> Steve, do you want us to take a look at your configs? > And can you provide a step-by-step example of what you have done?
Sure. I went through the http://fedoraproject.org/wiki/Koji/ServerHowTo document and follow the kerberos installation instructions. * I set up a DNS record as instructed (_kerberos._udp IN SRV 10 100 88 ...) * U added the principals into IPA but used: host/[email protected] not host/[email protected] (could this be an issue?) All krb principals added to IPA for koji: # ipa-addservice host/bpbuild001.co0.nar.beatportcorp.net # ipa-addservice HTTP/bpbuild001.co0.nar.beatportcorp.net # ipa-addservice koji/bpbuild001.co0.nar.beatportcorp.net # ipa-addservice compile/bpbuild001.co0.nar.beatportcorp.net * I set up psql - seems to be working properly. * I can get a normal krb ticket as myself on the koji server just fine * I inserted the users into psql as instructed on the howto * Some config files: /etc/koji-hub/hub.conf: [hub] DBName = koji DBUser = koji DBHost = bpbuild001.co0 KojiDir = /data/koji LoginCreatesUser = On KojiWebURL = http://bpbuild001.co0.nar.beatportcorp.net/koji NotifyOnSuccess = True AuthPrincipal host/bpbuild001.co0.nar.beatportcorp.net AuthKeytab /etc/koji.keytab ProxyPrincipals koji/bpbuild001.co0.nar.beatportcorp.net HostPrincipalFormat compile/bpbuild001.co0.nar.beatportcorp.net Anything else you need from me to help debug? - Steve Webb -- Steve Webb | System Administrator Beatport | Music for DJ's ------------------------------------------ 2399 Blake Street, Suite 170 Denver, Colorado USA 80205 tel: +1.720.932.9103 fax: +1.720.932.9104 noc: +1.303.565.2710 mobile: +1.303.564.4269 -- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
