Release Submission Daemon
wydawca is installed on the machine that receives
release uploads. It may be run either periodically as a cron-job, or
as a standalone daemon. It supposes that both upload and distribution
directories are accessible in the local file system hierarchy. If that
is not the case (e.g. if upload and distribution sites are handled by
different machines), one of them should be mounted using
NFS. Future versions will contain special provisions for
A configuration file defines a set of spools, i.e. pairs of
upload and corresponding distribution directories. In
wydawca terminology, upload directories are also called
source, and distribution directories – destination
directories. The configuration file supplies also the information
necessary to access user and project databases.
wydawca scans each source directory and
prepares a list of files found there. Then, it compacts this list by
looking for directive files and re-arranging list members in
triplets. A directive file is a special file that must be
supplied with each upload and contains instructions regarding the
placement of the uploaded files. A triplet is a standard
entity, consisting of three files: a clear-signed directive file, a
file to be distributed, and a detached signature of the latter.
In some special cases, a clear-signed directive file alone is valid.
This happens when it contains only standalone directives3.
Each incomplete triplet, i.e. a triplet missing one or more necessary files, is then verified by checking if the modification date of its oldest file is older than a predefined amount of time (see file-sweep-time). If so, the triplet is considered expired, and all its files are removed. This gives users the possibility to restart interrupted or otherwise broken uploads later.
After completing these preliminary stages,
analyzes the directive file and extracts the project name
from it. Using this name as a key, it searches in the project
dictionary for a list of users authorized to make uploads for this
project. This list contains user names and their corresponding public
Wydawca tries to verify the directive
file using each PGP key from this list, until a matching
key is found, or the list in exhausted. In the latter case, the
triplet is rejected. Otherwise, the key and its owner are remembered
for the next step.
In this step, the uploaded file and its detached signature are verified. If they do not match the public key obtained in the previous step, the triplet is rejected.
Finally, directives from the directive file are executed. On this stage of the processing, the uploaded files are actually moved to their destination directories, requested symbolic links are created, etc.
This document was generated on January 6, 2021 using makeinfo.Verbatim copying and distribution of this entire article is permitted in any medium, provided this notice is preserved.