On Thu, 22 Dec 2016 14:52:45 +
Dave Love wrote:
> Kevin Fenzi writes:
>
> > In this case you should simply be able to kinit on the RHEL node you
> > wish to push changes/builds from?
>
> That would be a good start in case epel-testing's fedora-packager was
> installable, but I can't.
>
Kevin Fenzi writes:
>> Some people use "Enterprise Linux" (ugh) server systems in
>> "enterprises" which have Kerberized services -- like networked home
>> filestores, where the old certificate is. (I did copy the
>> credentials with Firefox sync.) OK, Red Hat people think we shouldn't
>> work t
Kevin Fenzi writes:
> If you are using the default kerberos cache (the linux kernel keyring),
For what it's worth, not on RHEL6, and some of the (unsatisfactory)
methods for dealing with Kerberos in batch systems currently rely on the
traditional ccache, whether or not they could copy credential
On Mon, Jan 2, 2017 at 11:27 PM, Orion Poplawski wrote:
> On 12/11/2016 05:34 PM, Dennis Gilmore wrote:
>> * koji and the source lookaside were changed to use kerberos
>> authentication
>> instead of ssl certificates. All maintainers will need to:
>>
>> kinit your-fas-accountn...@fedoraaproject.or
On 12/11/2016 05:34 PM, Dennis Gilmore wrote:
> * koji and the source lookaside were changed to use kerberos
> authentication
> instead of ssl certificates. All maintainers will need to:
>
> kinit your-fas-accountn...@fedoraaproject.org
>
> to get a valid kerberos TGT and be able to authenticate
On Tue, 27 Dec 2016 19:13:39 -0600
Michael Catanzaro wrote:
> Hi,
>
> I tried again today, but still having problems. When I try from the
> command line:
>
> $ kinit catanz...@fedoraproject.org
> Password for catanz...@fedoraproject.org:
> kinit: Password incorrect while getting initial creden
Il 28/12/2016 02:13, Michael Catanzaro ha scritto:
Hi,
I tried again today, but still having problems. When I try from the
command line:
$ kinit catanz...@fedoraproject.org
Password for catanz...@fedoraproject.org:
kinit: Password incorrect while getting initial credentials
But I know my pass
On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> koji and the source lookaside were changed to use kerberos
> authentication
> instead of ssl certificates. All maintainers will need to:
>
> kinit your-fas-accountn...@fedoraaproject.org
>
> to get a valid kerberos TGT and be able to auth
On December 15, 2016 8:06:00 PM PST, Steve Grubb wrote:
>On Sunday, December 11, 2016 6:34:38 PM EST Dennis Gilmore wrote:
>> Greetings.
>>
>> As previously announced, releng has made a number of changes as part
>of
>> it's 2016 "flag day".
>>
>> All package maintainers will want to make sure
On Sunday, December 11, 2016 6:34:38 PM EST Dennis Gilmore wrote:
> Greetings.
>
> As previously announced, releng has made a number of changes as part of
> it's 2016 "flag day".
>
> All package maintainers will want to make sure they have updated to
> the following package versions (some may b
On Wed, 2016-12-14 at 09:43 -0700, Kevin Fenzi wrote:
>
> I think we got this sorted out on IRC.
Indeed we did. It required newer versions of the packages that had been
listed, which presumably will be in stable updates some time soon.
> David: if you still see a problem, please let us know.
Il 12/12/2016 05:20, Chenxiong Qi ha scritto:
hi
i get:
aesh]$ fedpkg build
/usr/lib/python2.7/site-packages/pyrpkg/__init__.py:314:
DeprecationWarning: BaseException.message has been deprecated as of
Python 2.6
for (_, _, ssl_reason) in error.message:
You might want to run fedora-packager-setu
On 12/14/2016 11:40 AM, Kevin Fenzi wrote:
> On Wed, 14 Dec 2016 09:21:37 -0500
> Stephen Gallagher wrote:
>
>> On 12/14/2016 09:19 AM, Dave Love wrote:
>>> Kevin Fenzi writes:
>>>
On Tue, 13 Dec 2016 14:36:06 +
Dave Love wrote:
> Simo Sorce writes:
>
>> I
On Wed, 2016-12-14 at 09:48 -0800, Adam Williamson wrote:
> On Tue, 2016-12-13 at 12:19 +0200, Alexander Bokovoy wrote:
> > However, default Fedora 25 configuration[1] does not set the default ccache
> > name to a collection, only FreeIPA client installer does this.
>
> Could we change that?
Neve
On Tue, 2016-12-13 at 18:52 +, Tom Hughes wrote:
> On 13/12/16 18:19, Simo Sorce wrote:
> > On Tue, 2016-12-13 at 14:36 +, Dave Love wrote:
> > > Simo Sorce writes:
> > >
> > > > If you really need to automate it because typing a password is too hard:
> > > > cat ~/.mykrbpassword | kinit
On Tue, 2016-12-13 at 12:19 +0200, Alexander Bokovoy wrote:
> However, default Fedora 25 configuration[1] does not set the default ccache
> name to a collection, only FreeIPA client installer does this.
Could we change that?
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: Adam
On Tue, 2016-12-13 at 13:23 +0100, Dan Horák wrote:
> > krb5-auth-dialog directly uses krb5 API, not GSSAPI, so your only
> > choice with it is to use 'kswitch' utility to explicitly switch
> > credential cache prior to use of the krb5-auth-dialog.
>
> thanks for the explanation
This looks a lot
On Tue, 13 Dec 2016 21:40:20 +
David Woodhouse wrote:
> On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> > All package maintainers will want to make sure they have updated to
> > the
> > following package versions (some may be in testing as of this
> > email):
> >
> > python-
On Wed, 14 Dec 2016 14:25:07 +
Dave Love wrote:
> Simo Sorce writes:
>
> > But I am not sure why you would need to forward your user
> > credentials to servers normally. Did you copy your certs everywhere
> > before ? I would think the normal case is that people have 1
> > development machi
On Wed, 14 Dec 2016 13:21:50 +0200
Alexander Bokovoy wrote:
> I cannot tell of how Fedora Infrastructure would use features
> available in FreeIPA, but at least on FreeIPA level we have support
> for multi-factor authentication on Kerberos level.
>
> The use of it is a bit less convenient right
On Wed, 14 Dec 2016 09:21:37 -0500
Stephen Gallagher wrote:
> On 12/14/2016 09:19 AM, Dave Love wrote:
> > Kevin Fenzi writes:
> >
> >> On Tue, 13 Dec 2016 14:36:06 +
> >> Dave Love wrote:
> >>
> >>> Simo Sorce writes:
> >>>
> If you really need to automate it because typing a
- Original Message -
> From: "Randy Barlow"
> To: devel@lists.fedoraproject.org
> Sent: Wednesday, December 14, 2016 5:45:29 AM
> Subject: Re: Packagers - Flag day 2016 Important changes
>
> On Mon, 2016-12-12 at 14:33 -0700, Kevin Fenzi wrote:
> > Firs
Dne 13.12.2016 v 22:40 David Woodhouse napsal(a):
> On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
>> All package maintainers will want to make sure they have updated to
>> the
>> following package versions (some may be in testing as of this email):
>>
>> python-cccolutils-1.4-1
>
Simo Sorce writes:
> The krb5.conf is interchangeable if you use a subset of directives
> common to both, this directive is not common to both, therefore it is
> incompatible with Heimdal.
Obviously; sorry I pointed it out.
> Samba has been ported to MIT Kerberos for Fedora uses, and the abilit
Simo Sorce writes:
> But I am not sure why you would need to forward your user credentials to
> servers normally. Did you copy your certs everywhere before ? I would
> think the normal case is that people have 1 development machine where
> they handle packaging.
Some people use "Enterprise Linux
On 12/14/2016 09:19 AM, Dave Love wrote:
> Kevin Fenzi writes:
>
>> On Tue, 13 Dec 2016 14:36:06 +
>> Dave Love wrote:
>>
>>> Simo Sorce writes:
>>>
If you really need to automate it because typing a password is too
hard: cat ~/.mykrbpassword | kinit myusername
>>>
>>> It needs
Kevin Fenzi writes:
> On Tue, 13 Dec 2016 14:36:06 +
> Dave Love wrote:
>
>> Simo Sorce writes:
>>
>> > If you really need to automate it because typing a password is too
>> > hard: cat ~/.mykrbpassword | kinit myusername
>>
>> It needs to be automated principally because the password i
On ke, 14 joulu 2016, Petr Mensik wrote:
That sounds like way to use (sort of) certificates again. With updated
realmd package I can now save fedora account password into Gnome
keyring. But...
I thought about it yesterday, but did not dare to ask. Are not password
less strong kind of authenticat
- Original Message -
From: "Petr Spacek"
To: devel@lists.fedoraproject.org
Sent: Wednesday, December 14, 2016 8:34:17 AM
Subject: Re: Packagers - Flag day 2016 Important changes
On 13.12.2016 22:57, Tom Hughes wrote:
> On 13/12/16 21:32, Simo Sorce wrote:
>> On Tue, 2016-12-13
On ke, 14 joulu 2016, Petr Spacek wrote:
On 13.12.2016 22:57, Tom Hughes wrote:
On 13/12/16 21:32, Simo Sorce wrote:
On Tue, 2016-12-13 at 18:52 +, Tom Hughes wrote:
The main goal of long random passwords after all is about a combination
of making them hard to brute force and ensuring tha
On ti, 13 joulu 2016, David Woodhouse wrote:
On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
All package maintainers will want to make sure they have updated to
the
following package versions (some may be in testing as of this email):
python-cccolutils-1.4-1
fedpkg-1.26-2
On 13.12.2016 22:57, Tom Hughes wrote:
> On 13/12/16 21:32, Simo Sorce wrote:
>> On Tue, 2016-12-13 at 18:52 +, Tom Hughes wrote:
>>
>>> The main goal of long random passwords after all is about a combination
>>> of making them hard to brute force and ensuring that every service has a
>>> uniqu
On 12/13/2016 07:19 PM, Simo Sorce wrote:
On Tue, 2016-12-13 at 14:36 +, Dave Love wrote:
Simo Sorce writes:
If you really need to automate it because typing a password is too hard:
cat ~/.mykrbpassword | kinit myusername
It needs to be automated principally because the password is not
On Mon, 2016-12-12 at 14:33 -0700, Kevin Fenzi wrote:
> First, I'll note you don't need to get a new ticket every day, you
> can
> just renew with 'kinit -R'. I am not sure what env kinit needs, but
> you
> may even be able to do this from a cron job. That will work for 1
> week.
You can even use
On 13/12/16 21:32, Simo Sorce wrote:
On Tue, 2016-12-13 at 18:52 +, Tom Hughes wrote:
The main goal of long random passwords after all is about a combination
of making them hard to brute force and ensuring that every service has a
unique password to guard against credential reuse attacks wh
On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> All package maintainers will want to make sure they have updated to
> the
> following package versions (some may be in testing as of this email):
>
> python-cccolutils-1.4-1
> fedpkg-1.26-2
> fedora-packager-0.6.0.0-1
>
On Tue, 2016-12-13 at 18:52 +, Tom Hughes wrote:
> On 13/12/16 18:19, Simo Sorce wrote:
> > On Tue, 2016-12-13 at 14:36 +, Dave Love wrote:
> >> Simo Sorce writes:
> >>
> >>> If you really need to automate it because typing a password is too hard:
> >>> cat ~/.mykrbpassword | kinit myusern
On ti, 13 joulu 2016, David Woodhouse wrote:
On Mon, 2016-12-12 at 10:53 +0100, Vít Ondruch wrote:
2) I needed to update a certificate every 6 months, now I need to kinit
every day. This is regression. How to make it work without kinit at all.
I am using SSSD for company kerberos and I don't nee
On 13/12/16 18:19, Simo Sorce wrote:
On Tue, 2016-12-13 at 14:36 +, Dave Love wrote:
Simo Sorce writes:
If you really need to automate it because typing a password is too hard:
cat ~/.mykrbpassword | kinit myusername
It needs to be automated principally because the password is not
memor
On Tue, 2016-12-13 at 14:35 +, Dave Love wrote:
> Simo Sorce writes:
>
> > On Tue, 2016-12-13 at 10:54 +, Dave Love wrote:
> >> Kevin Fenzi writes:
> >>
> >> > This is included in the fedora-packager-0.6.0 update.
> >> >
> >> > Make sure your /etc/krb5.conf has the include to include t
On Tue, 2016-12-13 at 14:36 +, Dave Love wrote:
> Simo Sorce writes:
>
> > If you really need to automate it because typing a password is too hard:
> > cat ~/.mykrbpassword | kinit myusername
>
> It needs to be automated principally because the password is not
> memorable. I assume infrastr
On Ter, 2016-12-13 at 10:37 -0700, Kevin Fenzi wrote:
> On Tue, 13 Dec 2016 17:09:19 +
> Sérgio Basto wrote:
>
> >
> > On Dom, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> > >
> > >
> > > Greetings.
> > >
> > > As previously announced, releng has made a number of changes as
> > > p
On Tue, 13 Dec 2016 17:09:19 +
Sérgio Basto wrote:
> On Dom, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> >
> > Greetings.
> >
> > As previously announced, releng has made a number of changes as part
> > of
> > it's 2016 "flag day".
> >
> > All package maintainers will want to make
On Tue, 13 Dec 2016 10:58:16 +
Dave Love wrote:
> Kevin Fenzi writes:
>
> > Ah, the actual package produced is python2-cccolutils (from the
> > python-cccolutils package).
> >
> > python2-cccolutils.x86_64 1.4-1.el6 epel-testing
>
> Isn't that wrong for EPEL?
No. There's nothing saying
On Tue, 13 Dec 2016 14:19:50 +
Tom Hughes wrote:
> On 13/12/16 13:41, Stephen Gallagher wrote:
> > On 12/13/2016 03:52 AM, Vít Ondruch wrote:
> >>
> >> Dne 12.12.2016 v 22:33 Kevin Fenzi napsal(a):
> >>
> >>> As sgallagh noted downthread, gnome online accounts will hopefully
> >>> handle
On Tue, 13 Dec 2016 14:36:06 +
Dave Love wrote:
> Simo Sorce writes:
>
> > If you really need to automate it because typing a password is too
> > hard: cat ~/.mykrbpassword | kinit myusername
>
> It needs to be automated principally because the password is not
> memorable. I assume infr
On Dom, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
>
> Greetings.
>
> As previously announced, releng has made a number of changes as part
> of
> it's 2016 "flag day".
>
> All package maintainers will want to make sure they have updated to
> the
> following package versions (some may be
Stephen Gallagher writes:
>> There is actually a Kerberos mechanism for storing credentials even if
>> it somewhat defeats the object, particularly on a shared system. It
>> would be better if you could forward the GSS identities over ssh, but I
On Mon, 2016-12-12 at 10:53 +0100, Vít Ondruch wrote:
> 2) I needed to update a certificate every 6 months, now I need to kinit
> every day. This is regression. How to make it work without kinit at all.
> I am using SSSD for company kerberos and I don't need to kinit at all,
> how to make this work
On 12/13/2016 09:36 AM, Dave Love wrote:
> Simo Sorce writes:
>
>> If you really need to automate it because typing a password is too hard:
>> cat ~/.mykrbpassword | kinit myusername
>
> It needs to be automated principally because the password is not
> memorable. I assume infrastructure people
Simo Sorce writes:
> If you really need to automate it because typing a password is too hard:
> cat ~/.mykrbpassword | kinit myusername
It needs to be automated principally because the password is not
memorable. I assume infrastructure people would rather we don't use the
least secure credentia
Simo Sorce writes:
> On Tue, 2016-12-13 at 10:54 +, Dave Love wrote:
>> Kevin Fenzi writes:
>>
>> > This is included in the fedora-packager-0.6.0 update.
>> >
>> > Make sure your /etc/krb5.conf has the include to include them
>> > from /etc/krb5.conf.d/ though
>>
>> That will break Heimda
On 13/12/16 13:41, Stephen Gallagher wrote:
On 12/13/2016 03:52 AM, Vít Ondruch wrote:
Dne 12.12.2016 v 22:33 Kevin Fenzi napsal(a):
As sgallagh noted downthread, gnome online accounts will hopefully
handle this for you soon as soon as that one bug is fixed.
That should be fixed prior such
Dne 13.12.2016 v 14:41 Stephen Gallagher napsal(a):
> On 12/13/2016 03:52 AM, Vít Ondruch wrote:
>>
>> Dne 12.12.2016 v 22:33 Kevin Fenzi napsal(a):
>>> On Mon, 12 Dec 2016 10:53:39 +0100
>>> Vít Ondruch wrote:
>>>
So several questions:
> ...
>>> First, I'll note you don't need to get a new
On 12/13/2016 03:52 AM, Vít Ondruch wrote:
>
>
> Dne 12.12.2016 v 22:33 Kevin Fenzi napsal(a):
>> On Mon, 12 Dec 2016 10:53:39 +0100
>> Vít Ondruch wrote:
>>
>>> So several questions:
...
>>
>> First, I'll note you don't need to get a new ticket every day, you can
>> just renew with 'kinit -R'.
On Mon, 2016-12-12 at 02:36 +0100, Igor Gnatenko wrote:
> It shows a little error icon in the Domain box, as if to indicate
> > that FEDORAPROJECT.ORG is an invalid domain (but unhelpfully without
> > any actual tooltip or error message). Is there a known problem here?
>
> yes, and even patch avai
On Tue, 13 Dec 2016 12:51:02 +0200
Alexander Bokovoy wrote:
> On ti, 13 joulu 2016, Dan Horák wrote:
> >On Tue, 13 Dec 2016 12:29:57 +0200
> >Alexander Bokovoy wrote:
> >
> >> On ti, 13 joulu 2016, Daniel P. Berrange wrote:
> >> >On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
On Tue, 2016-12-13 at 10:57 +, Dave Love wrote:
> Christopher writes:
>
> > Better yet, save your password in gnome-keyring:
> > keyring set login fedora
> > And retrieve it for kinit:
> > keyring get login fedora | kinit usern...@fedoraproject.org
>
> None of this is any good if you're not
On Tue, 2016-12-13 at 10:54 +, Dave Love wrote:
> Kevin Fenzi writes:
>
> > This is included in the fedora-packager-0.6.0 update.
> >
> > Make sure your /etc/krb5.conf has the include to include them
> > from /etc/krb5.conf.d/ though
>
> That will break Heimdal, for people who use that.
He
On 13/12/16 09:52 +0100, Vít Ondruch wrote:
Dne 12.12.2016 v 22:33 Kevin Fenzi napsal(a):
First, I'll note you don't need to get a new ticket every day, you can
just renew with 'kinit -R'.
Not sure what is the difference here, may be you want to explain.
'kinit -R' doesn't need a password, i
Petr Mensik writes:
> Sure, I am really missing this information written on the wiki page. The
> secret is, they are in the DNS record. If you try
> $ host -t URI _kerberos.fedoraproject.org
Thanks. I forget about DNS records because I've been not trusting them
forever. However, I only know
Kevin Fenzi writes:
> fedora-packager-0.6.0 includes:
>
> /etc/krb5.conf.d/fedoraproject_org
> and
> /etc/krb5.conf.d/stg_fedoraproject_org
>
> which contain:
>
> [realms]
> FEDORAPROJECT.ORG = {
> kdc = https://id.fedoraproject.org/KdcProxy
> }
> [domain_realm]
> .fedoraproject.org =
Kevin Fenzi writes:
> Ah, the actual package produced is python2-cccolutils (from the
> python-cccolutils package).
>
> python2-cccolutils.x86_64 1.4-1.el6 epel-testing
Isn't that wrong for EPEL?
___
devel mailing list -- devel@lists.fedoraproject.org
Christopher writes:
> Better yet, save your password in gnome-keyring:
> keyring set login fedora
> And retrieve it for kinit:
> keyring get login fedora | kinit usern...@fedoraproject.org
None of this is any good if you're not using a desktop system, is it?
I'm probably not the only one who doe
Kevin Fenzi writes:
> This is included in the fedora-packager-0.6.0 update.
>
> Make sure your /etc/krb5.conf has the include to include them
> from /etc/krb5.conf.d/ though
That will break Heimdal, for people who use that.
___
devel mailing list -- d
On ti, 13 joulu 2016, Dan Horák wrote:
On Tue, 13 Dec 2016 12:29:57 +0200
Alexander Bokovoy wrote:
On ti, 13 joulu 2016, Daniel P. Berrange wrote:
>On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
>> On ti, 13 joulu 2016, Alexander Bokovoy wrote:
>> > On ti, 13 joulu 2016, Ví
On Tue, 13 Dec 2016 12:29:57 +0200
Alexander Bokovoy wrote:
> On ti, 13 joulu 2016, Daniel P. Berrange wrote:
> >On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
> >> On ti, 13 joulu 2016, Alexander Bokovoy wrote:
> >> > On ti, 13 joulu 2016, Vít Ondruch wrote:
> >> > >
> >> > >
On ti, 13 joulu 2016, Daniel P. Berrange wrote:
On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
On ti, 13 joulu 2016, Alexander Bokovoy wrote:
> On ti, 13 joulu 2016, Vít Ondruch wrote:
> >
> >
> > Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
> > > On 12/12/2016 04:53 A
On Tue, Dec 13, 2016 at 12:19:45PM +0200, Alexander Bokovoy wrote:
> On ti, 13 joulu 2016, Alexander Bokovoy wrote:
> > On ti, 13 joulu 2016, Vít Ondruch wrote:
> > >
> > >
> > > Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
> > > > On 12/12/2016 04:53 AM, Vít Ondruch wrote:
> > > > > So se
On ti, 13 joulu 2016, Alexander Bokovoy wrote:
On ti, 13 joulu 2016, Vít Ondruch wrote:
Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
On 12/12/2016 04:53 AM, Vít Ondruch wrote:
So several questions:
1) When I have 2 domains I login to with kerberos, how to really make it
work. I don't
On 2016-12-12 17:05, Kevin Fenzi wrote:
On Mon, 12 Dec 2016 12:32:33 +
Paul Howarth wrote:
There's an extra "A" in there.
oops. so there is. :) Sorry about that.
Anyway, it's not working for me and it's a different error than
others are seeing:
...snip...
I tried logging into FAS a
Dne 12.12.2016 v 22:33 Kevin Fenzi napsal(a):
> On Mon, 12 Dec 2016 10:53:39 +0100
> Vít Ondruch wrote:
>
>> So several questions:
>>
>> 1) When I have 2 domains I login to with kerberos, how to really make
>> it work. I don't want to kswitch all the time. I am using Kerberos to
>> authenticate
On ti, 13 joulu 2016, Vít Ondruch wrote:
Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
On 12/12/2016 04:53 AM, Vít Ondruch wrote:
So several questions:
1) When I have 2 domains I login to with kerberos, how to really make it
work. I don't want to kswitch all the time. I am using Kerber
Dne 12.12.2016 v 20:54 Christopher napsal(a):
> On Mon, Dec 12, 2016 at 10:03 AM Stephen Gallagher
> mailto:sgall...@redhat.com>> wrote:
>
>
> > 2) I needed to update a certificate every 6 months, now I need
> to kinit
> > every day. This is regression. How to make it work without kin
Dne 12.12.2016 v 16:02 Stephen Gallagher napsal(a):
> On 12/12/2016 04:53 AM, Vít Ondruch wrote:
>> So several questions:
>>
>> 1) When I have 2 domains I login to with kerberos, how to really make it
>> work. I don't want to kswitch all the time. I am using Kerberos to
>> authenticate my email c
On 12/12/2016 12:37 PM, Chenxiong Qi wrote:
On 12/12/2016 08:58 AM, Josh Boyer wrote:
On Sun, Dec 11, 2016 at 7:34 PM, Dennis Gilmore wrote:
Greetings.
As previously announced, releng has made a number of changes as part of
it's 2016 "flag day".
All package maintainers will want to make
On Mon, 12 Dec 2016 10:53:39 +0100
Vít Ondruch wrote:
> So several questions:
>
> 1) When I have 2 domains I login to with kerberos, how to really make
> it work. I don't want to kswitch all the time. I am using Kerberos to
> authenticate my email client, so I want to keep it working all the
> t
On Mon, Dec 12, 2016 at 10:03 AM Stephen Gallagher
wrote:
> On 12/12/2016 04:53 AM, Vít Ondruch wrote:
> > So several questions:
> >
> > 1) When I have 2 domains I login to with kerberos, how to really make it
> > work. I don't want to kswitch all the time. I am using Kerberos to
> > authenticate
On Mon, 12 Dec 2016 11:49:47 -0500 (EST)
Petr Mensik wrote:
> Sure, I am really missing this information written on the wiki page.
> The secret is, they are in the DNS record. If you try $ host -t URI
> _kerberos.fedoraproject.org
>
> you might get it. But some DNS servers seem to have trouble w
On Mon, 12 Dec 2016 16:36:24 +
Dave Love wrote:
> Dennis Gilmore writes:
>
> > See the general kerberos information at:
> > https://fedoraproject.org/wiki/Infrastructure_kerberos_authentication
> > for more details.
>
> I was going to try to authenticate, even if the tools won't work, b
On Mon, 12 Dec 2016 10:15:05 -0700
Kevin Fenzi wrote:
> On Mon, 12 Dec 2016 16:22:06 +
> Dave Love wrote:
>
> > Dennis Gilmore writes:
> >
> > > Greetings.
> > >
> > > As previously announced, releng has made a number of changes as
> > > part of it's 2016 "flag day".
> > >
> > > All p
On Mon, 12 Dec 2016 09:35:05 -0700
Jerry James wrote:
> On F-26, I got python-cccolutils, and the new fedpkg and pyrpkg from
> updates-testing, but:
>
> # rpm -q fedora-packager
> fedora-packager-0.5.10.7-3.fc25.noarch
> # rpm -q koji
> koji-1.10.1-13.fc25.noarch
> # dnf --enablerepo=updates-tes
On Mon, 12 Dec 2016 16:22:06 +
Dave Love wrote:
> Dennis Gilmore writes:
>
> > Greetings.
> >
> > As previously announced, releng has made a number of changes as
> > part of it's 2016 "flag day".
> >
> > All package maintainers will want to make sure they have updated to
> > the
> > foll
Dne 12.12.2016 v 17:22 Dave Love napsal(a):
> Dennis Gilmore writes:
>
>> Greetings.
>>
>> As previously announced, releng has made a number of changes as part of
>> it's 2016 "flag day".
>>
>> All package maintainers will want to make sure they have updated to
>> the
>> following package ver
On Mon, 12 Dec 2016 14:20:47 +0100
Louis Lagendijk wrote:
> With these updates I can kinit to my username. This almost works:
>
> kinit llagend...@fedoraproject.org
> Password for llagend...@fedoraproject.org:
> Password expired. You must change it now.
> Enter new password:
> Enter it again:
On Mon, 12 Dec 2016 12:32:33 +
Paul Howarth wrote:
> There's an extra "A" in there.
oops. so there is. :) Sorry about that.
> Anyway, it's not working for me and it's a different error than
> others are seeing:
...snip...
> I tried logging into FAS and that worked but didn't help. It didn
5:36:24 PM
Subject: Re: Packagers - Flag day 2016 Important changes
Dennis Gilmore writes:
> See the general kerberos information at:
> https://fedoraproject.org/wiki/Infrastructure_kerberos_authentication
> for more details.
I was going to try to authenticate, even if the tools won't
Dennis Gilmore writes:
> See the general kerberos information at:
> https://fedoraproject.org/wiki/Infrastructure_kerberos_authentication
> for more details.
I was going to try to authenticate, even if the tools won't work, but
that's missing the fundamental information about how to configure t
On Mon, Dec 12, 2016 at 9:22 AM, Dave Love wrote:
>> All package maintainers will want to make sure they have updated to
>> the
>> following package versions (some may be in testing as of this email):
>>
>> python-cccolutils-1.4-1
>
> "No package python-cccolutils available." from epel-testin
Dennis Gilmore writes:
> Greetings.
>
> As previously announced, releng has made a number of changes as part of
> it's 2016 "flag day".
>
> All package maintainers will want to make sure they have updated to
> the
> following package versions (some may be in testing as of this email):
>
>
- Original Message -
>
>
> - Original Message -
> > Hi,
> >
> > Jaroslav wrote:
> > > It still doesn't work for me:
> > >
> > > $ fedpkg scratch-build
> > > Could not execute scratch_build: (-1765328370, 'KDC has no support for
> > > encryption
> > > type')
> > >
> > >
> On 12/12/2016 04:53 AM, Vít Ondruch wrote:
>
> There are patches still coming that will switch the fedora packaging tools to
> use GSSAPI rather than Kerberos directly, which will handle auto-selecting the
> right TGT. I'm not sure what the status is on this, but Patrick Uiterwijk
> (CCed)
> wa
On 12/12/2016 04:53 AM, Vít Ondruch wrote:
> So several questions:
>
> 1) When I have 2 domains I login to with kerberos, how to really make it
> work. I don't want to kswitch all the time. I am using Kerberos to
> authenticate my email client, so I want to keep it working all the time.
>
There
On Sun, 2016-12-11 at 18:34 -0600, Dennis Gilmore wrote:
> Greetings.
>
> As previously announced, releng has made a number of changes as part
> of
> it's 2016 "flag day".
>
> All package maintainers will want to make sure they have updated to
> the
> following package versions (some may be in
On 12/12/2016 12:35 PM, Ralf Corsepius wrote:
On 12/12/2016 01:34 AM, Dennis Gilmore wrote:
Greetings.
As previously announced, releng has made a number of changes as part of
it's 2016 "flag day".
https://fedoraproject.org/wiki/ReleaseEngineering/FlagDay2016
For me, builds now are failing
On 2016-12-12 00:34, Dennis Gilmore wrote:
Greetings.
As previously announced, releng has made a number of changes as part of
it's 2016 "flag day".
All package maintainers will want to make sure they have updated to
the
following package versions (some may be in testing as of this email):
On 12/12/2016 01:34 AM, Dennis Gilmore wrote:
Greetings.
As previously announced, releng has made a number of changes as part of
it's 2016 "flag day".
https://fedoraproject.org/wiki/ReleaseEngineering/FlagDay2016
For me, builds now are failing with weird errors:
cf. https://koji.fedoraproj
- Original Message -
> Mike McLean wrote:
>
> > 1) make sure your krb5.conf has:
> > includedir /etc/krb5.conf.d/
>
> Should there be something in there other than a crypto-policies symlink?
>
> David
> ___
> devel mailing list -- devel@list
- Original Message -
> Hi,
>
> Jaroslav wrote:
> > It still doesn't work for me:
> >
> > $ fedpkg scratch-build
> > Could not execute scratch_build: (-1765328370, 'KDC has no support for
> > encryption
> > type')
> >
> > $ klist
> > Default principal: jskarvad(a)FEDORAPROJECT.OR
Mike McLean wrote:
> 1) make sure your krb5.conf has:
> includedir /etc/krb5.conf.d/
Should there be something in there other than a crypto-policies symlink?
David
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to
1 - 100 of 120 matches
Mail list logo