ProxyDNs
Jamie Couture
jamie.couture at gmail.com
Thu Feb 3 18:53:56 UTC 2011
Hi there,
I've recently been setting up a koji environment. I've been relying heavily
on the docs http://fedoraproject.org/wiki/Koji/ServerHowTo. The docs have
been a great help.
However, I ran into a small issue when modifying the ProxyDNs option in
/etc/koji-hub/hub.conf
DNUsernameComponent = CN
ProxyDNs = "/C=US/ST=Massachusetts/O=Example Org/OU=Example
User/CN=example/emailAddress=example at example.com"
I had problems with the server responding with: "(user) is not authorized to
login other users". I did change the value to my cert's settings.
Turns out that if I removed the quotes then everything is happy.
I'm not sure if it is intended to allow a quoted string for this option or
not, considering the current behaviour is to split multiple ProxyDNs' via |
Attached is a patch that will help avoid users seeing the above message when
authenticating with SSL. Of course, removing the quotes from your config
will correct the issue; the patch merely tries to avoid the problem by
removing quotes from the string when the client_dn is sought in the *if
<string> in <list>* statement.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.fedoraproject.org/pipermail/buildsys/attachments/20110203/db5fe301/attachment.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: ssl-login-strip.patch
Type: text/x-patch
Size: 583 bytes
Desc: not available
Url : http://lists.fedoraproject.org/pipermail/buildsys/attachments/20110203/db5fe301/attachment.bin
More information about the buildsys
mailing list