PKG.DEPOTD(8) | Maintenance Commands and Procedures | PKG.DEPOTD(8) |
pkg.depotd
— Image
Packaging System depot server
/usr/lib/pkg.depotd |
[--cfg source]
[-a address]
[--content-root root_dir]
[-d inst_root]
[--debug feature_list]
[--disable-ops =op[/1][,...]]
[--image-root path]
[--log-access dest]
[--log-errors dest]
[--mirror mode]
[-p port]
[--proxy-base url]
[--readonly mode]
[-s threads]
[--sort-file-max-size bytes]
[--ssl-cert-file source]
[--ssl-dialog type]
[--ssl-key-file source]
[-t socket_timeout]
[--writable-root path] |
pkg.depotd
is the depot server for the
Image Packaging System, pkg(7). It
provides network access to the data contained within a package repository.
Clients that do not support direct access to a repository through the file
system, or for which network access is the only available or preferred
method of transport, typically use the package depot.
Clients such as pkg(1), the retrieval client, can retrieve a list of packages and package metadata from a repository directly or through the depot server. pkgsend(1), the publication client, can send new versions of packages to a repository directly or through the depot server. pkgrepo(1) can be used to create repositories for use with the depot server, or to manage them both directly and through the depot server.
pkg.depotd
is typically run as a service
on the system. Package and software developers might want to run private
copies for testing.
The depot does not provide any access control methods of its own. By default, all of the clients that are able to connect are able to read all package data and publish new package versions. The exception is that when running under Service Management Facility (SMF), the default is to run in read-only mode. The Notes section below describes some best practices for maintaining a public depot server with evolving content.
The pkg.depotd
server is generally
configured via the SMF properties associated with its service. The
svc:/application/pkg/server service runs a
pkg.depotd
server process.
See the smf(7) man page for information about SMF properties. The following properties are recognized:
PKG_REPO
has been provided. The default value is
/var/pkgrepo.stderr
, stdout
, none ,or
an absolute path name. The default value is stdout
if stdout
is a tty. If
stdout
is not a tty, the default
value is ‘none’. If you run
pkg as a
service, the default value for
log_access
is ‘none’ and output is written to
/var/svc/log/application-pkg-server:*. See the
logadm(8) man page for examples of
managing large log files.stderr
, stdout
, none ,or
an absolute path name. The default value is
stderr
. See the
logadm(8) man page for examples of
managing large log files.stdout
.-readonly
option to enable the depot server to
create files, such as search indexes, without needing write access to the
package information.The presentation and behaviour of the Browser User Interface (BUI) of the depot server is controlled using the following properties:
The package depot is also able to act as a mirror server for local client images from pkg(7). This enables clients that share a subnet on a LAN to mirror their file caches. Clients can download files from one another, thereby reducing load on the package depot server. This functionality is available as an alternate depot service configured by SMF. It uses mDNS and dns-sd for service discovery.
The mDNS mirror is generally configured via the SMF properties associated with its service. The following properties are recognized:
pkg.depotd
can read its base configuration
information from a file or from the property data of an existing SMF service
instance.
--cfg
sourceIf no preexisting configuration source is available, or to
override values read from a configuration file provided using
--cfg
, the following options can be used to alter
the default behaviour of the depot server:
-a
address--content-root
root_dir-d
inst_root--debug
feature_list--disable-ops
=op[/1][,...]]--image-root
path--log-access
dest--log-errors
dest--mirror
mode-p
port--proxy-base
url--readonly
mode-s
threads--sort-file-max-size
bytes--ssl-cert-file
source--ssl-dialog
-.Ar
-type
--ssl-key-file
source-t
socket_timeout--writable-root
path--help
,
-?
Additional administrative and management functionality for package repositories is provided by pkgrepo(1).
When a configuration file is provided (instead of an SMF FMRI) by
using the --cfg
option, the depot server reads and
writes all configuration data in a simple text format. The configuration
data is described in SMF Properties
above. The configuration data consists of sections, lead by a [section]
header, and followed by
name=value entries.
Continuations are in the style of RFC 822. Values can be split over multiple
lines by beginning continuation lines with whitespace.
Any required values not provided in the configuration file must be provided using the option listed in Options above. A sample configuration file might look like this:
[pkg] port = 80 inst_root = /export/repo [pub_example_com] feed_description = example.com's software update log
The following exit values are returned:
Example 1 Enabling the Depot Server
svcadm enable application/pkg/server
Example 2 Changing the Listening Port of the Server.
svccfg -s application/pkg/server setprop pkg/port = 10000 svcadm refresh application/pkg/server svcadm restart application/pkg/server
Example 3 Enabling the Mirror
svcadm enable application/pkg/dynamic-mirror
The following environment variables are supported:
PKG_REPO
-d
is specified.PKG_DEPOT_CONTENT
The command line interface of pkg.depotd
is
Uncommitted.
The output of pkg.depotd
is
Not-An-Interface
and may change at any time.
kill(1), pkg(1), pkgrepo(1), pkgsend(1), smf(7), dns-sd(8), mdnsd(8), svcadm(8), syslogd(8)
The pkg.depotd
service is managed by SMF
under the service identifier
svc:/application/pkg/server.
The mDNS mirror service is managed by SMF under the service identifier svc:/application/pkg/dynamic-mirror.
To control read access to the depot, you can use an HTTP reverse proxy in combination with authentication methods such as client based SSL certificate access, which pkg(1) natively supports.
Changes to configuration, or changes to package data using file system based operations, require a restart of the depot server process so that the changes can be reflected in operations and output. Use one of the following methods to restart the depot server process:
SIGUSR1
signal to the depot server process
using kill(1). This executes a
graceful restart that leaves the process intact but reloads all
configuration, package, and search data:
kill -USR1
<pid>
February 17, 2022 | OmniOS |