CernVM-FS  2.13.0
 All Classes Namespaces Files Functions Variables Typedefs Enumerations Enumerator Friends Macros Pages
settings.cc
Go to the documentation of this file.
1 
6 #include "publish/settings.h"
7 
8 #include <unistd.h>
9 
10 #include <cstdlib>
11 #include <string>
12 #include <vector>
13 
14 #include "crypto/hash.h"
15 #include "options.h"
16 #include "publish/except.h"
17 #include "publish/repository.h"
18 #include "sanitizer.h"
19 #include "util/pointer.h"
20 #include "util/posix.h"
21 #include "util/string.h"
22 
23 namespace publish {
24 
25 void SettingsSpoolArea::UseSystemTempDir() {
26  if (getenv("TMPDIR") != NULL)
27  tmp_dir_ = getenv("TMPDIR");
28  else
29  tmp_dir_ = "/tmp";
30 }
31 
32 void SettingsSpoolArea::SetSpoolArea(const std::string &path) {
33  workspace_ = path;
34  tmp_dir_ = workspace_() + "/tmp";
35 }
36 
37 void SettingsSpoolArea::SetUnionMount(const std::string &path) {
38  union_mnt_ = path;
39 }
40 
41 void SettingsSpoolArea::SetRepairMode(const EUnionMountRepairMode val) {
42  repair_mode_ = val;
43 }
44 
45 void SettingsSpoolArea::EnsureDirectories() {
46  std::vector<std::string> targets;
47  targets.push_back(tmp_dir());
48  targets.push_back(readonly_mnt());
49  targets.push_back(scratch_dir());
50  targets.push_back(cache_dir());
51  targets.push_back(log_dir());
52  targets.push_back(ovl_work_dir());
53 
54  for (unsigned i = 0; i < targets.size(); ++i) {
55  bool rv = MkdirDeep(targets[i], 0700, true /* veryfy_writable */);
56  if (!rv)
57  throw publish::EPublish("cannot create directory " + targets[i]);
58  }
59 }
60 
61 
62 //------------------------------------------------------------------------------
63 
64 
65 void SettingsTransaction::SetLayoutRevision(const unsigned revision) {
66  layout_revision_ = revision;
67 }
68 
69 void SettingsTransaction::SetInEnterSession(const bool value) {
70  in_enter_session_ = value;
71 }
72 
73 void SettingsTransaction::SetBaseHash(const shash::Any &hash) {
74  base_hash_ = hash;
75 }
76 
77 void SettingsTransaction::SetHashAlgorithm(const std::string &algorithm) {
78  hash_algorithm_ = shash::ParseHashAlgorithm(algorithm);
79 }
80 
81 void SettingsTransaction::SetCompressionAlgorithm(
82  const std::string &algorithm) {
83  compression_algorithm_ = zlib::ParseCompressionAlgorithm(algorithm);
84 }
85 
86 void SettingsTransaction::SetEnforceLimits(bool value) {
87  enforce_limits_ = value;
88 }
89 
90 void SettingsTransaction::SetEnableMtimeNs(bool value) {
91  enable_mtime_ns_ = value;
92 }
93 
94 void SettingsTransaction::SetLimitNestedCatalogKentries(unsigned value) {
95  limit_nested_catalog_kentries_ = value;
96 }
97 
98 void SettingsTransaction::SetLimitRootCatalogKentries(unsigned value) {
99  limit_root_catalog_kentries_ = value;
100 }
101 
102 void SettingsTransaction::SetLimitFileSizeMb(unsigned value) {
103  limit_file_size_mb_ = value;
104 }
105 
106 void SettingsTransaction::SetUseCatalogAutobalance(bool value) {
107  use_catalog_autobalance_ = value;
108 }
109 
110 void SettingsTransaction::SetAutobalanceMaxWeight(unsigned value) {
111  autobalance_max_weight_ = value;
112 }
113 
114 void SettingsTransaction::SetAutobalanceMinWeight(unsigned value) {
115  autobalance_min_weight_ = value;
116 }
117 
118 void SettingsTransaction::SetPrintChangeset(bool value) {
119  print_changeset_ = value;
120 }
121 
122 void SettingsTransaction::SetDryRun(bool value) { dry_run_ = value; }
123 
124 void SettingsTransaction::SetUnionFsType(const std::string &union_fs) {
125  if (union_fs == "aufs") {
126  union_fs_ = kUnionFsAufs;
127  } else if ((union_fs == "overlay") || (union_fs == "overlayfs")) {
128  union_fs_ = kUnionFsOverlay;
129  } else if (union_fs == "tarball") {
130  union_fs_ = kUnionFsTarball;
131  } else {
132  throw EPublish("unsupported union file system: " + union_fs);
133  }
134 }
135 
136 void SettingsTransaction::DetectUnionFsType() {
137  // TODO(jblomer): shall we switch the order?
138  if (DirectoryExists("/sys/fs/aufs")) {
139  union_fs_ = kUnionFsAufs;
140  return;
141  }
142  // TODO(jblomer): modprobe aufs, try again
143  if (DirectoryExists("/sys/module/overlay")) {
144  union_fs_ = kUnionFsOverlay;
145  return;
146  }
147  // TODO(jblomer): modprobe overlay, try again
148  throw EPublish("neither AUFS nor OverlayFS detected on the system");
149 }
150 
151 bool SettingsTransaction::ValidateUnionFs() {
152  // TODO(jblomer)
153  return true;
154 }
155 
156 void SettingsTransaction::SetTimeout(unsigned seconds) { timeout_s_ = seconds; }
157 
158 int SettingsTransaction::GetTimeoutS() const {
159  if (timeout_s_.is_default())
160  return -1;
161  return timeout_s_();
162 }
163 
164 void SettingsTransaction::SetLeasePath(const std::string &path) {
165  lease_path_ = path;
166 }
167 
168 void SettingsTransaction::SetTemplate(const std::string &from,
169  const std::string &to) {
170  if (from.empty())
171  throw EPublish("template transaction's 'from' path must not be empty");
172  if (to.empty())
173  throw EPublish("template transaction's 'to' path must not be empty");
174  template_from_ = (from[0] == '/') ? from.substr(1) : from;
175  template_to_ = (to[0] == '/') ? to.substr(1) : to;
176 }
177 
178 //------------------------------------------------------------------------------
179 
180 
181 std::string SettingsStorage::GetLocator() const {
182  return std::string(upload::SpoolerDefinition::kDriverNames[type_()]) + ","
183  + tmp_dir_() + "," + endpoint_();
184 }
185 
186 void SettingsStorage::MakeS3(const std::string &s3_config,
187  const std::string &tmp_dir) {
188  type_ = upload::SpoolerDefinition::S3;
189  tmp_dir_ = tmp_dir;
190  endpoint_ = "cvmfs/" + fqrn_() + "@" + s3_config;
191 }
192 
193 void SettingsStorage::MakeLocal(const std::string &path) {
194  type_ = upload::SpoolerDefinition::Local;
195  endpoint_ = path;
196  tmp_dir_ = path + "/data/txn";
197 }
198 
199 void SettingsStorage::MakeGateway(const std::string &host,
200  unsigned int port,
201  const std::string &tmp_dir) {
202  type_ = upload::SpoolerDefinition::Gateway;
203  endpoint_ = "http://" + host + ":" + StringifyInt(port) + "/api/v1";
204  tmp_dir_ = tmp_dir_;
205 }
206 
207 void SettingsStorage::SetLocator(const std::string &locator) {
208  std::vector<std::string> tokens = SplitString(locator, ',');
209  if (tokens.size() != 3) {
210  throw EPublish("malformed storage locator, expected format is "
211  "<type>,<temporary directory>,<endpoint>");
212  }
213  if (tokens[0] == "local") {
214  type_ = upload::SpoolerDefinition::Local;
215  } else if (tokens[0] == "S3") {
216  type_ = upload::SpoolerDefinition::S3;
217  } else if (tokens[0] == "gw") {
218  type_ = upload::SpoolerDefinition::Gateway;
219  } else {
220  throw EPublish("unsupported storage type: " + tokens[0]);
221  }
222  tmp_dir_ = tokens[1];
223  endpoint_ = tokens[2];
224 }
225 
226 
227 //------------------------------------------------------------------------------
228 
229 void SettingsKeychain::SetKeychainDir(const std::string &keychain_dir) {
230  keychain_dir_ = keychain_dir;
231  master_private_key_path_ = keychain_dir + "/" + fqrn_() + ".masterkey";
232  master_public_key_path_ = keychain_dir + "/" + fqrn_() + ".pub";
233  private_key_path_ = keychain_dir + "/" + fqrn_() + ".key";
234  certificate_path_ = keychain_dir + "/" + fqrn_() + ".crt";
235  gw_key_path_ = keychain_dir + "/" + fqrn_() + ".gw";
236 }
237 
238 
239 bool SettingsKeychain::HasDanglingMasterKeys() const {
240  return (FileExists(master_private_key_path_())
241  && !FileExists(master_public_key_path_()))
242  || (!FileExists(master_private_key_path_())
243  && FileExists(master_public_key_path_()));
244 }
245 
246 
247 bool SettingsKeychain::HasMasterKeys() const {
248  return FileExists(master_private_key_path_())
249  && FileExists(master_public_key_path_());
250 }
251 
252 
253 bool SettingsKeychain::HasDanglingRepositoryKeys() const {
254  return (FileExists(private_key_path_()) && !FileExists(certificate_path_()))
255  || (!FileExists(private_key_path_())
256  && FileExists(certificate_path_()));
257 }
258 
259 
260 bool SettingsKeychain::HasRepositoryKeys() const {
261  return FileExists(private_key_path_()) && FileExists(certificate_path_());
262 }
263 
264 bool SettingsKeychain::HasGatewayKey() const {
265  return FileExists(gw_key_path_());
266 }
267 
268 //------------------------------------------------------------------------------
269 
270 
271 SettingsRepository::SettingsRepository(
272  const SettingsPublisher &settings_publisher)
273  : fqrn_(settings_publisher.fqrn())
274  , url_(settings_publisher.url())
275  , proxy_(settings_publisher.proxy())
276  , tmp_dir_(settings_publisher.transaction().spool_area().tmp_dir())
277  , keychain_(settings_publisher.fqrn()) {
278  keychain_.SetKeychainDir(settings_publisher.keychain().keychain_dir());
279 }
280 
281 
282 SettingsRepository::SettingsRepository(const SettingsReplica &settings_replica)
283  : fqrn_(settings_replica.fqrn())
284  , url_(settings_replica.url())
285  , keychain_(settings_replica.fqrn()) { }
286 
287 
288 void SettingsRepository::SetUrl(const std::string &url) {
289  // TODO(jblomer): sanitiation, check availability
290  url_ = url;
291 }
292 
293 
294 void SettingsRepository::SetProxy(const std::string &proxy) { proxy_ = proxy; }
295 
296 
297 void SettingsRepository::SetTmpDir(const std::string &tmp_dir) {
298  tmp_dir_ = tmp_dir;
299 }
300 
301 
302 void SettingsRepository::SetCertBundle(const std::string &cert_bundle) {
303  cert_bundle_ = cert_bundle;
304 }
305 
306 
307 //------------------------------------------------------------------------------
308 
309 
310 const unsigned SettingsPublisher::kDefaultWhitelistValidity = 30;
311 
312 
313 SettingsPublisher::SettingsPublisher(
314  const SettingsRepository &settings_repository)
315  : fqrn_(settings_repository.fqrn())
316  , url_(settings_repository.url())
317  , proxy_(settings_repository.proxy())
318  , owner_uid_(0)
319  , owner_gid_(0)
320  , whitelist_validity_days_(kDefaultWhitelistValidity)
321  , is_silent_(false)
322  , is_managed_(false)
323  , storage_(fqrn_())
324  , transaction_(fqrn_())
325  , keychain_(fqrn_()) {
326  keychain_.SetKeychainDir(settings_repository.keychain().keychain_dir());
327 }
328 
329 
330 void SettingsPublisher::SetUrl(const std::string &url) {
331  // TODO(jblomer): sanitiation, check availability
332  url_ = url;
333 }
334 
335 
336 void SettingsPublisher::SetProxy(const std::string &proxy) { proxy_ = proxy; }
337 
338 
339 void SettingsPublisher::SetOwner(const std::string &user_name) {
340  bool retval = GetUidOf(user_name, owner_uid_.GetPtr(), owner_gid_.GetPtr());
341  if (!retval) {
342  throw EPublish("unknown user name for repository owner: " + user_name);
343  }
344 }
345 
346 void SettingsPublisher::SetOwner(uid_t uid, gid_t gid) {
347  owner_uid_ = uid;
348  owner_gid_ = gid;
349 }
350 
351 void SettingsPublisher::SetIsSilent(bool value) { is_silent_ = value; }
352 
353 void SettingsPublisher::SetIsManaged(bool value) { is_managed_ = value; }
354 
355 void SettingsPublisher::SetIgnoreInvalidLease(bool value) {
356  ignore_invalid_lease_ = value;
357 }
358 
359 
360 //------------------------------------------------------------------------------
361 
362 
363 SettingsBuilder::~SettingsBuilder() { delete options_mgr_; }
364 
365 
366 std::map<std::string, std::string> SettingsBuilder::GetSessionEnvironment() {
367  std::map<std::string, std::string> result;
368  std::string session_dir = Env::GetEnterSessionDir();
369  if (session_dir.empty())
370  return result;
371 
372  // Get the repository name from the ephemeral writable shell
373  BashOptionsManager omgr;
374  omgr.set_taint_environment(false);
375  omgr.ParsePath(session_dir + "/env.conf", false /* external */);
376 
377  // We require at least CVMFS_FQRN to be set
378  std::string fqrn;
379  if (!omgr.GetValue("CVMFS_FQRN", &fqrn)) {
380  throw EPublish("no repositories found in ephemeral writable shell",
381  EPublish::kFailInvocation);
382  }
383 
384  std::vector<std::string> keys = omgr.GetAllKeys();
385  for (unsigned i = 0; i < keys.size(); ++i) {
386  result[keys[i]] = omgr.GetValueOrDie(keys[i]);
387  }
388  return result;
389 }
390 
391 
392 std::string SettingsBuilder::GetSingleAlias() {
393  std::map<std::string, std::string> session_env = GetSessionEnvironment();
394  if (!session_env.empty())
395  return session_env["CVMFS_FQRN"];
396 
397  std::vector<std::string> repositories = FindDirectories(config_path_);
398  if (repositories.empty()) {
399  throw EPublish("no repositories available in " + config_path_,
400  EPublish::kFailInvocation);
401  }
402 
403  for (unsigned i = 0; i < repositories.size(); ++i) {
404  repositories[i] = GetFileName(repositories[i]);
405  }
406  if (repositories.size() > 1) {
407  throw EPublish("multiple repositories available in " + config_path_
408  + ":\n " + JoinStrings(repositories, "\n "),
409  EPublish::kFailInvocation);
410  }
411  return repositories[0];
412 }
413 
414 
415 SettingsRepository SettingsBuilder::CreateSettingsRepository(
416  const std::string &ident) {
417  if (HasPrefix(ident, "http://", true /* ignore case */)
418  || HasPrefix(ident, "https://", true /* ignore case */)
419  || HasPrefix(ident, "file://", true /* ignore case */)) {
420  std::string fqrn = Repository::GetFqrnFromUrl(ident);
421  sanitizer::RepositorySanitizer sanitizer;
422  if (!sanitizer.IsValid(fqrn)) {
423  throw EPublish("malformed repository name: " + fqrn);
424  }
425  SettingsRepository settings(fqrn);
426  settings.SetUrl(ident);
427  return settings;
428  }
429 
430  std::string alias = ident.empty() ? GetSingleAlias() : ident;
431  std::string repo_path = config_path_ + "/" + alias;
432  std::string server_path = repo_path + "/server.conf";
433  std::string replica_path = repo_path + "/replica.conf";
434  std::string fqrn = alias;
435 
436  delete options_mgr_;
437  options_mgr_ = new BashOptionsManager();
438  std::string arg;
439  options_mgr_->set_taint_environment(false);
440  options_mgr_->ParsePath("/etc/cvmfs/server.local", false /* external */);
441  options_mgr_->ParsePath(server_path, false /* external */);
442  options_mgr_->ParsePath(replica_path, false /* external */);
443  if (options_mgr_->GetValue("CVMFS_REPOSITORY_NAME", &arg))
444  fqrn = arg;
445  SettingsRepository settings(fqrn);
446 
447  if (options_mgr_->GetValue("CVMFS_PUBLIC_KEY", &arg))
448  settings.GetKeychain()->SetKeychainDir(arg);
449  if (options_mgr_->GetValue("CVMFS_STRATUM0", &arg))
450  settings.SetUrl(arg);
451  if (options_mgr_->GetValue("CVMFS_SERVER_PROXY", &arg))
452  settings.SetProxy(arg);
453  // For a replica, the stratum 1 url is the "local" location, hence it takes
454  // precedence over the stratum 0 url
455  if (options_mgr_->GetValue("CVMFS_STRATUM1", &arg))
456  settings.SetUrl(arg);
457  if (options_mgr_->GetValue("CVMFS_SPOOL_DIR", &arg))
458  settings.SetTmpDir(arg + "/tmp");
459  if (options_mgr_->GetValue("X509_CERT_BUNDLE", &arg))
460  settings.SetCertBundle(arg);
461 
462  return settings;
463 }
464 
465 std::string SettingsPublisher::GetReadOnlyXAttr(const std::string &attr) {
466  std::string value;
467  bool rvb = platform_getxattr(this->transaction().spool_area().readonly_mnt(),
468  attr, &value);
469  if (!rvb) {
470  throw EPublish("cannot get extended attribute " + attr);
471  }
472  return value;
473 }
474 
475 SettingsPublisher *SettingsBuilder::CreateSettingsPublisherFromSession() {
476  std::string session_dir = Env::GetEnterSessionDir();
477  std::map<std::string, std::string> session_env = GetSessionEnvironment();
478  std::string fqrn = session_env["CVMFS_FQRN"];
479 
480  UniquePtr<SettingsPublisher> settings_publisher(
481  new SettingsPublisher(SettingsRepository(fqrn)));
482  // TODO(jblomer): work in progress
483  settings_publisher->GetTransaction()->SetInEnterSession(true);
484  settings_publisher->GetTransaction()->GetSpoolArea()->SetSpoolArea(
485  session_dir);
486 
487  std::string base_hash = settings_publisher->GetReadOnlyXAttr(
488  "user.root_hash");
489 
490  BashOptionsManager omgr;
491  omgr.set_taint_environment(false);
492  omgr.ParsePath(settings_publisher->transaction().spool_area().client_config(),
493  false /* external */);
494 
495  std::string arg;
496  settings_publisher->SetUrl(settings_publisher->GetReadOnlyXAttr("user.host"));
497  settings_publisher->SetProxy(
498  settings_publisher->GetReadOnlyXAttr("user.proxy"));
499  if (omgr.GetValue("CVMFS_KEYS_DIR", &arg))
500  settings_publisher->GetKeychain()->SetKeychainDir(arg);
501  settings_publisher->GetTransaction()->SetLayoutRevision(
502  Publisher::kRequiredLayoutRevision);
503  settings_publisher->GetTransaction()->SetBaseHash(
504  shash::MkFromHexPtr(shash::HexPtr(base_hash), shash::kSuffixCatalog));
505  settings_publisher->GetTransaction()->SetUnionFsType("overlayfs");
506  settings_publisher->SetOwner(geteuid(), getegid());
507 
508  return settings_publisher.Release();
509 }
510 
511 void SettingsBuilder::ApplyOptionsFromServerPath(
512  const OptionsManager &options_mgr_, SettingsPublisher *settings_publisher) {
513  std::string arg;
514  if (options_mgr_.GetValue("CVMFS_CREATOR_VERSION", &arg)) {
515  settings_publisher->GetTransaction()->SetLayoutRevision(String2Uint64(arg));
516  }
517  if (options_mgr_.GetValue("CVMFS_UNION_FS_TYPE", &arg)) {
518  settings_publisher->GetTransaction()->SetUnionFsType(arg);
519  }
520  if (options_mgr_.GetValue("CVMFS_HASH_ALGORITHM", &arg)) {
521  settings_publisher->GetTransaction()->SetHashAlgorithm(arg);
522  }
523  if (options_mgr_.GetValue("CVMFS_UPSTREAM_STORAGE", &arg)) {
524  settings_publisher->GetStorage()->SetLocator(arg);
525  }
526  if (options_mgr_.GetValue("CVMFS_KEYS_DIR", &arg)) {
527  settings_publisher->GetKeychain()->SetKeychainDir(arg);
528  }
529  if (options_mgr_.GetValue("CVMFS_COMPRESSION_ALGORITHM", &arg)) {
530  settings_publisher->GetTransaction()->SetCompressionAlgorithm(arg);
531  }
532  if (options_mgr_.GetValue("CVMFS_ENFORCE_LIMITS", &arg)) {
533  settings_publisher->GetTransaction()->SetEnforceLimits(
534  options_mgr_.IsOn(arg));
535  }
536  if (options_mgr_.GetValue("CVMFS_ENABLE_MTIME_NS", &arg)) {
537  settings_publisher->GetTransaction()->SetEnableMtimeNs(
538  options_mgr_.IsOn(arg));
539  }
540  if (options_mgr_.GetValue("CVMFS_NESTED_KCATALOG_LIMIT", &arg)) {
541  settings_publisher->GetTransaction()->SetLimitNestedCatalogKentries(
542  String2Uint64(arg));
543  }
544  if (options_mgr_.GetValue("CVMFS_ROOT_KCATALOG_LIMIT", &arg)) {
545  settings_publisher->GetTransaction()->SetLimitRootCatalogKentries(
546  String2Uint64(arg));
547  }
548  if (options_mgr_.GetValue("CVMFS_FILE_MBYTE_LIMIT", &arg)) {
549  settings_publisher->GetTransaction()->SetLimitFileSizeMb(
550  String2Uint64(arg));
551  }
552  if (options_mgr_.GetValue("CVMFS_AUTOCATALOGS", &arg)) {
553  settings_publisher->GetTransaction()->SetUseCatalogAutobalance(
554  options_mgr_.IsOn(arg));
555  }
556  if (options_mgr_.GetValue("CVMFS_AUTOCATALOGS_MAX_WEIGHT", &arg)) {
557  settings_publisher->GetTransaction()->SetAutobalanceMaxWeight(
558  String2Uint64(arg));
559  }
560  if (options_mgr_.GetValue("CVMFS_AUTOCATALOGS_MIN_WEIGHT", &arg)) {
561  settings_publisher->GetTransaction()->SetAutobalanceMinWeight(
562  String2Uint64(arg));
563  }
564  if (options_mgr_.GetValue("CVMFS_AUTO_REPAIR_MOUNTPOINT", &arg)) {
565  if (!options_mgr_.IsOn(arg)) {
566  settings_publisher->GetTransaction()->GetSpoolArea()->SetRepairMode(
567  kUnionMountRepairNever);
568  }
569  }
570 }
571 
572 SettingsPublisher *SettingsBuilder::CreateSettingsPublisher(
573  const std::string &ident, bool needs_managed) {
574  // we are creating a publisher, it need to have the `server.conf` file
575  // present, otherwise something is wrong and we should exit early
576  const std::string alias(ident.empty() ? GetSingleAlias() : ident);
577 
578  std::map<std::string, std::string> session_env = GetSessionEnvironment();
579  // We can be in an ephemeral writable shell but interested in a different
580  // repository
581 
582  const std::string server_path = config_path_ + "/" + alias + "/server.conf";
583 
584  // Instead of returning the Settings from session, we need more processing
585  if (!session_env.empty() && (session_env["CVMFS_FQRN"] == alias)) {
586  SettingsPublisher
587  *settings_publisher = CreateSettingsPublisherFromSession();
588  if (FileExists(server_path)) {
589  delete options_mgr_;
590  options_mgr_ = new BashOptionsManager();
591  options_mgr_->set_taint_environment(false);
592  options_mgr_->ParsePath(server_path, false /* external */);
593  ApplyOptionsFromServerPath(*options_mgr_, settings_publisher);
594  }
595  return settings_publisher;
596  }
597 
598  if (FileExists(server_path) == false) {
599  throw EPublish(
600  "Unable to find the configuration file `server.conf` for the cvmfs "
601  "publisher: "
602  + alias,
603  EPublish::kFailRepositoryNotFound);
604  }
605 
606  SettingsRepository settings_repository = CreateSettingsRepository(alias);
607  if (needs_managed && !IsManagedRepository())
608  throw EPublish("remote repositories are not supported in this context");
609 
610  if (options_mgr_->GetValueOrDie("CVMFS_REPOSITORY_TYPE") != "stratum0") {
611  throw EPublish("Repository " + alias + " is not a stratum 0 repository",
612  EPublish::kFailRepositoryType);
613  }
614 
615  UniquePtr<SettingsPublisher> settings_publisher(
616  new SettingsPublisher(settings_repository));
617 
618  try {
619  std::string xattr = settings_publisher->GetReadOnlyXAttr("user.root_hash");
620  settings_publisher->GetTransaction()->SetBaseHash(
621  shash::MkFromHexPtr(shash::HexPtr(xattr), shash::kSuffixCatalog));
622  } catch (const EPublish &e) {
623  // We ignore the exception.
624  // In case of exception, the base hash remains unset.
625  }
626 
627  settings_publisher->SetIsManaged(IsManagedRepository());
628  settings_publisher->SetOwner(options_mgr_->GetValueOrDie("CVMFS_USER"));
629  settings_publisher->GetStorage()->SetLocator(
630  options_mgr_->GetValueOrDie("CVMFS_UPSTREAM_STORAGE"));
631 
632  ApplyOptionsFromServerPath(*options_mgr_, &*settings_publisher);
633 
634  // TODO(jblomer): process other parameters
635  return settings_publisher.Release();
636 }
637 
638 } // namespace publish
publish::SettingsTransaction::SetUnionFsType
void SetUnionFsType(const std::string &union_fs)
Definition: settings.cc:124
publish::SettingsRepository::GetKeychain
SettingsKeychain * GetKeychain()
Definition: settings.h:373
OptionsManager::GetValueOrDie
std::string GetValueOrDie(const std::string &key)
Definition: options.cc:379
publish::SettingsKeychain::keychain_dir_
Setting< std::string > keychain_dir_
Definition: settings.h:335
publish::SettingsPublisher::SetIgnoreInvalidLease
void SetIgnoreInvalidLease(bool value)
Definition: settings.cc:355
zlib::ParseCompressionAlgorithm
Algorithms ParseCompressionAlgorithm(const std::string &algorithm_option)
Definition: compression.cc:153
publish::SettingsBuilder::config_path_
std::string config_path_
Definition: settings.h:534
publish::SettingsSpoolArea::readonly_mnt
std::string readonly_mnt() const
Definition: settings.h:93
publish::SettingsTransaction::SetEnableMtimeNs
void SetEnableMtimeNs(bool value)
Definition: settings.cc:90
publish::SettingsKeychain::HasGatewayKey
bool HasGatewayKey() const
Definition: settings.cc:264
publish::SettingsTransaction::timeout_s_
Setting< unsigned > timeout_s_
Definition: settings.h:261
OptionsManager::ParsePath
virtual void ParsePath(const std::string &config_file, const bool external)=0
publish::SettingsBuilder::CreateSettingsPublisher
SettingsPublisher * CreateSettingsPublisher(const std::string &ident, bool needs_managed=false)
Definition: settings.cc:572
publish::SettingsPublisher::GetTransaction
SettingsTransaction * GetTransaction()
Definition: settings.h:436
publish::SettingsRepository::SetUrl
void SetUrl(const std::string &url)
Definition: settings.cc:288
publish::SettingsSpoolArea::SetUnionMount
void SetUnionMount(const std::string &path)
Definition: settings.cc:37
publish::SettingsStorage::MakeGateway
void MakeGateway(const std::string &host, unsigned port, const std::string &tmp_dir)
Definition: settings.cc:199
GetFileName
NameString GetFileName(const PathString &path)
Definition: shortstring.cc:28
publish::SettingsPublisher::is_managed_
Setting< bool > is_managed_
Definition: settings.h:447
publish::SettingsTransaction::SetTimeout
void SetTimeout(unsigned seconds)
Definition: settings.cc:156
publish::SettingsPublisher::GetKeychain
SettingsKeychain * GetKeychain()
Definition: settings.h:437
publish::SettingsKeychain::SetKeychainDir
void SetKeychainDir(const std::string &keychain_dir)
Definition: settings.cc:229
publish::SettingsPublisher::owner_gid_
Setting< gid_t > owner_gid_
Definition: settings.h:444
publish::SettingsKeychain::keychain_dir
std::string keychain_dir() const
Definition: settings.h:322
publish::SettingsTransaction::SetLimitNestedCatalogKentries
void SetLimitNestedCatalogKentries(unsigned value)
Definition: settings.cc:94
publish::EUnionMountRepairMode
EUnionMountRepairMode
Definition: settings.h:63
publish::SettingsTransaction::SetAutobalanceMaxWeight
void SetAutobalanceMaxWeight(unsigned value)
Definition: settings.cc:110
JoinStrings
string JoinStrings(const vector< string > &strings, const string &joint)
Definition: string.cc:356
publish::SettingsPublisher::SetIsSilent
void SetIsSilent(bool value)
Definition: settings.cc:351
OptionsManager::set_taint_environment
void set_taint_environment(bool value)
Definition: options.h:198
publish::SettingsTransaction::union_fs_
Setting< UnionFsType > union_fs_
Definition: settings.h:257
OptionsManager::IsOn
bool IsOn(const std::string &param_value) const
Definition: options.cc:401
publish::SettingsStorage::type_
Setting< upload::SpoolerDefinition::DriverType > type_
Definition: settings.h:297
publish::SettingsTransaction::SetTemplate
void SetTemplate(const std::string &from, const std::string &to)
Definition: settings.cc:168
publish::settings
const SettingsPublisher & settings() const
Definition: repository.h:316
publish::SettingsTransaction::enforce_limits_
Setting< bool > enforce_limits_
Definition: settings.h:246
publish::SettingsBuilder::GetSingleAlias
std::string GetSingleAlias()
Definition: settings.cc:392
publish::SettingsSpoolArea::union_mnt_
Setting< std::string > union_mnt_
Definition: settings.h:123
publish::SettingsRepository::SettingsRepository
SettingsRepository(const std::string &fqrn)
Definition: settings.h:352
publish::SettingsTransaction::SetLayoutRevision
void SetLayoutRevision(const unsigned revision)
Definition: settings.cc:65
publish::SettingsSpoolArea::log_dir
std::string log_dir() const
Definition: settings.h:101
publish::SettingsPublisher::ignore_invalid_lease_
Setting< bool > ignore_invalid_lease_
Definition: settings.h:450
publish::SettingsTransaction::SetLeasePath
void SetLeasePath(const std::string &path)
Definition: settings.cc:164
publish::SettingsRepository::tmp_dir_
Setting< std::string > tmp_dir_
Definition: settings.h:379
upload::SpoolerDefinition::kDriverNames
static const char * kDriverNames[]
corresponds to DriverType
Definition: upload_spooler_definition.h:25
publish::SettingsRepository::cert_bundle
std::string cert_bundle() const
Definition: settings.h:370
FindDirectories
std::vector< std::string > FindDirectories(const std::string &parent_dir)
Definition: posix.cc:1177
publish::SettingsTransaction::layout_revision_
Setting< unsigned > layout_revision_
Definition: settings.h:227
publish::SettingsTransaction::SetAutobalanceMinWeight
void SetAutobalanceMinWeight(unsigned value)
Definition: settings.cc:114
algorithm
char algorithm
Definition: libcvmfs_cache.h:275
publish::SettingsPublisher::SettingsPublisher
SettingsPublisher(const std::string &fqrn)
Definition: settings.h:395
publish::SettingsBuilder::options_mgr_
OptionsManager * options_mgr_
Definition: settings.h:540
publish::SettingsPublisher::is_silent_
Setting< bool > is_silent_
Definition: settings.h:446
publish::SettingsKeychain::HasMasterKeys
bool HasMasterKeys() const
Definition: settings.cc:247
publish::SettingsBuilder::ApplyOptionsFromServerPath
void ApplyOptionsFromServerPath(const OptionsManager &options_mgr_, SettingsPublisher *settings_publisher)
Definition: settings.cc:511
publish::SettingsTransaction::base_hash_
Setting< shash::Any > base_hash_
Definition: settings.h:240
sanitizer::InputSanitizer::IsValid
bool IsValid(const std::string &input) const
Definition: sanitizer.cc:112
publish::SettingsTransaction::limit_root_catalog_kentries_
Setting< unsigned > limit_root_catalog_kentries_
Definition: settings.h:249
FileExists
bool FileExists(const std::string &path)
Definition: posix.cc:803
publish::SettingsSpoolArea::cache_dir
std::string cache_dir() const
Definition: settings.h:106
publish::SettingsKeychain::HasRepositoryKeys
bool HasRepositoryKeys() const
Definition: settings.cc:260
publish::SettingsRepository::proxy
std::string proxy() const
Definition: settings.h:368
publish::SettingsPublisher::keychain
const SettingsKeychain & keychain() const
Definition: settings.h:434
publish::SettingsRepository::SetTmpDir
void SetTmpDir(const std::string &tmp_dir)
Definition: settings.cc:297
publish::SettingsBuilder::IsManagedRepository
bool IsManagedRepository() const
Definition: settings.h:516
publish::SettingsTransaction::in_enter_session_
Setting< bool > in_enter_session_
Definition: settings.h:232
SplitString
vector< string > SplitString(const string &str, char delim)
Definition: string.cc:306
publish::SettingsTransaction::SetDryRun
void SetDryRun(bool value)
Definition: settings.cc:122
platform_getxattr
bool platform_getxattr(const std::string &path, const std::string &name, std::string *value)
Definition: platform_linux.h:227
publish::SettingsTransaction::template_from_
Setting< std::string > template_from_
Definition: settings.h:267
publish::SettingsPublisher::owner_uid_
Setting< uid_t > owner_uid_
Definition: settings.h:443
publish::SettingsTransaction::use_catalog_autobalance_
Setting< bool > use_catalog_autobalance_
Definition: settings.h:251
publish::SettingsPublisher::SetProxy
void SetProxy(const std::string &proxy)
Definition: settings.cc:336
shash::kSuffixCatalog
const char kSuffixCatalog
Definition: hash.h:54
publish::SettingsPublisher::GetReadOnlyXAttr
std::string GetReadOnlyXAttr(const std::string &attr)
Definition: settings.cc:465
publish::SettingsPublisher::SetUrl
void SetUrl(const std::string &url)
Definition: settings.cc:330
OptionsManager::GetAllKeys
std::vector< std::string > GetAllKeys()
Definition: options.cc:415
publish::SettingsSpoolArea::ovl_work_dir
std::string ovl_work_dir() const
Definition: settings.h:107
publish::SettingsBuilder::CreateSettingsRepository
SettingsRepository CreateSettingsRepository(const std::string &ident)
Definition: settings.cc:415
publish::SettingsTransaction::autobalance_max_weight_
Setting< unsigned > autobalance_max_weight_
Definition: settings.h:252
publish::SettingsTransaction::SetLimitRootCatalogKentries
void SetLimitRootCatalogKentries(unsigned value)
Definition: settings.cc:98
MkdirDeep
bool MkdirDeep(const std::string &path, const mode_t mode, bool verify_writable)
Definition: posix.cc:855
publish::SettingsPublisher::SetIsManaged
void SetIsManaged(bool value)
Definition: settings.cc:353
publish::SettingsSpoolArea::workspace_
Setting< std::string > workspace_
Definition: settings.h:121
publish::SettingsPublisher::transaction
const SettingsTransaction & transaction() const
Definition: settings.h:433
publish::SettingsBuilder::CreateSettingsPublisherFromSession
SettingsPublisher * CreateSettingsPublisherFromSession()
Definition: settings.cc:475
publish::SettingsPublisher::keychain_
SettingsKeychain keychain_
Definition: settings.h:454
publish::Setting::is_default
bool is_default() const
Definition: settings.h:50
publish::SettingsPublisher::proxy
std::string proxy() const
Definition: settings.h:422
publish::SettingsTransaction::SetHashAlgorithm
void SetHashAlgorithm(const std::string &algorithm)
Definition: settings.cc:77
StringifyInt
string StringifyInt(const int64_t value)
Definition: string.cc:77
publish::SettingsStorage::SetLocator
void SetLocator(const std::string &locator)
Definition: settings.cc:207
publish::SettingsStorage::fqrn_
Setting< std::string > fqrn_
Definition: settings.h:296
publish::SettingsRepository::SetCertBundle
void SetCertBundle(const std::string &cert_bundle)
Definition: settings.cc:302
publish::SettingsTransaction::print_changeset_
Setting< bool > print_changeset_
Definition: settings.h:254
publish::SettingsPublisher::GetStorage
SettingsStorage * GetStorage()
Definition: settings.h:435
HasPrefix
bool HasPrefix(const string &str, const string &prefix, const bool ignore_case)
Definition: string.cc:279
publish::SettingsTransaction::compression_algorithm_
Setting< zlib::Algorithms > compression_algorithm_
Definition: settings.h:242
OptionsManager::GetValue
bool GetValue(const std::string &key, std::string *value) const
Definition: options.cc:368
cvmfs::options_mgr_
OptionsManager * options_mgr_
Definition: cvmfs.cc:155
publish::SettingsKeychain::fqrn_
Setting< std::string > fqrn_
Definition: settings.h:334
DirectoryExists
bool DirectoryExists(const std::string &path)
Definition: posix.cc:824
publish::SettingsRepository::cert_bundle_
Setting< std::string > cert_bundle_
Definition: settings.h:382
publish::SettingsTransaction::SetLimitFileSizeMb
void SetLimitFileSizeMb(unsigned value)
Definition: settings.cc:102
publish::SettingsPublisher::url_
Setting< std::string > url_
Definition: settings.h:441
publish::SettingsTransaction::template_to_
Setting< std::string > template_to_
Definition: settings.h:268
publish::SettingsTransaction::SetUseCatalogAutobalance
void SetUseCatalogAutobalance(bool value)
Definition: settings.cc:106
publish::SettingsSpoolArea::repair_mode_
Setting< EUnionMountRepairMode > repair_mode_
Definition: settings.h:127
publish::SettingsTransaction::autobalance_min_weight_
Setting< unsigned > autobalance_min_weight_
Definition: settings.h:253
publish::SettingsTransaction::SetCompressionAlgorithm
void SetCompressionAlgorithm(const std::string &algorithm)
Definition: settings.cc:81
publish::SettingsKeychain::private_key_path_
Setting< std::string > private_key_path_
Definition: settings.h:338
publish::SettingsSpoolArea::SetSpoolArea
void SetSpoolArea(const std::string &path)
Definition: settings.cc:32
publish::SettingsTransaction::hash_algorithm_
Setting< shash::Algorithms > hash_algorithm_
Definition: settings.h:241
publish::SettingsTransaction::SetEnforceLimits
void SetEnforceLimits(bool value)
Definition: settings.cc:86
publish::SettingsStorage::tmp_dir_
Setting< std::string > tmp_dir_
Definition: settings.h:298
BashOptionsManager::ParsePath
void ParsePath(const std::string &config_file, const bool external)
Definition: options.cc:144
publish::SettingsRepository::SetProxy
void SetProxy(const std::string &proxy)
Definition: settings.cc:294
publish::SettingsKeychain::master_private_key_path_
Setting< std::string > master_private_key_path_
Definition: settings.h:336
publish::SettingsRepository::keychain
const SettingsKeychain & keychain() const
Definition: settings.h:372
publish::SettingsPublisher::kDefaultWhitelistValidity
static const unsigned kDefaultWhitelistValidity
Definition: settings.h:393
publish::SettingsSpoolArea::tmp_dir
std::string tmp_dir() const
Definition: settings.h:92
publish::SettingsPublisher::proxy_
Setting< std::string > proxy_
Definition: settings.h:442
publish::SettingsTransaction::SetBaseHash
void SetBaseHash(const shash::Any &hash)
Definition: settings.cc:73
publish::SettingsStorage::endpoint_
Setting< std::string > endpoint_
Definition: settings.h:299
String2Uint64
uint64_t String2Uint64(const string &value)
Definition: string.cc:240
publish::SettingsTransaction::SetPrintChangeset
void SetPrintChangeset(bool value)
Definition: settings.cc:118
GetUidOf
bool GetUidOf(const std::string &username, uid_t *uid, gid_t *main_gid)
Definition: posix.cc:1341
shash::ParseHashAlgorithm
Algorithms ParseHashAlgorithm(const string &algorithm_option)
Definition: hash.cc:71
publish::SettingsSpoolArea::scratch_dir
std::string scratch_dir() const
Definition: settings.h:99
publish::SettingsBuilder::GetSessionEnvironment
std::map< std::string, std::string > GetSessionEnvironment()
Definition: settings.cc:366
publish::SettingsTransaction::GetSpoolArea
SettingsSpoolArea * GetSpoolArea()
Definition: settings.h:217
publish::SettingsKeychain::HasDanglingRepositoryKeys
bool HasDanglingRepositoryKeys() const
Definition: settings.cc:253
shash::MkFromHexPtr
Any MkFromHexPtr(const HexPtr hex, const char suffix)
Definition: hash.cc:82
publish::SettingsTransaction::limit_file_size_mb_
Setting< unsigned > limit_file_size_mb_
Definition: settings.h:250
publish::SettingsStorage::MakeLocal
void MakeLocal(const std::string &path)
Definition: settings.cc:193
publish::SettingsKeychain::master_public_key_path_
Setting< std::string > master_public_key_path_
Definition: settings.h:337
publish::SettingsPublisher::SetOwner
void SetOwner(const std::string &user_name)
Definition: settings.cc:339
publish::SettingsSpoolArea::SetRepairMode
void SetRepairMode(const EUnionMountRepairMode val)
Definition: settings.cc:41
publish::SettingsTransaction::limit_nested_catalog_kentries_
Setting< unsigned > limit_nested_catalog_kentries_
Definition: settings.h:248
publish::SettingsRepository::keychain_
SettingsKeychain keychain_
Definition: settings.h:384
publish::SettingsTransaction::dry_run_
Setting< bool > dry_run_
Definition: settings.h:255
publish::SettingsKeychain::certificate_path_
Setting< std::string > certificate_path_
Definition: settings.h:339
publish::SettingsRepository::url
std::string url() const
Definition: settings.h:367
publish::SettingsRepository::proxy_
Setting< std::string > proxy_
Definition: settings.h:378
publish::SettingsStorage::MakeS3
void MakeS3(const std::string &s3_config, const std::string &tmp_dir)
Definition: settings.cc:186
publish::SettingsPublisher::url
std::string url() const
Definition: settings.h:421
publish::SettingsSpoolArea::tmp_dir_
Setting< std::string > tmp_dir_
Definition: settings.h:122
publish::SettingsStorage::GetLocator
std::string GetLocator() const
Definition: settings.cc:181
publish::SettingsRepository::url_
Setting< std::string > url_
Definition: settings.h:377
publish::SettingsTransaction::SetInEnterSession
void SetInEnterSession(const bool value)
Definition: settings.cc:69
publish::SettingsKeychain::gw_key_path_
Setting< std::string > gw_key_path_
Definition: settings.h:340
publish::SettingsTransaction::lease_path_
Setting< std::string > lease_path_
Definition: settings.h:262
publish::SettingsRepository::tmp_dir
std::string tmp_dir() const
Definition: settings.h:369
publish::kRequiredLayoutRevision
static const unsigned kRequiredLayoutRevision
Definition: repository.h:277
publish::GetFqrnFromUrl
class static __attribute__((visibility("default"))) Repository std::string GetFqrnFromUrl(const std::string &url)
Definition: repository.cc:228
publish::SettingsKeychain::HasDanglingMasterKeys
bool HasDanglingMasterKeys() const
Definition: settings.cc:239
publish::SettingsTransaction::enable_mtime_ns_
Setting< bool > enable_mtime_ns_
Definition: settings.h:247