From a4cc011eed9cf427d55f38600df04bdd7d5eade1 Mon Sep 17 00:00:00 2001
From: Nils Philippsen <nils@redhat.com>
Date: Fri, 16 Sep 2016 13:33:46 +0200
Subject: [PATCH] put kerberos config params in rida configuration

koji.read_config() filters out configuration options it doesn't know
about silently. Currently this is about the keytab, principal, ccache
options. The latter may be needed e.g. in Docker containers which
currently(?) can't use Linux kernel keyrings and need the credential
cache to be a normal file.
---
 config.py       |  5 +++++
 rida/builder.py |  8 +++++---
 rida/config.py  | 27 +++++++++++++++++++++++++++
 3 files changed, 37 insertions(+), 3 deletions(-)

diff --git a/config.py b/config.py
index dd7bf487..9a225c3d 100644
--- a/config.py
+++ b/config.py
@@ -48,6 +48,11 @@ class BaseConfiguration(object):
     # Available log levels are: debug, info, warn, error.
     LOG_LEVEL = 'info'
 
+    # Settings for Kerberos
+    KRB_KEYTAB = None
+    KRB_PRINCIPAL = None
+    KRB_CCACHE = None
+
 
 class DevConfiguration(BaseConfiguration):
     LOG_BACKEND = 'console'
diff --git a/rida/builder.py b/rida/builder.py
index 39a240ed..676543c7 100644
--- a/rida/builder.py
+++ b/rida/builder.py
@@ -376,16 +376,18 @@ chmod 644 %buildroot/%_rpmconfigdir/macros.d/macros.modules
 
         authtype = koji_config.authtype
         if authtype == "kerberos":
-            keytab = getattr(koji_config, "keytab", None)
-            principal = getattr(koji_config, "principal", None)
+            ccache = getattr(config, "krb_ccache", None)
+            keytab = getattr(config, "krb_keytab", None)
+            principal = getattr(config, "krb_principal", None)
             if keytab and principal:
                 koji_session.krb_login(
                     principal=principal,
                     keytab=keytab,
+                    ccache=ccache,
                     proxyuser=None,
                 )
             else:
-                koji_session.krb_login()
+                koji_session.krb_login(ccache=ccache)
         elif authtype == "ssl":
             koji_session.ssl_login(
                 os.path.expanduser(koji_config.cert),
diff --git a/rida/config.py b/rida/config.py
index 2ec05b00..e8ab9c19 100644
--- a/rida/config.py
+++ b/rida/config.py
@@ -75,6 +75,9 @@ class Config(object):
         self._log_backend = ""
         self._log_file = ""
         self._log_level = 0
+        self._krb_keytab = None
+        self._krb_principal = None
+        self._krb_ccache = "/tmp/krb5cc_rida"
 
     @property
     def system(self):
@@ -311,3 +314,27 @@ class Config(object):
     def log_level(self, s):
         level = str(s).lower()
         self._log_level = logger.str_to_log_level(level)
+
+    @property
+    def krb_keytab(self):
+        return self._krb_keytab
+
+    @krb_keytab.setter
+    def krb_keytab(self, s):
+        self._krb_keytab = s
+
+    @property
+    def krb_principal(self):
+        return self._krb_principal
+
+    @krb_principal.setter
+    def krb_principal(self, s):
+        self._krb_principal = s
+
+    @property
+    def krb_ccache(self):
+        return self._krb_ccache
+
+    @krb_ccache.setter
+    def krb_ccache(self, s):
+        self._krb_ccache = s