svcadm(1M)을 검색하려면 섹션에서 1M 을 선택하고, 맨 페이지 이름에 svcadm을 입력하고 검색을 누른다.
pkg.depotd(8)
System Administration Commands pkg.depotd(8)
NAME
pkg.depotd - Image Packaging System depot server
SYNOPSIS
/usr/lib/pkg.depotd [--cfg source] [-a address]
[--content-root root_dir] [-d inst_root]
[--debug feature_list] [--disable-ops=op[/1][,...]]
[--image-root path] [--log-access dest]
[--log-errors dest] [--mirror mode] [-p port]
[--proxy-base url] [--readonly mode] [-s threads]
[--sort-file-max-size bytes] [--ssl-cert-file source]
[--ssl-dialog type] [--ssl-key-file source]
[-t socket_timeout] [--writable-root path]
DESCRIPTION
pkg.depotd is the depot server for the Image Packaging System. It pro‐
vides network access to the data contained within a package repository.
Clients that do not support direct access to a repository through the
file system, or for which network access is the only available or pre‐
ferred method of transport, typically use the package depot.
Clients such as pkg, the retrieval client, can retrieve a list of pack‐
ages and package metadata from a repository directly or through the
depot server. pkgsend, the publication client, can send new versions of
packages to a repository directly or through the depot server. pkgrepo
can be used to create repositories for use with the depot server, or to
manage them both directly and through the depot server.
pkg.depotd is typically run as a service on the system. Package and
software developers might want to run private copies for testing.
The depot does not provide any access control methods of its own. By
default, all of the clients that are able to connect are able to read
all package data and publish new package versions. The exception is
that when running under Service Management Facility (SMF), the default
is to run in read-only mode. The "Notes" section below describes some
best practices for maintaining a public depot server with evolving con‐
tent.
SMF PROPERTIES
The pkg.depotd server is generally configured via the SMF properties
associated with its service. The svc:/application/pkg/server service
runs a pkg.depot server process, or contributes configuration to the
svc:/application/pkg/depot service. See the pkg.depot-config(8) man
page and the pkg/standalone property below. To install the pkg.depot-
config tool and man page, install the package/pkg/depot package.
See the smf(7) man page for information about SMF properties. The fol‐
lowing properties are recognized:
pkg/address
(net_address) The IP address on which to listen for connections.
The default value is 0.0.0.0 (INADDR_ANY), which listens on all
active interfaces. To listen on all active IPv6 interfaces, use ::.
Only the first value is used.
pkg/content_root
(astring) The file system path at which the instance should find
its static and other web content. The default value is
/usr/share/lib/pkg.
pkg/debug
(astring) A comma-separated list of debug features to enable. Pos‐
sible values are:
headers Logs the headers of every request to the error log.
pkg/disable_ops
(astring) A comma-separated list of operations that should be dis‐
abled for the depot server. Operations are given as operation[/ver‐
sion] (catalog or search_1, for example).
pkg/image_root
(astring) The path to the image whose file information will be used
as a cache for file data.
pkg/inst_root
(astring) The file system path at which the instance should find
its repository data. Required unless PKG_REPO has been provided.
The default value is /var/pkgrepo.
pkg/log_access
(astring) The destination for any access related information logged
by the depot process. Possible values are: stderr, stdout, none, or
an absolute path name. The default value is stdout if stdout is a
tty. If stdout is not a tty, the default value is none. If you run
pkg as a service, the default value for log_access is none and out‐
put is written to /var/svc/log/application-pkg-server:*. See the
logadm(8) man page for examples of managing large log files.
pkg/log_errors
(astring) The destination for any errors or other information
logged by the depot process. Possible values are: stderr, stdout,
none, or an absolute path name. The default value is stderr. See
the logadm(8) man page for examples of managing large log files.
pkg/mirror
(boolean) Sets whether package mirror mode is used. When true, pub‐
lishing and metadata operations are disabled and only a limited
browser user interface is provided. This property cannot be true
when the pkg/readonly property is true. The default value is false.
pkg/port
(count) The port number on which the instance should listen for
incoming package requests. If SSL certificate and key information
has not been provided, the default value is 80; otherwise, the
default value is 443.
pkg/proxy_base
(uri) This changes the base URL for the depot server and is most
useful when running behind Apache or some other web server in a
reverse proxy configuration.
pkg/readonly
(boolean) Sets whether modifying operations, such as those initi‐
ated by pkgsend, are disabled. Retrieval operations are still
available. This property cannot be true when the pkg/mirror prop‐
erty is true. The default value is true.
pkg/socket_timeout
(count) The maximum number of seconds the server should wait for a
response from a client before closing a connection. The default
value is 60.
pkg/sort_file_max_size
(count) The maximum size of the indexer sort file. Used to limit
the amount of RAM the depot uses for indexing, or increase it for
speed.
pkg/ssl_cert_file
(astring) The absolute path name to a PEM-encoded Certificate file.
The default value is none. This property must be used with
ssl_key_file. The depot only responds to SSL requests if both
ssl_cert_file and /ssl_key_file are provided.
pkg/ssl_dialog
(astring) Specifies what method should be used to obtain the
passphrase used to decrypt the ssl_key_file. Possible values are:
builtin
Prompt for the passphrase. This is the default value.
exec:/path/to/program
Execute the specified external program to obtain the
passphrase. The first argument to the program is '', and is
reserved. The second argument to the program is the port number
of the server. The passphrase is printed to stdout.
smf:fmri
Attempt to retrieve the value of the property
pkg_secure/ssl_key_passphrase from the service instance related
to the FMRI.
pkg/ssl_key_file
(astring) The absolute path name to a PEM-encoded Private Key file.
This property must be used with the property ssl_cert_file. The
depot only responds to SSL requests if both /ssl_key_file and
ssl_cert_file are provided.
pkg/standalone
(boolean) To easily serve multiple repositories from a single
Apache instance with minimal Apache configuration, set this prop‐
erty to false and set the pkg/readonly property of this pkg/server
instance to true. The default value of pkg/standalone is true and
the default value of pkg/readonly is true. See the pkg.depot-con‐
fig(8) man page for more information.
pkg/threads
(count) The number of threads started to serve requests. The
default value is 60. Suitable only for small deployments. This
value should be approximately 20 times the number of concurrent
clients. The maximum value of threads is 5000.
pkg/writable_root
(astring) The file system path to a directory to which the program
has write access. This is used with the -readonly option to enable
the depot server to create files, such as search indexes, without
needing write access to the package information.
pkg_secure/ssl_key_passphrase
(astring) The password to use to decrypt the pkg/ssl_key_file. This
value is read-authorization protected using the attribute
solaris.smf.read.pkg-server.
The presentation and behavior of the Browser User Interface (BUI) of
the depot server is controlled using the following properties:
pkg_bui/feed_description
(astring) A descriptive paragraph for the RSS/Atom feed.
pkg_bui/feed_icon
(astring) The path name of a small image used to visually represent
the RSS/Atom feed. The path name should be relative to the con‐
tent_root. The default value is web/_themes/pkg-block-icon.png.
pkg_bui/feed_logo
(astring) The path name of a large image that will be used to vis‐
ually brand or identify the RSS/Atom feed. This value should be
relative to the content_root. The default value is web/_themes/pkg-
block-icon.png.
pkg_bui/feed_name
(astring) A short, descriptive name for RSS/Atom feeds generated by
the depot serving the repository. The default value is "package
repository feed".
pkg_bui/feed_window
(count) The number of hours before the feed for the repository was
last generated, to include when generating the feed.
The package depot is also able to act as a mirror server for local
client images from pkg(7). This enables clients that share a subnet on
a LAN to mirror their file caches. Clients can download files from one
another, thereby reducing load on the package depot server. This func‐
tionality is available as an alternate depot service configured by SMF.
It uses mDNS and dns-sd for service discovery.
The mDNS mirror is generally configured via the SMF properties associ‐
ated with its service. The following properties are recognized:
pkg/image_root
(astring) The path to the image whose file information will be used
as a cache for file data. The default value is /.
pkg/port
(count) The port number on which the instance should listen for
incoming package requests. The default value is 80.
OPTIONS
pkg.depotd can read its base configuration information from a file or
from the property data of an existing SMF service instance.
--cfg source
Specify the path name of a file to use when reading and writing
configuration data, or a string of the form smf:fmri where fmri is
the service fault management resource identifier (FMRI) of the
instance to read configuration data from. See "Depot Configuration"
below for details on the format of the file specified.
If no preexisting configuration source is available, or to override
values read from a configuration file provided using --cfg, the follow‐
ing options can be used to alter the default behavior of the depot
server:
-a address
See pkg/address above.
--content-root root_dir
See pkg/content_root above.
-d inst_root
See pkg/inst_root above.
--debug feature_list
See pkg/debug above.
--disable-ops=op[/1][,...]
See pkg/disable_ops above.
--image-root path
See pkg/image_root above.
--log-access dest
See pkg/log_access above.
--log-errors dest
See pkg/log_errors above.
--mirror mode
See pkg/mirror above.
-p port
See pkg/port above.
--proxy-base url
See pkg/proxy_base above. This option is ignored if an empty value
is provided.
--readonly mode
See pkg/readonly above.
-s threads
See pkg/threads above.
--sort-file-max-size bytes
See pkg/sort_file_max_size above.
--ssl-cert-file source
See pkg/ssl_cert_file above.
--ssl-dialog type
See pkg/ssl_dialog above.
--ssl-key-file source
See pkg/ssl_key_file above.
-t socket_timeout
See pkg/socket_timeout above.
--writable-root path
See pkg/writable_root above.
-?
--help
Display a usage message.
Additional administrative and management functionality for package
repositories is provided by pkgrepo.
DEPOT CONFIGURATION
When a configuration file is provided (instead of an SMF FMRI) by using
the --cfg option, the depot server reads and writes all configuration
data in a simple text format. The configuration data is described in
"SMF Properties" above. The configuration data consists of sections,
lead by a [section] header, and followed by name = value entries. Con‐
tinuations are in the style of RFC 822. Values can be split over multi‐
ple lines by beginning continuation lines with whitespace.
Any required values not provided in the configuration file must be pro‐
vided using the option listed in "Options" above. A sample configura‐
tion file might look like this:
[pkg]
port = 80
inst_root = /export/repo
[pub_example_com]
feed_description = example.com's software
update log
EXAMPLES
Example 1 Enabling the Depot Server
# svcadm enable application/pkg/server
Example 2 Changing the Listening Port of the Server.
# svccfg -s application/pkg/server setprop pkg/port = 10000
# svcadm refresh application/pkg/server
# svcadm restart application/pkg/server
Example 3 Enabling the Mirror
# svcadm enable application/pkg/dynamic-mirror
ENVIRONMENT VARIABLES
PKG_REPO Specifies the directory that contains the reposi‐
tory to serve. This value is ignored if -d is
specified.
PKG_DEPOT_CONTENT Specifies the directory that contains static con‐
tent served by the depot. The files listed below
under "Files" should be present in this directory,
although their content can differ from the sup‐
plied default content.
EXIT STATUS
The following exit values are returned:
0 Successful operation.
1 An error occurred.
2 Invalid command line options were specified.
99 An unanticipated exception occurred.
FILES
/usr/share/lib/pkg
Default presentation content location. Modify pkg/content_root to
select an alternate location.
ATTRIBUTES
See attributes(7) for descriptions of the following attributes:
tab() box; cw(2.75i) |cw(2.75i) lw(2.75i) |lw(2.75i) ATTRIBUTE TYPEAT‐
TRIBUTE VALUE _ Availabilitypackage/pkg _ Interface StabilityUncommit‐
ted
SEE ALSO
pkg.depot-config(8), dns-sd(8), mdnsd(8), pkg(1), pkgrepo(1),
pkgsend(1), syslogd(8), smf(7)
Creating Package Repositories in Oracle Solaris 11.4
https://github.com/oracle/solaris-ips
NOTES
The pkd.depotd service is managed by SMF under the service identifier
svc:/application/pkg/server.
The mDNS mirror service is managed by SMF under the service identifier
svc:/application/pkg/dynamic-mirror.
To control read access to the depot, you can use an HTTP reverse proxy
in combination with authentication methods such as client based SSL
certificate access, which pkg natively supports.
To easily serve multiple repositories from a single Apache instance
with minimal Apache configuration, set the pkg/standalone property of a
particular pkg/server instance to false and set the pkg/readonly prop‐
erty of that instance to true. See the pkg.depot-config(8) man page for
more information.
Changes to configuration, or changes to package data using file system
based operations, require a restart of the depot server process so that
the changes can be reflected in operations and output. Use one of the
following methods to restart the depot server process:
o Use svcadm to restart the application/pkg/server instance.
o Send a SIGUSR1 signal to the depot server process using
kill. This executes a "graceful restart" that leaves the
process intact but reloads all configuration, package, and
search data:
# kill -USR1 pid
Oracle Solaris 11.4 15 Nov 2017 pkg.depotd(8)