5 #include "cvmfs_config.h"
38 namespace swissknife {
71 throw EPublish(
"cannot load public rsa key");
76 int rvi = setenv(
"X509_CERT_BUNDLE", settings.
cert_bundle().c_str(),
79 throw EPublish(
"cannot set X509_CERT_BUNDLE environment variable");
85 if (settings.
proxy() !=
"") {
134 const std::string &url,
const std::string &fqrn,
const std::string &tmp_dir)
140 throw EPublish(std::string(
"cannot load whitelist [") +
145 const uint64_t minimum_timestamp = 0;
154 std::string reflog_path;
157 std::string reflog_url = url +
"/.cvmfsreflog";
162 false , NULL, &filesink);
172 throw EPublish(std::string(
"cannot load reflog [") +
178 std::string tags_path;
204 std::string info_url = url +
"/data/" + info_hash.
MakePath();
211 throw EPublish(std::string(
"cannot load meta info [") +
214 meta_info_ = std::string(reinterpret_cast<char*>(metainfo_memsink.
data()),
215 metainfo_memsink.
pos());
228 std::string url =
settings_.
url() +
"/.cvmfs_master_replica";
234 throw EPublish(std::string(
"error looking for .cvmfs_master_replica [") +
249 settings_.transaction().hash_algorithm(),
250 settings_.transaction().compression_algorithm());
252 settings_.transaction().spool_area().gw_session_token();
258 throw EPublish(
"could not initialize file spooler");
263 if (spooler_catalogs_ == NULL) {
265 throw EPublish(
"could not initialize catalog spooler");
272 throw EPublish(
"dangling master key pair");
275 throw EPublish(
"dangling repository keys");
286 settings_.transaction().hash_algorithm(),
290 throw EPublish(
"whitelist generation failed");
299 if (reflog_ == NULL)
throw EPublish(
"could not create reflog");
300 reflog_->TakeDatabaseFileOwnership();
310 throw EPublish(
"could not create initial file catalog");
315 const bool needs_bootstrap_shortcuts =
316 !
settings_.transaction().voms_authz().empty();
319 settings_.transaction().is_garbage_collectable());
325 if (history_ == NULL)
throw EPublish(
"could not create tag database");
326 history_->TakeDatabaseFileOwnership();
331 history_->Insert(tag_trunk);
341 throw EPublish(
"could not initialize repository storage area");
346 upload::Spooler::CallbackPtr callback =
362 upload::Spooler::CallbackPtr callback =
375 upload::Spooler::CallbackPtr callback =
387 reinterpret_cast<const unsigned char *>(signed_manifest.data()),
388 signed_manifest.length(), &manifest_hash);
389 signed_manifest +=
"--\n" + manifest_hash.ToString() +
"\n";
390 unsigned char *signature;
393 reinterpret_cast<const unsigned char *>(manifest_hash.ToString().data()),
394 manifest_hash.GetHexSize(), &signature, &sig_size);
395 if (!rvb)
throw EPublish(
"cannot sign manifest");
396 signed_manifest += std::string(reinterpret_cast<char *>(signature), sig_size);
408 if (!rvb)
EPublish(
"cannot place VOMS bootstrapping symlinks");
411 upload::Spooler::CallbackPtr callback =
428 upload::Spooler::CallbackPtr callback =
444 upload::Spooler::CallbackPtr callback =
457 "Creating Key Chain... ");
458 publisher->CreateKeychain();
459 publisher->ExportKeychain();
463 "Creating Backend Storage... ");
464 publisher->CreateStorage();
465 publisher->PushWhitelist();
469 "Creating Initial Repository... ");
470 publisher->InitSpoolArea();
471 publisher->CreateRootObjects();
472 publisher->PushHistory();
473 publisher->PushCertificate();
474 publisher->PushMetainfo();
475 publisher->PushReflog();
476 publisher->PushManifest();
485 return publisher.Release();
494 if (!rvb)
throw EPublish(
"cannot export public master key");
497 if (!rvb)
throw EPublish(
"cannot export certificate");
501 if (!rvb)
throw EPublish(
"cannot export private certificate key");
504 if (!rvb)
throw EPublish(
"cannot export private master key");
509 if (rvi != 0)
throw EPublish(
"cannot set key file ownership");
512 if (rvi != 0)
throw EPublish(
"cannot set key file ownership");
515 if (rvi != 0)
throw EPublish(
"cannot set key file ownership");
518 if (rvi != 0)
throw EPublish(
"cannot set key file ownership");
523 throw EPublish(
"cannot write certificate to storage");
531 throw EPublish(
"cannot write tag database to storage");
539 throw EPublish(
"cannot write repository meta info to storage");
547 throw EPublish(
"cannot write manifest to storage");
553 throw EPublish(
"cannot write reflog to storage");
559 throw EPublish(
"cannot write whitelist to storage");
566 if (!rvb)
throw EPublish(
"cannot create directory " + path);
568 if (rvi != 0)
throw EPublish(
"cannot set ownership on directory " + path);
599 ,
in_transaction_(settings.transaction().spool_area().transaction_lock())
600 ,
is_publishing_(settings.transaction().spool_area().publishing_lock())
611 "This repository uses layout revision " +
StringifyInt(layout_revision)
613 "This version of CernVM-FS requires layout revision " +
StringifyInt(
615 "incompatible to " +
StringifyInt(layout_revision) +
".\n\n"
616 "Please run `cvmfs_server migrate` to update your repository before "
629 throw EPublish(
"gateway key missing: " +
634 throw EPublish(
"cannot read gateway key: " +
645 throw EPublish(
"cannot load certificate, thus cannot commit changes");
649 throw EPublish(
"cannot load private key, thus cannot commit changes");
654 if (!rvb)
throw EPublish(
"cannot load private master key");
657 throw EPublish(
"corrupted keychain");
687 settings_.transaction().enforce_limits(),
688 settings_.transaction().limit_nested_catalog_kentries(),
689 settings_.transaction().limit_root_catalog_kentries(),
690 settings_.transaction().limit_file_size_mb(),
692 settings_.transaction().use_catalog_autobalance(),
693 settings_.transaction().autobalance_max_weight(),
694 settings_.transaction().autobalance_min_weight(),
723 switch (
settings_.transaction().union_fs()) {
727 settings_.transaction().spool_area().readonly_mnt(),
728 settings_.transaction().spool_area().union_mnt(),
729 settings_.transaction().spool_area().scratch_dir());
734 settings_.transaction().spool_area().readonly_mnt(),
735 settings_.transaction().spool_area().union_mnt(),
736 settings_.transaction().spool_area().scratch_dir());
741 settings_.transaction().spool_area().readonly_mnt(),
751 throw EPublish(
"unknown union file system");
757 throw EPublish(
"cannot initialize union file system engine");
763 std::string session_dir = Env::GetEnterSessionDir();
764 std::string session_pid_tmp = session_dir +
"/session_pid";
765 std::string session_pid;
766 int fd_session_pid = open(session_pid_tmp.c_str(), O_RDONLY);
767 if (fd_session_pid < 0)
throw EPublish(
"Session pid cannot be retrieved");
771 kill(pid_child, SIGUSR1);
781 if (!rvb)
throw EPublish(
"cannot write change set to storage");
783 if (!
settings_.transaction().dry_run()) {
788 const std::string old_root_hash =
789 settings_.transaction().base_hash().ToString(
true );
790 const std::string new_root_hash =
793 old_root_hash, new_root_hash,
796 throw EPublish(
"failed to commit transaction");
814 if (!
settings_.transaction().dry_run()) {
823 throw EPublish(
"cannot publish outside transaction");
841 throw EPublish(
"cannot set replication mode");
int return_code
the return value of the spooler operation
void TakeDatabaseFileOwnership()
void set_repository_name(const std::string &repository_name)
void TakeDatabaseFileOwnership()
const SettingsRepository settings_
std::string database_file() const
manifest::Reflog * reflog_
download::DownloadManager * download_mgr_
bool HasGatewayKey() const
bool AddHistory(const shash::Any &history)
void ConstructSyncManagers()
void OnUploadReflog(const upload::SpoolerResult &result)
catalog::SimpleCatalogManager * GetSimpleCatalogManager()
UniquePtr< ManagedNode > managed_node_
Session * session() const
void GenerateMasterKeyPair()
NameString GetFileName(const PathString &path)
const int kPrivateDirMode
UniquePtr< perf::StatisticsTemplate > statistics_publish_
static Publisher * Create(const SettingsPublisher &settings)
std::string keychain_dir() const
std::string GetCertificate() const
static const std::string kPreviousHeadTag
Failures LoadUrl(const std::string &base_url)
std::string gw_key_path() const
FILE * CreateTempFile(const std::string &path_prefix, const int mode, const char *open_flags, std::string *final_path)
string JoinStrings(const vector< string > &strings, const string &joint)
std::string ToString(const bool with_suffix=false) const
void OnProcessCertificate(const upload::SpoolerResult &result)
virtual bool Initialize()
void set_certificate(const shash::Any &certificate)
const history::History * history() const
void CreateDirectoryAsOwner(const std::string &path, int mode)
unsigned layout_revision() const
void SetProxyChain(const std::string &proxy_list, const std::string &fallback_proxy_list, const ProxySetModes set_mode)
void OnUploadWhitelist(const upload::SpoolerResult &result)
std::string private_key_path() const
const SettingsPublisher & settings() const
perf::Statistics * statistics_
std::string CreateTempPath(const std::string &path_prefix, const int mode)
void set_meta_info(const shash::Any &meta_info)
std::string GetPrivateKey()
std::string ExportString() const
assert((mem||(size==0))&&"Out Of Memory")
bool has_alt_catalog_path() const
upload::Spooler * spooler_catalogs_
gateway::GatewayKey gw_key_
bool SafeWriteToFile(const std::string &content, const std::string &path, int mode)
bool LoadPrivateKeyPath(const std::string &file_pem, const std::string &password)
class __attribute__((visibility("default"))) Publisher ManagedNode(Publisher *p)
uint64_t catalog_size() const
bool AddCatalog(const shash::Any &catalog)
static Reflog * Create(const std::string &database_path, const std::string &repo_name)
std::string cert_bundle() const
catalog::WritableCatalogManager * catalog_mgr_
bool HasMasterKeys() const
void GenerateCertificate(const std::string &cn)
uint64_t revision() const
Repository(const SettingsRepository &settings, const bool exists=true)
static Reflog * Open(const std::string &database_path)
static SqliteHistory * OpenWritable(const std::string &file_name)
std::string master_public_key_path() const
bool FileExists(const std::string &path)
std::string GetActivePubkeys() const
const int kPrivateFileMode
void OnProcessMetainfo(const upload::SpoolerResult &result)
const char * Code2Ascii(const Failures error)
static manifest::Manifest * CreateRepository(const std::string &dir_temp, const bool volatile_content, const std::string &voms_authz, upload::Spooler *spooler)
bool HasRepositoryKeys() const
std::string proxy() const
const SettingsKeychain & keychain() const
publish::SyncUnion * sync_union_
uint64_t publish_timestamp() const
bool AddMetainfo(const shash::Any &metainfo)
const int kDefaultDirMode
bool Sign(const unsigned char *buffer, const unsigned buffer_size, unsigned char **signature, unsigned *signature_size)
void OnUploadManifest(const upload::SpoolerResult &result)
signature::SignatureManager * signature_mgr_
void SetKeepAlive(bool value)
Failures Fetch(const std::string &base_url, const std::string &repository_name, const uint64_t minimum_timestamp, const shash::Any *base_catalog, signature::SignatureManager *signature_manager, download::DownloadManager *download_manager, ManifestEnsemble *ensemble)
void DropDatabaseFileOwnership()
std::string master_private_key_path() const
void DownloadRootObjects(const std::string &url, const std::string &fqrn, const std::string &tmp_dir)
static const std::string kHeadTag
std::string session_token_file
shash::Any certificate() const
upload::Spooler * spooler
bool MkdirDeep(const std::string &path, const mode_t mode, bool verify_writable)
bool LoadCertificatePath(const std::string &file_pem)
const SettingsTransaction & transaction() const
const char * Code2Ascii(const Failures error)
ServerLockFile is_publishing_
static void HashDatabase(const std::string &database_path, shash::Any *hash_reflog)
shash::Any catalog_hash() const
string StringifyInt(const int64_t value)
std::string certificate_path() const
catalog::SimpleCatalogManager * simple_catalog_mgr_
history::SqliteHistory * history_
const SettingsStorage & storage() const
void DropDatabaseFileOwnership()
bool SetPreviousRevision(const shash::Any &history_hash)
bool LoadPrivateMasterKeyPath(const std::string &file_pem)
bool DirectoryExists(const std::string &path)
UniquePtr< Session > session_
void set_history(const shash::Any &history_db)
void set_garbage_collectability(const bool garbage_collectable)
bool AddCertificate(const shash::Any &certificate)
std::string filename() const
bool SafeReadToString(int fd, std::string *final_result)
manifest::Manifest * manifest_
void OnProcessHistory(const upload::SpoolerResult &result)
void set_ttl(const uint32_t ttl)
void HashMem(const unsigned char *buffer, const unsigned buffer_size, Any *any_digest)
upload::Spooler * spooler_files_
void MarkReplicatible(bool value)
class __attribute__((visibility("default"))) Replica Replica(const SettingsReplica &settings)
const SettingsKeychain & keychain() const
std::string ExportString() const
virtual void Traverse()=0
uint64_t String2Uint64(const string &value)
void UseSystemCertificatePath()
std::string GetPrivateMasterKey()
void Migrate(InodeTracker *old_tracker, glue::InodeTracker *new_tracker)
Failures Fetch(JobInfo *info)
shash::Any history() const
ServerFlagFile in_transaction_
static std::string CreateString(const std::string &fqrn, int validity_days, shash::Algorithms hash_algorithm, signature::SignatureManager *signature_manager)
bool LoadPublicRsaKeys(const std::string &path_list)
whitelist::Whitelist * whitelist_
GatewayKey ReadGatewayKey(const std::string &key_file_name)
static SqliteHistory * Create(const std::string &file_name, const std::string &fqrn)
bool HasDanglingRepositoryKeys() const
Failures LoadMem(const std::string &whitelist)
SyncMediator * sync_mediator_
void set_has_alt_catalog_path(const bool &has_alt_path)
upload::SpoolerDefinition::DriverType type() const
Publisher(const SettingsPublisher &settings, const bool exists=true)
std::string MakePath() const
std::string MakeCanonicalPath(const std::string &path)
bool in_enter_session() const
void set_reflog_hash(const shash::Any &checksum)
std::vector< std::string > FindFilesBySuffix(const std::string &dir, const std::string &suffix)
shash::Any meta_info() const
std::string tmp_dir() const
static const unsigned kRequiredLayoutRevision
SyncParameters * sync_parameters_
class static __attribute__((visibility("default"))) Repository std::string GetFqrnFromUrl(const std::string &url)
bool HasDanglingMasterKeys() const
CVMFS_EXPORT void LogCvmfs(const LogSource source, const int mask, const char *format,...)