infra-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chris Lambertus (JIRA)" <j...@apache.org>
Subject [jira] [Updated] (INFRA-16606) Svn commit returns Server sent unexpected return value (403 Forbidden) in response to CHECKOUT request for '/repos/dist/!svn/ver/27022/release/trafodion/KEYS
Date Thu, 31 May 2018 17:50:00 GMT

     [ https://issues.apache.org/jira/browse/INFRA-16606?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Chris Lambertus updated INFRA-16606:
------------------------------------
    Status: Waiting for user  (was: Waiting for Infra)

Only PMC members may commit to the dist/release area.


> Svn commit returns Server sent unexpected return value (403 Forbidden) in response to
CHECKOUT request for '/repos/dist/!svn/ver/27022/release/trafodion/KEYS
> -------------------------------------------------------------------------------------------------------------------------------------------------------------
>
>                 Key: INFRA-16606
>                 URL: https://issues.apache.org/jira/browse/INFRA-16606
>             Project: Infrastructure
>          Issue Type: Project
>          Components: Subversion
>         Environment: Linux edev06.esgyn.local 2.6.32-696.20.1.el6.x86_64 #1 SMP Fri Jan
26 17:51:45 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
>            Reporter: Sean Broeder
>            Priority: Major
>
> I am trying to update the project KEYS file with my gpg key so that I can operate as
release manager for the project.
> I have tried following the instructions here https://www.apache.org/dev/release-signing.html#keys-policy
> I’m using gpg version 2.0.14, which I think should be sufficient.
>  
> sbroeder@edev06 traf_release]$ gpg --version
> gpg (GnuPG) 2.0.14
> libgcrypt 1.4.5
> Copyright (C) 2009 Free Software Foundation, Inc.
> License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
> This is free software: you are free to change and redistribute it.
> There is NO WARRANTY, to the extent permitted by law.
>  
> Home: ~/.gnupg
> Supported algorithms:
> Pubkey: RSA, ELG, DSA
> Cipher: 3DES, CAST5, BLOWFISH, AES, AES192, AES256, TWOFISH, CAMELLIA128, 
>         CAMELLIA192, CAMELLIA256
> Hash: MD5, SHA1, RIPEMD160, SHA256, SHA384, SHA512, SHA224
> Compression: Uncompressed, ZIP, ZLIB, BZIP2
>  
> My gpg.conf file has these entries to avoid SHA-1.  There is a comment that some clients
don’t support SHA512 yet, so this is worth noting in case that may cause an issue
>  
> personal-digest-preferences SHA512
> cert-digest-algo SHA512
> default-preference-list SHA512 SHA384 SHA256 SHA224 AES256 AES192 AES CAST5 ZLIB BZIP2
ZIP Uncompressed
>  
> When I generated the key, I wasn’t sure which type of key to generate, nor what size
to make it, so I used the defaults, meaning it generated an RSA key or 2048 bits.
>  
> I have sent the key to a key server using gpg –send-key, but I have not yet updated
my web of trust.  I don't think that would cause a problem yet.
>  
> I also updated apache to have my new fingerprint and key, which you can see at http://home.apache.org/keys/committer/
>  
> You can also see my key in the project https://people.apache.org/keys/group/trafodion.asc
>  
> Here is what I see when trying to update the KEYS file
> [sbroeder@edev06 traf_release]$ svn commit -m "added new public key for sbroeder to KEYS
file"
> Authentication realm: <https://dist.apache.org:443> ASF Committers
> Password for 'sbroeder': 
> Sending        KEYS
> svn: Commit failed (details follow):
> svn: Server sent unexpected return value (403 Forbidden) in response to CHECKOUT request
for '/repos/dist/!svn/ver/27022/release/trafodion/KEYS'
> According to this link http://www.apache.org/dev/version-control.html#https-svn I should
have someone check the authz file or my LDAP/group membership
>  
> WHY DO I GET A 403 WHEN I TRY TO COMMIT?
> Run svn info and check that the URL starts with https://. If it starts with http://,
run:
> $ svn switch --relocate http://svn.apache.org https://svn.apache.org
> If you still get 403 Forbidden errors, ask your PMC to double-check the authz file and
LDAP/Unix group membership.
>  
> My svn info is as follows and it is using https:
> [sbroeder@edev06 traf_release]$ svn info
> Path: .
> URL: https://dist.apache.org/repos/dist/release/trafodion
> Repository Root: https://dist.apache.org/repos/dist
> Repository UUID: 0d268c88-bc11-4956-87df-91683dc98e59
> Revision: 27022
> Node Kind: directory
> Schedule: normal
> Last Changed Author: svarnau
> Last Changed Rev: 27022
> Last Changed Date: 2018-05-21 17:48:57 +0000 (Mon, 21 May 2018)
>  
> Thank you in advance for your assistance



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

Mime
View raw message