Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 98617 - loader doesn't send useful headers ie User-Agnet
Summary: loader doesn't send useful headers ie User-Agnet
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: anaconda
Version: 9
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Peter Jones
QA Contact:
URL:
Whiteboard:
: 183650 (view as bug list)
Depends On:
Blocks: FC6Target
TreeView+ depends on / blocked
 
Reported: 2003-07-05 03:03 UTC by Jack Neely
Modified: 2007-04-18 16:55 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Enhancement
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-06-02 15:21:55 UTC


Attachments (Terms of Use)

Description Jack Neely 2003-07-05 03:03:19 UTC
Description of problem:
The loader, when requesting a kickstart via HTTP does not send any usefull
information to the server.  Can we at least get a User-Agent header?

ftp.c line 453 from 9.0.93-0.20030703104410

Version-Release number of selected component (if applicable):
anaconda-9.0-4
anaconda-9.0.93-0.20030703104410

Steps to Reproduce:
1. Set up an apache something to store headers sent by a client
and/or tail -f the access.log
2. Boot a machine and instruct it to get a kickstart from your server
3. Notice the lack of any headers.

Comment 1 Michael Fulbright 2003-07-09 18:39:40 UTC
It isnt clear to me what one would need these headers for - do you have an example?

Comment 2 Jack Neely 2003-07-09 19:19:41 UTC
Basically, I need to be able to tell the difference between a real request for a
kickstart (from anaconda) vs. somebody poked a web browser at the kickstart server.

I'm using some mod_python + config files from administrators to kickstart
machines.  Due to security concerns I need to have a fairly good idea that the
HTTP request is from anaconda.  (Although I know that headers can be faked.) 
Ideally, this is used to trigger a time window so that in the %post the machine
can retreave a secret encryption key.  This is to prevent some one from poking
the server with a web browser from a "trusted" machine and figuring out how to
get the key themselves (because the poking would not trigger the time window).



Comment 3 Michael Fulbright 2003-07-11 15:52:59 UTC
I would recommend you instead have the machines boot with a small ks.cfg from CD
or floppy, and in that ks.cfg in the %pre you use something like wget or
python's urllib2 to pull the rest of the ks.cfg via an authenticated method, and
use the %include ks directive.

However I'll look into adding a user agent like

anaconda <productname> <version>

as well.



Comment 4 Need Real Name 2004-11-16 09:21:33 UTC
Does Anaconda support basic authentication? I'd think that specifiying
name/pw from the boot menu would achieve the stated aim.

Comment 6 Chris Lumens 2006-03-02 15:26:25 UTC
*** Bug 183650 has been marked as a duplicate of this bug. ***


Note You need to log in before you can comment on or make changes to this bug.