Ok, all changed, still no-go: [r...@bpbuild001 ~]# tail /etc/koji-hub/hub.conf ## If ServerOffline is True, the server will always report a ServerOffline fault (with ## OfflineMessage as the fault string). ## If LockOut is True, the server will report a ServerOffline fault for all non-admin ## requests.
AuthPrincipal = host/[email protected] AuthKeytab = /etc/krb5.keytab ProxyPrincipals = koji/[email protected] HostPrincipalFormat = compile/%[email protected] [r...@bpbuild001 ~]# klist -k /etc/krb5.keytab Keytab name: WRFILE:/etc/krb5.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 host/[email protected] 1 host/[email protected] 1 host/[email protected] 1 host/[email protected] [r...@bpbuild001 ~]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: [email protected] Valid starting Expires Service principal 12/17/10 15:36:29 12/18/10 03:30:18 krbtgt/[email protected] [r...@bpbuild001 ~]# su - koji [k...@bpbuild001 ~]$ psql psql (8.4.5) Type "help" for help. koji=> select * from users; id | name | password | status | usertype | krb_principal ----+-------+----------+--------+----------+---------------------------------------------------------------- 2 | swebb | | 0 | 0 | [email protected] 1 | koji | | 0 | 0 | koji/[email protected] (2 rows) koji=> \q [k...@bpbuild001 ~]$ logout [r...@bpbuild001 ~]# koji add-user kojira Kerberos authentication failed: Server not found in Kerberos database (-1765328377) Q: The error now says "Server not found" - should the principal in psql be host/... ?? - Steve -- Steve Webb | System Administrator Beatport | Music for DJ's ------------------------------------------ 2399 Blake Street, Suite 170 Denver, Colorado USA 80205 tel: +1.720.932.9103 fax: +1.720.932.9104 noc: +1.303.565.2710 mobile: +1.303.564.4269 -- buildsys mailing list [email protected] https://admin.fedoraproject.org/mailman/listinfo/buildsys
