koji using krb - having problems
steve.webb at beatport.com
steve.webb at beatport.com
Fri Dec 17 17:02:50 UTC 2010
> Steve, do you want us to take a look at your configs?
> And can you provide a step-by-step example of what you have done?
Sure.
I went through the http://fedoraproject.org/wiki/Koji/ServerHowTo document
and follow the kerberos installation instructions.
* I set up a DNS record as instructed (_kerberos._udp IN SRV 10 100 88 ...)
* U added the principals into IPA but used:
host/kojihub at bpbuild001.co0.beatportcorp.net
not
host/kojihub at AUTH.BEATPORCORP.NET
(could this be an issue?)
All krb principals added to IPA for koji:
# ipa-addservice host/bpbuild001.co0.nar.beatportcorp.net
# ipa-addservice HTTP/bpbuild001.co0.nar.beatportcorp.net
# ipa-addservice koji/bpbuild001.co0.nar.beatportcorp.net
# ipa-addservice compile/bpbuild001.co0.nar.beatportcorp.net
* I set up psql - seems to be working properly.
* I can get a normal krb ticket as myself on the koji server just fine
* I inserted the users into psql as instructed on the howto
* Some config files:
/etc/koji-hub/hub.conf:
[hub]
DBName = koji
DBUser = koji
DBHost = bpbuild001.co0
KojiDir = /data/koji
LoginCreatesUser = On
KojiWebURL = http://bpbuild001.co0.nar.beatportcorp.net/koji
NotifyOnSuccess = True
AuthPrincipal host/bpbuild001.co0.nar.beatportcorp.net
AuthKeytab /etc/koji.keytab
ProxyPrincipals koji/bpbuild001.co0.nar.beatportcorp.net
HostPrincipalFormat compile/bpbuild001.co0.nar.beatportcorp.net
Anything else you need from me to help debug?
- Steve Webb
--
Steve Webb | System Administrator
Beatport | Music for DJ's
------------------------------------------
2399 Blake Street, Suite 170
Denver, Colorado USA 80205
tel: +1.720.932.9103
fax: +1.720.932.9104
noc: +1.303.565.2710
mobile: +1.303.564.4269
More information about the buildsys
mailing list