Steve Traylen wrote:
On Fri, May 8, 2009 at 4:04 PM, Mike Bonnet <[email protected]> wrote:
Steve Traylen wrote:
On Fri, May 8, 2009 at 11:52 AM, Steve Traylen <[email protected]> wrote:
Hi,
I was reliably building on a tag before but now receive
ActionNotAllowed: policy violation
A little bit more.
ActionNotAllowed: policy violation -- all :: deny
What version of Koji are you running? I believe there was a bug in earlier
versions that caused a missing "policy" entry in /etc/koji-hub/hub.conf to
result in denials of everything. That should be fixed in 1.3.1.
Alternately you could add a policy entry to allow building from srpm into
the dist-centos4 tag:
[policy]
build_from_srpm =
tag dist-centos4 :: allow
has_perm admin :: allow
all :: deny
Hi Mike,
I'm running stock FC10.
koji-hub-1.3.1-1.fc10.noarch
koji-1.3.1-1.fc10.noarch
koji-web-1.3.1-1.fc10.noarch
koji-utils-1.3.1-1.fc10.noarch
koji-builder-1.3.1-1.fc10.noarch
I've not had had any [policy] in the hub.conf file up to now
and things have been okay, i.e I could build from cvs and svn
for instance which I did yesterday. It's just building from srpm that has
been blocked but I have not tried that in a while so that may have been the
before the recent upgrade.
Actually I was wrong, if no policy is present the default policy forbids
building from srpm by anyone but an admin (this is for consistency with
previous versions of Koji). But this is now overrideable with custom
policy, whereas it was hard-coded before.
Certainly making a very open policy
[policy]
build_from_srpm =
tag dist-centos4 :: allow
has_perm admin :: allow
all :: all
and then things proceed, I'll tune that now.
More generally now about policies. Do you have some description on these
and what can be set? If nothing exists if you can give me something brief then
I'll try and write something up for the wiki.
Unfortunately the policy stuff is not well-documented at the moment, but
we're working on fixing that. It is actually a very powerful mechanism
that allows you to control what types of source repositories you can
build from, setup elaborate building and tagging policy, etc. We'll get
some basic documentation onto the fedoraproject.org wiki soon, and any
help expanding on it at that point would be appreciated.
As it happens I'm giving a presentation in a weeks time to my colleagues
on mock, koji and mash and certainly any content (e.g diagrams) I produce I'll
write up in a generic way for inclusion in documentation.
That'd be great!
Thanks again
Steve
Steve
and can't seem shake it or understand why for a particular package
Is is possible
to get an explanation?
http://skoji.cern.ch/koji/taskinfo?taskID=2918
This is following a build as CN=straylen
koji build --nowait dist-centos4 ../SRPMS/mpich-1.2.7p1-2.el4.src.rpm
My permissions.
id | name | password | status | usertype | krb_principal
----+----------+----------+--------+----------+---------------
1 | straylen | | 0 | 0 |
and user_id=1 does not appear in user_perms . i.e I am
a boring user.
The package has been added.
koji list-pkgs --tag=dist-centos4 --package=mpich
Package Tag Extra Arches Owner
----------------------- ----------------------- ----------------
---------------
mpich dist-centos4 straylen
Thanks again for the help.
--
Fedora-buildsys-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
--
Fedora-buildsys-list mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/fedora-buildsys-list
