\. \\!%PB \\!/showpage{}def \\!/tempdict 200 dict def tempdict begin \\!end % tempdict % \\!PE \\!. ' br \} ' br \} ' br \} ' br \}

Next: , Up: (dir)

1 swpackage" "8

Next: , Previous: Top, Up: Top

1.1 NAME

swpackage Package a software distribution.

Next: , Previous: NAME, Up: Top


     swpackage    # Filter: read PSF on stdin, write a tar archive to stdout
     swpackage -s- @-  # Absolutely explicit, same as above
     swpackage @FILE 
     swpackage  [-p]  [-s psf_file]  [-f file] [-x option=value] \\
     [-X options_file] [-W option] [software_selections] [@targets]
     swpackage –help # more authoritative documentation
     swpackage  [options] –to-swbis [-s package_file]   # format translator
     swpackage  [options] –resign [-s package_file]   # modify signatures
     swpackage  [options] –remove-signature=N [-s package_file]
     swpackage  [options] –replace-signature=N [-s package_file]

Next: , Previous: SYNOPSIS, Up: Top


swpackage reads a Product Specification File (PSF) and writes a distribution to the specified target. If no options are given a PSF is read on stdin and a distribution is written to the default target either a directory, device, or standard output. To specify standard output use a dash '-' as the target.

Next: , Previous: DESCRIPTION, Up: Top



Refer to the software objects (products, filesets) on which to be operated. (Not yet implemented)


Refers to the software_collection where the software selections are to be applied. To specify standard output use a dash '-', this overrides media_type setting to 'serial'. Target may be a file, or device file or '-'


Reads software_selections from FILE. (Not implemented).


Preview the package. Perform all the packaging operations except writing the target. In verbose level 1, nothing is written. Higher verbose levels write information on stdout. Error and warning messages are written to stderr for verbose levels 1 and higher.

-s PSF

Specify the PSF file, "-" is standard input.

-x option=value

Specify the extended option overriding the defaults file value.


Specify the extended options filename, FILE, overriding the default filenames. This option may be given more then once. If the resulting specified value is an empty string then reading of any options file is disabled.


(Implementation extension.) Given one time it is identical to -x verbose=2. This option can be given multiple times with increasing effect. level 0: silent on stdout and stderr (not implemented). level 1: fatal and warning messages. -v level 2: level 1 plus file list and trailer message. -vv level 3: level 2 verbose tar-like listing. -vvv level 4: level 3 extra verbose tar listing.


Set blocksize to BYTES number of bytes (octets). The default is 10240. (implementation extension)

−−version, -V

Alternate Mode: Show version. (Implementation extension)


Alternate Mode: Show help (Implementation extension)

-W option[,option,...]

Specify the implementation extension option. Syntax: -W option[=option_argument[,option...] Options may be separated by a comma. The implementation extension options may also be given individually using the '–long-option[=option_arg]' syntax.

-W cksum

Compute POSIX cksum of the individual files.

-W file-digests -W digests

Compute md5 digests of the individual files. (-W digests is deprecated, use -W file-digests).

-W files

Store the distribution file list in .../dfiles/files.

-W dir=NAME

Use NAME as the path name prefix of a distribution and also as the value of the distribution.control_directory and distribution.tag attribute (if not set). May be set to an empty string to eliminate stray leading "./".

-W sign

Compute the md5sum, sha1sum and adjunct_md5sum digests and sign the package.

-W dummy-sign

Same as -W sign except use a dummy signature. The signer program is not run and no password is required.

-W signer-pgm=SIGNER

Recognized SIGNERs are GPG, PGP2.6, and PGP5. swverify only supports GPG, however, other types can be verified manually using the options of swverify and command line utilities.

-W archive-digests

Compute the md5sum, sha1sum and adjunct_md5sum digests. See sw(5) for info on the digest and signed data input files. The sha1sum and md5sum attributes have identical input streams.

-W no-sha1

Do not compute the sha1 digest even if directed to by other options. (Deprecated: There is limited reason to use this option).

-W signed-file

Write only the signed data to the specified target but do not sign. (Deprecated: There is limited reason to use this option).

-W gpg-name=NAME

Use NAME as the user ID to sign. NAME becomes the option arg of the gpg −−local-user option.

-W gpg-path=PATH

Use PATH as the gpg homedir.

-W gzip

compress output with file system gzip utilty

-W bzip2

compress output with file system bzip2 utility

-W lzma

compress output with file system lzma utility

-W symmetric

encrypt output with file system gpg utility

-W encrypt-for-recipient=NAME

encrypt with NAME's public key using file system gpg utility

-W source=FILE

Use serial archive located at FILE as the source instead of the file system. The files referred by the PSF are taken from the serial archive and not the file system.

-W numeric-owner

Same as GNU tar option. Emitted archive has only uid and gids.

-W absolute-names

Same as GNU tar option. Leading slash '/' are always stripped unless this option is given.

-W format=FORMAT

The default format is 'pax'. The pax format will only generate extended headers if needed. FORMAT is one of:
      ustar   is the POSIX.1 tar format capable of storing
              pathnames up to 255 characters in length.
              Identical to GNU tar 1.15.1 –format=ustar
      ustar0  is a different POSIX.1 tar personality.
              Identical to GNU tar 1.13.25 –posix -b1 for 99 char pathnames
              Has different rendering of device numbers for non-device files,
              but otherwise identical to 'ustar'
      gnu     Identical to GNU tar version 1.15.1 –format=gnu
      oldgnu  Identical to GNU tar version 1.13 and later with
                  block size set to 1. i.e. with option -b1.
              Also identical to GNU tar 1.15.1 –format=oldgnu
      gnutar  same as oldgnu, oldgnu preferred.
      pax     Extended header tar (Default)
      odc     Posix.1 cpio (magic 070707).
      newc    cpio format (magic 070701).
      crc     cpio format (magic 070702).
      bsdpax3 Identical to pax v3.0, ustar format with option -b 512.

-W pax-header-pid=NUMBER

Sets the number used in any pax header naming scheme to NUMBER. You must use this option to make archive identical in subsequent (back-to-back) invocations.

-W uuid=STRING

Sets the uuid string to STRING instead of calling uuid(1) You must use this option to make the catalog directory identical in subsequent (back-to-back) invocations.

-W create-time=TIME

Applies to catalog files and the create_time attribute. TIME is the seconds since the Unix Epoch. You must use this option to make the catalog directory identical in subsequent (back-to-back) invocations.

-W list-psf

Write the PSF to stdout after having processed the extended definitions.

-W to-swbis

Alternate Mode: Read a package on standard input and write a POSIX package on standard output. Requires the Supported formats are any supported format of lxpsf. Identical to: /swbis/lxpsf –psf-form3 -H ustar | swpackage -Wsource=- -s@PSF

-W passphrase-fd=N

Read the passphrase on file descriptor N.

-W passfile=FILE

Read the passphrase from FILE in the file system. Setting FILE to /dev/tty resets (i.e unsets) all passphrase directives, thus establishing the default action, reading from the terminal.

-W dir-owner=OWNER

Set the owner of the leading directory archive member to OWNER. If the option arg is "", then the owner is the owner of the current directory.

-W dir-group=OWNER

Set the group of the leading directory archive member to OWNER. If the option arg is "", then the owner is the owner of the current directory.

-W dir-modep=MODE

Set the file permissions mode of the leading directory archive member to MODE.

-W catalog-owner=OWNER

Set the owner of the catalog section to OWNER.

-W catalog-group=GROUP

Set the group of the catalog section to GROUP.

-W files-from=NAME

Read a list of files from file NAME. Directories are not descended recursively.

-W show-options-files

Alternate Mode: Show the complete list of options files and if they are found.

-W show-options

Alternate Mode: Show the options after reading the files and parsing the command line options.

-W no-catalog

Do not write the catalog section.

-W no-front-dir

Do not write the directory archive members that preceed the catalog section.

Signature Modification Options. The source file via '-s' option is a previously signed archive file.


Alternate Mode: Same as –add-signature-first


Alternate Mode: Opposite of –addsign, Same as –remove-signature=1


Alternate Mode: Add signature first in the list of package signatures. The last signature, by convention, is the primary signature.


Alternate Mode: Add signature last in the list of package signatures. The last signature, by convention, is the primary signature.


Alternate Mode: Replace Nth signature, 0 means last signature.


Alternate Mode: Remove Nth signature, 0 means last signature.


Alternate Mode: Same as –replace-signature=0

–resign-test, –zfilter

Alternate Mode: Copy from source to target without altering. Does not generate a signature. The output should be identical to the input. Also has unintended use of accessing the compression pipeline function of swpackage.


Modifier to alternate Mode: Applies when modifying signature. The compression methods of the input file are detected and the output is compressed to match.


Modifier to alternate Mode: Overwrites file specified as the source name (by the -s FILE option). Will likely do so safely.

Next: , Previous: OPTIONS, Up: Top


These extended options can be specified on the command line using the -x option or from the defaults file, swdefaults.


1.5.1 Posix

Shown below is an actual portion of a defaults file which show default values. These options are set in the /usr/lib/swbis/swdefaults or the ~/.swdefaults file.

     swpackage.distribution_target_directory  = /var/spool/sw   # Not used
     swpackage.distribution_target_serial     = -        # Not used
     swpackage.enforce_dsa                    = false    # Not used
     swpackage.follow_symlinks                = false    # Not used
     swpackage.logfile          = /var/lib/swbis/swpackage.log   # Not used
     swpackage.loglevel                       = 1         # Not used
     swpackage.media_capacity                 = 0         # Not used
     swpackage.media_type                     = serial    # Not used
     swpackage.psf_source_file                = -         # Not used
     swpackage.software                       =           # Not used
     swpackage.verbose                        = 1         # May be 1 2 or 3

Previous: Posix, Up: EXTENDED OPTIONS

1.5.2 Swbis Implementation

These extended options can be specified on the command line using -Woption=optionarg or –option=optionarg syntax.

These options are set in the /usr/lib/swbis/swbisdefaults or the ~/.swbis/swbisdefaults file.

     swpackage.swbis_cksum                    = "false"   # true or false
     swpackage.swbis_file_digests             = "false"   # true or false
     swpackage.swbis_file_digests_sha2        = "false"   # true or false
     swpackage.swbis_files                    = "false"   # true or false
     swpackage.swbis_sign                     = "false"   # true or false
     swpackage.swbis_archive_digests          = "false"   # true or false
     swpackage.swbis_archive_digests_sha2     = "false"   # true or false
     swpackage.swbis_gpg_name                 = ""
     swpackage.swbis_gpg_path                 = "~/.gnupg"
     swpackage.swbis_gzip                     = "false"   # true or false
     swpackage.swbis_bzip2                    = "false"   # true or false
     swpackage.swbis_numeric_owner            = "false"   # true or false
     swpackage.swbis_absolute_names           = "false"   # true or false
     swpackage.swbis_format                   = "ustar"  # gnutar or ustar
     swpackage.swbis_signer_pgm               = "GPG" # GPG or PGP5 or PGP2.6

Next: , Previous: EXTENDED OPTIONS, Up: Top


Here are some commonly used options.


1.6.1 Options and Option Files

Show the option file options and the option files that determine the default values.

     	swpackage –show-options
     		# and
     	swpackage –show-options-files

Next: , Previous: Options and Option Files, Up: USAGE EXAMPLES

1.6.2 Preview the output

Show a verbose tar-like file listing on stdout

     	swpackage -pv
                # or
     	swpackage -pvv 

Next: , Previous: Preview the output, Up: USAGE EXAMPLES

1.6.3 Create a signed package

Read the PSF on standard input, sign using 'admin' key using the gpg-agent. Include sha2 digests for the files and archive. Include the file list, compress the output using xz writing to standard output.

     	swpackage -s - –sign –use-agent –gpg-name=admin –files \\
     		–sha1 –sha2 –xz @-

Next: , Previous: Create a signed package, Up: USAGE EXAMPLES

1.6.4 Resign a package

Resign a previously signed package, overwriting the original file

     	swpackage –resign -s foo.tar.gz –overwrite –recompress

Next: , Previous: Resign a package, Up: USAGE EXAMPLES

1.6.5 Idempotent Invocation

Use special options to obtain an identical package two or more times

     	swpackage –create-time=1406254892 \\
     		–uuid=ed3b9432-3ba1-4c01-a125-e22fb94588e2 \\

Previous: Idempotent Invocation, Up: USAGE EXAMPLES

1.6.6 ALternative Format Translation

Execute the internally generated pipeline for format translation manually

     	# the following is equivalent to  'swpackage –to-swbis'
               /usr/local/libexec/swbis/lxpsf –psf-form3 \\
                      -H ustar | swpackage -Wsource=- -s@PSF

Next: , Previous: USAGE EXAMPLES, Up: Top


Support for embedded cryptographic signature


1.7.1 Description

Package signing is accomplished by including, as a package attribute, a detached signature in the package metadata (the catalog section of the package). The signed data is the catalog section of the package (see sw(5) for a description) excluding the signature files archive header and data. The package leading directory that does not contain the /catalog/ directory in its name is not included in the signed stream. The signed stream is terminated by two (2) null tar blocks (which are not in the actual package file). The storage section (or payload) of the package is included in the signed data by computing its md5 and sha1 message digests and storing these as attributes in the catalog section.

Next: , Previous: Description, Up: PACKAGE SIGNING

1.7.2 Signature Generation

The signature is generated by the file system signing utility. Currently, swpackage supports GPG PGP-2.6 and PGP-5. The default is GPG but can be selected using the -Wsigner-pgm command line option and the swpackage.swbis_signer_pgm defaults file option. The options and program can the displayed with the -Wshow-signer-pgm option. The options in each case produce a detached ascii-armored signature. The maximum length for the ascii armored file is 1023 bytes.

Previous: Signature Generation, Up: PACKAGE SIGNING

1.7.3 Passphrase Handling

The passphrase can be read from the tty, a file descriptor, and environment variable or the GNUpg passphrase agent. These are controlled by the options or the environment variables SWPACKAGEPASSFD and SWPACKAGEPASSPHRASE. Placing your passphrase in an environment variable is insecure but may be usefull to sign packages with a test key and later replace it [when on a different host for example].

Next: , Previous: PACKAGE SIGNING, Up: Top


swpackage does not perform verification of the embedded cryptographic signature, although, a description is included here for completness.


1.8.1 Overview

Verification requires verifying the payload section md5 and sha1 message digests and then verifying the signature. Naturally, it is required that the signed data include the payload messages digests. See swverify.

Next: , Previous: Overview, Up: SIGNATURE VERIFICATION

1.8.2 Manual Verification

Verification requires re-creating the signed and digested byte streams from the archive file. This is not possible using any known extant tar reading utility because of a lack of ability to write selected archive members to stdout instead of installing in the file system; however, the swverify utility can be used to write these bytes streams to stdout allowing manual inspection and verification. See swverify.

Previous: Manual Verification, Up: SIGNATURE VERIFICATION

1.8.3 Manual Verification Using Standard Tools

Verification using standard GNU/Linux tools is possible if the archive is installed in the file system. Success depends on the following factors:

     1) The tar utility preserves modification times
        (e.g. not GNU tar 1.3.19).
     2) The archive does not contain Symbolic Links
        (see sw(5) for explanation).
     3) The file system is a Unix file system (e.g. ext2).
     4) The package was created using -Wformat=gnutar or, -Wformat=ustar
        with no file name longer than 99 octets.

Recreating the signed and digested byte streams is then accomplished using GNU tar and the file list stored in

the \<path\>/catalog/dfiles/files attribute file as follows:

In this example, the package has a single path name prefix called, namedir and the file owner/group are root. These restrictions are suited to source packages. Verify the signature:

       tar cf - -b1 –owner=root –group=root \\
       –exclude=namedir/catalog/dfiles/signature  \\
       namedir/catalog | gpg –verify namedir/catalog/dfiles/signature -

If this fails try using GNU tar option –posix. If this fails then you are out of luck as nothing in the catalog section can be trusted.

Verify the payload digests:

       grep -v namedir/catalog  namedir/catalog/dfiles/files | \\
       tar cf - -b1 –owner=root –group=root \\
       –files-from=- –no-recursion | md5sum
       cat namedir/catalog/dfiles/md5sum

Likewise for the sha1 digest.

If the package has symbolic links, Verify the adjunct_md5sum:

       grep -v namedir/catalog  namedir/catalog/dfiles/files | \\
       ( while read file; do if [ ! -h $file ]; then echo $file; fi done; )|\\
       tar cf - -b1 –owner=root –group=root \\
       –files-from=- –no-recursion | md5sum
       cat namedir/catalog/dfiles/adjunct_md5sum

The symbolic link files must be verified manually by comparing to the INFO file information.



The output format is either one of two formats specified in POSIX.1 (ISO/IEC 9945-1) which are tar (header magic=ustar) or cpio (header magic=070707). The default format of the swbis implementation is "ustar". The POSIX spec under specifies definitions for some of the ustar header fields. The personality of the default swbis ustar format mimics GNU tar 1.15.1 and is designed to be compliant to POSIX.1. The personality of the "ustar0" format mimics, for pathnames less than 99 octets, GNU tar 1.13.25 using the "-b1 –posix" options. This bit-for-bit sameness does not exist for pathnames greater than 99 chars as swbis follows the POSIX spec and GNU tar 1.13.25 does not. The "ustar0" ustar personality is deprecated. It is only slightly different from 'ustar' in how device number fields are filled (with spaces, zeros or NULs) for non-device files.

In addition the swbis implementation supports several other tar variants including bit-for-bit mimicry of GNU tar (1.13.25) default format which uses a non-standard name split and file type (type 'L'). This format is known as '–format=oldgnu'. Also supported is the gnu format of GNU tar 1.15.1 specified by '–format=gnu'

The defacto cpio formats are also supported. "new ASCII" (sometimes called SVR4 cpio) and "crc" cpio formats with header magic "070701" and "070702" respectively.

Support for "pax Interchange Format" (Extended header tar) described in IEEE 1003.1-2001 under the "pax" manual page has been implemented for POSIX file attributes as of release 1.12 (c Aug2014). The 'swpackage' utility will generate extended headers on an as needed basis when the –format=pax is used. Support for POSIX ACL and SELinux attributes is planned.

The entirety of the output byte stream is a single valid file of one the formats mentioned above.

The swbis implementation writes its output to stdout. The default output block size is 10240 bytes. The last block is not padded and therefore the last write(2) may be a short write. The selected block size does not affect the output file contents.

The swbis implementation is biased, in terms of capability and default settings, to the tar format. Package signing is only supported in tar format.

Next: , Previous: SWPACKAGE OUTPUT FORMAT, Up: Top


The input file is called a product specification file or PSF. It contains information to direct swpackage and information that is package meta-data [that is merely transferred unchanged into the global INDEX file].

A PSF may contain object keywords, attributes (keyword/value pairs) and Extended Definitions (described below). An object keyword connotes a logical object (i.e. software structure) supported by the standard. An object keyword does not have a value field after it, as it contains Attributes and Extended Definitions. An attribute keyword conotes an attribute which is always in the form of a keyword/value pair.

Attribute keywords not recognized by the standard are allowed and are transferred into the INDEX file. Object keywords not recognized by the standard are not allowed and will generate an error. Extended Definitions may only appear in a PSF (never in a INDEX or INFO created by swpackage). Extended Definitions are translated [by swpackage] into object keywords (objects) and attributes recognized by the standard.

Comments in a PSF are not transferred into the INDEX file by the swbis implementation of swpackage.

The file syntax is the same as a INDEX, or INFO file. A PSF may contain all objects defined by the standard as well as extended definitions.

For additional information see XDSA C701 http://www.opengroup.org/publications/catalog/c701.htm, or sw manual page.



A Product Specification File (PSF) can contain Extended Definitions in the fileset, product or bundle software definitions. They would have the same level or containment relationship as a file or control_file definition in the same contaning object.

Extended Definitions represent a minimal, expressive form for specifying files and file attributes. Their use in a PSF is optional in that an equivalent PSF can be constructed without using them, however, their use is encouraged for the sake of brevity and orthogonality.

The swbis implementation requires that no [ordinary] attributes appear after Extended Definitions in the containing object, and, requires that Extended Definitions appear before logically contained objects. That is, the parser uses the next object keyword to syntacticly and logically terminate the current object even if the current object has logically contained objects.


1.10.2 o Extended Control File Definitions

          checkinstall  source  [path]
          preinstall    source  [path]
          postinstall   source  [path]
          verify        source  [path]
          fix           source  [path]
          checkremove   source  [path]
          preremove     source  [path]
          postremove    source  [path]
          configure     source  [path]
          unconfigure   source  [path]
          request       source  [path]
          unpreinstall  source  [path]
          unpostinstall source  [path]
          space         source  [path]
          control_file  source  [path]

The source attribute defines the location in distributors's development system where the swpackage utility will find the script. The keyword is the value of the tag attribute and tells the utilities when to execute the script. The path attribute is optional and specifies the file name in the packages distribution relative to the control_directory for software containing the script. If not given the tag value is used as the filename.

Next: , Previous: o Extended Control File Definitions, Up: SWPACKAGE INPUT FILE FORMAT

1.10.3 o Directory Mapping

        directory  source  [destination]

Applies the source attribute as the directory under which the subsequently listed files are located. If destination is defined it will be used as a prefix to the path (implied) file definition. source is typically a temporary or build location and dest is its unrealized absolute pathname destination.

Next: , Previous: o Directory Mapping, Up: SWPACKAGE INPUT FILE FORMAT

1.10.4 o Recursive File Definition

       file *

Specifies every file in current source directory.

The directory extended definition must be used before the recursive specification.

Next: , Previous: o Recursive File Definition, Up: SWPACKAGE INPUT FILE FORMAT

1.10.5 o Explicit File Definition

       file [-t type] [-m mode] [-o owner[,uid]] [-g group[,gid]] [-n] [-v] source [path]


source defines the pathname of the file to be used as the source of file data and/or attributes. If it is a relative path, then swpackage searches for this file relative to the the source argument of the directory keyword, if set. If directory keyword is not set then the search is relative to the current working directory of the swpackage utility's invocation.

All attributes for the destination file are taken from the source file, unless a file_permissions keyword is active, or the -m, -o, or -g options are also included in the file specification.


path defines the destination path where the file will be created or installed. If it is a relative path, then the destination path of the of the directory keyword must be active and will be used as the path prefix. If path is not specified then source is used as the value of path and directory mapping applied (if active).

-t type

type may one of 'd' (directory), or 'h' (hard link), or 's' (symbolic link).

-t d Create a directory. If path is not specified source is used as the path attribute.

-t h Create a hard link. path and source are specified. source is used as the value of the link_source attribute, and path is the value of the path attribute.

-t s Create a symbolic link. path and source are specified. source is used as the value of the link_source attribute, and path is the value of the path attribute.

-m mode

mode defines the octal mode for the file.

Next: , Previous: o Explicit File Definition, Up: SWPACKAGE INPUT FILE FORMAT

1.10.6 o Default Permission Definition

       file_permissions [-m mode] [-u umask] [-o [owner[,]][uid]] [-g [group[,]][gid]]

Applies to subsequently listed file definitions in a fileset. These attributes will apply where the file attributes were not specified explicitly in a file definition.

Subsequent file_permissions definitions simply replace previous definitions (resetting all the options).

To reset the file_permission state (i.e. turn it off) use one of the following: file_permissions "" or the preferred way is file_permissions -u 000

Next: , Previous: o Default Permission Definition, Up: SWPACKAGE INPUT FILE FORMAT

1.10.7 o Excluding Files

        exclude source

Excludes a previously included file or an entire directory.

Next: , Previous: o Excluding Files, Up: SWPACKAGE INPUT FILE FORMAT

1.10.8 o Including Files

        include <filename

The contents of filename may be more definitions for files. The syntax of the included file is PSF syntax.

Next: , Previous: o Including Files, Up: SWPACKAGE INPUT FILE FORMAT


This section describes attribute usage and conventions imposed by the swbis implementation. Not all attributes are listed here. Those that are have important effects or particular interest.


1.10.10 o Distribution Attributes

The standard defines a limited set of attributes for the distribution object. An expanded set is suggested by the informative annex however a conforming implementation is not required act on them. The reason for this is a distribution may be acted upon by a conforming utility in such a way that attributes of the distribution become invalid. For this reason, some attributes that refer to an entire "package" [in other package managers] are referred from the product object and attain their broadened scope by the distributor's convention that their distribution contains just one product.

For example, the package NAME and VERSION are referred from the product tag and revision, not the distribution's. This convention supports multiple products in a distribution and is consistent with the standard.


tag is the short, file system friendly, name of the distribution. Providing a distribution tag is optional. The swbis implementation will use this as the [single] path name prefix if there is no distribution.control_directory attribute. A distribution tag attribute and swpackage's response to it is an implementation extension. The leading package path can also be controlled with the ”-W dir” option.


control_directory, in a distribution object, is the constant leading package path. Providing this attribute is optional. A distribution control_directory attribute and swpackage's response to it is an implementation extension. The leading package path can also be controlled with the ”-W dir” option. This attribute will be generated by swpackage if not set in a PSF.

Next: , Previous: o Distribution Attributes, Up: SWPACKAGE INPUT FILE FORMAT

1.10.11 o Bundle Attributes

A bundle defines a collection of products whether or not the distribution has all the products present.


tag is the short, file system friendly, name of the bundle. This value is used by the swbis implementation as a path name component in the installed software catalog. If it is not present the product tag is used.

Next: , Previous: o Bundle Attributes, Up: SWPACKAGE INPUT FILE FORMAT

1.10.12 o Product Attributes

A product defines the software product.


tag is the short, file system friendly, name of the product. This value is used by the swbis implementation as a path name component in the installed software catalog. It is required. The swbis implementation uses it in a way that is analogous to the RPMTAG_NAME attribute, namely as the public recognizable name of the package.


Is the directory name in the distribution under which the product contents are located. This value has no affect on the installed software catalog. If it is not given in a PSF then the tag is used.


Is the product revision. It should not contain a "RELEASE" attribute part or other version suffix modifiers. This value is used by the swbis implementation as a path name component in the installed software catalog. It is required by swinstall.


This is a short identifying name of the distributor that supplied the product and may associate (refer to) a vendor object from the INDEX file that has a matching tag attribute. This attribute is optional. This attribute value should strive to be unique among all distributors. The swbis implementation modifies the intended usage slightly as a string that strives to be globally unique for a given product.tag and product.revision. In this capacity it serves to distinguish products with the same revision and tag from the same or different distributor. It most closely maps to the RPMTAG_RELEASE or "debian_revision" attributes. It is one of the version distinguishing attributes of a product specified by the standard. It is transfered into the installed_software catalog (not as a path name component) by swinstall. If this attribute exists there should also be a vendor object in the PSF in the distribution object that has this tag. This attribute is assigned the value of RPMTAG_RELEASE by swpackage when translating an RPM.


This string is one of the version attributes. It is used to disambiguate products that have the same tag, revision and vendor_tag. It is not used for determining a products compatibility with a host. The form is implementation defined. swbis uses the output of GNU config.guess as the value of this string. A wildcard pattern should not be used. The canonical swbis architecture string can be listed with swlist. For example

     swlist -a architecture @ localhost

Here are some example outputs from real systems.

         System      `uname -srm`              architecture
     Red Hat 8.0:  Linux 2.4.18 i686        i686-pc-linux-gnu
     OpenSolaris:  SunOS 5.11 i86pc         i386-pc-solaris2.11
     NetBSD 3.1:   NetBSD 3.1 i386          i386-unknown-netbsdelf3.1
     Red Hat 4.1:  Linux 2.0.36 i586        i586-pc-linux-gnulibc1
     Debian 3.1:   Linux 2.6.8-2-386 i686   i686-pc-linux-gnu

os_name os_release os_version machine_type

These attributes are used to determine compatibility with a host. They correspond to the uname attributes defined by POSIX.1. If an value is nil or non-existent it is assumed to match the host. All attributes must match for there to be compatibility. Distributors may wish to make these values a shell pattern in their PSF's so to match the intended collection of hosts. swbis uses fnmatch (with FLAGS=0) to determine a match.

Next: , Previous: o Product Attributes, Up: SWPACKAGE INPUT FILE FORMAT

1.10.13 o Fileset Attributes

A fileset defines the fileset.


tag is the short, file system friendly, name of the fileset. It is required although selection of filesets is not yet supported therefore the end user will have little to do with the fileset tag.


Is the directory name in the product under which the fileset contents are located. This value has no affect on the installed software catalog. If it is not given in a PSF then the tag is used.

Next: , Previous: o Fileset Attributes, Up: SWPACKAGE INPUT FILE FORMAT

1.10.14 o Example Source Package PSF

This PSF packages every file is current directory. It uses nil control directories so the package structure does not change relative to a vanilla tarball.

        description "fooit - a program from fooware
     that does everything."
        title "fooit - a really cool program"
        COPYING < /usr/local/fooware/legalstuff/COPYING
        the_term_vendor_is_misleading false
        tag fooware
        title fooware Consultancy Services, Inc.
        description ""
        the_term_vendor_is_misleading true
        tag myfixes1
        title Bug fixes, Set 1
        description "a place for more detailed description"
        tag fooit
        control_directory ""
        revision 1.0
        vendor_tag myfixes1  # Matches the vendor object above
         tag fooit-SOURCE
         control_directory ""
         directory .
         file *
         exclude catalog

Previous: o Example Source Package PSF, Up: SWPACKAGE INPUT FILE FORMAT

1.10.15 o Example Runtime (Binary) Package PSF

This is a sample PSF for a runtime package. It implies multiple products (e.g. sub-packages) using the bundle.contents attribute. Since the bundle and product tags exist in a un-regulated namespace and are seen by end users they should be carefully chosen. Note that the bundle and product have the same tag which may force downstream users to disambiguate using software selection syntax such as fooit,bv=* or fooit,pv=* .

        description "fooit - a program from fooware
     that does everything."
        title "fooit - a really cool program"
        COPYING < /usr/local/fooware/legalstuff/COPYING
             the_term_vendor_is_misleading false
             tag fooware
             title fooware Consultancy Services, Inc.
             description "Provider of the programs
      that do everything"
             the_term_vendor_is_misleading true
              tag fw0
              title fooware fixes
              description "More fixes from the fooware users"
     #  Bundle definition:  Use a bundle
              tag fooit
              vendor_tag fooware
              contents fooit,v=fw0 fooit-devel fooit-doc
     #  Product definition:
              tag fooit   # This is the package name
              revision 1.0 # This is the package version
              vendor_tag fw0 # This is a release name e.g. RPMTAG_RELEASE
              postinstall scripts/postinstall
               tag fooit-RUN
               file doc/man/man1/fooit.1 /usr/man/man1/fooit.1
               file src/fooit /usr/bin/fooit



This section shows several example PSF files.


1.11.1 o A minimal PSF to package all files in current directory.

        tag prod
        control_directory ""
        revision 1.0
         tag files
         control_directory ""
         directory .
         file *

Next: , Previous: o A minimal PSF to package all files in current directory, Up: SAMPLE PRODUCT SPEC FILES

1.11.2 o A PSF that uses directory mapping.

This PSF creates a package with live system paths from source that is installed in non-live temporary locations. It is modeled on the swbis source package.

        tag somepackage  # this is the package name
        control_directory ""
        revision 1.0  # this is the package revision
         tag files
         control_directory ""
         file_permissions -o root -g root
         directory swprogs /usr/bin
         file swpackage
         file swinstall
         file swverify
         file -m 755 -o root -g root / /usr/libexec/swbis
         directory swprogs /usr/libexec/swbis
         file swbisparse
         directory swsupplib/progs /usr/libexec/swbis
         file swbistar
         file -m 755 -o root -g root / /usr/share/doc/swbis
         directory . /usr/share/doc/swbis
         file -m 444 ./README
         file -m 444 CHANGES

When this PSF is processed by the command:

                 swpackage -Wsign -s - @- | tar tvf -

It produces the following:

      drwxr-x— root/root      0 2003-06-03 ... catalog/
      -rw-r—— root/root    307 2003-06-03 ... catalog/INDEX
      drwxr-x— root/root      0 2003-06-03 ... catalog/dfiles/
      -rw-r—— root/root     65 2003-06-03 ... catalog/dfiles/INFO
      -rw-r—— root/root     33 2003-06-03 ... catalog/dfiles/md5sum
      -rw-r—— root/root     41 2003-06-03 ... catalog/dfiles/sha1sum
      -rw-r—— root/root     33 2003-06-03 ... catalog/dfiles/adjunct_md5sum
      -rw-r—— root/root    512 2003-06-03 ... catalog/dfiles/sig_header
      -rw-r—— root/root   1024 2003-06-03 ... catalog/dfiles/signature
      drwxr-x— root/root      0 2003-06-03 ... catalog/pfiles/
      -rw-r—— root/root     65 2003-06-03 ... catalog/pfiles/INFO
      -rw-r—— root/root   1503 2003-06-03 ... catalog/INFO
      -rwxr-xr-x root/root 510787 2003-06-03 ... usr/bin/swpackage
      -rwxr-xr-x root/root 301255 2003-06-03 ... usr/bin/swinstall
      -rwxr-xr-x root/root   4105 2003-06-03 ... usr/bin/swverify
      drwxr-xr-x root/root      0 2003-06-03 ... usr/libexec/swbis/
      -rwxr-xr-x root/root 365105 2003-06-03 ... usr/libexec/swbis/swbisparse
      -rwxr-xr-x root/root 243190 2003-06-03 ... usr/libexec/swbis/swbistar
      drwxr-xr-x root/root      0 2003-06-03 ... usr/share/doc/swbis/
      -r–r–r– root/root   8654 2003-05-27 ... usr/share/doc/swbis/README
      -r–r–r– root/root  10952 2003-06-03 ... usr/share/doc/swbis/CHANGES

Previous: o A PSF that uses directory mapping, Up: SAMPLE PRODUCT SPEC FILES

1.11.3 o Create a PSF from a list of files.

                find . -print |  swpackage -Wfiles-from=- -Wlist-psf

Next: , Previous: SAMPLE PRODUCT SPEC FILES, Up: Top


0 on success, 1 on error and target medium not modified, 2 on error if target medium modified.

Next: , Previous: RETURN VALUE, Up: Top


No temporary files are used in the package generation process. When using the default target of stdout (directed to /dev/null), there are no file system side effects from swpackage. GNU Privacy Guard (gpg) may alter its keys when invoked for package signing.

Next: , Previous: SIDE EFFECTS, Up: Top



Sets the –passphrase-fd option. Set the option arg to a integer value of the file descriptor, or to "env" to read the passphrase from the environment variable SWPACKAGEPASSPHRASE, or to "agent" to cause gpg to use gpg-agent, or to "tty" to restore default behavoir to reading passphrase from the terminal.


Use the value as the passphrase if –passphrase-fd is set to "env"


Sets the –gpg-home option.


Sets the –gpg-name option, which is turn set the –local-user option of gpg.

Next: , Previous: ENVIRONMENT, Up: Top


Swpackage does not use any archive writing utilities, it has its own code to generate archives. Package signing uses one of the following: /usr/bin/gpg /usr/bin/pgp (PGP 2.6.x) /usr/bin/pgps (PGP 5)

Swpackage will use /usr/bin/uuidgen if present to create the uuid.

Next: , Previous: REQUISITE UTILITIES, Up: Top

1.16 FILES


Next: , Previous: FILES, Up: Top


ISO/IEC 15068-2:1999, Open Group CAE C701.

Next: , Previous: APPLICABLE STANDARDS, Up: Top


info swbis

sw(5), swbis(1), swpackage(5), swbisparse(1), swign(1), swverify(8)

Next: , Previous: SEE ALSO, Up: Top


swpackage(8): The packaging utility of the swbis project. Author: Jim Lowe Email: jhlowe at acm.org Version: 1.13 Last Updated: 2014-07-15 Copying: GNU Free Documentation License


1.20 BUGS

A comment after an object keyword is wrongly not allowed by this PSF parser. The –dir="" does not do what one would expect sometimes. The output stream content is unaffected by the blocksize, that is the last write may be short write. Signing is broken for cpio format archives.