Add config-file support for kup and kup-server.
diff --git a/kup b/kup
index 99206e9..7a54d89 100755
--- a/kup
+++ b/kup
@@ -20,6 +20,7 @@
use bytes;
use Encode qw(encode decode);
use File::Spec;
+use Config::Simple;
my $blksiz = 1024*1024;
@@ -31,6 +32,23 @@
'verbose' => 0,
);
+# Read the config file settings and override the above
+my $cfg_file = $ENV{'HOME'}.'/.kuprc';
+my $cfg = new Config::Simple($cfg_file);
+
+if (defined($cfg)) {
+ # Update %opt with cfgfile settings (only rsh and host vars)
+ my %cfg_opt = $cfg->vars();
+
+ if (defined($cfg_opt{'default.host'})) {
+ $opt{'host'} = $cfg_opt{'default.host'};
+ }
+
+ if (defined($cfg_opt{'default.rsh'})) {
+ $opt{'rsh'} = $cfg_opt{'default.rsh'};
+ }
+}
+
# This is a client, and so running with tainting on is a bit overly
# paranoid. As a result we have to explicitly untaint certain bits from
# the environment.
diff --git a/kup-server b/kup-server
index 3992aa5..e6d26b0 100755
--- a/kup-server
+++ b/kup-server
@@ -54,6 +54,7 @@
use bytes;
use Encode qw(encode decode);
use IPC::Open2 qw(open2);
+use Config::Simple;
use File::Temp qw(tempdir);
use BSD::Resource;
@@ -64,40 +65,11 @@
use Sys::Syslog qw(:standard :macros);
use Git;
-# All paths starting with /home/kuptest are dummy paths for testing
-my $data_path = '/var/lib/kup/pub';
-my $git_path = '/var/lib/git';
-my $lock_file = '/var/run/kup/lock';
-# If $tmp_path ends in /, a full set of per-user temp directories are expected
-my $tmp_path = '/var/lib/kup/tmp/';
-my $pgp_path = '/var/lib/kup/pgp';
-my $max_data = 8*1024*1024*1024;
-my $bufsiz = 256*1024;
-
-# Configurable timeouts
-my $timeout_command = 30;
-my $timeout_data = 300; # Read min $bufsiz in this timespan
-my $timeout_compress = 900; # This can take a while, esp. xz
-
# Scrub the environment completely
%ENV = ('PATH' => '/bin:/usr/bin',
'LANG' => 'C',
'SHELL' => '/bin/false'); # Nothing in this program should shell out
-# Make sure the user can't create insanely large files
-setrlimit(RLIMIT_FSIZE, $max_data, $max_data);
-
-# These programs are expected to accept the option
-# -9 for compression and -cd for decompression to stdout.
-my %zformats = (
- '.gz' => '/bin/gzip',
- '.bz2' => '/usr/bin/bzip2',
- '.xz' => '/usr/bin/xz'
-);
-
-my $have_data = 0;
-my $have_sign = 0;
-
# The standard function to call on bail
sub fatal($) {
no bytes;
@@ -127,6 +99,43 @@
openlog("kup-server($user_name)", 'ndelay,pid', LOG_LOCAL5);
+
+# Get config values from kup-server.cfg
+my $cfg_file = '/etc/kup/kup-server.cfg';
+
+my $cfg = new Config::Simple($cfg_file);
+
+if (!defined($cfg)) {
+ fatal('Error reading config file: '.$cfg_file);
+}
+
+my $data_path = $cfg->param('paths.data_path');
+my $git_path = $cfg->param('paths.git_path');
+my $lock_file = $cfg->param('paths.lock_file');
+my $tmp_path = $cfg->param('paths.tmp_path');
+my $pgp_path = $cfg->param('paths.pgp_path');
+
+my $max_data = int($cfg->param('limits.max_data'));
+my $bufsiz = int($cfg->param('limits.bufsiz'));
+
+my $timeout_command = int($cfg->param('limits.timeout_command'));
+my $timeout_data = int($cfg->param('limits.timeout_data'));
+my $timeout_compress = int($cfg->param('limits.timeout_compress'));
+
+# Make sure the user can't create insanely large files
+setrlimit(RLIMIT_FSIZE, $max_data, $max_data);
+
+# These programs are expected to accept the option
+# -9 for compression and -cd for decompression to stdout.
+my %zformats = (
+ '.gz' => '/bin/gzip',
+ '.bz2' => '/usr/bin/bzip2',
+ '.xz' => '/usr/bin/xz'
+);
+
+my $have_data = 0;
+my $have_sign = 0;
+
# Create a temporary directory with plenty of randomness
sub make_temp_dir() {
my $root;
diff --git a/kup-server.cfg b/kup-server.cfg
new file mode 100644
index 0000000..e1ad156
--- /dev/null
+++ b/kup-server.cfg
@@ -0,0 +1,50 @@
+[paths]
+; All of these paths should be disjoint.
+; Path for public consumption, e.g. served via http
+data_path = /var/lib/kup/pub
+;
+; This is the path where git trees (for the TAR and DIFF options) are
+; available. Those should be readonly for the uploaders.
+git_path = /var/lib/git
+;
+; A common lock file for data_path. No program should modify the
+; content in data_path without holding an flock on this file. Should
+; be readonly for the uploaders.
+lock_file = /var/run/kup/lock
+;
+; tmp_path can be either:
+;
+; a) a directory writable by every user and with the sticky bit set
+; (typically mode 1777 or 1770). In that case, DO NOT end the path
+; with a slash, or:
+; b) A directory containing an empty directory for each user (named for
+; that user), owned by that user and mode 700. In this case, DO end
+; the path with a slash.
+;
+; In either case, this directory tree MUST same filesystem as
+; $data_path, since the script expects to create files in this directory
+; and rename() them into $data_path.
+tmp_path = /var/lib/kup/tmp
+;
+; A directory containing a GnuPG public keyring for each user, named
+; <user>.gpg and readable (but not writable) by that user.
+pgp_path = /var/lib/kup/pgp
+
+[limits]
+;
+; All sizes are in bytes, all times in seconds.
+;
+; Max size of uploaded data
+max_data = 8589934592
+;
+; Buffer size
+bufsiz = 262144
+;
+; Timeout waiting for a command
+timeout_command = 30
+;
+; Must read at least bufsiz bytes in this timespan
+timeout_data = 300
+;
+; Uncompressing tarballs must take at most this long
+timeout_compress = 900
diff --git a/kup.1 b/kup.1
index 9bea85d..e47ed2e 100644
--- a/kup.1
+++ b/kup.1
@@ -127,6 +127,25 @@
is specified, if the \fIremote_path\fP ends in a slash then the
final (filename) component of \fIlocal_file\fP will be appended to the
final pathname.
+.SH CONFIG FILE
+Kup checks the presence of $HOME/.kuprc and can load the
+.B host
+and
+.B rsh
+parameters from the config file. Environment variables
+.B KUP_HOST
+and
+.B KUP_RSH
+will override the values set in this config file.
+.PP
+SAMPLE $HOME/.kuprc:
+.PP
+.RS
+.nf
+host = user@kup.kernel.org
+rsh = /usr/bin/ssh -a -x -k -T
+.fi
+.RE
.SH AUTHOR
Written by H. Peter Anvin <hpa@zytor.com>.
.SH COPYRIGHT
