README - pub/scm/utils/kup/kup - Git at Google

 The program "kup-server" is expected to be the receiver of an ssh
 shell, configured with the following options in authorized_keys or
 similar:

 command="/path/to/kup-server",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding <pubkey>

 Each user should have their own UID, as Unix user permissions are used
 for specific tree access control.


 The following pathnames in kup-server need to be customized
 appropriately.

 All of these paths should be disjoint!


 my $data_path = '/var/lib/kup/pub';

 This is the path under which files are uploaded.


 my $git_path  = '/var/lib/git';

 This is the path where git trees (for the TAR and DIFF options) are
 available.  Those should be readonly for the uploaders.


 my $lock_file = '/var/run/kup/lock';

 A common lock file for $data_path.  No program should modify the
 content in $data_path without holding an flock on this file.  Should
 be readonly for the uploaders.


 my $tmp_path  = '/var/lib/kup/tmp/';

 This can be either:

 a) a directory writable by every user and with the sticky bit set
    (typically mode 1777 or 1770).  In that case, DO NOT end the path
    with a slash, or:
 b) A directory containing an empty directory for each user (named for
    that user), owned by that user and mode 700.  In this case, DO end
    the path with a slash.

 In either case, this directory tree MUST same filesystem as
 $data_path, since the script expects to create files in this directory
 and rename() them into $data_path.


 my $pgp_path  = '/var/lib/kup/pgp';

 A directory containing a GnuPG public keyring for each user, named
 <user>.gpg and readable (but not writable) by that user.
	The program "kup-server" is expected to be the receiver of an ssh
	shell, configured with the following options in authorized_keys or
	similar:

	command="/path/to/kup-server",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding <pubkey>

	Each user should have their own UID, as Unix user permissions are used
	for specific tree access control.


	The following pathnames in kup-server need to be customized
	appropriately.

	All of these paths should be disjoint!


	my $data_path = '/var/lib/kup/pub';

	This is the path under which files are uploaded.


	my $git_path = '/var/lib/git';

	This is the path where git trees (for the TAR and DIFF options) are
	available. Those should be readonly for the uploaders.


	my $lock_file = '/var/run/kup/lock';

	A common lock file for $data_path. No program should modify the
	content in $data_path without holding an flock on this file. Should
	be readonly for the uploaders.


	my $tmp_path = '/var/lib/kup/tmp/';

	This can be either:

	a) a directory writable by every user and with the sticky bit set
	(typically mode 1777 or 1770). In that case, DO NOT end the path
	with a slash, or:
	b) A directory containing an empty directory for each user (named for
	that user), owned by that user and mode 700. In this case, DO end
	the path with a slash.

	In either case, this directory tree MUST same filesystem as
	$data_path, since the script expects to create files in this directory
	and rename() them into $data_path.


	my $pgp_path = '/var/lib/kup/pgp';

	A directory containing a GnuPG public keyring for each user, named
	<user>.gpg and readable (but not writable) by that user.