High, systemd version: 219, fedora 22 Summary: machinectl does first hit correctly with http creds within the URL - but forgets them in subsequent hit(s). And I did not see an option to supply user creds to machinectl. ----------- Details: Trying the (great) pull-dkr on my PRIVATE docker reqistry, with a http basic authing proxy infront of it. Since it has http auth on, when pulling using docker it works like: [root@f2 axc]# docker login https://axchange.axiros.com Username: ax__Js3MQjrGKcjwS94j (<-- just a temporary token) Password: Email: asdf@asdf.de WARNING: login credentials saved in /root/.dockercfg. Login Succeeded [root@f2 axc]# docker pull axchange.axiros.com/axcdocker/jessie:latest Trying to pull repository axchange.axiros.com/axcdocker/jessie ... 2863afcd1309: Download complete (...) ------------ Using machinectl: [root@f2 site-packages]# machinectl pull-dkr 'axcdocker/jessie:latest' --dkr-index-url https://ax__Js3MQjrGKcjwS94j:AXC@axchange.axiros.com --verify=no (note that I've put the creds into the URL) Enqueued transfer job 1. Press C-c to continue download in background. Pulling 'axcdocker/jessie' with tag 'latest', saving as 'jessie'. Downloading 380B for https://ax__Js3MQjrGKcjwS94j:AXC@axchange.axiros.com/v1/repositories/axcdocker/jessie/images. Download of https://ax__Js3MQjrGKcjwS94j:AXC@axchange.axiros.com/v1/repositories/axcdocker/jessie/images complete. Index lookup succeeded, directed to registry axchange.axiros.com. Downloading 172B for https://axchange.axiros.com/v1/repositories/axcdocker/jessie/tags/latest. HTTP request to https://axchange.axiros.com/v1/repositories/axcdocker/jessie/tags/latest failed with code 400. Failed to retrieve tags list. Exiting. stracing it, grepping for the URL: [root@f2 site-packages]# cat trace |grep axchange writev(2, [{"Downloading 380B for https://ax_"..., 114}, {"\n", 1}], 2Downloading 380B for https://ax__Js3MQjrGKcjwS94j:AXC@axchange.axiros.com/v1/repositories/axcdocker/jessie/images. writev(2, [{"Download of https://ax__Js3MQjrG"..., 114}, {"\n", 1}], 2Download of https://ax__Js3MQjrGKcjwS94j:AXC@axchange.axiros.com/v1/repositories/axcdocker/jessie/images complete. writev(2, [{"Index lookup succeeded, directed"..., 65}, {"\n", 1}], 2Index lookup succeeded, directed to registry axchange.axiros.com. writev(2, [{"Downloading 172B for https://axc"..., 94}, {"\n", 1}], 2Downloading 172B for https://axchange.axiros.com/v1/repositories/axcdocker/jessie/tags/latest. writev(2, [{"HTTP request to https://axchange"..., 110}, {"\n", 1}], 2HTTP request to https://axchange.axiros.com/v1/repositories/axcdocker/jessie/tags/latest failed with code 400. [root@f2 site-packages]# -> the hit for the tags did not have the creds, so the registry server says no no. ----------- Can help myself with proxies for now but would be cool if machinectl could handle that, best with username password options at least for basic auth. Thanks, Gunther
PS: let me know if you need a set of credentials for trying. But I guess its simple enough to understand & commit in without ;-)
Can you try this with v220? Can you reproduce it there?
Hi, last time i tried 220 on rawhide I ran into this Selinux Access denied problem and it seems not yet fixed. But: You can quickly check yourself, created a private repo which accepts ANY user as long password is AXC: On 219 I get: [root@f2 ~]# machinectl pull-dkr 'axcdocker/jessie' --dkr-index-url https://foo:AXC@axchange.axiros.com --verify=no (...) Downloading 380B for https://foo:AXC@axchange.axiros.com/v1/repositories/axcdocker/jessie/images. Index lookup succeeded, directed to registry axchange.axiros.com. Downloading 172B for https://axchange.axiros.com/v1/repositories/axcdocker/jessie/tags/latest. (...)Failed to retrieve tags list. Exiting. If the second hit is WITH creds then the bug is fixed. Servus, Gunther PS: Creating a little PaaS thingy around systemd & would love to develop around 220 already. Any hint where to get a binary (any OS)? Compiling it last time I got funny "protocol not supported" errors at journalctl, so I continued with 219...
dkr support has been removed form importd. Closing.
Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.