diff options
author | Konstantin Ryabitsev <mricon@kernel.org> | 2011-11-18 16:42:53 -0500 |
---|---|---|
committer | Konstantin Ryabitsev <mricon@kernel.org> | 2011-11-18 16:42:53 -0500 |
commit | 75371dfd6fa49b483c0bcc78af44dd611f058115 (patch) | |
tree | 321292eb5bc089c83472c9f23d13c580e6382621 | |
parent | de8a626b40a30ed90541d091e95c1dc8da65fa8a (diff) | |
download | kup-75371dfd6fa49b483c0bcc78af44dd611f058115.tar.gz |
Add config-file support for kup and kup-server.kup-0.3.1
-rwxr-xr-x | kup | 18 | ||||
-rwxr-xr-x | kup-server | 67 | ||||
-rw-r--r-- | kup-server.cfg | 50 | ||||
-rw-r--r-- | kup.1 | 19 |
4 files changed, 125 insertions, 29 deletions
@@ -20,6 +20,7 @@ use warnings; use bytes; use Encode qw(encode decode); use File::Spec; +use Config::Simple; my $blksiz = 1024*1024; @@ -31,6 +32,23 @@ my %opt = ( 'verbose' => 0, ); +# Read the config file settings and override the above +my $cfg_file = $ENV{'HOME'}.'/.kuprc'; +my $cfg = new Config::Simple($cfg_file); + +if (defined($cfg)) { + # Update %opt with cfgfile settings (only rsh and host vars) + my %cfg_opt = $cfg->vars(); + + if (defined($cfg_opt{'default.host'})) { + $opt{'host'} = $cfg_opt{'default.host'}; + } + + if (defined($cfg_opt{'default.rsh'})) { + $opt{'rsh'} = $cfg_opt{'default.rsh'}; + } +} + # This is a client, and so running with tainting on is a bit overly # paranoid. As a result we have to explicitly untaint certain bits from # the environment. @@ -54,6 +54,7 @@ use warnings; use bytes; use Encode qw(encode decode); use IPC::Open2 qw(open2); +use Config::Simple; use File::Temp qw(tempdir); use BSD::Resource; @@ -64,40 +65,11 @@ use IO::Handle; use Sys::Syslog qw(:standard :macros); use Git; -# All paths starting with /home/kuptest are dummy paths for testing -my $data_path = '/var/lib/kup/pub'; -my $git_path = '/var/lib/git'; -my $lock_file = '/var/run/kup/lock'; -# If $tmp_path ends in /, a full set of per-user temp directories are expected -my $tmp_path = '/var/lib/kup/tmp/'; -my $pgp_path = '/var/lib/kup/pgp'; -my $max_data = 8*1024*1024*1024; -my $bufsiz = 256*1024; - -# Configurable timeouts -my $timeout_command = 30; -my $timeout_data = 300; # Read min $bufsiz in this timespan -my $timeout_compress = 900; # This can take a while, esp. xz - # Scrub the environment completely %ENV = ('PATH' => '/bin:/usr/bin', 'LANG' => 'C', 'SHELL' => '/bin/false'); # Nothing in this program should shell out -# Make sure the user can't create insanely large files -setrlimit(RLIMIT_FSIZE, $max_data, $max_data); - -# These programs are expected to accept the option -# -9 for compression and -cd for decompression to stdout. -my %zformats = ( - '.gz' => '/bin/gzip', - '.bz2' => '/usr/bin/bzip2', - '.xz' => '/usr/bin/xz' -); - -my $have_data = 0; -my $have_sign = 0; - # The standard function to call on bail sub fatal($) { no bytes; @@ -127,6 +99,43 @@ my $user_name = my_username(); openlog("kup-server($user_name)", 'ndelay,pid', LOG_LOCAL5); + +# Get config values from kup-server.cfg +my $cfg_file = '/etc/kup/kup-server.cfg'; + +my $cfg = new Config::Simple($cfg_file); + +if (!defined($cfg)) { + fatal('Error reading config file: '.$cfg_file); +} + +my $data_path = $cfg->param('paths.data_path'); +my $git_path = $cfg->param('paths.git_path'); +my $lock_file = $cfg->param('paths.lock_file'); +my $tmp_path = $cfg->param('paths.tmp_path'); +my $pgp_path = $cfg->param('paths.pgp_path'); + +my $max_data = int($cfg->param('limits.max_data')); +my $bufsiz = int($cfg->param('limits.bufsiz')); + +my $timeout_command = int($cfg->param('limits.timeout_command')); +my $timeout_data = int($cfg->param('limits.timeout_data')); +my $timeout_compress = int($cfg->param('limits.timeout_compress')); + +# Make sure the user can't create insanely large files +setrlimit(RLIMIT_FSIZE, $max_data, $max_data); + +# These programs are expected to accept the option +# -9 for compression and -cd for decompression to stdout. +my %zformats = ( + '.gz' => '/bin/gzip', + '.bz2' => '/usr/bin/bzip2', + '.xz' => '/usr/bin/xz' +); + +my $have_data = 0; +my $have_sign = 0; + # Create a temporary directory with plenty of randomness sub make_temp_dir() { my $root; diff --git a/kup-server.cfg b/kup-server.cfg new file mode 100644 index 0000000..e1ad156 --- /dev/null +++ b/kup-server.cfg @@ -0,0 +1,50 @@ +[paths] +; All of these paths should be disjoint. +; Path for public consumption, e.g. served via http +data_path = /var/lib/kup/pub +; +; This is the path where git trees (for the TAR and DIFF options) are +; available. Those should be readonly for the uploaders. +git_path = /var/lib/git +; +; A common lock file for data_path. No program should modify the +; content in data_path without holding an flock on this file. Should +; be readonly for the uploaders. +lock_file = /var/run/kup/lock +; +; tmp_path can be either: +; +; a) a directory writable by every user and with the sticky bit set +; (typically mode 1777 or 1770). In that case, DO NOT end the path +; with a slash, or: +; b) A directory containing an empty directory for each user (named for +; that user), owned by that user and mode 700. In this case, DO end +; the path with a slash. +; +; In either case, this directory tree MUST same filesystem as +; $data_path, since the script expects to create files in this directory +; and rename() them into $data_path. +tmp_path = /var/lib/kup/tmp +; +; A directory containing a GnuPG public keyring for each user, named +; <user>.gpg and readable (but not writable) by that user. +pgp_path = /var/lib/kup/pgp + +[limits] +; +; All sizes are in bytes, all times in seconds. +; +; Max size of uploaded data +max_data = 8589934592 +; +; Buffer size +bufsiz = 262144 +; +; Timeout waiting for a command +timeout_command = 30 +; +; Must read at least bufsiz bytes in this timespan +timeout_data = 300 +; +; Uncompressing tarballs must take at most this long +timeout_compress = 900 @@ -127,6 +127,25 @@ For the \fPput\fP command, except when \fB\-\-tar\fP or \fB\-\-diff\fP is specified, if the \fIremote_path\fP ends in a slash then the final (filename) component of \fIlocal_file\fP will be appended to the final pathname. +.SH CONFIG FILE +Kup checks the presence of $HOME/.kuprc and can load the +.B host +and +.B rsh +parameters from the config file. Environment variables +.B KUP_HOST +and +.B KUP_RSH +will override the values set in this config file. +.PP +SAMPLE $HOME/.kuprc: +.PP +.RS +.nf +host = user@kup.kernel.org +rsh = /usr/bin/ssh -a -x -k -T +.fi +.RE .SH AUTHOR Written by H. Peter Anvin <hpa@zytor.com>. .SH COPYRIGHT |