I tested fedpkg-stage in a Fedora 25 docker container, and only initialized my credential.
[root@b286074d97b0 fedpkg]# fedpkg-stage new-sources fedpkg-1.25.tar.bz2 Could not execute new_sources: <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html><head> <title>401 Unauthorized</title> </head><body> <h1>Unauthorized</h1> <p>This server could not verify that you are authorized to access the document requested. Either you supplied the wrong credentials (e.g., bad password), or your browser doesn't understand how to supply the credentials required.</p> </body></html> [root@b286074d97b0 fedpkg]# kinit cqi@FEDORAPROJECT.ORG Password for cqi@FEDORAPROJECT.ORG: [root@b286074d97b0 fedpkg]# klist -l Principal name Cache name -------------- ---------- cqi@FEDORAPROJECT.ORG FILE:/tmp/krb5cc_0 [root@b286074d97b0 fedpkg]# klist Ticket cache: FILE:/tmp/krb5cc_0 Default principal: cqi@FEDORAPROJECT.ORG Valid starting Expires Service principal 12/12/16 01:34:38 12/13/16 01:34:32 krbtgt/FEDORAPROJECT.ORG@FEDORAPROJECT.ORG renew until 12/19/16 01:34:32
For stg you want to kinit cqi@STG.FEDORAPROJECT.ORG
if you do that does it work?
Ah, I should use this realm. Now, I get
[root@b286074d97b0 fedpkg]# kinit cqi@STG.FEDORAPROJECT.ORG kinit: Client 'cqi@STG.FEDORAPROJECT.ORG' not found in Kerberos database while getting initial credentials
For that, you need to login to staging fas so it syncs you to ipa.
Go to https://admin.stg.fedoraproject.org/accounts and login, then wait a minute and try kinit again.
Hi @kevin
It's been a while. Still doesn't work. I'm using the configuration in my /etc/krb5.conf.
/etc/krb5.conf
https://pagure.io/fedora-packager/blob/master/f/krb-configs/stg_fedoraproject_org
Hope this could be helpful
[root@b286074d97b0 fedpkg]# KRB5_TRACE=/dev/stdout kinit cqi@STG.FEDORAPROJECT.ORG [16070] 1481510956.532808: Getting initial credentials for cqi@STG.FEDORAPROJECT.ORG [16070] 1481510956.532928: Sending request (202 bytes) to STG.FEDORAPROJECT.ORG [16070] 1481510956.533092: Resolving hostname id.stg.fedoraproject.org [16070] 1481510957.94316: TLS certificate name matched "id.stg.fedoraproject.org" [16070] 1481510957.378332: Sending HTTPS request to https 209.132.181.5:443 [16070] 1481510957.690963: Received answer (198 bytes) from https 209.132.181.5:443 [16070] 1481510957.690982: Terminating TCP connection to https 209.132.181.5:443 [16070] 1481510957.692242: Response was not from master KDC [16070] 1481510957.692282: Received error from KDC: -1765328378/Client not found in Kerberos database [16070] 1481510957.692318: Retrying AS request with master KDC [16070] 1481510957.692325: Getting initial credentials for cqi@STG.FEDORAPROJECT.ORG [16070] 1481510957.692382: Sending request (202 bytes) to STG.FEDORAPROJECT.ORG (master) kinit: Client 'cqi@STG.FEDORAPROJECT.ORG' not found in Kerberos database while getting initial credentials
Please log in to https://admin.stg.fedoraproject.org/accounts/ once more.
@puiterwijk
It works now. However, 500 happens.
[root@b286074d97b0 fedpkg]# fedpkg-stage -d -v new-sources fedpkg-1.25.tar.bz2 Creating repo object from /root/fedpkg Uploading: fedpkg-1.25.tar.bz2 ######################################################################## 100.0% Status: 500 Internal Server Error Content-type: text/plain [Errno 30] Read-only file system: '/srv/cache/lookaside/pkgs/fedpkg/tmpC06bkH07ed753f5af7138549d7dfb620451dac3265ccb1089c1a7455825b1298f2a3c84327ed17e18b621006d8078188fb508857ea2cef31b18f68143ac4a2d44a488d' Source upload succeeded. Don't forget to commit the sources file
Right, that's a quirk of the staging environment at this moment, since it's being used by the modularity people. However, the fact that you got that, means that the upload itself would have succeeded. So it depends on what you want to test, but it might be that it already worked.
Yeah, we would need to talk to the modularity folks about switching that if needed.
:crocodile:
@kevin changed the status to Closed
Closed
Login to comment on this ticket.