kojira repo generation

Thomas Hatch thatch65 at gmail.com
Thu Feb 26 18:06:04 UTC 2009 

Does the CN component in the .pem need to be a fqdn?

And the CN is koji (I thought it needed to be the auth user)

Right now I am under the impression that the user in kojid.conf needs to be
a fqdn and that the CN in the .pem file needs to match, is this correct?

# /usr/sbin/kojid --force-lock --verbose --fg

2009-02-26 11:01:51,706 [INFO] {4098} koji.build:66 Starting up
Traceback (most recent call last):
  File "/usr/sbin/kojid", line 2730, in ?
    main()
  File "/usr/sbin/kojid", line 67, in main
    tm = TaskManager()
  File "/usr/sbin/kojid", line 530, in __init__
    self.host_id = session.host.getID()
  File "/usr/lib/python2.4/site-packages/koji/__init__.py", line 1133, in
__call__
    return self.__func(self.__name,args,opts)
  File "/usr/lib/python2.4/site-packages/koji/__init__.py", line 1378, in
_callMethod
    raise err
koji.AuthError: No host specified



On Thu, Feb 26, 2009 at 10:59 AM, Mike Bonnet <mikeb at redhat.com> wrote:

> Thomas Hatch wrote:
> > I keep having problems with it telling me the system is locked until I
> run a
> > restart, but service kojid status keeps returning the same error
> >
> > service kojid status
> > kojid dead but subsys locked
> >
> > kojid also seems to be dying but the logs yield no real data
> >
> > I think I have a problem in my configs:
>
> What is the output of
>
> openssl x509 -noout -subject -in /etc/pki/koji/kojibuilder1.pem
>
> The CN component needs to match the hostname you added with "koji
> add-host", in your case koji.bcinfra.net.  Also, that same certificate
> may not be used to authenticate any other services or users to the system.
>
> You can also run
>
> /usr/sbin/kojid --force-lock --verbose --fg
>
> as root to run kojid in the foreground and see what errors are reported.
>
> > kojid.conf:
> >
> > [kojid]
> > ; The number of seconds to sleep between tasks
> > ; sleeptime=15
> >
> > ; The maximum number of jobs that kojid will handle at a time
> > ; maxjobs=10
> >
> > ; The minimum amount of free space (in MBs) required for each build root
> > ; minspace=8192
> >
> > ; The directory root where work data can be found from the koji hub
> > ; topdir=/mnt/koji
> >
> > ; The directory root for temporary storage
> > workdir=/tmp/koji
> >
> > ; The directory root for mock
> > mockdir=/var/lib/mock
> >
> > ; The user to run as when doing builds
> > mockuser=kojibuilder
> >
> > ; The vendor to use in rpm headers
> > ; vendor=Koji
> >
> > ; The packager to use in rpm headers
> > ; packager=Koji
> >
> > ; The _host string to use in mock
> > ; mockhost=koji-linux-gnu
> >
> > ; The URL for the xmlrpc server
> > server=http://sunlight.pp.bcinfra.net/kojihub
> >
> > user=koji.bcinfra.net
> >
> > ; The URL for the packages tree
> > pkgurl=http://sunlight.pp.bcinfra.net/pkg/packages
> >
> > ; A space-separated list of hostname:repository[:use_common] tuples that
> > kojid is authorized to checkout from (no quotes).
> > ; Wildcards (as supported by fnmatch) are allowed.
> > ; If use_common is specified and is one of "false", "no", or "0" (without
> > quotes), then kojid will not attempt to checkout
> > ; a common/ dir when checking out sources from the source control system.
> > Otherwise, it will attempt to checkout a common/
> > ; dir, and will raise an exception if it cannot.
> > ;allowed_scms=scm.example.com:/cvs/example git.example.org:/example
> > svn.example.org:/users/*:no
> >
> > ; The mail host to use for sending email notifications
> > smtphost=sunlight.pp.bcinfra.net
> >
> > ; The From address used when sending email notifications
> > from_addr=Koji Build System <koji at koji.bcinfra.net>
> >
> > ;configuration for SSL athentication
> >
> > ;client certificate
> > cert = /etc/pki/koji/kojibuilder1.pem
> >
> > ;certificate of the CA that issued the client certificate
> > ca = /etc/pki/koji/koji_ca_cert.crt
> >
> > ;certificate of the CA that issued the HTTP server certificate
> > serverca = /etc/pki/koji/koji_ca_cert.crt
> >
> >
> >
> >
> >
> >
> > On Thu, Feb 26, 2009 at 10:32 AM, Jeffrey Ollie <jeff at ocjtech.us> wrote:
> >
> >> On Thu, Feb 26, 2009 at 11:29 AM, Thomas Hatch <thatch65 at gmail.com>
> wrote:
> >>> I run "koji list-hosts --channel=createrepo" and get:
> >>>
> >>> Hostname                     Enb Rdy Load/Cap Arches           Last
> >> Update
> >>> koji.bcinfra.net             Y   N    0.0/8.0 i386,x86_64      -
> >>>
> >>> Seems it is enabled and in the channel, but not ready?
> >> Is kojid running?  That's the service that does the actual building...
> >>
> >> --
> >> Jeff Ollie
> >> Marcus to Franklin in Babylon 5: "A Late Delivery from Avalon"
> >>
> >> --
> >> Fedora-buildsys-list mailing list
> >> Fedora-buildsys-list at redhat.com
> >> https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
> >>
> >
> >
> > ------------------------------------------------------------------------
> >
> > --
> > Fedora-buildsys-list mailing list
> > Fedora-buildsys-list at redhat.com
> > https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
>
> --
> Fedora-buildsys-list mailing list
> Fedora-buildsys-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-buildsys-list/attachments/20090226/043f3c0d/attachment.htm>

More information about the Fedora-buildsys-list mailing list