Description of problem: When an external pgsql server is used, the connection to the database fails with: Version-Release number of selected component (if applicable): koji-hub-1.24.0-1.el8.noarch How reproducible: On every access of an client. Steps to Reproduce: 1. Let an client connect to the hub Actual results: The hub can't connect to the database: Log: 2021-04-28 14:02:33,840 [ERROR] m=None u=None p=53674 r=X.X.X.X:35074 koji.db: Traceback (most recent call last): [Wed Apr 28 14:02:33.840463 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] File "/usr/lib/python3.6/site-packages/koji/db.py", line 191, in connect [Wed Apr 28 14:02:33.840468 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] conn = psycopg2.connect(**opts) [Wed Apr 28 14:02:33.840472 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] File "/usr/lib64/python3.6/site-packages/psycopg2/__init__.py", line 130, in connect [Wed Apr 28 14:02:33.840475 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] conn = _connect(dsn, connection_factory=connection_factory, **kwasync) [Wed Apr 28 14:02:33.840478 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] psycopg2.OperationalError: FATAL: password authentication failed for user "koji" [Wed Apr 28 14:02:33.840488 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] FATAL: no pg_hba.conf entry for host "Z.Z.Z.Z", user "koji", database "koji", SSL off [Wed Apr 28 14:02:33.840491 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] [Wed Apr 28 14:02:33.840497 2021] [wsgi:error] [pid 53674:tid 140651907766016] [client X.X.X.X:35074] Expected results: An working connection to the database. Additional info: For security reasons, the connection to an external database must be encrypted. Workaround: /usr/lib/python3.6/site-packages/koji/db.py: change: opts = _DBopts to: opts = _DBopts opts['sslmode'] = 'require'
As far as I can see koji just doesn't support this yet. ;( Would you be willing to file a upstream ticket? https://pagure.io/koji/issues/
Ah there is bug tracker. I have search for it, but I have not found it.
FEDORA-2021-4d40916a30 has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d40916a30
FEDORA-2021-5ed8b031b1 has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-5ed8b031b1
FEDORA-2021-2b837ca8aa has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-2b837ca8aa
FEDORA-2021-5ed8b031b1 has been pushed to the Fedora 35 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-5ed8b031b1` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-5ed8b031b1 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-2b837ca8aa has been pushed to the Fedora 34 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-2b837ca8aa` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-2b837ca8aa See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-4d40916a30 has been pushed to the Fedora 33 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-4d40916a30` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-4d40916a30 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2021-2b837ca8aa has been pushed to the Fedora 34 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-4d40916a30 has been pushed to the Fedora 33 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2021-5ed8b031b1 has been pushed to the Fedora 35 stable repository. If problem still persists, please make note of it in this bug report.