Wydawca (split by section):   Section:   Chapter:FastBack: Intro   Up: Top   FastForward: starting   Contents: Table of ContentsIndex: Concept Index

2 Operation Overview

Usually, wydawca is installed on the machine that receives release uploads. It may be run either periodically as a cron-job, or as a standalone daemon. It supposes that both upload and distribution directories are accessible in the local file system hierarchy. If that is not the case (e.g. if upload and distribution sites are handled by different machines), one of them should be mounted using NFS. Future versions will contain special provisions for that case.

A configuration file defines a set of spools, i.e. pairs of upload and corresponding distribution directories. In wydawca terminology, upload directories are also called source, and distribution directories – destination directories. The configuration file supplies also the information necessary to access user and project databases.

When started, wydawca scans each source directory and prepares a list of files found there. Then, it compacts this list by looking for directive files and re-arranging list members in triplets. A directive file is a special file that must be supplied with each upload and contains instructions regarding the placement of the uploaded files. A triplet is a standard entity, consisting of three files: a clear-signed directive file, a file to be distributed, and a detached signature of the latter. In some special cases, a clear-signed directive file alone is valid. This happens when it contains only standalone directives3.

Each incomplete triplet, i.e. a triplet missing one or more necessary files, is then verified by checking if the modification date of its oldest file is older than a predefined amount of time (see file-sweep-time). If so, the triplet is considered expired, and all its files are removed. This gives users the possibility to restart interrupted or otherwise broken uploads later.

After completing these preliminary stages, wydawca analyzes the directive file and extracts the project name from it. Using this name as a key, it searches in the project dictionary for a list of users authorized to make uploads for this project. This list contains user names and their corresponding public PGP keys. Wydawca tries to verify the directive file using each PGP key from this list, until a matching key is found, or the list in exhausted. In the latter case, the triplet is rejected. Otherwise, the key and its owner are remembered for the next step.

In this step, the uploaded file and its detached signature are verified. If they do not match the public key obtained in the previous step, the triplet is rejected.

Finally, directives from the directive file are executed. On this stage of the processing, the uploaded files are actually moved to their destination directories, requested symbolic links are created, etc.

Footnotes

(3)

Standalone directives.

Wydawca (split by section):   Section:   Chapter:FastBack: Intro   Up: Top   FastForward: starting   Contents: Table of ContentsIndex: Concept Index

This document was generated on January 6, 2021 using makeinfo.

Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.