1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
.\" -----------------------------------------------------------------------
.\"
.\" Copyright 2011 Linux Foundation; author: Konstantin Ryabitsev
.\"
.\" This program is free software; you can redistribute it and/or
.\" modify it under the terms of the GNU General Public License as
.\" published by the Free Software Foundation, Inc.; either version 2
.\" of the License, or (at your option) any later version;
.\" incorporated herein by reference.
.\"
.\" -----------------------------------------------------------------------
.TH KUP-SERVER "1" "2011" "kernel.org upload server utility" "kernel.org"
.SH NAME
kup-server \- kernel.org upload server utility
.SH DESCRIPTION
.PP
The program
.B kup-server
is expected to be the receiver of an ssh shell, configured with the
following or similar options in ~/.ssh/authorized_keys:
.PP
.RS
command="/usr/bin/kup-server",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAA[...]
.RE
.PP
Each user should have their own UID, as Unix user permissions are used
for specific tree access control. On the client side, a corresponding
client-side utility
.BR kup
is used to initiate the connection and perform the uploads.
.SH GLOBAL CONFIG
.PP
The configuration file for
.B kup-server
is located in /etc/kup/kup-server.cfg and has the following options:
.TP
\fB[paths]\fP
All paths in this section should be disjoint. Do not combine any of them
into one directory.
.TP
\fBdata_path\fP = \fI/var/lib/kup/pub\fP
Path for public consumption, e.g. served via http or rsync.
.TP
\fBgit_path\fP = \fI/var/lib/git\fP
This is the path where git trees (for the TAR and DIFF options) are
available. Those should be readonly for the uploaders.
.TP
\fBlock_file\fP = \fI/var/run/kup/lock\fP
A common lock file for data_path. No program should modify the
content in data_path without holding an flock on this file. Should
be readonly for the uploaders.
.TP
\fBtmp_path\fP = \fI/var/lib/kup/tmp\fP
tmp_path can be either:
.PP
.RS
1. a directory writable by every user and with the sticky bit set
(typically mode 1777 or 1770). In that case, DO NOT end the path
with a slash, or:
.PP
2. A directory containing an empty directory for each user (named for
that user), owned by that user and mode 0700. In this case, DO end
the path with a slash.
.PP
In either case, this directory tree
.B MUST
be on the same filesystem as \fBdata_path\fP, since the script expects tocreate files in this directory and rename() them into data_path.
.RE
.TP
\fBpgp_path\fP = \fI/var/lib/kup/pgp\fP
A directory containing a GnuPG public keyring for each user, named
<user>.gpg and readable (but not writable) by that user.
.PP
.TP
\fB[limits]\fP
All sizes are in bytes, all times in seconds.
.TP
\fBmax_data\fP = \fI8589934592\fP
Max size of uploaded data.
.TP
\fBbufsiz\fP = \fI262144\fP
Buffer size when reading data.
.TP
\fBtimeout_command\fP = \fI30\fP
How long to wait for a command to time out.
.TP
\fBtimeout_data\fP = \fI300\fP
Must read at least bufsiz bytes in this timespan.
.TP
\fBtimeout_compress\fP = \fI900\fP
Uncompressing tarballs must take at most this long.
.TP
\fBtimeout_compress_cpu\fP = \fI900\fP
Each compression command must take at most this long in CPU time.
.PP
.TP
\fB[compressors]\fP
This section allows specifying the compressors to use when creating
compressed versions of uploaded content.
.TP
\fBuse\fP = \fIgz, xz\fP
A comma-separated list of file extensions to create (minus the leading dot).
For each extension specified, you will need to add a matching section specifying
which command and flags to use for decompression and which for compression. Make
sure to configure the decompress command to output to stdout. E.g.:
.PP
.RS
.nf
[gz]
compress_command = /bin/pigz -9
decompress_command = /bin/gzip -cd
[xz]
compress_command = /bin/xz -9 -T0
decompress_command = /bin/xz -cd
.fi
.RE
.SH AUTHOR
Written by H. Peter Anvin <hpa@zytor.com>.
.SH COPYRIGHT
Copyright \(co 2011 Intel Corporation
.sp
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, Inc.; either version 2 of the License,
or (at your option) any later version; incorporated herein by
reference. There is NO warranty; not even for MERCHANTABILITY or
FITNESS FOR A PARTICULAR PURPOSE.
.SH "SEE ALSO"
.BR kup (1)
|
