1
edit
Changes
3. Using SSL for authentication
Add this line.
DNUsernameComponent = CN
ProxyDNs = "/C=CA/ST=Ontario/O=Seneca CDOT/OU=/CN=kojiweb/emailAddress="
And in the ‘/etc/httpd/conf.d/kojihub.conf’ conf uncomment the following lines:
<Location /kojihub>
</Location>
4.Using [http://zenit.senecac.on.ca/wiki/index.php/Fedora_Arm_Secondary_Architecture/Koji_Certificates the Koji certificates] , we need to and add the following lines to ‘/etc/httpd/conf.d/ssl.conf’, under the section ‘VirtualHost _default_:443′:
SSLCertificateFile /etc/pki/koji/certs/kojihub.crt
SSLCertificateKeyFile /etc/pki/koji/certs/kojihub.key
SSLCertificateChainFile /etc/pki/koji/koji_ca_cert.crt
SSLCACertificateFile /etc/pki/koji/koji_ca_cert.crt
SSLVerifyClient require
SSLVerifyDepth 10
setsebool -P httpd_can_network_connect_db 1
6.A skeleton filesystem
To allow Koji to work, a skeleton filesystem needs to be created and the ownership
changed so Apache can write to it as required. The following commands were executed:
mkdir -p /mnt/koji/{packages,repos,work,scratch}
chown -R apache.apache /mnt/koji
Then edited the '/etc/koji.conf' file and changed the following lines:
su - kojiadmin
koji add-user kojira
koji grant-permission repo kojira
Then add as many builders as required using the following commands editing where required (this should also be done prior to running kojid on each host):
koji add-host arm-001-001 arm koji add-host arm-001-002 arm
koji add-host arm-001-003 arm