Scroll to navigation

dupload.conf(5) Debian Project dupload.conf(5)


dupload.conf - configuration file for dupload


The configuration file is rather straight forward Perl code as it is included by the dupload script via "do $config". The config file is read as Perl code!

Any dupload.conf must begin with "package config;" because "config" is the namespace expected by dupload.

For examples of the configuration please refer to the global configuration file /etc/dupload.conf.

It contains associative arrays, each indexed by the nickname (see --to option of dupload), for the following items:

The fully qualified domain name (FQDN) of the nickname.

For the copy method, this option is ignored and the local FQDN will be used instead.

The transfer method. The available methods are:
  • ftp (default)
  • http (since 2.9.9)
  • https (since 2.9.9)
  • scp (since 1.8)
  • scpb (since 1.17)
  • rsync (over SSH; since 2.4.1)
  • copy (local filesystem; since 2.9.0)

If you are using an upload queue, use ftp because it is fast. If you are using an authenticated host, always use https, or one of scp or rsync via SSH, because ftp transmits the password in clear text.

For scp and rsync to work properly, you have to setup the remote and local host to establish a ssh/slogin connection using .shosts/.rhosts or the files in ~/.ssh/. If you do not want or cannot do that, you may find the scpb more convenient since it uploads in batch, reducing the number of password prompts.

The only major caveat of the rsync and scpb options is that the files are processed in a batch mode, i.e. not separately, so in case of an error dupload will not be able to detect which part of the transfer failed, and just delete the .upload file completely.

The account name used to log into the remote host. For ftp the default is anonymous, which should work with firewall logins too. For scp, scpb and rsync the default is delegated to SSH and its own configuration. For http and https there is no default.
The command to retrieve a password. It is expected to output the password on stdout.

If this option has not been specified, and the secret-tool program is installed, the following command will be used to retrieve the password from a system secrets store via the Secret Service interface:

secret-tool lookup host host user user service dupload

If the command fails, then the password will be requested from a prompt.

The FTP password for anonymous logins.
The destination files mode, in octal. If the value is undef, the mode will not be modified. The default is 0644.
Incoming directory, the directory we try to upload to.
The directory we move the uploaded files to (after successful upload to incoming. Usually necessary only with some special upload queues.
The regex of the distributions allowed for this host. This check is done against the Distribution field in the .changes file.
The regex of the distributions blocked for this host. This check is done against the Distribution field in the .changes file.
The email addresses ("to" and "cc") where the announcement about the upload for the "match" distribution should be sent.

This is an array of hashes with the following keys:

The regex of the distribution that needs to match to send an announcement.
Email address where the announcement about the packages is sent.
Email address where to send a copy address of the announcement.
Your full name, one that should appear in the announcement.

If you leave this setting empty, the default will depend on your mail system. Usually the full name will be copied from the GCOS field in /etc/passwd.

Your username that should appear in the announcement. Defaults to getlogin().
The host/domain name that appears as the part to the right of the @ character in the from-part of the announcement. Defaults to the value your local MTA likes.
Set the passive mode for FTP transfers. Since dupload uses Net::FTP, you can also use the environment variable FTP_PASSIVE.
An array reference containing option strings (since 2.10.2), that will be added verbatim to the command line of any scp or rsync calls done.

For backwards compatibility it can also be specified as a scalar string, but this usage is discouraged and will be deprecated in the future.

Tells dupload that the remote host runs dinstall (or equivalent) so that dupload will not send a duplicate announcement mail. The default is 0 (false), set it to 1 to enable it.
If set to 0 (false), adds a X-No-Archive: yes header in the announcement. The default is 1 (true).

The configuration files also contain the following global variables:

The default host to upload to. The default value of this variable is set depending on the current vendor, but if there is no configuration for that vendor it will be left unset.
The pathname to a sendmail compatible MTA. The MTA specified must support the -f option to set the envelope sender address, and the -F option to set the sender's full name. The default is /usr/sbin/sendmail.
Prevents dupload to add parentheses around the full name when making mail announcements. Default is 0 (false), set it to 1 to enable it.


Hooks are a powerful way to add actions which will be run before or after a dupload (like the preinst and postinst script of dpkg).

You have two sorts of hooks: pre-upload and post-upload. Both are simple shell commands (executed by "sh -c" so you can use any shell tricks). Pre-uploads are always run (even in dry mode) and stop dupload if they fail (failure being measured by the hook's exit status). Post-uploads are only run when you are not in dry mode and only if the uploading succeeded.

Hooks get information about themselves and the nickname acted on through the environment (since 2.10.0), with several matching the configuration options for the current nickname:

The hook category.
The host nickname.
Same as the method option.
Same as the fqdn option.
Same as the login option.
Same as the incomingdir option.
Same as the queuedir option.
Same as the options option.
Same as the queuedir option.

Both sorts of hooks are run for a given category: changes, sourcepackage, package, file, deb and host.

This hook is run once per changes file (given as an argument to dupload) with the filename as its parameter.
This hook is run once per changes file with the source package name and its version as its two parameters.
This hook is run once per binary package (a deb file) with the package name and its version as its two parameters.
This hook is run once per uploaded file, with the file name as its parameter.
This hook is run once per binary package (a deb file) with the filename as its parameter.
This hook is run once before any other pre hook and after any post hook, with the host name as its parameter.


Hooks are defined in two Perl hashes, %preupload and %postupload, each indexed by category. In addition to the global hashes, each host entry has two fields with the same names, for the host-specific hooks.

Hooks are defined as array references with each item executed in sequence.

The shell command will be substituted first: %1 will be replace by the first argument, etc.

Per-host or global hooks

Hooks can be global (for all the hosts) or can be for a specific host. Host specific hooks override the global ones for each category.


This one runs lintian before uploading. It is global and guarantees that you will always upload lintian-clean packages (thanks to lintian return status).

     $preupload{'deb'} = [ 'lintian -v -i %1' ];

This one just display the name and versions of successfully uploaded packages.

     $postupload{'package'} = [ 'echo PACKAGE %1 %2 uploaded' ];

Unlike the two others, this one is specific to one host, debian-ssh, and overrides the default global hook in charge of checking the OpenPGP signatures:

     $cfg{'debian-ssh'}{preupload}{'changes'} = [ 'echo Uploading %1' ];


The configuration files are loaded if available in the order listed, overriding previous files.


Those of Net::FTP for the ftp method.
Those of HTTP::Tiny for the http and https methods.
2024-04-08 2.11.2