under the terms of the GNU General Public License as published by
++the Free Software Foundation; either version 2 of the License, or
++(at your option) any later version.
++
++This program is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++GNU General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++02110-1301  USA
++"""
++
++import yaml
++import config
++import utils
++import action_sync
++import action_check
++import action_import
++import action_reposync
++import action_status
++import action_validate
++import action_buildiso
++import action_replicate
++import action_acl
++import action_report
++import action_power
++import action_log
++import action_hardlink
++import action_dlcontent
++from cexceptions import *
++try:
++    import subprocess as sub_process
++except:
++    import sub_process
++import module_loader
++import kickgen
++import yumgen
++import pxegen
++from utils import _
++
++import logging
++import time
++import random
++import os
++import xmlrpclib
++import traceback
++import exceptions
++import clogger
++
++import item_distro
++import item_profile
++import item_system
++import item_repo
++import item_image
++import item_mgmtclass
++import item_package
++import item_file
++
++ERROR = 100
++INFO  = 10
++DEBUG = 5
++
++# notes on locking:
++# BootAPI is a singleton object
++# the XMLRPC variants allow 1 simultaneous request
++# therefore we flock on /etc/cobbler/settings for now
++# on a request by request basis.
++
++class BootAPI:
++
++    __shared_state = {}
++    __has_loaded = False
++
++    # ===========================================================
++
++    def __init__(self, is_cobblerd=False):
++        """
++        Constructor
++        """
++
++        # FIXME: this should be switchable through some simple system
++
++        self.__dict__ = BootAPI.__shared_state
++        self.perms_ok = False
++        if not BootAPI.__has_loaded:
++
++            if os.path.exists("/etc/cobbler/use.couch"):
++                 self.use_couch = True
++            else:
++                 self.use_couch = False
++
++            # NOTE: we do not log all API actions, because
++            # a simple CLI invocation may call adds and such
++            # to load the config, which would just fill up
++            # the logs, so we'll do that logging at CLI
++            # level (and remote.py web service level) instead.
++
++            random.seed()
++            self.is_cobblerd = is_cobblerd
++
++            try:
++                self.logger = clogger.Logger("/var/log/cobbler/cobbler.log")
++            except CX:
++                # return to CLI/other but perms are not valid
++                # perms_ok is False
++                return
++
++            # FIMXE: conslidate into 1 server instance
++
++            self.selinux_enabled = utils.is_selinux_enabled()
++            self.dist = utils.check_dist()
++            self.os_version = utils.os_release()
++
++            BootAPI.__has_loaded   = True
++
++            module_loader.load_modules()
++
++            self._config         = config.Config(self)
++            self.deserialize()
++
++            self.authn = self.get_module_from_file(
++                "authentication",
++                "module",
++                "authn_configfile"
++            )
++            self.authz  = self.get_module_from_file(
++                "authorization",
++                "module",
++                "authz_allowall"
++            )
++
++            # FIXME: pass more loggers around, and also see that those
++            # using things via tasks construct their own kickgen/yumgen/
++            # pxegen versus reusing this one, which has the wrong logger
++            # (most likely) for background tasks.
++
++            self.kickgen = kickgen.KickGen(self._config)
++            self.yumgen  = yumgen.YumGen(self._config)
++            self.pxegen  = pxegen.PXEGen(self._config, logger=self.logger)
++            self.logger.debug("API handle initialized")
++            self.perms_ok = True
++
++    # ==========================================================
++
++    def is_selinux_enabled(self):
++        """
++        Returns whether selinux is enabled on the cobbler server.
++        We check this just once at cobbler API init time, because
++        a restart is required to change this; this does /not/ check
++        enforce/permissive, nor does it need to.
++        """
++        return self.selinux_enabled
++
++    def is_selinux_supported(self):
++        """
++        Returns whether or not the OS is sufficient enough
++        to run with SELinux enabled (currently EL 5 or later).
++        """
++        self.dist
++        if self.dist == "redhat" and self.os_version < 5:
++           # doesn't support public_content_t
++           return False
++        return True
++
++    # ==========================================================
++
++    def last_modified_time(self):
++        """
++        Returns the time of the last modification to cobbler, made by any
++        API instance, regardless of the serializer type.
++        """
++        if not os.path.exists("/var/lib/cobbler/.mtime"):
++            old = os.umask(0x777)
++            fd = open("/var/lib/cobbler/.mtime","w")
++            fd.write("0")
++            fd.close()
++            os.umask(old)
++            return 0
++        fd = open("/var/lib/cobbler/.mtime")
++        data = fd.read().strip()
++        return float(data)
++
++    # ==========================================================
++
++    def log(self,msg,args=None,debug=False):
++        if debug:
++            logger = self.logger.debug
++        else:
++            logger = self.logger.info
++        if args is None:
++            logger("%s" % msg)
++        else:
++            logger("%s; %s" % (msg, str(args)))
++
++    # ==========================================================
++
++    def version(self, extended=False):
++        """
++        What version is cobbler?
++
++        If extended == False, returns a float for backwards compatibility
++
++        If extended == True, returns a dict:
++
++            gitstamp      -- the last git commit hash
++            gitdate       -- the last git commit date on the builder machine
++            builddate     -- the time of the build
++            version       -- something like "1.3.2"
++            version_tuple -- something like [ 1, 3, 2 ]
++        """
++        fd = open("/etc/cobbler/version")
++        ydata = fd.read()
++        fd.close()
++        data = yaml.load(ydata)
++        if not extended:
++            # for backwards compatibility and use with koan's comparisons
++            elems = data["version_tuple"]
++            return int(elems[0]) + 0.1*int(elems[1]) + 0.001*int(elems[2])
++        else:
++            return data
++
++    # ==========================================================
++
++    def clear(self):
++        """
++        Forget about current list of profiles, distros, and systems
++        # FIXME: is this used anymore?
++        """
++        return self._config.clear()
++
++    def __cmp(self,a,b):
++        return cmp(a.name,b.name)
++    # ==========================================================
++
++    def get_item(self, what, name):
++        self.log("get_item",[what,name],debug=True)
++        return self._config.get_items(what).get(name)
++
++    # =============================================================
++
++    def get_items(self, what):
++        self.log("get_items",[what],debug=True)
++        return self._config.get_items(what)
++
++    def distros(self):
++        """
++        Return the current list of distributions
++        """
++        return self.get_items("distro")
++
++    def profiles(self):
++        """
++        Return the current list of profiles
++        """
++        return self.get_items("profile")
++
++    def systems(self):
++        """
++        Return the current list of systems
++        """
++        return self.get_items("system")
++
++    def repos(self):
++        """
++        Return the current list of repos
++        """
++        return self.get_items("repo")
++
++    def images(self):
++        """
++        Return the current list of images
++        """
++        return self.get_items("image")
++
++    def settings(self):
++        """
++        Return the application configuration
++        """
++        return self._config.settings()
++
++    def mgmtclasses(self):
++        """
++        Return the current list of mgmtclasses
++        """
++        return self.get_items("mgmtclass")
++
++    def packages(self):
++        """
++        Return the current list of packages
++        """
++        return self.get_items("package")
++
++    def files(self):
++        """
++        Return the current list of files
++        """
++        return self.get_items("file")
++
++    # =======================================================================
++
++    def update(self):
++        """
++        This can be called is no longer used by cobbler.
++        And is here to just avoid breaking older scripts.
++        """
++        return True
++
++    # ========================================================================
++
++    def copy_item(self, what, ref, newname, logger=None):
++        self.log("copy_item(%s)"%what,[ref.name, newname])
++        return self.get_items(what).copy(ref,newname,logger=logger)
++
++    def copy_distro(self, ref, newname):
++        return self.copy_item("distro", ref, newname, logger=None)
++
++    def copy_profile(self, ref, newname):
++        return self.copy_item("profile", ref, newname, logger=None)
++
++    def copy_system(self, ref, newname):
++        return self.copy_item("system", ref, newname, logger=None)
++
++    def copy_repo(self, ref, newname):
++        return self.copy_item("repo", ref, newname, logger=None)
++
++    def copy_image(self, ref, newname):
++        return self.copy_item("image", ref, newname, logger=None)
++
++    def copy_mgmtclass(self, ref, newname):
++        return self.copy_item("mgmtclass", ref, newname, logger=None)
++
++    def copy_package(self, ref, newname):
++        return self.copy_item("package", ref, newname, logger=None)
++
++    def copy_file(self, ref, newname):
++        return self.copy_item("file", ref, newname, logger=None)
++
++    # ==========================================================================
++
++    def remove_item(self, what, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        if isinstance(what, basestring):
++            if isinstance(ref, basestring):
++                ref = self.get_item(what, ref)
++                if ref is None:
++                    return # nothing to remove
++        self.log("remove_item(%s)" % what, [ref.name])
++        return self.get_items(what).remove(ref.name, recursive=recursive, with_delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_distro(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("distro", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_profile(self,ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("profile", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_system(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("system", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_repo(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("repo", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_image(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("image", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_mgmtclass(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("mgmtclass", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_package(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("package", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    def remove_file(self, ref, recursive=False, delete=True, with_triggers=True, logger=None):
++        return self.remove_item("file", ref, recursive=recursive, delete=delete, with_triggers=with_triggers, logger=logger)
++
++    # ==========================================================================
++
++    def rename_item(self, what, ref, newname, logger=None):
++        self.log("rename_item(%s)"%what,[ref.name,newname])
++        return self.get_items(what).rename(ref,newname,logger=logger)
++
++    def rename_distro(self, ref, newname, logger=None):
++        return self.rename_item("distro", ref, newname, logger=logger)
++
++    def rename_profile(self, ref, newname, logger=None):
++        return self.rename_item("profile", ref, newname, logger=logger)
++
++    def rename_system(self, ref, newname, logger=None):
++        return self.rename_item("system", ref, newname, logger=logger)
++
++    def rename_repo(self, ref, newname, logger=None):
++        return self.rename_item("repo", ref, newname, logger=logger)
++
++    def rename_image(self, ref, newname, logger=None):
++        return self.rename_item("image", ref, newname, logger=logger)
++
++    def rename_mgmtclass(self, ref, newname, logger=None):
++        return self.rename_item("mgmtclass", ref, newname, logger=logger)
++
++    def rename_package(self, ref, newname, logger=None):
++        return self.rename_item("package", ref, newname, logger=logger)
++
++    def rename_file(self, ref, newname, logger=None):
++        return self.rename_item("file", ref, newname, logger=logger)
++
++    # ==========================================================================
++
++    # FIXME: add a new_item method
++
++    def new_distro(self,is_subobject=False):
++        self.log("new_distro",[is_subobject])
++        return self._config.new_distro(is_subobject=is_subobject)
++
++    def new_profile(self,is_subobject=False):
++        self.log("new_profile",[is_subobject])
++        return self._config.new_profile(is_subobject=is_subobject)
++
++    def new_system(self,is_subobject=False):
++        self.log("new_system",[is_subobject])
++        return self._config.new_system(is_subobject=is_subobject)
++
++    def new_repo(self,is_subobject=False):
++        self.log("new_repo",[is_subobject])
++        return self._config.new_repo(is_subobject=is_subobject)
++
++    def new_image(self,is_subobject=False):
++        self.log("new_image",[is_subobject])
++        return self._config.new_image(is_subobject=is_subobject)
++
++    def new_mgmtclass(self,is_subobject=False):
++        self.log("new_mgmtclass",[is_subobject])
++        return self._config.new_mgmtclass(is_subobject=is_subobject)
++
++    def new_package(self,is_subobject=False):
++        self.log("new_package",[is_subobject])
++        return self._config.new_package(is_subobject=is_subobject)
++
++    def new_file(self,is_subobject=False):
++        self.log("new_file",[is_subobject])
++        return self._config.new_file(is_subobject=is_subobject)
++
++    # ==========================================================================
++
++    def add_item(self, what, ref, check_for_duplicate_names=False, save=True,logger=None):
++        self.log("add_item(%s)"%what,[ref.name])
++        return self.get_items(what).add(ref,check_for_duplicate_names=check_for_duplicate_names,save=save,logger=logger)
++
++    def add_distro(self, ref, check_for_duplicate_names=False, save=True, logger=None):
++        return self.add_item("distro", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_profile(self, ref, check_for_duplicate_names=False,save=True, logger=None):
++        return self.add_item("profile", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_system(self, ref, check_for_duplicate_names=False, check_for_duplicate_netinfo=False, save=True, logger=None):
++        return self.add_item("system", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_repo(self, ref, check_for_duplicate_names=False,save=True,logger=None):
++        return self.add_item("repo", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_image(self, ref, check_for_duplicate_names=False,save=True, logger=None):
++        return self.add_item("image", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_mgmtclass(self, ref, check_for_duplicate_names=False,save=True, logger=None):
++        return self.add_item("mgmtclass", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_package(self, ref, check_for_duplicate_names=False,save=True, logger=None):
++        return self.add_item("package", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    def add_file(self, ref, check_for_duplicate_names=False,save=True, logger=None):
++        return self.add_item("file", ref, check_for_duplicate_names=check_for_duplicate_names, save=save,logger=logger)
++
++    # ==========================================================================
++
++    # FIXME: find_items should take all the arguments the other find
++    # methods do.
++
++    def find_items(self, what, criteria=None):
++        self.log("find_items",[what])
++        # defaults
++        if criteria is None:
++            criteria={}
++        items=self._config.get_items(what)
++        # empty criteria returns everything
++        if criteria == {}:
++            res=items
++        else:
++            res=items.find(return_list=True, no_errors=False, **criteria)
++        return res
++
++
++    def find_distro(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.distros().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_profile(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.profiles().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_system(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.systems().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_repo(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.repos().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_image(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.images().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_mgmtclass(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.mgmtclasses().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_package(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.packages().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    def find_file(self, name=None, return_list=False, no_errors=False, **kargs):
++        return self._config.files().find(name=name, return_list=return_list, no_errors=no_errors, **kargs)
++
++    # ==========================================================================
++
++    def __since(self,mtime,collector,collapse=False):
++        """
++        Called by get_*_since functions.
++        """
++        results1 = collector()
++        results2 = []
++        for x in results1:
++           if x.mtime == 0 or x.mtime >= mtime:
++              if not collapse:
++                  results2.append(x)
++              else:
++                  results2.append(x.to_datastruct())
++        return results2
++
++    def get_distros_since(self,mtime,collapse=False):
++        """
++        Returns distros modified since a certain time (in seconds since Epoch)
++        collapse=True specifies returning a hash instead of objects.
++        """
++        return self.__since(mtime,self.distros,collapse=collapse)
++
++    def get_profiles_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.profiles,collapse=collapse)
++
++    def get_systems_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.systems,collapse=collapse)
++
++    def get_repos_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.repos,collapse=collapse)
++
++    def get_images_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.images,collapse=collapse)
++
++    def get_mgmtclasses_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.mgmtclasses,collapse=collapse)
++
++    def get_packages_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.packages,collapse=collapse)
++
++    def get_files_since(self,mtime,collapse=False):
++        return self.__since(mtime,self.files,collapse=collapse)
++
++    # ==========================================================================
++
++    def dump_vars(self, obj, format=False):
++        return obj.dump_vars(format)
++
++    # ==========================================================================
++
++    def auto_add_repos(self):
++        """
++        Import any repos this server knows about and mirror them.
++        Credit: Seth Vidal.
++        """
++        self.log("auto_add_repos")
++        try:
++            import yum
++        except:
++            raise CX(_("yum is not installed"))
++
++        version = yum.__version__
++        (a,b,c) = version.split(".")
++        version = a* 1000 + b*100 + c
++        if version < 324:
++            raise CX(_("need yum > 3.2.4 to proceed"))
++
++        base = yum.YumBase()
++        base.doRepoSetup()
++        repos = base.repos.listEnabled()
++        if len(repos) == 0:
++            raise CX(_("no repos enabled/available -- giving up."))
++
++        for repo in repos:
++            url = repo.urls[0]
++            cobbler_repo = self.new_repo()
++            auto_name = repo.name.replace(" ","")
++            # FIXME: probably doesn't work for yum-rhn-plugin ATM
++            cobbler_repo.set_mirror(url)
++            cobbler_repo.set_name(auto_name)
++            print "auto adding: %s (%s)" % (auto_name, url)
++            self._config.repos().add(cobbler_repo,save=True)
++
++        # run cobbler reposync to apply changes
++        return True
++
++    # ==========================================================================
++
++    def get_repo_config_for_profile(self,obj):
++        return self.yumgen.get_yum_config(obj,True)
++
++    def get_repo_config_for_system(self,obj):
++        return self.yumgen.get_yum_config(obj,False)
++
++    # ==========================================================================
++
++    def get_template_file_for_profile(self,obj,path):
++        template_results = self.pxegen.write_templates(obj,False,path)
++        if template_results.has_key(path):
++            return template_results[path]
++        else:
++            return "# template path not found for specified profile"
++
++    def get_template_file_for_system(self,obj,path):
++        template_results = self.pxegen.write_templates(obj,False,path)
++        if template_results.has_key(path):
++            return template_results[path]
++        else:
++            return "# template path not found for specified system"
++
++    # ==========================================================================
++
++    def generate_kickstart(self,profile,system):
++        self.log("generate_kickstart")
++        if system:
++            return self.kickgen.generate_kickstart_for_system(system)
++        else:
++            return self.kickgen.generate_kickstart_for_profile(profile)
++
++    # ==========================================================================
++
++    def check(self, logger=None):
++        """
++        See if all preqs for network booting are valid.  This returns
++        a list of strings containing instructions on things to correct.
++        An empty list means there is nothing to correct, but that still
++        doesn't mean there are configuration errors.  This is mainly useful
++        for human admins, who may, for instance, forget to properly set up
++        their TFTP servers for PXE, etc.
++        """
++        self.log("check")
++        check = action_check.BootCheck(self._config, logger=logger)
++        return check.run()
++
++    # ==========================================================================
++
++    def dlcontent(self,force=False,logger=None):
++        """
++        Downloads bootloader content that may not be avialable in packages
++        for the given arch, ex: if installing on PPC, get syslinux. If installing
++        on x86_64, get elilo, etc.
++        """
++        # FIXME: teach code that copies it to grab from the right place
++        self.log("dlcontent")
++        grabber = action_dlcontent.ContentDownloader(self._config, logger=logger)
++        return grabber.run(force)
++
++    # ==========================================================================
++
++    def validateks(self, logger=None):
++        """
++        Use ksvalidator (from pykickstart, if available) to determine
++        whether the cobbler kickstarts are going to be (likely) well
++        accepted by Anaconda.  Presence of an error does not indicate
++        the kickstart is bad, only that the possibility exists.  ksvalidator
++        is not available on all platforms and can not detect "future"
++        kickstart format correctness.
++        """
++        self.log("validateks")
++        validator = action_validate.Validate(self._config, logger=logger)
++        return validator.run()
++
++    # ==========================================================================
++
++    def sync(self,verbose=False, logger=None):
++        """
++        Take the values currently written to the configuration files in
++        /etc, and /var, and build out the information tree found in
++        /tftpboot.  Any operations done in the API that have not been
++        saved with serialize() will NOT be synchronized with this command.
++        """
++        self.log("sync")
++        sync = self.get_sync(verbose=verbose, logger=logger)
++        return sync.run()
++
++    # ==========================================================================
++
++    def get_sync(self,verbose=False,logger=None):
++        self.dhcp = self.get_module_from_file(
++           "dhcp",
++           "module",
++           "manage_isc"
++        ).get_manager(self._config,logger)
++        self.dns = self.get_module_from_file(
++           "dns",
++           "module",
++           "manage_bind"
++        ).get_manager(self._config,logger)
++        self.tftpd = self.get_module_from_file(
++           "tftpd",
++           "module",
++           "in_tftpd",
++        ).get_manager(self._config,logger)
++
++        return action_sync.BootSync(self._config,dhcp=self.dhcp,dns=self.dns,tftpd=self.tftpd,verbose=verbose,logger=logger)
++
++    # ==========================================================================
++
++    def reposync(self, name=None, tries=1, nofail=False, logger=None):
++        """
++        Take the contents of /var/lib/cobbler/repos and update them --
++        or create the initial copy if no contents exist yet.
++        """
++        self.log("reposync",[name])
++        reposync = action_reposync.RepoSync(self._config, tries=tries, nofail=nofail, logger=logger)
++        return reposync.run(name)
++
++    # ==========================================================================
++
++    def status(self,mode,logger=None):
++        statusifier = action_status.BootStatusReport(self._config,mode,logger=logger)
++        return statusifier.run()
++
++    # ==========================================================================
++
++    def import_tree(self,mirror_url,mirror_name,network_root=None,kickstart_file=None,rsync_flags=None,arch=None,breed=None,os_version=None,logger=None):
++        """
++        Automatically import a directory tree full of distribution files.
++        mirror_url can be a string that represents a path, a user@host
++        syntax for SSH, or an rsync:// address.  If mirror_url is a
++        filesystem path and mirroring is not desired, set network_root
++        to something like "nfs://path/to/mirror_url/root"
++        """
++        self.log("import_tree",[mirror_url, mirror_name, network_root, kickstart_file, rsync_flags])
++        importer_modules = self.get_modules_in_category("manage/import")
++        for importer_module in importer_modules:
++            manager = importer_module.get_import_manager(self._config,logger)
++            if 1:#try:
++                (found,pkgdir) = manager.check_for_signature(mirror_url,breed)
++                if found:
++                    self.log("running import manager: %s" % manager.what())
++                    return manager.run(pkgdir,mirror_url,mirror_name,network_root,kickstart_file,rsync_flags,arch,breed,os_version)
++            #except:
++            #    self.log("an error occured while running the import manager")
++            #    continue
++        self.log("No import managers found a valid signature at the location specified")
++        return False
++
++    # ==========================================================================
++
++    def acl_config(self,adduser=None,addgroup=None,removeuser=None,removegroup=None, logger=None):
++        """
++        Configures users/groups to run the cobbler CLI as non-root.
++        Pass in only one option at a time.  Powers "cobbler aclconfig"
++        """
++        acl = action_acl.AclConfig(self._config, logger)
++        return acl.run(
++            adduser=adduser,
++            addgroup=addgroup,
++            removeuser=removeuser,
++            removegroup=removegroup
++        )
++
++    # ==========================================================================
++
++    def serialize(self):
++        """
++        Save the config file(s) to disk.
++        Cobbler internal use only.
++        """
++        return self._config.serialize()
++
++    def deserialize(self):
++        """
++        Load the current configuration from config file(s)
++        Cobbler internal use only.
++        """
++        return self._config.deserialize()
++
++    def deserialize_raw(self,collection_name):
++        """
++        Get the collection back just as raw data.
++        Cobbler internal use only.
++        """
++        return self._config.deserialize_raw(collection_name)
++
++    def deserialize_item_raw(self,collection_name,obj_name):
++        """
++        Get an object back as raw data.
++        Can be very fast for shelve or catalog serializers
++        Cobbler internal use only.
++        """
++        return self._config.deserialize_item_raw(collection_name,obj_name)
++
++    # ==========================================================================
++
++    def get_module_by_name(self,module_name):
++        """
++        Returns a loaded cobbler module named 'name', if one exists, else None.
++        Cobbler internal use only.
++        """
++        return module_loader.get_module_by_name(module_name)
++
++    def get_module_from_file(self,section,name,fallback=None):
++        """
++        Looks in /etc/cobbler/modules.conf for a section called 'section'
++        and a key called 'name', and then returns the module that corresponds
++        to the value of that key.
++        Cobbler internal use only.
++        """
++        return module_loader.get_module_from_file(section,name,fallback)
++
++    def get_modules_in_category(self,category):
++        """
++        Returns all modules in a given category, for instance "serializer", or "cli".
++        Cobbler internal use only.
++        """
++        return module_loader.get_modules_in_category(category)
++
++    # ==========================================================================
++
++    def authenticate(self,user,password):
++        """
++        (Remote) access control.
++        Cobbler internal use only.
++        """
++        rc = self.authn.authenticate(self,user,password)
++        self.log("authenticate",[user,rc])
++        return rc
++
++    def authorize(self,user,resource,arg1=None,arg2=None):
++        """
++        (Remote) access control.
++        Cobbler internal use only.
++        """
++        rc = self.authz.authorize(self,user,resource,arg1,arg2)
++        self.log("authorize",[user,resource,arg1,arg2,rc],debug=True)
++        return rc
++
++    # ==========================================================================
++
++    def build_iso(self,iso=None,profiles=None,systems=None,buildisodir=None,distro=None,standalone=None,source=None, exclude_dns=None, logger=None):
++        builder = action_buildiso.BuildIso(self._config, logger=logger)
++        return builder.run(
++           iso=iso, profiles=profiles, systems=systems, buildisodir=buildisodir, distro=distro, standalone=standalone, source=source, exclude_dns=exclude_dns
++        )
++
++    # ==========================================================================
++
++    def hardlink(self, logger=None):
++        linker = action_hardlink.HardLinker(self._config, logger=logger)
++        return linker.run()
++
++    # ==========================================================================
++
++    def replicate(self, cobbler_master = None, distro_patterns="", profile_patterns="", system_patterns="", repo_patterns="", image_patterns="",
++                  mgmtclass_patterns=None, package_patterns=None, file_patterns=None, prune=False, omit_data=False, sync_all=False, logger=None):
++        """
++        Pull down data/configs from a remote cobbler server that is a master to this server.
++        """
++        replicator = action_replicate.Replicate(self._config, logger=logger)
++        return replicator.run(
++              cobbler_master       = cobbler_master,
++              distro_patterns      = distro_patterns,
++              profile_patterns     = profile_patterns,
++              system_patterns      = system_patterns,
++              repo_patterns        = repo_patterns,
++              image_patterns       = image_patterns,
++              mgmtclass_patterns   = mgmtclass_patterns,
++              package_patterns     = package_patterns,
++              file_patterns        = file_patterns,
++              prune                = prune,
++              omit_data            = omit_data,
++              sync_all             = sync_all
++        )
++
++    # ==========================================================================
++
++    def report(self, report_what = None, report_name = None, report_type = None, report_fields = None, report_noheaders = None):
++        """
++        Report functionality for cobbler
++        """
++        reporter = action_report.Report(self._config)
++        return reporter.run(report_what = report_what, report_name = report_name,\
++                            report_type = report_type, report_fields = report_fields,\
++                            report_noheaders = report_noheaders)
++
++    # ==========================================================================
++
++    def get_kickstart_templates(self):
++        return utils.get_kickstar_templates(self)
++
++    # ==========================================================================
++
++    def power_on(self, system, user=None, password=None, logger=None):
++        """
++        Powers up a system that has power management configured.
++        """
++        return action_power.PowerTool(self._config,system,self,user,password,logger=logger).power("on")
++
++    def power_off(self, system, user=None, password=None, logger=None):
++        """
++        Powers down a system that has power management configured.
++        """
++        return action_power.PowerTool(self._config,system,self,user,password,logger=logger).power("off")
++
++    def reboot(self,system, user=None, password=None, logger=None):
++        """
++        Cycles power on a system that has power management configured.
++        """
++        self.power_off(system, user, password, logger=logger)
++        time.sleep(5)
++        return self.power_on(system, user, password, logger=logger)
++
++    def power_status(self, system, user=None, password=None, logger=None):
++        """
++        Returns the power status for a system that has power management configured.
++
++        @return: 0  the system is powered on, False if it's not or None on error
++        """
++        return action_power.PowerTool(self._config, system, self, user, password, logger = logger).power("status")
++
++
++    # ==========================================================================
++
++    def clear_logs(self, system, logger=None):
++        """
++        Clears console and anamon logs for system
++        """
++        return action_log.LogTool(self._config,system,self, logger=logger).clear()
++
++    def get_os_details(self):
++        return (self.dist, self.os_version)
 === added file '.pc/60_yaml_safe_load.patch/cobbler/item.py'
 --- .pc/60_yaml_safe_load.patch/cobbler/item.py	1970-01-01 00:00:00 +0000
 +++ .pc/60_yaml_safe_load.patch/cobbler/item.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,427 @@
++"""
++An Item is a serializable thing that can appear in a Collection
++
++Copyright 2006-2009, Red Hat, Inc
++Michael DeHaan <mdehaan@redhat.com>
++
++This software may be freely redistributed under the terms of the GNU
++general public license.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
++"""
++
++import exceptions
++import utils
++from cexceptions import *
++from utils import _
++import pprint
++import fnmatch
++
++class Item:
++
++    TYPE_NAME = "generic"
++
++    def __init__(self,config,is_subobject=False):
++        """
++        Constructor.  Requires a back reference to the Config management object.
++
++        NOTE: is_subobject is used for objects that allow inheritance in their trees.  This
++        inheritance refers to conceptual inheritance, not Python inheritance.  Objects created
++        with is_subobject need to call their set_parent() method immediately after creation
++        and pass in a value of an object of the same type.  Currently this is only supported
++        for profiles.  Subobjects blend their data with their parent objects and only require
++        a valid parent name and a name for themselves, so other required options can be
++        gathered from items further up the cobbler tree.
++
++        Old cobbler:             New cobbler:
++        distro                   distro
++          profile                   profile
++            system                     profile  <-- created with is_subobject=True
++                                         system   <-- created as normal
++
++        For consistancy, there is some code supporting this in all object types, though it is only usable
++        (and only should be used) for profiles at this time.  Objects that are children of
++        objects of the same type (i.e. subprofiles) need to pass this in as True.  Otherwise, just
++        use False for is_subobject and the parent object will (therefore) have a different type.
++
++        """
++
++        self.config = config
++        self.settings = self.config._settings
++        self.clear(is_subobject)      # reset behavior differs for inheritance cases
++        self.parent = ''              # all objects by default are not subobjects
++        self.children = {}            # caching for performance reasons, not serialized
++        self.log_func = self.config.api.log
++        self.ctime = 0 # to be filled in by collection class
++        self.mtime = 0 # to be filled in by collection class
++        self.uid = ""  # to be filled in by collection class
++
++        self.last_cached_mtime = 0
++        self.cached_datastruct = ""
++
++    def clear(self,is_subobject=False):
++        """
++        Reset this object.
++        """
++        utils.clear_from_fields(self,self.get_fields(),is_subobject=is_subobject)
++
++    def make_clone(self):
++        raise exceptions.NotImplementedError
++
++    def from_datastruct(self,seed_data):
++        """
++        Modify this object to take on values in seed_data
++        """
++        return utils.from_datastruct_from_fields(self,seed_data,self.get_fields())
++
++    def to_datastruct(self):
++        return utils.to_datastruct_from_fields(self, self.get_fields())
++
++    def printable(self):
++        return utils.printable_from_fields(self,self.get_fields())
++
++    def remote_methods(self):
++        return utils.get_remote_methods_from_fields(self,self.get_fields())
++
++    def set_uid(self,uid):
++        self.uid = uid
++
++    def get_children(self,sorted=True):
++        """
++        Get direct children of this object.
++        """
++        keys = self.children.keys()
++        if sorted:
++            keys.sort()
++        results = []
++        for k in keys:
++            results.append(self.children[k])
++        return results
++
++    def get_descendants(self):
++        """
++        Get objects that depend on this object, i.e. those that
++        would be affected by a cascading delete, etc.
++        """
++        results = []
++        kids = self.get_children(sorted=False)
++        results.extend(kids)
++        for kid in kids:
++            grandkids = kid.get_descendants()
++            results.extend(grandkids)
++        return results
++
++    def get_parent(self):
++        """
++        For objects with a tree relationship, what's the parent object?
++        """
++        return None
++
++    def get_conceptual_parent(self):
++        """
++        The parent may just be a superclass for something like a
++        subprofile.  Get the first parent of a different type.
++        """
++
++        # FIXME: this is a workaround to get the type of an instance var
++        # what's a more clean way to do this that's python 2.3 friendly?
++        # this returns something like:  cobbler.item_system.System
++        mtype = str(self).split(" ")[0][1:]
++        parent = self.get_parent()
++        while parent is not None:
++           ptype = str(parent).split(" ")[0][1:]
++           if mtype != ptype:
++              self.conceptual_parent = parent
++              return parent
++           parent = parent.get_parent()
++        return None
++
++    def set_name(self,name):
++        """
++        All objects have names, and with the exception of System
++        they aren't picky about it.
++        """
++        if self.name not in ["",None] and self.parent not in ["",None] and self.name == self.parent:
++            raise CX(_("self parentage is weird"))
++        if not isinstance(name, basestring):
++            raise CX(_("name must be a string"))
++        for x in name:
++            if not x.isalnum() and not x in [ "_", "-", ".", ":", "+" ] :
++                raise CX(_("invalid characters in name: '%s'" % name))
++        self.name = name
++        return True
++
++    def set_comment(self, comment):
++        if comment is None:
++           comment = ""
++        self.comment = comment
++        return True
++
++    def set_owners(self,data):
++        """
++        The owners field is a comment unless using an authz module that pays attention to it,
++        like authz_ownership, which ships with Cobbler but is off by default.  Consult the Wiki
++        docs for more info on CustomizableAuthorization.
++        """
++        owners = utils.input_string_or_list(data)
++        self.owners = owners
++        return True
++
++    def set_kernel_options(self,options,inplace=False):
++        """
++        Kernel options are a space delimited list,
++        like 'a=b c=d e=f g h i=j' or a hash.
++        """
++        (success, value) = utils.input_string_or_hash(options)
++        if not success:
++            raise CX(_("invalid kernel options"))
++        else:
++            if inplace:
++                for key in value.keys():
++                    if key.startswith("~"):
++                        del self.kernel_options[key[1:]]
++                    else:
++                        self.kernel_options[key] = value[key]
++            else:
++                self.kernel_options = value
++            return True
++
++    def set_kernel_options_post(self,options,inplace=False):
++        """
++        Post kernel options are a space delimited list,
++        like 'a=b c=d e=f g h i=j' or a hash.
++        """
++        (success, value) = utils.input_string_or_hash(options)
++        if not success:
++            raise CX(_("invalid post kernel options"))
++        else:
++            if inplace:
++                for key in value.keys():
++                    if key.startswith("~"):
++                        del self.self.kernel_options_post[key[1:]]
++                    else:
++                        self.kernel_options_post[key] = value[key]
++            else:
++                self.kernel_options_post = value
++            return True
++
++    def set_ks_meta(self,options,inplace=False):
++        """
++        A comma delimited list of key value pairs, like 'a=b,c=d,e=f' or a hash.
++        The meta tags are used as input to the templating system
++        to preprocess kickstart files
++        """
++        (success, value) = utils.input_string_or_hash(options,allow_multiples=False)
++        if not success:
++            return False
++        else:
++            if inplace:
++                for key in value.keys():
++                    if key.startswith("~"):
++                        del self.ks_meta[key[1:]]
++                    else:
++                        self.ks_meta[key] = value[key]
++            else:
++                self.ks_meta = value
++            return True
++
++    def set_mgmt_classes(self,mgmt_classes):
++        """
++        Assigns a list of configuration management classes that can be assigned
++        to any object, such as those used by Puppet's external_nodes feature.
++        """
++        mgmt_classes_split = utils.input_string_or_list(mgmt_classes)
++        self.mgmt_classes = utils.input_string_or_list(mgmt_classes_split)
++        return True
++
++    def set_mgmt_parameters(self,mgmt_parameters):
++        """
++        A YAML string which can be assigned to any object, this is used by
++        Puppet's external_nodes feature.
++        """
++        if mgmt_parameters == "<<inherit>>":
++            self.mgmt_parameters = mgmt_parameters
++        else:
++            import yaml
++            data = yaml.load(mgmt_parameters)
++            if type(data) is not dict:
++                raise CX(_("Input YAML in Puppet Parameter field must evaluate to a dictionary."))
++            self.mgmt_parameters = data
++        return True
++
++
++    def set_template_files(self,template_files,inplace=False):
++        """
++        A comma seperated list of source=destination templates
++        that should be generated during a sync.
++        """
++        (success, value) = utils.input_string_or_hash(template_files,allow_multiples=False)
++        if not success:
++            return False
++        else:
++            if inplace:
++                for key in value.keys():
++                    if key.startswith("~"):
++                        del self.template_files[key[1:]]
++                    else:
++                        self.template_files[key] = value[key]
++            else:
++                self.template_files = value
++            return True
++
++    def set_boot_files(self,boot_files,inplace=False):
++        """
++        A comma seperated list of req_name=source_file_path
++        that should be fetchable via tftp
++        """
++        (success, value) = utils.input_string_or_hash(boot_files,allow_multiples=False)
++        if not success:
++            return False
++        else:
++            if inplace:
++                for key in value.keys():
++                    if key.startswith("~"):
++                        del self.boot_files[key[1:]]
++                    else:
++                        self.boot_files[key] = value[key]
++            else:
++                self.boot_files= value
++            return True
++
++
++    def set_fetchable_files(self,fetchable_files,inplace=False):
++        """
++        A comma seperated list of virt_name=path_to_template
++        that should be fetchable via tftp or a webserver
++        """
++        (success, value) = utils.input_string_or_hash(fetchable_files,allow_multiples=False)
++        if not success:
++            return False
++        else:
++            if inplace:
++                for key in value.keys():
++                    if key.startswith("~"):
++                        del self.fetchable_files[key[1:]]
++                    else:
++                        self.fetchable_files[key] = value[key]
++            else:
++                self.fetchable_files= value
++            return True
++
++
++    def sort_key(self,sort_fields=[]):
++        data = self.to_datastruct()
++        return [data.get(x,"") for x in sort_fields]
++
++    def find_match(self,kwargs,no_errors=False):
++        # used by find() method in collection.py
++        data = self.to_datastruct()
++        for (key, value) in kwargs.iteritems():
++            # Allow ~ to negate the compare
++            if value is not None and value.startswith("~"):
++                res=not self.find_match_single_key(data,key,value[1:],no_errors)
++            else:
++                res=self.find_match_single_key(data,key,value,no_errors)
++            if not res:
++                return False
++
++        return True
++
++
++    def find_match_single_key(self,data,key,value,no_errors=False):
++        # special case for systems
++        key_found_already = False
++        if data.has_key("interfaces"):
++            if key in [ "mac_address", "ip_address", "subnet", "virt_bridge", "dhcp_tag", "dns_name", "static_routes", "bonding", "bonding_opts", "bonding_master" ]:
++                key_found_already = True
++                for (name, interface) in data["interfaces"].iteritems():
++                    if value is not None:
++                        if self.__find_compare(interface[key], value):
++                            return True
++
++        if not data.has_key(key):
++            if not key_found_already:
++                if not no_errors:
++                   # FIXME: removed for 2.0 code, shouldn't cause any problems to not have an exception here?
++                   # raise CX(_("searching for field that does not exist: %s" % key))
++                   return False
++            else:
++                if value is not None: # FIXME: new?
++                   return False
++
++        if value is None:
++            return True
++        else:
++            return self.__find_compare(value, data[key])
++
++
++    def __find_compare(self, from_search, from_obj):
++
++        if isinstance(from_obj, basestring):
++            # FIXME: fnmatch is only used for string to string comparisions
++            # which should cover most major usage, if not, this deserves fixing
++            if fnmatch.fnmatch(from_obj.lower(), from_search.lower()):
++                return True
++            else:
++                return False
++
++        else:
++            if isinstance(from_search, basestring):
++                if type(from_obj) == type([]):
++                    from_search = utils.input_string_or_list(from_search)
++                    for x in from_search:
++                        if x not in from_obj:
++                            return False
++                    return True
++
++                if type(from_obj) == type({}):
++                    (junk, from_search) = utils.input_string_or_hash(from_search,allow_multiples=True)
++                    for x in from_search.keys():
++                        y = from_search[x]
++                        if not from_obj.has_key(x):
++                            return False
++                        if not (y == from_obj[x]):
++                            return False
++                    return True
++
++                if type(from_obj) == type(True):
++                    if from_search.lower() in [ "true", "1", "y", "yes" ]:
++                        inp = True
++                    else:
++                        inp = False
++                    if inp == from_obj:
++                        return True
++                    return False
++
++            raise CX(_("find cannot compare type: %s") % type(from_obj))
++
++    def dump_vars(self,data,format=True):
++        raw = utils.blender(self.config.api, False, self)
++        if format:
++            return pprint.pformat(raw)
++        else:
++            return raw
++
++    def set_depth(self,depth):
++        self.depth = depth
++
++    def set_ctime(self,ctime):
++        self.ctime = ctime
++
++    def set_mtime(self,mtime):
++        self.mtime = mtime
++
++    def set_parent(self,parent):
++        self.parent = parent
++
++    def check_if_valid(self):
++        """
++        Raise exceptions if the object state is inconsistent
++        """
++        if self.name is None or self.name == "":
++           raise CX("Name is required")
++
++
++
 === added directory '.pc/60_yaml_safe_load.patch/cobbler/modules'
 === added file '.pc/60_yaml_safe_load.patch/cobbler/modules/serializer_catalog.py'
 --- .pc/60_yaml_safe_load.patch/cobbler/modules/serializer_catalog.py	1970-01-01 00:00:00 +0000
 +++ .pc/60_yaml_safe_load.patch/cobbler/modules/serializer_catalog.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,241 @@
++"""
++Serializer code for cobbler.
++As of 8/2009, this is the "best" serializer option.
++It uses multiple files in /var/lib/cobbler/config/distros.d, profiles.d, etc
++And JSON, when possible, and YAML, when not.
++It is particularly fast, especially when using JSON.   YAML, not so much.
++It also knows how to upgrade the old "single file" configs to .d versions.
++
++Copyright 2006-2009, Red Hat, Inc
++Michael DeHaan <mdehaan@redhat.com>
++
++This program is free software; you can redistribute it and/or modify
++it under the terms of the GNU General Public License as published by
++the Free Software Foundation; either version 2 of the License, or
++(at your option) any later version.
++
++This program is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++GNU General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++02110-1301  USA
++"""
++
++import distutils.sysconfig
++import os
++import sys
++import glob
++import traceback
++import yaml # PyYAML
++import simplejson
++import exceptions
++
++plib = distutils.sysconfig.get_python_lib()
++mod_path="%s/cobbler" % plib
++sys.path.insert(0, mod_path)
++
++from utils import _
++import utils
++from cexceptions import *
++import os
++
++def can_use_json():
++    version = sys.version[:3]
++    version = float(version)
++    return (version > 2.3)
++
++def register():
++    """
++    The mandatory cobbler module registration hook.
++    """
++    return "serializer"
++
++def serialize_item(obj, item):
++
++    if item.name is None or item.name == "":
++       raise exceptions.RuntimeError("name unset for object!")
++
++    # FIXME: Need a better way to support collections/items
++    # appending an 's' does not work in all cases
++    if obj.collection_type() in [ 'mgmtclass' ]:
++        filename = "/var/lib/cobbler/config/%ses.d/%s" % (obj.collection_type(),item.name)
++    else:
++        filename = "/var/lib/cobbler/config/%ss.d/%s" % (obj.collection_type(),item.name)
++
++    datastruct = item.to_datastruct()
++
++    jsonable = can_use_json()
++
++    if jsonable:
++
++        # avoid using JSON on python 2.3 where we can encounter
++        # unicode problems with simplejson pre 2.0
++
++        if os.path.exists(filename):
++            print "upgrading yaml file to json: %s" % filename
++            os.remove(filename)
++        filename = filename + ".json"
++        datastruct = item.to_datastruct()
++        fd = open(filename,"w+")
++        data = simplejson.dumps(datastruct, encoding="utf-8")
++        #data = data.encode('utf-8')
++        fd.write(data)
++
++    else:
++
++        if os.path.exists(filename + ".json"):
++            print "downgrading json file back to yaml: %s" % filename
++            os.remove(filename + ".json")
++        datastruct = item.to_datastruct()
++        fd = open(filename,"w+")
++        data = yaml.dump(datastruct)
++        fd.write(data)
++
++    fd.close()
++    return True
++
++def serialize_delete(obj, item):
++    # FIXME: Need a better way to support collections/items
++    # appending an 's' does not work in all cases
++    if obj.collection_type() in [ 'mgmtclass', ]:
++        filename = "/var/lib/cobbler/config/%ses.d/%s" % (obj.collection_type(),item.name)
++    else:
++        filename = "/var/lib/cobbler/config/%ss.d/%s" % (obj.collection_type(),item.name)
++
++    filename2 = filename + ".json"
++    if os.path.exists(filename):
++        os.remove(filename)
++    if os.path.exists(filename2):
++        os.remove(filename2)
++    return True
++
++def deserialize_item_raw(collection_type, item_name):
++    # this new fn is not really implemented performantly in this module.
++    # yet.
++
++    # FIXME: Need a better way to support collections/items
++    # appending an 's' does not work in all cases
++    if item_name in [ 'mgmtclass' ]:
++        filename = "/var/lib/cobbler/config/%ses.d/%s" % (collection_type(),item_name)
++    else:
++        filename = "/var/lib/cobbler/config/%ss.d/%s" % (collection_type,item_name)
++
++    filename2 = filename + ".json"
++    if os.path.exists(filename):
++        fd = open(filename)
++        data = fd.read()
++        return yaml.load(data)
++    elif os.path.exists(filename2):
++        fd = open(filename2)
++        data = fd.read()
++        return simplejson.loads(data, encoding="utf-8")
++    else:
++        return None
++
++
++def serialize(obj):
++    """
++    Save an object to disk.  Object must "implement" Serializable.
++    FIXME: Return False on access/permission errors.
++    This should NOT be used by API if serialize_item is available.
++    """
++    ctype = obj.collection_type()
++    if ctype == "settings":
++        return True
++    for x in obj:
++        serialize_item(obj,x)
++    return True
++
++def deserialize_raw(collection_type):
++    # FIXME: Need a better way to support collections/items
++    # appending an 's' does not work in all cases
++    if collection_type in [ 'mgmtclass' ]:
++        old_filename = "/var/lib/cobbler/%ses" % collection_type
++    else:
++        old_filename = "/var/lib/cobbler/%ss" % collection_type
++
++    if collection_type == "settings":
++         fd = open("/etc/cobbler/settings")
++         datastruct = yaml.load(fd.read())
++         fd.close()
++         return datastruct
++    elif os.path.exists(old_filename):
++         # for use in migration from serializer_yaml to serializer_catalog (yaml/json)
++         fd = open(old_filename)
++         datastruct = yaml.load(fd.read())
++         fd.close()
++         return datastruct
++    else:
++         results = []
++         # FIXME: Need a better way to support collections/items
++         # appending an 's' does not work in all cases
++         if collection_type in [ 'mgmtclass' ]:
++             all_files = glob.glob("/var/lib/cobbler/config/%ses.d/*" % collection_type)
++         else:
++             all_files = glob.glob("/var/lib/cobbler/config/%ss.d/*" % collection_type)
++
++         all_files = filter_upgrade_duplicates(all_files)
++         for f in all_files:
++             fd = open(f)
++             ydata = fd.read()
++             # ydata = ydata.decode()
++             if f.endswith(".json"):
++                 datastruct = simplejson.loads(ydata, encoding='utf-8')
++             else:
++                 datastruct = yaml.load(ydata)
++             results.append(datastruct)
++             fd.close()
++         return results
++
++def filter_upgrade_duplicates(file_list):
++    """
++    In a set of files, some ending with .json, some not, return
++    the list of files with the .json ones taking priority over
++    the ones that are not.
++    """
++    bases = {}
++    for f in file_list:
++       basekey = f.replace(".json","")
++       if f.endswith(".json"):
++           bases[basekey] = f
++       else:
++           lookup = bases.get(basekey,"")
++           if not lookup.endswith(".json"):
++              bases[basekey] = f
++    return bases.values()
++
++def deserialize(obj,topological=True):
++    """
++    Populate an existing object with the contents of datastruct.
++    Object must "implement" Serializable.
++    """
++    # FIXME: Need a better way to support collections/items
++    # appending an 's' does not work in all cases
++    if obj.collection_type() in [ 'mgmtclass' ]:
++        old_filename = "/var/lib/cobbler/%ses" % obj.collection_type()
++    else:
++        old_filename = "/var/lib/cobbler/%ss" % obj.collection_type()
++
++    datastruct = deserialize_raw(obj.collection_type())
++    if topological and type(datastruct) == list:
++       datastruct.sort(__depth_cmp)
++    obj.from_datastruct(datastruct)
++    if os.path.exists(old_filename):
++       # we loaded it in from the old filename, so now migrate to new fmt
++       sys.stderr.write("auto-removing old config format: %s\n" % old_filename)
++       serialize(obj)
++       os.remove(old_filename)
++    return True
++
++def __depth_cmp(item1, item2):
++    d1 = item1.get("depth",1)
++    d2 = item2.get("depth",1)
++    return cmp(d1,d2)
++
++if __name__ == "__main__":
++    print deserialize_item_raw("distro","D1")
++
 === added file '.pc/60_yaml_safe_load.patch/cobbler/modules/serializer_couch.py'
 --- .pc/60_yaml_safe_load.patch/cobbler/modules/serializer_couch.py	1970-01-01 00:00:00 +0000
 +++ .pc/60_yaml_safe_load.patch/cobbler/modules/serializer_couch.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,136 @@
++"""
++Serializer code for cobbler.
++Experimental:  couchdb version
++
++Copyright 2006-2009, Red Hat, Inc
++Michael DeHaan <mdehaan@redhat.com>
++
++This program is free software; you can redistribute it and/or modify
++it under the terms of the GNU General Public License as published by
++the Free Software Foundation; either version 2 of the License, or
++(at your option) any later version.
++
++This program is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++GNU General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++02110-1301  USA
++"""
++
++import distutils.sysconfig
++import os
++import sys
++import glob
++import traceback
++import yaml # PyYAML
++import simplejson
++import exceptions
++
++plib = distutils.sysconfig.get_python_lib()
++mod_path="%s/cobbler" % plib
++sys.path.insert(0, mod_path)
++
++from utils import _
++import utils
++from cexceptions import *
++import os
++import couch
++
++typez = [ "distro", "profile", "system", "image", "repo" ]
++couchdb = couch.Couch('127.0.0.1')
++
++def __connect():
++   couchdb.connect()
++   for x in typez:
++       couchdb.createDb(x)
++
++def register():
++    """
++    The mandatory cobbler module registration hook.
++    """
++    # FIXME: only run this if enabled.
++    return "serializer"
++
++def serialize_item(obj, item):
++    __connect()
++    datastruct = item.to_datastruct()
++    # blindly prevent conflict resolution
++    couchdb.openDoc(obj.collection_type(), item.name)
++    data = couchdb.saveDoc(obj.collection_type(),
++                  simplejson.dumps(datastruct, encoding="utf-8"),
++                  item.name)
++    data = simplejson.loads(data)
++    return True
++
++def serialize_delete(obj, item):
++    __connect()
++    couchdb.deleteDoc(obj.collection_type(),
++                    item.name)
++    return True
++
++def deserialize_item_raw(collection_type, item_name):
++    __connect()
++    data = couchdb.openDoc(collection_type, item_name)
++    return simplejson.loads(data, encoding="utf-8")
++
++def serialize(obj):
++    """
++    Save an object to disk.  Object must "implement" Serializable.
++    FIXME: Return False on access/permission errors.
++    This should NOT be used by API if serialize_item is available.
++    """
++    __connect()
++    ctype = obj.collection_type()
++    if ctype == "settings":
++        return True
++    for x in obj:
++        serialize_item(obj,x)
++    return True
++
++def deserialize_raw(collection_type):
++    __connect()
++    contents = simplejson.loads(couchdb.listDoc(collection_type))
++    items = []
++    if contents.has_key("error") and contents.get("reason","").find("Missing") != -1:
++        # no items in the DB yet
++        return []
++    for x in contents["rows"]:
++       items.append(x["key"])
++
++    if collection_type == "settings":
++         fd = open("/etc/cobbler/settings")
++         datastruct = yaml.load(fd.read())
++         fd.close()
++         return datastruct
++    else:
++         results = []
++         for f in items:
++             data = couchdb.openDoc(collection_type, f)
++             datastruct = simplejson.loads(data, encoding='utf-8')
++             results.append(datastruct)
++         return results
++
++def deserialize(obj,topological=True):
++    """
++    Populate an existing object with the contents of datastruct.
++    Object must "implement" Serializable.
++    """
++    __connect()
++    datastruct = deserialize_raw(obj.collection_type())
++    if topological and type(datastruct) == list:
++       datastruct.sort(__depth_cmp)
++    obj.from_datastruct(datastruct)
++    return True
++
++def __depth_cmp(item1, item2):
++    d1 = item1.get("depth",1)
++    d2 = item2.get("depth",1)
++    return cmp(d1,d2)
++
++if __name__ == "__main__":
++    print deserialize_item_raw("distro","D1")
++
 === added file '.pc/60_yaml_safe_load.patch/cobbler/remote.py'
 --- .pc/60_yaml_safe_load.patch/cobbler/remote.py	1970-01-01 00:00:00 +0000
 +++ .pc/60_yaml_safe_load.patch/cobbler/remote.py	2011-11-11 16:30:32 +0000
@@ -0,0 +1,2547 @@
++"""
++Code for Cobbler's XMLRPC API
++
++Copyright 2007-2009, Red Hat, Inc
++Michael DeHaan <mdehaan@redhat.com>
++
++This program is free software; you can redistribute it and/or modify
++it under the terms of the GNU General Public License as published by
++the Free Software Foundation; either version 2 of the License, or
++(at your option) any later version.
++
++This program is distributed in the hope that it will be useful,
++but WITHOUT ANY WARRANTY; without even the implied warranty of
++MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
++GNU General Public License for more details.
++
++You should have received a copy of the GNU General Public License
++along with this program; if not, write to the Free Software
++Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
++02110-1301  USA
++"""
++
++import sys, socket, time, os, errno, re, random, stat, string
++import base64
++import SimpleXMLRPCServer
++from SocketServer import ThreadingMixIn
++import xmlrpclib
++import base64
++import fcntl
++import traceback
++import glob
++try:
++    import subprocess
++except:
++    import sub_process as subprocess
++from threading import Thread
++
++import api as cobbler_api
++import utils
++from cexceptions import *
++import item_distro
++import item_profile
++import item_system
++import item_repo
++import item_image
++import item_mgmtclass
++import item_package
++import item_file
++import clogger
++import pxegen
++import utils
++#from utils import * # BAD!
++from utils import _
++import configgen
++
++# FIXME: make configurable?
++TOKEN_TIMEOUT = 60*60 # 60 minutes
++EVENT_TIMEOUT = 7*24*60*60 # 1 week
++CACHE_TIMEOUT = 10*60 # 10 minutes
++
++# task codes
++EVENT_RUNNING   = "running"
++EVENT_COMPLETE  = "complete"
++EVENT_FAILED    = "failed"
++# normal events
++EVENT_INFO      = "notification"
++
++# for backwards compatibility with 1.6 and prev XMLRPC
++# do not remove!
++REMAP_COMPAT = {
++   "ksmeta"          : "ks_meta",
++   "kopts"           : "kernel_options",
++   "kopts_post"      : "kernel_options_post",
++   "netboot-enabled" : "netboot_enabled"
++}
++
++class CobblerThread(Thread):
++    def __init__(self,event_id,remote,logatron,options):
++        Thread.__init__(self)
++        self.event_id        = event_id
++        self.remote          = remote
++        self.logger          = logatron
++        if options is None:
++            options = {}
++        self.options         = options
++
++    def on_done(self):
++        pass
++
++    def run(self):
++        time.sleep(1)
++        try:
++            rc = self._run(self)
++            self.remote._set_task_state(self,self.event_id,EVENT_COMPLETE)
++            self.on_done()
++            return rc
++        except:
++            utils.log_exc(self.logger)
++            self.remote._set_task_state(self,self.event_id,EVENT_FAILED)
++            return False
++
++# *********************************************************************
++# *********************************************************************
++
++class CobblerXMLRPCInterface:
++    """
++    This is the interface used for all XMLRPC methods, for instance,
++    as used by koan or CobblerWeb.
++
++    Most read-write operations require a token returned from "login".
++    Read operations do not.
++    """
++
++    def __init__(self,api):
++        """
++        Constructor.  Requires a Cobbler API handle.
++        """
++        self.api = api
++        self.logger = self.api.logger
++        self.token_cache = {}
++        self.object_cache = {}
++        self.timestamp = self.api.last_modified_time()
++        self.events = {}
++        self.shared_secret = utils.get_shared_secret()
++        random.seed(time.time())
++        self.translator = utils.Translator(keep=string.printable)
++        self.pxegen = pxegen.PXEGen(api._config,self.logger)
++
++    def check(self, token):
++        """
++        Returns a list of all the messages/warnings that are things
++        that admin may want to correct about the configuration of
++        the cobbler server.  This has nothing to do with "check_access"
++        which is an auth/authz function in the XMLRPC API.
++        """
++        self.check_access(token, "check")
++        return self.api.check(logger=self.logger)
++
++    def background_buildiso(self, options, token):
++        """
++        Generates an ISO in /var/www/cobbler/pub that can be used to install
++        profiles without using PXE.
++        """
++        def runner(self):
++            return self.remote.api.build_iso(
++                self.options.get("iso","/var/www/cobbler/pub/generated.iso"),
++                self.options.get("profiles",None),
++                self.options.get("systems",None),
++                self.options.get("buildisodir",None),
++                self.options.get("distro",None),
++                self.options.get("standalone",False),
++                self.options.get("source",None),
++                self.options.get("exclude_dns",False),
++                self.logger
++            )
++        def on_done(self):
++            if self.options.get("iso","") == "/var/www/cobbler/pub/generated.iso":
++                msg = "ISO now available for <A HREF=\"/cobbler/pub/generated.iso\">download</A>"
++                self.remote._new_event(msg)
++        return self.__start_task(runner, token, "buildiso", "Build Iso", options, on_done)
++
++    def background_aclsetup(self, options, token):
++        def runner(self):
++            return self.remote.api.acl_config(
++                self.options.get("adduser",None),
++                self.options.get("addgroup",None),
++                self.options.get("removeuser",None),
++                self.options.get("removegroup",None),
++                self.logger
++            )
++        return self.__start_task(runner, token, "aclsetup", "(CLI) ACL Configuration", options)
++
++    def background_dlcontent(self, options, token):
++        """
++        Download bootloaders and other support files.
++        """
++        def runner(self):
++            return self.remote.api.dlcontent(self.options.get("force",False), self.logger)
++        return self.__start_task(runner, token, "get_loaders", "Download Bootloader Content", options)
++
++    def background_sync(self, options, token):
++        def runner(self):
++            return self.remote.api.sync(self.options.get("verbose",False),logger=self.logger)
++        return self.__start_task(runner, token, "sync", "Sync", options)
++
++    def background_hardlink(self, options, token):
++        def runner(self):
++            return self.remote.api.hardlink(logger=self.logger)
++        return self.__start_task(runner, token, "hardlink", "Hardlink", options)
++
++    def background_validateks(self, options, token):
++        def runner(self):
++            return self.remote.api.validateks(logger=self.logger)
++        return self.__start_task(runner, token, "validateks", "Kickstart Validation", options)
++
++    def background_replicate(self, options, token):
++        def runner(self):
++            # FIXME: defaults from settings here should come from views, fix in views.py
++            return self.remote.api.replicate(
++                self.options.get("master", None),
++                self.options.get("distro_patterns", ""),
++                self.options.get("profile_patterns", ""),
++                self.options.get("system_patterns", ""),
++                self.options.get("repo_patterns", ""),
++                self.options.get("image_patterns", ""),
++                self.options.get("mgmtclass_patterns", ""),
++                self.options.get("package_patterns", ""),
++                self.options.get("file_patterns", ""),
++                self.options.get("prune", False),
++                self.options.get("omit_data", False),
++                self.options.get("sync_all", False),
++                self.logger
++            )
++        return self.__start_task(runner, token, "replicate", "Replicate", options)
++
++    def background_import(self, options, token):
++        def runner(self):
++            return self.remote.api.import_tree(
++                self.options.get("path", None),
++                self.options.get("name", None),
++                self.options.get("available_as", None),
++                self.options.get("kickstart_file", None),
++                self.options.get("rsync_flags",None),
++                self.options.get("arch",None),
++                self.options.get("breed", None),
++                self.options.get("os_version", None),
++                self.logger
++            )
++        return self.__start_task(runner, token, "import", "Media import", options)
++
++    def background_reposync(self, options, token):
++        def runner(self):
++            # NOTE: WebUI passes in repos here, CLI passes only:
++            repos = options.get("repos", [])
++            only = options.get("only", None)
++            if only is not None:
++                repos = [ only ]
++            nofail = options.get("nofail", len(repos) > 0)
++
++            if len(repos) > 0:
++                for name in repos:
++                    self.remote.api.reposync(tries=self.options.get("tries",
++                        3), name=name, nofail=nofail, logger=self.logger)
++            else:
++                self.remote.api.reposync(tries=self.options.get("tries",3),
++                        name=None, nofail=nofail, logger=self.logger)
++            return True
++        return self.__start_task(runner, token, "reposync", "Reposync", options)
++
++    def background_power_system(self, options, token):
++        def runner(self):
++            for x in self.options.get("systems",[]):
++                object_id = self.remote.get_system_handle(x,token)
++                self.remote.power_system(object_id,self.options.get("power",""),token,logger=self.logger)
++            return True
++        self.check_access(token, "power")
++        return self.__start_task(runner, token, "power", "Power management (%s)" % options.get("power",""), options)
++
++
++    def get_events(self, for_user=""):
++        """
++        Returns a hash(key=event id) = [ statetime, name, state, [read_by_who] ]
++        If for_user is set to a string, it will only return events the user
++        has not seen yet.  If left unset, it will return /all/ events.
++        """
++
++        # return only the events the user has not seen
++        self.events_filtered = {}
++        for (k,x) in self.events.iteritems():
++           if for_user in x[3]:
++              pass
++           else:
++              self.events_filtered[k] = x
++
++        # mark as read so user will not get events again
++        if for_user is not None and for_user != "":
++           for (k,x) in self.events.iteritems():
++               if for_user in x[3]:
++                  pass
++               else:
++                  self.events[k][3].append(for_user)
++
++        return self.events_filtered
++
++    def get_event_log(self,event_id):
++        """
++        Returns the contents of a task log.
++        Events that are not task-based do not have logs.
++        """
++        event_id = str(event_id).replace("..","").replace("/","")
++        path = "/var/log/cobbler/tasks/%s.log" % event_id
++        self._log("getting log for %s" % event_id)
++        if os.path.exists(path):
++           fh = open(path, "r")
++           data = str(fh.read())
++           data = self.translator(data)
++           fh.close()
++           return data
++        else:
++           return "?"
++
++    def __generate_event_id(self,optype):
++        t = time.time()
++        (year, month, day, hour, minute, second, weekday, julian, dst) = time.localtime()
++        return "%04d-%02d-%02d_%02d%02d%02d_%s" % (year,month,day,hour,minute,second,optype)
++
++    def _new_event(self, name):
++        event_id = self.__generate_event_id("event")
++        event_id = str(event_id)
++        self.events[event_id] = [ float(time.time()), str(name), EVENT_INFO, [] ]
++
++    def __start_task(self, thr_obj_fn, token, role_name, name, args, on_done=None):
++        """
++        Starts a new background task.
++            token      -- token from login() call, all tasks require tokens
++            role_name  -- used to check token against authn/authz layers
++            thr_obj_fn -- function handle to run in a background thread
++            name       -- display name to show in logs/events
++            args       -- usually this is a single hash, containing options
++            on_done    -- an optional second function handle to run after success (and only success)
++        Returns a task id.
++        """
++        self.check_access(token, role_name)
++        event_id = self.__generate_event_id(role_name) # use short form for logfile suffix
++        event_id = str(event_id)
++        self.events[event_id] = [ float(time.time()), str(name), EVENT_RUNNING, [] ]
++
++        self._log("start_task(%s); event_id(%s)"%(name,event_id))
++        logatron = clogger.Logger("/var/log/cobbler/tasks/%s.log" % event_id)
++
++        thr_obj = CobblerThread(event_id,self,logatron,args)
++        on_done_type = type(thr_obj.on_done)
++
++        thr_obj._run = thr_obj_fn
++        if on_done is not None:
++           thr_obj.on_done = on_done_type(on_done, thr_obj, CobblerThread)
++        thr_obj.start()
++        return event_id
++
++    def _set_task_state(self,thread_obj,event_id,new_state):
++        event_id = str(event_id)
++        if self.events.has_key(event_id):
++            self.events[event_id][2] = new_state
++            self.events[event_id][3] = [] # clear the list of who has read it
++        if thread_obj is not None:
++            if new_state == EVENT_COMPLETE:
++                thread_obj.logger.info("### TASK COMPLETE ###")
++            if new_state == EVENT_FAILED:
++                thread_obj.logger.error("### TASK FAILED ###")
++
++    def get_task_status(self, event_id):
++        event_id = str(event_id)
++        if self.events.has_key(event_id):
++            return self.events[event_id]
++        else:
++            raise CX("no event with that id")
++
++    def __sorter(self,a,b):
++        """
++        Helper function to sort two datastructure representations of
++        cobbler objects by name.
++        """
++        return cmp(a["name"],b["name"])
++
++    def last_modified_time(self, token=None):
++        """
++        Return the time of the last modification to any object.
++        Used to verify from a calling application that no cobbler
++        objects have changed since last check.
++        """
++        return self.api.last_modified_time()
++
++    def update(self, token=None):
++        """
++        Deprecated method.  Now does nothing.
++        """
++        return True
++
++    def ping(self):
++        """
++        Deprecated method.  Now does nothing.
++        """
++        return True
++
++    def get_user_from_token(self,token):
++        """
++        Given a token returned from login, return the username
++        that logged in with it.
++        """
++        if not self.token_cache.has_key(token):
++            raise CX("invalid token: %s" % token)
++        else:
++            return self.token_cache[token][1]
++
++    def _log(self,msg,user=None,token=None,name=None,object_id=None,attribute=None,debug=False,error=False):
++        """
++        Helper function to write data to the log file from the XMLRPC remote implementation.
++        Takes various optional parameters that should be supplied when known.
++        """
++
++        # add the user editing the object, if supplied
++        m_user = "?"
++        if user is not None:
++           m_user = user
++        if token is not None:
++           try:
++               m_user = self.get_user_from_token(token)
++           except:
++               # invalid or expired token?
++               m_user = "???"
++        msg = "REMOTE %s; user(%s)" % (msg, m_user)
++
++        if name is not None:
++            msg = "%s; name(%s)" % (msg, name)
++
++        if object_id is not None:
++            msg = "%s; object_id(%s)" % (msg, object_id)
++
++        # add any attributes being modified, if any
++        if attribute:
++           msg = "%s; attribute(%s)" % (msg, attribute)
++
++        # log to the correct logger
++        if error:
++           logger = self.logger.error
++        elif debug:
++           logger = self.logger.debug
++        else:
++           logger = self.logger.info
++        logger(msg)
++
++    def __sort(self,data,sort_field=None):
++        """
++        Helper function used by the various find/search functions to return
++        object representations in order.
++        """
++        sort_fields=["name"]
++        sort_rev=False
++        if sort_field is not None:
++            if sort_field.startswith("!"):
++                sort_field=sort_field[1:]
++                sort_rev=True
++            sort_fields.insert(0,sort_field)
++        sortdata=[(x.sort_key(sort_fields),x) for x in data]
++        if sort_rev:
++            sortdata.sort(lambda a,b:cmp(b,a))
++        else:
++            sortdata.sort()
++        return [x for (key, x) in sortdata]
++
++    def __paginate(self,data,page=None,items_per_page=None,token=None):
++        """
++        Helper function to support returning parts of a selection, for
++        example, for use in a web app where only a part of the results
++        are to be presented on each screen.
++        """
++        default_page = 1
++        default_items_per_page = 25
++
++        try:
++            page = int(page)
++            if page < 1:
++                page = default_page
++        except:
++            page = default_page
++        try:
++            items_per_page = int(items_per_page)
++            if items_per_page <= 0:
++                items_per_page = default_items_per_page
++        except:
++            items_per_page = default_items_per_page
++
++        num_items = len(data)
++        num_pages = ((num_items-1)/items_per_page)+1
++        if num_pages==0:
++            num_pages=1
++        if page>num_pages:
++            page=num_pages
++        start_item = (items_per_page * (page-1))
++        end_item   = start_item + items_per_page
++        if start_item > num_items:
++            start_item = num_items - 1
++        if end_item > num_items:
++            end_item = num_items
++        data = data[start_item:end_item]
++
++        if page > 1:
++            prev_page = page - 1
++        else:
++            prev_page = None
++        if page < num_pages:
++            next_page = page + 1
++        else:
++            next_page = None
++
++        return (data,{
++                'page'        : page,
++                'prev_page'   : prev_page,
++                'next_page'   : next_page,
++                'pages'       : range(1,num_pages+1),
++                'num_pages'   : num_pages,
++                'num_items'   : num_items,
++                'start_item'  : start_item,
++                'end_item'    : end_item,
++                'items_per_page' : items_per_page,
++                'items_per_page_list' : [10,20,50,100,200,500],
++        })
++
++    def __get_object(self, object_id):
++        """
++        Helper function. Given an object id, return the actual object.
++        """
++        if object_id.startswith("___NEW___"):
++           return self.object_cache[object_id][1]
++        (otype, oname) = object_id.split("::",1)
++        return self.api.get_item(otype,oname)
++
++    def get_item(self, what, name, flatten=False):
++        """
++        Returns a hash describing a given object.
++        what -- "distro", "profile", "system", "image", "repo", etc
++        name -- the object name to retrieve
++        flatten -- reduce hashes to string representations (True/False)
++        """
++        self._log("get_item(%s,%s)"%(what,name))
++        item=self.api.get_item(what,name)
++        if item is not None:
++            item=item.to_datastruct()
++        if flatten:
++            item = utils.flatten(item)
++        return self.xmlrpc_hacks(item)
++
++    def get_distro(self,name,flatten=False,token=None,**rest):
++        return self.get_item("distro",name,flatten=flatten)
++    def get_profile(self,name,flatten=False,token=None,**rest):
++        return self.get_item("profile",name,flatten=flatten)
++    def get_system(self,name,flatten=False,token=None,**rest):
++        return self.get_item("system",name,flatten=flatten)
++    def get_repo(self,name,flatten=False,token=None,**rest):
++        return self.get_item("repo",name,flatten=flatten)
++    def get_image(self,name,flatten=False,token=None,**rest):
++        return self.get_item("image",name,flatten=flatten)
++    def get_mgmtclass(self,name,flatten=False,token=None,**rest):
++        return self.get_mgmtclass("mgmtclass",name,flatten=flatten)
++    def get_package(self,name,flatten=False,token=None,**rest):
++        return self.get_package("package",name,flatten=flatten)
++    def get_file(self,name,flatten=False,token=None,**rest):
++        return self.get_file("file",name,flatten=flatten)
++
++    def get_items(self, what):
++        """
++        Returns a list of hashes.
++        what is the name of a cobbler object type, as described for get_item.
++        Individual list elements are the same for get_item.
++        """
++        # FIXME: is the xmlrpc_hacks method still required ?
++        item = [x.to_datastruct() for x in self.api.get_items(what)]
++        return self.xmlrpc_hacks(item)
++
++    def get_item_names(self, what):
++        """
++        Returns a list of object names (keys) for the given object type.
++        This is just like get_items, but transmits less data.
++        """
++        return [x.name for x in self.api.get_items(what)]
++
++    def get_distros(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("distro")
++    def get_profiles(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("profile")
++    def get_systems(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("system")
++    def get_repos(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("repo")
++    def get_images(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("image")
++    def get_mgmtclasses(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("mgmtclass")
++    def get_packages(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("package")
++    def get_files(self,page=None,results_per_page=None,token=None,**rest):
++        return self.get_items("file")
++
++    def find_items(self, what, criteria=None,sort_field=None,expand=True):
++        """
++        Returns a list of hashes.
++        Works like get_items but also accepts criteria as a hash to search on.
++        Example:  { "name" : "*.example.org" }
++        Wildcards work as described by 'pydoc fnmatch'.
++        """
++        self._log("find_items(%s); criteria(%s); sort(%s)" % (what,criteria,sort_field))
++        items = self.api.find_items(what,criteria=criteria)
++        items = self.__sort(items,sort_field)
++        if not expand:
++            items = [x.name for x in items]
++        else:
++            items = [x.to_datastruct() for x in items]
++        return self.xmlrpc_hacks(items)
++
++    def find_distro(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("distro",criteria,expand=expand)
++    def find_profile(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("profile",criteria,expand=expand)
++    def find_system(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("system",criteria,expand=expand)
++    def find_repo(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("repo",criteria,expand=expand)
++    def find_image(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("image",criteria,expand=expand)
++    def find_mgmtclass(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("mgmtclass",criteria,expand=expand)
++    def find_package(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("package",criteria,expand=expand)
++    def find_file(self,criteria={},expand=False,token=None,**rest):
++        return self.find_items("file",criteria,expand=expand)
++
++    def find_items_paged(self, what, criteria=None, sort_field=None, page=None, items_per_page=None, token=None):
++        """
++        Returns a list of hashes as with find_items but additionally supports
++        returning just a portion of the total list, for instance in supporting
++        a web app that wants to show a limited amount of items per page.
++        """
++        # FIXME: make token required for all logging calls
++        self._log("find_items_paged(%s); criteria(%s); sort(%s)" % (what,criteria,sort_field), token=token)
++        items = self.api.find_items(what,criteria=criteria)
++        items = self.__sort(items,sort_field)
++        (items,pageinfo) = self.__paginate(items,page,items_per_page)
++        items = [x.to_datastruct() for x in items]
++        return self.xmlrpc_hacks({
++            'items'    : items,
++            'pageinfo' : pageinfo
++        })
++
++    def has_item(self,what,name,token=None):
++        """
++        Returns True if a given collection has an item with a given name,
++        otherwise returns False.
++        """
++        self._log("has_item(%s)"%what,token=token,name=name)
++        found = self.api.get_item(what,name)
++        if found is None:
++            return False
++        else:
++            return True
++
++    def get_item_handle(self,what,name,token=None):
++        """
++        Given the name of an object (or other search parameters), return a
++        reference (object id) that can be used with modify_* functions or save_* functions
++        to manipulate that object.
++        """
++        found = self.api.get_item(what,name)
++        if found is None:
++            raise CX("internal error, unknown %s name %s" % (what,name))
++        return "%s::%s" % (what,found.name)
++
++    def get_distro_handle(self,name,token):
++        return self.get_item_handle("distro",name,token)
++    def get_profile_handle(self,name,token):
++        return self.get_item_handle("profile",name,token)
++    def get_system_handle(self,name,token):
++        return self.get_item_handle("system",name,token)
++    def get_repo_handle(self,name,token):
++        return self.get_item_handle("repo",name,token)
++    def get_image_handle(self,name,token):
++        return self.get_item_handle("image",name,token)
++    def get_mgmtclass_handle(self,name,token):
++        return self.get_item_handle("mgmtclass",name,token)
++    def get_package_handle(self,name,token):
++        return self.get_item_handle("package",name,token)
++    def get_file_handle(self,name,token):
++        return self.get_item_handle("file",name,token)
++
++    def remove_item(self,what,name,token,recursive=True):
++        """
++        Deletes an item from a collection.
++        Note that this requires the name of the distro, not an item handle.
++        """
++        self._log("remove_item (%s, recursive=%s)" % (what,recursive),name=name,token=token)
++        self.check_access(token, "remove_item", name)
++        return self.api.remove_item(what,name,delete=True,with_triggers=True,recursive=recursive)
++
++    def remove_distro(self,name,token,recursive=1):
++        return self.remove_item("distro",name,token,recursive)
++    def remove_profile(self,name,token,recursive=1):
++        return self.remove_item("profile",name,token,recursive)
++    def remove_system(self,name,token,recursive=1):
++        return self.remove_item("system",name,token,recursive)
++    def remove_repo(self,name,token,recursive=1):
++        return self.remove_item("repo",name,token,recursive)
++    def remove_image(self,name,token,recursive=1):
++        return self.remove_item("image",name,token,recursive)
++    def remove_mgmtclass(self,name,token,recursive=1):
++        return self.remove_item("mgmtclass",name,token,recursive)
++    def remove_package(self,name,token,recursive=1):
++        return self.remove_item("package",name,token,recursive)
++    def remove_file(self,name,token,recursive=1):
++        return self.remove_item("file",name,token,recursive)
++
++    def copy_item(self,what,object_id,newname,token=None):
++        """
++        Creates a new object that matches an existing object, as specified by an id.
++        """
++        self._log("copy_item(%s)" % what,object_id=object_id,token=token)
++        self.check_access(token,"copy_%s" % what)
++        obj = self.__get_object(object_id)
++        return self.api.copy_item(what,obj,newname)
++
++    def copy_distro(self,object_id,newname,token=None):
++        return self.copy_item("distro",object_id,newname,token)
++    def copy_profile(self,object_id,newname,token=None):
++        return self.copy_item("profile",object_id,newname,token)
++    def copy_system(self,object_id,newname,token=None):
++        return self.copy_item("system",object_id,newname,token)
++    def copy_repo(self,object_id,newname,token=None):
++        return self.copy_item("repo",object_id,newname,token)
++    def copy_image(self,object_id,newname,token=None):
++        return self.copy_item("image",object_id,newname,token)
++    def copy_mgmtclass(self,object_id,newname,token=None):
++        return self.copy_item("mgmtclass",object_id,newname,token)
++    def copy_package(self,object_id,newname,token=None):
++        return self.copy_item("package",object_id,newname,token)
++    def copy_file(self,object_id,newname,token=None):
++        return self.copy_item("file",object_id,newname,token)
++
++    def rename_item(self,what,object_id,newname,token=None):
++        """
++        Renames an object specified by object_id to a new name.
++        """
++        self._log("rename_item(%s)" % what,object_id=object_id,token=token)
++        obj = self.__get_object(object_id)
++        return self.api.rename_item(what,obj,newname)
++
++    def rename_distro(self,object_id,newname,token=None):
++        return self.rename_item("distro",object_id,newname,token)
++    def rename_profile(self,object_id,newname,token=None):
++        return self.rename_item("profile",object_id,newname,token)
++    def rename_system(self,object_id,newname,token=None):
++        return self.rename_item("system",object_id,newname,token)
++    def rename_repo(self,object_id,newname,token=None):
++        return self.rename_item("repo",object_id,newname,token)
++    def rename_image(self,object_id,newname,token=None):
++        return self.rename_item("image",object_id,newname,token)
++    def rename_mgmtclass(self,object_id,newname,token=None):
++        return self.rename_item("mgmtclass",object_id,newname,token)
++    def rename_package(self,object_id,newname,token=None):
++        return self.rename_item("package",object_id,newname,token)
++    def rename_file(self,object_id,newname,token=None):
++        return self.rename_item("file",object_id,newname,token)
++
++    def new_item(self,what,token,is_subobject=False):
++        """
++        Creates a new (unconfigured) object, returning an object
++        handle that can be used with modify_* methods and then finally
++        save_* methods.  The handle only exists in memory until saved.
++        "what" specifies the type of object:
++            distro, profile, system, repo, or image
++        """
++        self._log("new_item(%s)"%what,token=token)
++        self.check_access(token,"new_%s"%what)
++        if what == "distro":
++            d = item_distro.Distro(self.api._config,is_subobject=is_subobject)
++        elif what == "profile":
++            d = item_profile.Profile(self.api._config,is_subobject=is_subobject)
++        elif what == "system":
++            d = item_system.System(self.api._config,is_subobject=is_subobject)
++        elif what == "repo":
++            d = item_repo.Repo(self.api._config,is_subobject=is_subobject)
++        elif what == "image":
++            d = item_image.Image(self.api._config,is_subobject=is_subobject)
++        elif what == "mgmtclass":
++            d = item_mgmtclass.Mgmtclass(self.api._config,is_subobject=is_subobject)
++        elif what == "package":
++            d = item_package.Package(self.api._config,is_subobject=is_subobject)
++        elif what == "file":
++            d = item_file.File(self.api._config,is_subobject=is_subobject)
++        else:
++            raise CX("internal error, collection name is %s" % what)
++        key = "___NEW___%s::%s" % (what,self.__get_random(25))
++        self.object_cache[key] = (time.time(), d)
++        return key
++
++    def new_distro(self,token):
++        return self.new_item("distro",token)
++    def new_profile(self,token):
++        return self.new_item("profile",token)
++    def new_subprofile(self,token):
++        return self.new_item("profile",token,is_subobject=True)
++    def new_system(self,token):
++        return self.new_item("system",token)
++    def new_repo(self,token):
++        return self.new_item("repo",token)
++    def new_image(self,token):
++        return self.new_item("image",token)
++    def new_mgmtclass(self,token):
++        return self.new_item("mgmtclass",token)
++    def new_package(self,token):
++        return self.new_item("package",token)
++    def new_file(self,token):
++        return self.new_item("file",token)
++
++    def modify_item(self,what,object_id,attribute,arg,token):
++        """
++        Adjusts the value of a given field, specified by 'what' on a given object id.
++        Allows modification of certain attributes on newly created or
++        existing distro object handle.
++        """
++        self._log("modify_item(%s)" % what,object_id=object_id,attribute=attribute,token=token)

Ubuntucobbler package