Supporting EPEL Builds in Koji
by Mike Bonnet
Hi. I've written up a proposal for a way to support EPEL builds in
Koji. It's not the only way we could do this, but I think it's doable
with a reasonable amount of effort, and has the side-effect of greatly
simplifying the Koji setup process for a lot of people (by removing the
need to bootstrap/import an entire distro of packages into your private
Koji instance). You can view the proposal here:
http://fedoraproject.org/wiki/Koji/EPELSupport
It's fairly detailed regarding the data model changes necessary, so if
you're not familiar with the Koji codebase you can skip those parts.
Questions and comments welcome.
Thanks,
Mike
14 years, 11 months
Yum Static Repos
by Brian Schubert
Hello,
Is kojira capable of creating static repos such as those at
http://koji.fedoraproject.org/static-repos/ or is this achieved through
some other means? Either way, would anyone be able to instruct me as to
how it's done?
Thanks,
Brian Schubert
Open System Solutions
Rutgers University
15 years, 1 month
Koji probes
by Doug Ledford
I've been seeing stuff like this in my web server logs:
A total of 3 sites probed the server
66.249.71.77
66.249.71.78
66.249.71.79
A total of 6 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/koji/fileinfo?rpmID=866&filename=/usr/kerberos/bin/kpasswd HTTP Response 200
/koji/fileinfo?rpmID=1356&filename=/usr/bin/ldappasswd HTTP Response 200
/koji/fileinfo?rpmID=1954&filename=/usr/bin/vncpasswd HTTP Response 200
/koji/fileinfo?rpmID=3570&filename=/usr/bin/vncpasswd HTTP Response 200
/koji/fileinfo?rpmID=3107&filename=/usr/bin/ldappasswd HTTP Response 200
/koji/fileinfo?rpmID=2686&filename=/usr/kerberos/bin/kpasswd HTTP Response 200
So, I guess it's nice to know that koji is important enough that people
are writing probes to try and ferret out information, but on the other
hand, people are writing probes for it to try and ferret out
information...
--
Doug Ledford <dledford(a)redhat.com>
GPG KeyID: CFBFF194
http://people.redhat.com/dledford
Infiniband specific RPMs available at
http://people.redhat.com/dledford/Infiniband
15 years, 1 month
automated signing of rpms in koji
by Paul B Schroeder
Hello..
Looking for a bit of help.. I'm not quite sure how to do the above and
don't see any real doco on doing so either. Basically, how do I get my
packages to be signed with each build with my GPG key in koji?
I see "import-sig" and "write-signed-rpm", but am not 100% certain how
they work. And am not sure that they provide a way for my rpm builds to
be signed automatically.
Thanks in advance for any help..
Cheers...Paul...
--
---
Paul B Schroeder <paul.schroeder "at" bluecoat "dot" com>
Blue Coat Systems, Inc.
15 years, 1 month
[PATCH] new pungi command line options
by Paul B Schroeder
In my kickstart config, the %include files are all generated in %pre and don't exist at compose time, thus "--ignore-missing-includes". And I have no repo lines defined in my ks.cfg either, so the --repo-* options allow you to specify or add repo info from the command line.
--repo-baseurl=REPO BASEURL
repository name and base URL to use
--repo-mirrorlist=REPO MIRRORLIST
repository name and mirrorlist URL to use
--ignore-missing-includes
ignore missing %include files in the kickstart config
So you can do something like this:
pungi --name=fedora --ver=10 --flavor=beta --nodebuginfo --nosplitmedia --nosource -c ks.cfg --ignore-missing-includes --repo-mirrorlist=rawhide "http://mirrors.fedoraproject.org/mirrorlist?repo=rawhide&arch=x86_64"
Cheers...Paul...
diff --git a/src/bin/pungi.py b/src/bin/pungi.py
index fbec6fd..703fc0a 100755
--- a/src/bin/pungi.py
+++ b/src/bin/pungi.py
@@ -43,7 +43,7 @@ def main():
pass
# Set up the kickstart parser and pass in the kickstart file we were handed
- ksparser = pykickstart.parser.KickstartParser(pykickstart.version.makeVersion())
+ ksparser = pykickstart.parser.KickstartParser(pykickstart.version.makeVersion(), missingIncludeIsFatal=opts.ignore_missing_includes)
ksparser.readKickstart(opts.config)
if opts.sourceisos:
@@ -78,6 +78,15 @@ def main():
if opts.nodebuginfo:
config.set('default', 'debuginfo', "False")
+ if opts.repo_baseurl:
+ for repo in opts.repo_baseurl:
+ rd = ksparser.handler.RepoData(name=repo[0], baseurl=repo[1])
+ ksparser.handler.repo.add(rd)
+ if opts.repo_mirrorlist:
+ for repo in opts.repo_mirrorlist:
+ rd = ksparser.handler.RepoData(name=repo[0], mirrorlist=repo[1])
+ ksparser.handler.repo.add(rd)
+
# Actually do work.
mypungi = pypungi.Pungi(config, ksparser)
@@ -166,6 +175,12 @@ if __name__ == '__main__':
parser.add_option("-c", "--config", dest="config",
help='Path to kickstart config file')
+ parser.add_option("--repo-baseurl", action="append", dest="repo_baseurl", type="string", nargs=2,
+ metavar="REPO BASEURL", help='repository name and base URL to use')
+ parser.add_option("--repo-mirrorlist", action="append", dest="repo_mirrorlist", type="string", nargs=2,
+ metavar="REPO MIRRORLIST", help='repository name and mirrorlist URL to use')
+ parser.add_option("--ignore-missing-includes", action="store_false", default=True, dest="ignore_missing_includes",
+ help="ignore missing %include files in the kickstart config")
parser.add_option("--all-stages", action="store_true", default=True, dest="do_all",
help="Enable ALL stages")
parser.add_option("-G", action="store_true", default=False, dest="do_gather",
15 years, 1 month
[PATCH] pungi handling of sparc
by Dennis Gilmore
the attached patch makes the calls to anaconda include all sparc 32 bit arches
when building a sparc tree.
Without change the treearch to sparcv9v we would get the small handful of
sparc packages and noarch. all the sparcv9 and sparcv9v woule be excluded.
this patch is against master. there is one for F-9 in fedora cvs
Dennis
15 years, 1 month
Tying yum to a package "stream"?
by Martin Langhoff
OLPC's XS ships a number of patched packages. The packages are
normally built with a different "stream" or "flavour" (they don't say
"f9" but "xs05") and sit in a special repository.
Is there a good way to ensure revisor/yum prefers the packages from
the xs stream or repo over the standard F9 release or update packages,
even if the f9 package is newer?
(In the APT/Debian world the closest parallel would be setting apt
preferences to have biased priorities -- aka Pin -- on a label or a
component.)
cheers,
m
--
martin.langhoff(a)gmail.com
martin(a)laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
15 years, 2 months
Revisor / yum odd error with f9 updates.newkey repo: Missing Dependency: glibc-common = 2.8-3 is needed by package glibc-2.8-3.i386
by Martin Langhoff
Right now, revisor can build a pristine F9 installer CD but cannot
build a F9 + updates installer CD.
The problem appears by merely enabling the additional repo in the
stock F9 config files that ship with Revisor. It has also been
reported elsewhere: https://fedorahosted.org/genome/ticket/28
The error is
Missing Dependency: glibc-common = 2.8-3 is needed by package
glibc-2.8-3.i386
even though the updates.newkey repo clearly has the full set of
glibc-* packages at 2.8-8
The OLPC XS installer CD will be installed in many servers that are
disconnected or have a horrible internet connection. Additionally, we
*need* some of the updates from the updates.newkey repo. So I really
need this to work. It looks like a bug to me, but I'm unsure if it's
in revisor, anaconda, yum...
Is there any workaround I can use?
cheers,
m
--
martin.langhoff(a)gmail.com
martin(a)laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
15 years, 2 months
revisor - strange regression with comps-cleanup misplaced...
by Martin Langhoff
After 2 weeks of not building the XS build, I built it again today. It
didn't want to build. Running with --debug 10 the output ends with...
Running command: /usr/bin/xsltproc --novalid -o
/var/tmp/revisor-pungi/0.5/xs-f9-i386/comps.xml
/usr/share/revisor/comps/comps-cleanup.xsl
/var/tmp/revisor-pungi/0.5/xs-f9-i386/comps.xml
Extra information: /var/tmp/revisor-rundir False None
Got an error from /usr/bin/xsltproc (return code 4)
xsltproc's manpage says that 4 means trouble parsing the stylesheet. I
tried to look at/usr/share/revisor/comps/comps-cleanup.xsl and it
wasn't there. It was a directory higher.
this fixed the problem:
sudo ln -s /usr/share/revisor/comps-cleanup.xsl
/usr/share/revisor/comps/comps-cleanup.xsl
versions:
$ rpm -qa revisor*
revisor-gui-2.1.1-7.fc9.noarch
revisor-comps-2.1.1-7.fc9.noarch
revisor-cli-2.1.1-7.fc9.noarch
revisor-2.1.1-7.fc9.noarch
cheers,
m
--
martin.langhoff(a)gmail.com
martin(a)laptop.org -- School Server Architect
- ask interesting questions
- don't get distracted with shiny stuff - working code first
- http://wiki.laptop.org/go/User:Martinlanghoff
15 years, 2 months
