kup-server - Man Page

kernel.org upload server utility


The program kup-server is expected to be the receiver of an ssh shell, configured with the following or similar options in ~/.ssh/authorized_keys:

command="/usr/bin/kup-server",no-agent-forwarding,no-port-forwarding,no-pty,no-user-rc,no-X11-forwarding ssh-rsa AAAA[...]

Each user should have their own UID, as Unix user permissions are used for specific tree access control. On the client side, a corresponding client-side utility kup is used to initiate the connection and perform the uploads.

Global Config

The configuration file for kup-server is located in /etc/kup/kup-server.cfg and has the following options:


All paths in this section should be disjoint. Do not combine any of them into one directory.

data_path = /var/lib/kup/pub

Path for public consumption, e.g. served via http or rsync.

git_path = /var/lib/git

This is the path where git trees (for the TAR and DIFF options) are available.  Those should be readonly for the uploaders.

lock_file = /var/run/kup/lock

A common lock file for data_path.  No program should modify the content in data_path without holding an flock on this file.  Should be readonly for the uploaders.

tmp_path = /var/lib/kup/tmp

tmp_path can be either:

1. a directory writable by every user and with the sticky bit set (typically mode 1777 or 1770).  In that case, DO NOT end the path with a slash, or:

2. A directory containing an empty directory for each user (named for that user), owned by that user and mode 0700. In this case, DO end the path with a slash.

In either case, this directory tree MUST be on the same filesystem as data_path, since the script expects tocreate files in this directory and rename() them into data_path.

pgp_path = /var/lib/kup/pgp

A directory containing a GnuPG public keyring for each user, named <user>.gpg and readable (but not writable) by that user.


All sizes are in bytes, all times in seconds.

max_data = 8589934592

Max size of uploaded data.

bufsiz = 262144

Buffer size when reading data.

timeout_command = 30

How long to wait for a command to time out.

timeout_data = 300

Must read at least bufsiz bytes in this timespan.

timeout_compress = 900

Uncompressing tarballs must take at most this long.

timeout_compress_cpu = 900

Each compression command must take at most this long in CPU time.


This section allows specifying the compressors to use when creating compressed versions of uploaded content.

use = gz, xz

A comma-separated list of file extensions to create (minus the leading dot). For each extension specified, you will need to add a matching section specifying which command and flags to use for decompression and which for compression. Make sure to configure the decompress command to output to stdout. E.g.:

compress_command = /bin/pigz -9
decompress_command = /bin/gzip -cd

compress_command = /bin/xz -9 -T0
decompress_command = /bin/xz -cd


Written by H. Peter Anvin <hpa@zytor.com>.

See Also



2011 kernel.org upload server utility