Learn more about these different git repos.
Other Git URLs
When the krb_rdns option is on, Koji attempts to canonicalize the hostname. It does so by calling socket.getfqdn, which isn't quite correct and can cause problems in some environments.
socket.getfqdn
What Koji should have been doing was using dns to resolve the hostname in case it is a cname. To avoid breaking compatibility, we should probably make this governed by a new option.
Partial work here: https://github.com/mikem23/koji-playground/commits/krb-resolve-cname
Potentially related: #202 #534
Metadata Update from @mikem: - Issue set to the milestone: 1.15
python-dns is provided for some time for all relevant distributions. Doesn't it make sense to require it (and drop those checks)?
I'm hesitant to add a hard requirement on a library that we only need for one auth method that not everyone uses.
Also, python-dns is not part of base RHEL6. If I'm not mistaken, you should currently be able to get the client to at least run on a stock rhel6 box.
I can confirm the use of socket.getfqdn does cause problems using systemd-networkd with the default setting of LLMNR which is LLMNR=true as often it doesn't return a fully-qualified hostname, causing kojid startup failures when using Kerberos.
LLMNR
LLMNR=true
Until that is resolved, I use the following on my builders which use systemd-networkd
# LLMNR (on by default affects kojid (python socket.getfqdn()) LLMNR=no
PR #653
Commit fdc1cff fixes this issue
Login to comment on this ticket.