swign(1)
Contents
swign -- Create a tar archive of a directory with an embedded GPG
signature.
swign [options] [-u gpg-name] [--homedir=gpg-homedir] @- # Write to stdout
swign [options] [-u gpg-name] [--homedir=gpg-homedir] @. # Sign directory
swign -S [options] [-u gpg-name] [--homedir=gpg-homedir]
swign -E [options] [-u gpg-name] [--homedir=gpg-homedir]
swign reads a PSF (Product Specfication File) to generate and load the
package catalog into the current directory and then writes the
cooresponding archive to stdout. The PSF is read from standard input
by default. To use an internally generated PSF with name and revision
attributes determined from the name of the current directory use '-s.'.
The PSF is scanned for replacement tokens for tag and revision
attributes determined from the current directoy name. It is expected
that the current directory name have the form: 'tag-revision'. The
replacement string has the form '%__NAME' where NAME is 'tag' or
'revision'. The directory derived values can be overridden with the
'--revision' or '--name-version' options.
swign by default will remove and re-create the ./catalog/ meta-data
directory, then use GNU tar to write the current directory as a tar
archive to stdout. The result is a tar archive written entirely with
GNU tar that contains an embedded GPG signature in the control file
'./catalog/dfiles/signature'. The contents of './catalog/' are
consistent with the POSIX packaging standard ISO/IEC 15068-2:1999. The
package layout of the resulting archive is unchanged except for the
addition of the './catalog' directory.
The contents of the archive is the contents of the current directory
".". The pathnames in the archive are prefixed by the base name of
".". The owner and group of all the files in the emitted archive are
specified by the PSF file and command line options.
In order for the signature to be valid, the file ownerships specified
in the PSF must be consistent with the 'swign' command. swign will
read the PSF to determine these ownerships automatically from the
'file_permissions' directive unless the '-o' or '-g' command line
options are used or if this feature is disabled using the '--no-psf-
detect' option is given.
The default ownerships for all the files are the current user's owner
and group. If the -o (or -g) option is used with a empty string for
the option arg then the file ownerships of the source files are used.
This script assumes GNU tar is installed.
After writing the ./catalog/ file and before writing the archive, the
file list stored in ./catalog/dfiles/files is compared to the current
directory contents, if any difference is found the archive is not
written and error returned.
--help
show help.
--show-psf
show the PSF to stdout, and then exit.
--no-psf-detect
Disable automatic detection of the PSF's file ownerships policy.
--no-remove
Don't remove the ./catalog directory before overwriting.
--file-ownerships
Use the file ownerships and permissions of the source files.
-u, --local-user name
Use name as the user ID to sign.
--homedir=DIR
Set the name of the home directory to DIR. If not specified
then use "~/.gnupg".
-s, --source=FILE
Specify a PSF file name or one of two special names, '-' for
stdin, and '.' for the internally generated PSF.
-T, --show-names-only
show some info (for help and debugging) and exit.
-t, --run-sanity-check
Instead of writing stdout, write the archive to
../packageDirName.swigntest.tar.gz and run some sanity tests.
-S, --sign-only
Write the ./catalog/ file containing the digest and signature
into "." and then exit without writing the archive to stdout.
Same as using "." as the target such as 'swign @.'
-E, --emit-only
Do not write the ./catalog/ file containing the digest and
signature into "." and then write the archive to stdout. This
does not affect the directory contents.
-D, --with-checkdigest FILE
Include the checkdigest control script sourced from FILE. This
is only needed when not supplying a PSF, that is this option
modifies an internally generated PSF.
-o, --owner OWNER
Specify owner. Use an empty string "" to specify the source
file owner.
-g, --group GROUP
Specify group. Use an empty string "" to specify the source
file group.
--name-version=NAME-REV
Specify a product tag and revision as dash delimited.
-r, --revision REV
Specify a product revision. This will override a revision part
of the current directory's name.
-x format
Specify the archive format. Must be one of the formats of
swpackage.
@-
Target, only supported target is standard output.
The program will remove and replace a file in "." named ./catalog/.
Nothing outside of './catalog/' is modified.
Standard output is the target for the tar archive.
When using the '-t' option an archive file is written to
../packageDirName.swigntest.tar.gz
A copy of the PSF is made in /var/tmp/swign$$. It is normally created
and erased by the program.
Show the internally generated PSF to stdout. Change directory into the
directory to package, then type
swign -s. --show-psf
#
# or specify a owner and group policy
swign -s. -o 0 -g 0 --show-psf
Create a signed metadata (i.e. catalog/) directory of a live directory,
for example /bin
swign -D $HOME/checkdigest.sh -u "YourGPGNAME" -o "" -g "" @.
Generate the package (and verify it) using a PSF that you supply on
standard input. Change directory into the directory to package, then
type
swign -o 0 -g 0 --show-psf | swign -s - -u "gpgName" @- | swverify -d @-
Example of directory signing and authentication.
swign -u YourGPGName -s. --file-ownerships -D /HOME/checkdigest.sh --sign-only
swverify -d @.
swign --file-ownerships -emit-only | swverify -d @-
After running successfully with options -S and -D FILE the following
should be true (report no error).
swverify --checksig . # Deprecated form
-or-
swverify -d @. # POSIX syntax
Similarly,
swign -u "your GPG Name" @- | swverify --checksig -
-or-
swign -u "your GPG Name" @- | swverify -d @-
If a checkdigest script is included then you should unpack the package
at a new location and run swverify -d @. in the new location. The
checkdigest script is a vendor extension control file that is part of
the GPG signed ./catalog directory. As an implementation extension
behavior the swverify program will execute this script after
verification of the signature. The script may take any action at this
point, but the intention is that it be used to verify the contents of
the package directory using GNU tools such as md5sum, sha1sum, and tar.
If a checkdigest script is not included, then the package user will
have to manually execute the commands that would have been executed by
the script using the file meta-data in an authenticated INFO file.
When verifying the unpacked directory form of a package, the swverify
program will return an error if the checkdigest script is not present,
though, it is not required for verification of the tar archive file
itself using swverify.
Swign can be used to sign any directory using the file ownerships of
the source files. The following commands act as a test of swpackage's
ability to generate an archive identical to GNU tar. (Note: the script
checkdigest.sh is found in ./bin of the source distribution.)
swign -D $HOME/checkdigest.sh -u "Test User" -o "" -g "" -S;
swverify -d @.
A PSF that is provided using the '-s' option will be scanned for a
special character sequence '%__NAME' where NAME is either 'tag' or
'revision'. 'tag' is replaced with the package name portion of the
currrent directory. 'revision' is replaced with the version portion.
# PSF.in -- INPUT file to swign
# This file contains the replacement macros %__tag and %__revision which
# are only processed by swign.
# The distribution object need not have any attributes.
distribution
# Attributes in the distribution are mostly ignored although
# distributor control files that pertain to the distribution
# as a whole are properly placed here. Two examples of files
# that are useful here are:
AUTHORS < AUTHORS # This places the file in ./catalog/dfiles
COPYING < COPYING # This places the file in ./catalog/dfiles
# This places the checkdigest script in ./catalog/dfiles/checkdigest
# For a description of the checkdigest script see the info document for
# 'swbis' or the swverify manual page.
# The checkdigest script is a verification hook for swverify used when
# verifying the unpacked tarball (i.e. the package path name
# prefix directory).
checkdigest < bin/checkdigest.sh
# The vendor object provides attributes to describe
# the distributor. At this time, how these attributes
# are used is not addressed.
# The Vendor object is optional
vendor
the_term_vendor_is_misleading True # One of: True, False
tag shortName # Other vendor tags could be the short name of your
# organization name, or your initials, etc.
title Your Name
qualifier author
description "Maintainer of somepackage"
# Most packages do not need a bundle. At this point in swbis'
# development 'bundles' are mostly ignored. Bundles are meta
# packages, it is an object that contains other bundles and
# products whether included in this distribution tarball or not.
# The Bundle object is optional
bundle
tag somepackage
# The product object contains the attributes of common
# interest such as the description, version and name.
product
description "somepackage description
can be mult-line"
tag %__tag # This is the package name
revision %__revision # This is the package version
vendor_tag shortName # Match vendor.tag above
title "somepackage - software"
control_directory "" # Empty string, Important
# The fileset object contains the files. The tag, revision,
# and description attributes are mostly ignored.
# At this time swbis supports only one (1) fileset.
fileset
tag sources
control_directory "" # Empty string, Important
title somepackage source code
description "The source distribution of somepackage"
# file_permissions:
# Here is an important policy. This will cause 'swpackage'
# to create the tar achive with all files owned by uid and
# gid zero (0), the user name 'root' will not be included
# in the uname and gname tar header fields. This is similar
# to the effect of GNU tar options --numeric --owner=root
# --group=root .
# To use the name and ids of the source files delete the line
# or reset the file_permissions adding after or changing to:
# file_permissions -u 000
#
# NOTE: Using "file_permissions -o 0 -g 0" is preferred
# because it will allow the end user to more easily verify
# the directory (unpacked) form of the package using standard
# non-swbis tools.
# file_permissions -u 000 # To use ownerships of source files
file_permissions -o 0 -g 0
# The following two (2) lines mean include every file in the current
# directory.
directory .
file *
# You want to exclude the files in ./catalog because it
# should not be part of the paylaod section. This is
# mandatory.
exclude catalog
# You may also want other excludes
exclude CVS
exclude */CVS
# exclude .svn
# exclude */.svn
# End of PSF
SWPACKAGEPASSFD
Sets the swpackage --passphrase-fd option. Set the option arg
to a integer value of the file descriptor, or to "env" to read
the passphrase from the environment variable
SWPACKAGEPASSPHRASE, or to "agent" to cause gpg to use gpg-
agent, or "tty" to read from the terminal.
SWPACKAGEPASSPHRASE
Use the value as the passphrase if swpackage's --passphrase-fd
is set to "env"
GNUPGHOME
Sets the --gpg-home option of swpackage.
GNUPGNAME
Sets the --gpg-name option of swpackage, which is turn set the
--local-user option of gpg.
0 on success, non-zero on failure.
<path>/catalog/
info swbis
swpackage(8), gpg
swign(1): The source directory signing utility of the swbis project.
Author: J. Lowe jhlowe@acm.org
Version: 1.13
Last Updated: 2008-01
Copying: GNU Free Documentation License
Symbolic links in a package are problematic for verifying the unpacked
form of a package since the modification time is not preserved. They
have no affect on verification of the tar archive file using
'swverify'.
If a directory is signed using the '-S' option and has a file path
greater than 99 chars in length then it will be unverifiable if the
'ustar0' format and GNU tar 1.13.25 was used.
Verification of the directory form of a distribution (i.e. the
installed tarball path name prefix) such as running 'swverify -d @.'
after running 'swign -S' will fail if the order of directory entries is
not compatible with traditional Unix file system directory entry
ordering. This incompatibility may be present in the Ext3, reiserFS,
and DarwinOS et.al file systems.
The file ownership policy of the PSF, the checkdigest script (if any)
and the command line options must agree. The default file ownership
policies of this program are suited to packaged products where file
user and group ownerships are not a critical feature.
swign(1)