Thanks, I got it! I had to make a new .pem with the proper information.
On Thu, Feb 26, 2009 at 11:06 AM, Thomas Hatch <[email protected]> wrote: > Does the CN component in the .pem need to be a fqdn? > > And the CN is koji (I thought it needed to be the auth user) > > Right now I am under the impression that the user in kojid.conf needs to be > a fqdn and that the CN in the .pem file needs to match, is this correct? > > # /usr/sbin/kojid --force-lock --verbose --fg > > 2009-02-26 11:01:51,706 [INFO] {4098} koji.build:66 Starting up > Traceback (most recent call last): > File "/usr/sbin/kojid", line 2730, in ? > main() > File "/usr/sbin/kojid", line 67, in main > tm = TaskManager() > File "/usr/sbin/kojid", line 530, in __init__ > self.host_id = session.host.getID() > File "/usr/lib/python2.4/site-packages/koji/__init__.py", line 1133, in > __call__ > return self.__func(self.__name,args,opts) > File "/usr/lib/python2.4/site-packages/koji/__init__.py", line 1378, in > _callMethod > raise err > koji.AuthError: No host specified > > > > > On Thu, Feb 26, 2009 at 10:59 AM, Mike Bonnet <[email protected]> wrote: > >> Thomas Hatch wrote: >> > I keep having problems with it telling me the system is locked until I >> run a >> > restart, but service kojid status keeps returning the same error >> > >> > service kojid status >> > kojid dead but subsys locked >> > >> > kojid also seems to be dying but the logs yield no real data >> > >> > I think I have a problem in my configs: >> >> What is the output of >> >> openssl x509 -noout -subject -in /etc/pki/koji/kojibuilder1.pem >> >> The CN component needs to match the hostname you added with "koji >> add-host", in your case koji.bcinfra.net. Also, that same certificate >> may not be used to authenticate any other services or users to the system. >> >> You can also run >> >> /usr/sbin/kojid --force-lock --verbose --fg >> >> as root to run kojid in the foreground and see what errors are reported. >> >> > kojid.conf: >> > >> > [kojid] >> > ; The number of seconds to sleep between tasks >> > ; sleeptime=15 >> > >> > ; The maximum number of jobs that kojid will handle at a time >> > ; maxjobs=10 >> > >> > ; The minimum amount of free space (in MBs) required for each build root >> > ; minspace=8192 >> > >> > ; The directory root where work data can be found from the koji hub >> > ; topdir=/mnt/koji >> > >> > ; The directory root for temporary storage >> > workdir=/tmp/koji >> > >> > ; The directory root for mock >> > mockdir=/var/lib/mock >> > >> > ; The user to run as when doing builds >> > mockuser=kojibuilder >> > >> > ; The vendor to use in rpm headers >> > ; vendor=Koji >> > >> > ; The packager to use in rpm headers >> > ; packager=Koji >> > >> > ; The _host string to use in mock >> > ; mockhost=koji-linux-gnu >> > >> > ; The URL for the xmlrpc server >> > server=http://sunlight.pp.bcinfra.net/kojihub >> > >> > user=koji.bcinfra.net >> > >> > ; The URL for the packages tree >> > pkgurl=http://sunlight.pp.bcinfra.net/pkg/packages >> > >> > ; A space-separated list of hostname:repository[:use_common] tuples that >> > kojid is authorized to checkout from (no quotes). >> > ; Wildcards (as supported by fnmatch) are allowed. >> > ; If use_common is specified and is one of "false", "no", or "0" >> (without >> > quotes), then kojid will not attempt to checkout >> > ; a common/ dir when checking out sources from the source control >> system. >> > Otherwise, it will attempt to checkout a common/ >> > ; dir, and will raise an exception if it cannot. >> > ;allowed_scms=scm.example.com:/cvs/example git.example.org:/example >> > svn.example.org:/users/*:no >> > >> > ; The mail host to use for sending email notifications >> > smtphost=sunlight.pp.bcinfra.net >> > >> > ; The From address used when sending email notifications >> > from_addr=Koji Build System <[email protected]> >> > >> > ;configuration for SSL athentication >> > >> > ;client certificate >> > cert = /etc/pki/koji/kojibuilder1.pem >> > >> > ;certificate of the CA that issued the client certificate >> > ca = /etc/pki/koji/koji_ca_cert.crt >> > >> > ;certificate of the CA that issued the HTTP server certificate >> > serverca = /etc/pki/koji/koji_ca_cert.crt >> > >> > >> > >> > >> > >> > >> > On Thu, Feb 26, 2009 at 10:32 AM, Jeffrey Ollie <[email protected]> >> wrote: >> > >> >> On Thu, Feb 26, 2009 at 11:29 AM, Thomas Hatch <[email protected]> >> wrote: >> >>> I run "koji list-hosts --channel=createrepo" and get: >> >>> >> >>> Hostname Enb Rdy Load/Cap Arches Last >> >> Update >> >>> koji.bcinfra.net Y N 0.0/8.0 i386,x86_64 - >> >>> >> >>> Seems it is enabled and in the channel, but not ready? >> >> Is kojid running? That's the service that does the actual building... >> >> >> >> -- >> >> Jeff Ollie >> >> Marcus to Franklin in Babylon 5: "A Late Delivery from Avalon" >> >> >> >> -- >> >> Fedora-buildsys-list mailing list >> >> [email protected] >> >> https://www.redhat.com/mailman/listinfo/fedora-buildsys-list >> >> >> > >> > >> > ------------------------------------------------------------------------ >> > >> > -- >> > Fedora-buildsys-list mailing list >> > [email protected] >> > https://www.redhat.com/mailman/listinfo/fedora-buildsys-list >> >> -- >> Fedora-buildsys-list mailing list >> [email protected] >> https://www.redhat.com/mailman/listinfo/fedora-buildsys-list >> > >
-- Fedora-buildsys-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
