Configuring the incoming queue processor is relatively straightforward. Before the incoming daemon can be configured the following steps must be taken:
The PkgForge, PkgForge-Registry and PkgForge-Server packages must
be installed. These are provided as RPMs but it is also possible to
build and install them from the
.tar.gz format in the
same way as any other Perl module.
Perl version 5.8.8 or newer is required. The PkgForge-Server package requires the following modules although not all are necessary for the incoming queue processor.
If you wish to process SRPMs (currently this is the only supported source package format) you will also need the Perl RPM2 module installed.
If you are using LCFG this can all be installed by including
As with the software installation, if you are using LCFG this can all
be configured correctly by using
The basic layout of the filesystem (as described in the
information) should be configured using
/etc/pkgforge/pkgforge.yml YAML file. It should look
something like this:
--- "accepted": '/afs/example.org/pkgs/pkgforge/accepted/' "incoming": '/afs/example.org/pkgs/pkgforge/incoming/' "results": '/afs/example.org/pkgs/pkgforge/results/'
If you are using the LCFG pkgforge component then this is done
If AFS is being used to provide the filesystem for the pkgforge service then you will need a Kerberos principal and an associated AFS user. As with Kerberised access to the Registry database the Kerberos keytab can be managed using the LCFG kerberos component. If you already have this setup for DB access you do not need a second keytab for AFS access. The following configuration will create a keytab:
!pkgforge.keytab_incoming mSET(<%pkgforge.configdir%>/pkgforge_incoming.keytab) !kerberos.keys mADD(pkgforge_incoming) kerberos.keytab_pkgforge_incoming <%pkgforge.keytab_incoming%> kerberos.keytabuid_pkgforge_incoming <%pkgforge.user%> kerberos.keytabgid_pkgforge_incoming <%pkgforge.group%>
Alternatively the principal and keytab can be created manually using the kadmin tool. You will need to ensure that the UID and GID and the permissions are correct for the keytab or k5start will not work.
The incoming queue processor is configured using
/etc/pkgforge/incoming.yml YAML file. The registry
database access configuration section has already been discussed in
client configuration page. The
configuration should look something like:
--- "init": '/etc/init.d/pkgforge-incoming' "keytab": '/etc/pkgforge/pkgforge_incoming.keytab' "registry": "host": 'pkgforge' "name": 'pkgforge' "user": 'pkgforge_incoming' "start": 'yes'
options are not used by the daemon, they are purely instructions for
the LCFG pkgforge component.
The important file is
which controls how the
init-script starts the daemon. If the LCFG pkgforge component is being
used then the sysconfig file will be configured automatically. The
sysconfig file should look something like:
The following options can be modified via the sysconfig file but mostly they have sensible defaults.
Note that, by default, some files are stored in
/var/run/pkgforge/ directories. Those directories
must be writable by whichever unix user is used to run the daemon.
At various points the daemon generates temporary files. For security
the daemon uses a specific temporary directory (which
/var/tmp/pkgforge by default). This directory must be
writable by whichever unix user is used to run the daemon. The
location can be changed by setting the
/etc/pkgforge/incoming.yml YAML file, that is not
currently modifiable using the LCFG pkgforge component.
By default the incoming queue processor log is kept in
/var/log/pkgforge/incoming.log file. You need to
ensure that the log directory is writable by whichever unix user is
used to run the daemon.
The logs from the incoming queue processor are configured via
file. For details on how to modify the style see the documentation for
the Log::Dispatch and MooseX::LogDispatch Perl modules.
Once the configuration files are in place the incoming queue processor
can be started using the init-script provided in the package. This is
Currently the init-script assumes that Kerberos authentication is required and it will attempt to start the k5start daemon first. Patches welcome to remove this limitation.
If the LCFG pkgforge component is being used then the daemon should be
om and the init-script should not be called
directly, for example:
% om pkgforge start % om pkgforge stop
For the component to actually start the daemon
pkgforge.start_incoming resource must be set
If any configuration or code changes are made then the daemon will need to be completely restarted. This is done with the restart method.
Without the LCFG pkgforge component the init-script should be used
directly. The usual
restart methods are available.