I am currently working on deploying a small build system based on mock/koji
The system is very simple, just one server hosting the builds and koji (another buidl system may be added later, but that is not the issue at thje present time).
I am having some troubles deploying koji. The only document I have found is the ServerHowTo (http://fedoraproject.org/wiki/Koji/ServerHowTo).
I retrieved the koji, koji-hub, koji-web and koji-utils packages and installd them successfully on my server.
I configured koji to use SSL following the guidelines.
Not being a SSL expert, I think I did not do any error, but it was tricky since filenames change between the certificate creation section and the kojihub/kojweb/kojid configuration sections.
and I configured all 4 servers (kojihub, kojiweb, kojira, kojid) to be hosted on the same server, named murray.
However, when I try to use koji, I get the following error:
[koji@murray ~]$ koji add-user userTest
Kerberos authentication failed: 'No credentials cache found' (-1765328189)
I have modified the /etc/koji.conf (though it is not mentioned in the How To) as follows, to ensure it will use SSL:
[root@murray ~]# more /etc/koji.conf
;configuration for koji cli tool
;url of XMLRPC server
server = http://murray.mysite.hp.com/kojihub
;url of web interface
weburl = http://murray.mysite.hp.com/koji
;url of package download site
pkgurl = http://murray.mysite.hp.com/packages
;path to the koji top directory
topdir = /mnt/koji
;configuration for SSL athentication
cert = /etc/kojiweb/clients/certs/koji.cert
;certificate of the CA that issued the client certificate
ca = /etc/kojiweb/clients/koji_ca_cert.crt
;certificate of the CA that issued the HTTP server certificate
serverca = /etc/kojiweb/clients/koji_ca_cert.crt
koji_ca_cert.crt being the ca certificate I generated and koji.cert a certificate I generated for the koji user.
This is my first problem. Can anyone help me on this ?
My other problem is with the servers. I configured my apache and started it to have the kojihub and kojiweb started.
I then want to perform some add--user, add-host commands. But I get the message "unable to connect to server".
[root@murray ~]# koji --noauth add-host murray.mysite.hp.com i386 x86_64
Error: Unable to connect to server
With the following logs from httpd:
[Thu Nov 15 10:28:51 2007] [error] [client X.X.X.X] PythonHandler kojixmlrpc: Traceback (most recent call last):
[Thu Nov 15 10:28:51 2007] [error] [client X.X.X.X] PythonHandler kojixmlrpc: File "/usr/lib/python2.4/site-packages/mod_python/apache.py", line 299, in HandlerDispatch\n result = object(req)
[Thu Nov 15 10:28:51 2007] [error] [client X.X.X.X] PythonHandler kojixmlrpc: File "/usr/share/koji-hub/kojixmlrpc.py", line 278, in handler\n context.cnx = koji.db.connect(opts.get("KojiDebug",False))
[Thu Nov 15 10:28:51 2007] [error] [client X.X.X.X] PythonHandler kojixmlrpc: File "/usr/lib/python2.4/site-packages/koji/db.py", line 128, in connect\n conn = pgdb.connect(**opts)
[Thu Nov 15 10:28:51 2007] [error] [client X.X.X.X] PythonHandler kojixmlrpc: File "/usr/lib/python2.4/site-packages/pgdb.py", line 383, in connect\n dbtty, dbuser, dbpasswd)
[Thu Nov 15 10:28:51 2007] [error] [client X.X.X.X] PythonHandler kojixmlrpc: InternalError: could not connect to server: Connection refused\n\tIs the server running on host "murray.mysite.hp.com" and accepting\n\tTCP/IP connections on port 5432?\n
Do you know what it comes from ?
I can supply my other conf files, if needed. But I strictly followed the Howto nstructions for the configuration files.
PS: for security related reasons, I replaced the ipaddress with X.X.X.X and changed the hostname and fully qualified domain name with dummy ones ^^
I've written up a brief proposal about how "hidden" packages may be
supported in Koji. The objective of this is to enable building EPEL
packages in Koji. I wrote this up fairly quickly, and I'm sure I
haven't thought through all the issues, but I wanted to get the ball
rolling. Let me know if you have any questions/comments/ideas/issues
relating to this proposal.
All mock users,
The mock maintainers (Clark, Jesse, me) will upgrade mock in F7/F8 to current 0.9 on/around Feb 1.
The mock 0.9 branch has brewed in rawhide since early Dec, and so far it looks good. The 0.9 branch is now being used on the official build systems, so if there were any major problems, we would expect to have hit them by now.
The *only* difference between 0.8.<latest> and 0.9.<latest> at this point is that we have dropped the old mock setuid wrapper and now use the consolehelper subsystem. For this, you will notice new /etc/pam.d/mock, /etc/consolehelper/mock files which configure mock. The default config is set up to operate exactly the same as the old 0.8 branch: ie. you must be a member of the 'mock' group to run mock. Additionally, with consolehelper comes one new feature: if you are not in the 'mock' group, you will be prompted to enter the root password and it will run. This means you can run mock without worrying about any pre-setup.
On Wed, 2008-03-05 at 14:11 -0600, Allen Rohner wrote:
>> Running with the rawhide repository gives the exact same error.
>This is a very small package set, you need at least a kernel, the
>anaconda packages and a few other things. See the 'compose needs'
>section on the shipped kickstart file.
>Right now, pungi doesn't separate the "things we need to compose" from
>"things we want in the compose" so you need to add those things into the
Thanks for the help. I'm able to get farther now. It doesn't really
make sense to me why the list is the way it is. Is that truly the
minimal set of packages? Why do we need iscsi-initiator-utils and
vncserver to build a working ISO? This process would be significantly
easier if the (true) minimum set of packages was documented somewhere,
or even better, if pungi warned that you are missing packages X,Y,Z
necessary to get a working build. I would offer to make a patch, but I
don't know what the set is.
I'm trying to build an unattended F8 install CD using pungi. I'm on F8,
running the pungi rpm (pungi-1.1.10-1.fc8). I always get the following
Pungi.Gather:INFO: Finished downloading packages.
Pungi.Gather:WARNING: No group data found for rawhide-source
Pungi.Gather:INFO: Running /usr/bin/xsltproc --novalid -o
Pungi.Pungi:INFO: Running /usr/bin/createrepo --quiet --database --groupfile
Pungi.Pungi:INFO: Running /usr/bin/repoview --quiet --title Fedora 20080305
- i386 /root/20080305/i386/os
Pungi.Pungi:INFO: Running /usr/lib/anaconda-runtime/buildinstall --product
Fedora --version 20080305 --release Fedora 20080305 --prodpath Packages
--bugurl http://bugzilla.redhat.com /root/20080305/i386/os
Traceback (most recent call last):
File "/usr/bin/pungi", line 178, in <module>
File "/usr/bin/pungi", line 91, in main
File "/usr/lib/python2.5/site-packages/pypungi/pungi.py", line 299, in
discinfo = open(os.path.join(self.topdir, '.discinfo'), 'r').readlines()
IOError: [Errno 2] No such file or directory:
Some googling found the post where it was mentioned that i386 can't build
x86_64, but I'm on i386 trying to build for i386. My uname is:
[root@arohner-fc8-vm ~]# uname -a
Linux arohner-fc8-vm 220.127.116.11-42.fc8 #1 SMP Tue Oct 30 13:55:12 EDT 2007
i686 i686 i386 GNU/Linux
Running "setarch i386 pungi -c fc8-ks.cfg" did not help either.
My kickstart file is:
repo --name=fedora --mirrorlist=
repo --name=fedora-source --mirrorlist=
Running with the rawhide repository gives the exact same error.
Thanks for your help