swpackage -- Package a software distribution.


       swpackage    # Filter: read PSF on stdin, write a tar archive to stdout

       swpackage -s- @-  # Absolutely explicit, same as above

       swpackage @FILE

       swpackage  [-p]  [-s psf_file]  [-f file] [-x option=value] \
       [-X options_file] [-W option] [software_selections] [@targets]

       swpackage --help # more authoritative documentation

       swpackage  [options] --to-swbis [-s package_file]   # format translator

       swpackage  [options] --resign [-s package_file]   # modify signatures
       swpackage  [options] --remove-signature=N [-s package_file]
       swpackage  [options] --replace-signature=N [-s package_file]


       swpackage reads a Product Specification File (PSF) and writes a
       distribution to the specified target.  If no options are given a PSF is
       read on stdin and a distribution is written to the default target
       either a directory, device, or standard output.  To specify standard
       output use a dash '-' as the target.


              Refer to the software objects (products, filesets) on which to
              be operated. (Not yet implemented)

              Refers to the software_collection where the software selections
              are to be applied.  To specify standard output use a  dash '-',
              this overrides media_type setting to 'serial'.  Target may be a
              file, or device file or '-'

       -f FILE
              Reads software_selections from FILE. (Not implemented).

              Preview the package.  Perform all the packaging operations
              except writing the target.  In verbose level 1, nothing is
              written.  Higher verbose levels write information on stdout.
              Error and warning messages are written to stderr for verbose
              levels 1 and higher.

       -s PSF
              Specify the PSF file, "-" is standard input.

       -x option=value
              Specify the extended option overriding the defaults file value.

       -X FILE
              Specify the extended options filename, FILE,  overriding the
              default filenames.  This option may be given more then once. If
              the resulting specified value is an empty string then reading of
              any options file is disabled.

              (Implementation extension.) Given one time it is identical to -x
              verbose=2.  This option can be given multiple times with
              increasing effect.
                   level 0: silent on stdout and stderr (not implemented).
                   level 1: fatal and warning messages.
              -v   level 2: level 1 plus file list and trailer message.
              -vv  level 3: level 2 verbose tar-like listing.
              -vvv level 4: level 3 extra verbose tar listing.

       -b BYTES
              Set blocksize to BYTES number of bytes (octets).  The default is
              10240.  (implementation extension)

       --version, -V
              Alternate Mode: Show version. (Implementation extension)

              Alternate Mode: Show help (Implementation extension)

       -W option[,option,...]
              Specify the implementation extension option.
              Syntax: -W option[=option_argument[,option...]
              Options may be separated by a comma.  The implementation
              extension options may also be given individually using the
              '--long-option[=option_arg]' syntax.

       -W cksum
              Compute POSIX cksum of the individual files.

       -W file-digests -W digests
              Compute md5 digests of the individual files.  (-W digests is
              deprecated, use -W file-digests).

       -W files
              Store the distribution file list in .../dfiles/files.

       -W dir=NAME
              Use NAME as the path name prefix of a distribution and also as
              the value of the distribution.control_directory and
              distribution.tag attribute (if not set).  May be set to an empty
              string to eliminate stray leading "./".

       -W sign
              Compute the md5sum, sha1sum and adjunct_md5sum digests and sign
              the package.

       -W dummy-sign
              Same as -W sign except use a dummy signature.  The signer
              program is not run and no password is required.

       -W signer-pgm=SIGNER
              Recognized SIGNERs are GPG, PGP2.6, and PGP5.  swverify only
              supports GPG, however, other types can be verified manually
              using the options of swverify and command line utilities.

       -W archive-digests
              Compute the md5sum, sha1sum and adjunct_md5sum digests.  See
              sw(5) for info on the digest and signed data input files.  The
              sha1sum and md5sum attributes have identical input streams.

       -W no-sha1
              Do not compute the sha1 digest even if directed to by other
              options.  (Deprecated: There is limited reason to use this

       -W signed-file
              Write only the signed data to the specified target but do not
              sign.  (Deprecated: There is limited reason to use this option).

       -W gpg-name=NAME
              Use NAME as the user ID to sign.  NAME becomes the option arg of
              the gpg --local-user option.

       -W gpg-path=PATH
              Use PATH as the gpg homedir.

       -W gzip
              compress output with file system gzip utilty

       -W bzip2
              compress output with file system bzip2 utility
       -W lzma
              compress output with file system lzma utility

       -W symmetric
              encrypt output with file system gpg utility

       -W encrypt-for-recipient=NAME
              encrypt with NAME's public key using file system gpg utility

       -W source=FILE
              Use serial archive located at FILE as the source instead of the
              file system.  The files referred by the PSF are taken from the
              serial archive and not the file system.

       -W numeric-owner
              Same as GNU tar option.  Emitted archive has only uid and gids.

       -W absolute-names
              Same as GNU tar option.  Leading slash '/' are always stripped
              unless this option is given.

       -W format=FORMAT
              The default format is 'pax'.  The pax format will only generate
              extended headers if needed.  FORMAT is one of:

               ustar   is the POSIX.1 tar format capable of storing
                       pathnames up to 255 characters in length.
                       Identical to GNU tar 1.15.1 --format=ustar
               ustar0  is a different POSIX.1 tar personality.
                       Identical to GNU tar 1.13.25 --posix -b1 for 99 char pathnames
                       Has different rendering of device numbers for non-device files,
                       but otherwise identical to 'ustar'
               gnu     Identical to GNU tar version 1.15.1 --format=gnu
               oldgnu  Identical to GNU tar version 1.13 and later with
                           block size set to 1. i.e. with option -b1.
                       Also identical to GNU tar 1.15.1 --format=oldgnu
               gnutar  same as oldgnu, oldgnu preferred.
               pax     Extended header tar (Default)
               odc     Posix.1 cpio (magic 070707).
               newc    cpio format (magic 070701).
               crc     cpio format (magic 070702).
               bsdpax3 Identical to pax v3.0, ustar format with option -b 512.

       -W pax-header-pid=NUMBER
              Sets the number used in any pax header naming scheme to NUMBER.
              You must use this option to make archive identical in subsequent
              (back-to-back) invocations.

       -W uuid=STRING
              Sets the uuid string to STRING instead of calling uuid(1) You
              must use this option to make the catalog directory identical in
              subsequent (back-to-back) invocations.

       -W create-time=TIME
              Applies to catalog files and the create_time attribute.  TIME is
              the seconds since the Unix Epoch.  You must use this option to
              make the catalog directory identical in subsequent (back-to-
              back) invocations.

       -W list-psf
              Write the PSF to stdout after having processed the extended

       -W to-swbis
              Alternate Mode: Read a package on standard input and write a
              POSIX package on standard output.  Requires the
              .../libexec/swbis/lxpsf program.  Supported formats are any
              supported format of lxpsf.  Identical to:
              /swbis/lxpsf --psf-form3 -H ustar | swpackage -Wsource=- -s@PSF

       -W passphrase-fd=N
              Read the passphrase on file descriptor N.

       -W passfile=FILE
              Read the passphrase from FILE in the file system.  Setting FILE
              to /dev/tty resets (i.e unsets) all passphrase directives, thus
              establishing the default action, reading from the terminal.

       -W dir-owner=OWNER
              Set the owner of the leading directory archive member to OWNER.
              If the option arg is "", then the owner is the owner of the
              current directory.

       -W dir-group=OWNER
              Set the group of the leading directory archive member to OWNER.
              If the option arg is "", then the owner is the owner of the
              current directory.

       -W dir-modep=MODE
              Set the file permissions mode of the leading directory archive
              member to MODE.

       -W catalog-owner=OWNER
              Set the owner of the catalog section to OWNER.

       -W catalog-group=GROUP
              Set the group of the catalog section to GROUP.

       -W files-from=NAME
              Read a list of files from file NAME.  Directories are not
              descended recursively.

       -W show-options-files
              Alternate Mode: Show the complete list of options files and if
              they are found.

       -W show-options
              Alternate Mode: Show the options after reading the files and
              parsing the command line options.

       -W no-catalog
              Do not write the catalog section.

       -W no-front-dir
              Do not write the directory archive members that preceed the
              catalog section.

       Signature Modification Options.  The source file via '-s' option is a
       previously signed archive file.

              Alternate Mode: Same as --add-signature-first

              Alternate Mode: Opposite of --addsign,  Same as --remove-

              Alternate Mode: Add signature first in the list of package
              signatures.  The last signature, by convention, is the primary

              Alternate Mode: Add signature last in the list of package
              signatures.  The last signature, by convention, is the primary
              Alternate Mode: Replace Nth signature, 0 means last signature.
              Alternate Mode: Remove Nth signature, 0 means last signature.
              Alternate Mode: Same as --replace-signature=0
       --resign-test, --zfilter
              Alternate Mode: Copy from source to target without altering.
              Does not generate a signature.  The output should be identical
              to the input.   Also has unintended use of accessing the
              compression pipeline function of swpackage.

              Modifier to alternate Mode: Applies when modifying signature.
              The compression methods of the input file are detected and the
              output is compressed to match.

              Modifier to alternate Mode: Overwrites file specified as the
              source name (by the -s FILE option).  Will likely do so safely.


       These extended options can be specified on the command line using the
       -x option or from the defaults file, swdefaults.

       Shown below is an actual portion of a defaults file which show default
       values.  These options are set in the /usr/lib/swbis/swdefaults or the
       ~/.swdefaults file.

       swpackage.distribution_target_directory  = /var/spool/sw   # Not used
       swpackage.distribution_target_serial     = -        # Not used
       swpackage.enforce_dsa                    = false    # Not used
       swpackage.follow_symlinks                = false    # Not used
       swpackage.logfile          = /var/lib/swbis/swpackage.log   # Not used
       swpackage.loglevel                       = 1         # Not used
       swpackage.media_capacity                 = 0         # Not used
       swpackage.media_type                     = serial    # Not used
       swpackage.psf_source_file                = -         # Not used
       swpackage.software                       =           # Not used
       swpackage.verbose                        = 1         # May be 1 2 or 3

   Swbis Implementation
       These extended options can be specified on the command line using
       -Woption=optionarg or --option=optionarg syntax.

       These options are set in the /usr/lib/swbis/swbisdefaults or the
       ~/.swbis/swbisdefaults file.

       swpackage.swbis_cksum                    = "false"   # true or false
       swpackage.swbis_file_digests             = "false"   # true or false
       swpackage.swbis_file_digests_sha2        = "false"   # true or false
       swpackage.swbis_files                    = "false"   # true or false
       swpackage.swbis_sign                     = "false"   # true or false
       swpackage.swbis_archive_digests          = "false"   # true or false
       swpackage.swbis_archive_digests_sha2     = "false"   # true or false
       swpackage.swbis_gpg_name                 = ""
       swpackage.swbis_gpg_path                 = "~/.gnupg"
       swpackage.swbis_gzip                     = "false"   # true or false
       swpackage.swbis_bzip2                    = "false"   # true or false
       swpackage.swbis_numeric_owner            = "false"   # true or false
       swpackage.swbis_absolute_names           = "false"   # true or false
       swpackage.swbis_format                   = "ustar"  # gnutar or ustar
       swpackage.swbis_signer_pgm               = "GPG" # GPG or PGP5 or PGP2.6


       Here are some commonly used options.

   Options and Option Files
       Show the option file options and the option files that determine the
       default values.

            swpackage --show-options
                 # and
            swpackage --show-options-files

   Preview the output
       Show a verbose tar-like file listing on stdout

            swpackage -pv
                  # or
            swpackage -pvv

   Create a signed package
       Read the PSF on standard input, sign using 'admin' key using the gpg-
       agent.  Include sha2 digests for the files and archive. Include the
       file list, compress the output using xz writing to standard output.

            swpackage -s - --sign --use-agent --gpg-name=admin --files \
                 --sha1 --sha2 --xz @-

   Resign a package
       Resign a previously signed package, overwriting the original file

            swpackage --resign -s foo.tar.gz --overwrite --recompress

   Idempotent Invocation
       Use special options to obtain an identical package two or more times

            swpackage --create-time=1406254892 \
                 --uuid=ed3b9432-3ba1-4c01-a125-e22fb94588e2 \

   ALternative Format Translation
       Execute the internally generated pipeline for format translation

            # the following is equivalent to  'swpackage --to-swbis'

                 /usr/local/libexec/swbis/lxpsf --psf-form3 \
                        -H ustar | swpackage -Wsource=- -s@PSF


       Support for embedded cryptographic signature

       Package signing is accomplished by including, as a package attribute, a
       detached signature in the package metadata (the catalog section of the
       package).  The signed data is the catalog section of the package (see
       sw(5) for a description) excluding the signature files archive header
       and data.  The package leading directory that does not contain the
       /catalog/ directory in its name is not included in the signed stream.
       The signed stream is terminated by two (2) null tar blocks (which are
       not in the actual package file).  The storage section (or payload) of
       the package is included in the signed data by computing its md5 and
       sha1 message digests and storing these as attributes in the catalog

   Signature Generation
       The signature is generated by the file system signing utility.
       Currently, swpackage supports GPG PGP-2.6 and PGP-5.  The default is
       GPG but can be selected using the -Wsigner-pgm command line option and
       the swpackage.swbis_signer_pgm defaults file option.  The options and
       program can the displayed with the -Wshow-signer-pgm option.  The
       options in each case produce a detached ascii-armored signature.  The
       maximum length for the ascii armored file is 1023 bytes.

   Passphrase Handling
       The passphrase can be read from the tty, a file descriptor, and
       environment variable or the GNUpg passphrase agent.  These are
       controlled by the options or the environment variables SWPACKAGEPASSFD
       and SWPACKAGEPASSPHRASE.  Placing your passphrase in an environment
       variable is insecure but may be usefull to sign packages with a test
       key and later replace it [when on a different host for example].


       swpackage does not perform verification of the embedded cryptographic
       signature, although, a description is included here for completness.

       Verification requires verifying the payload section md5 and sha1
       message digests and then verifying the signature.  Naturally, it is
       required that the signed data include the payload messages digests.
       See swverify.

   Manual Verification
       Verification requires re-creating the signed and digested byte streams
       from the archive file.  This is not possible using any known extant tar
       reading utility because of a lack of ability to write selected archive
       members to stdout instead of installing in the file system; however,
       the swverify utility can be used to write these bytes streams to stdout
       allowing manual inspection and verification.  See swverify.

   Manual Verification Using Standard Tools
       Verification using standard GNU/Linux tools is possible if the archive
       is installed in the file system.  Success depends on the following

       1) The tar utility preserves modification times
          (e.g. not GNU tar 1.3.19).
       2) The archive does not contain Symbolic Links
          (see sw(5) for explanation).
       3) The file system is a Unix file system (e.g. ext2).
       4) The package was created using -Wformat=gnutar or, -Wformat=ustar
          with no file name longer than 99 octets.

        Recreating the signed and digested byte streams is then accomplished
       using GNU tar and the file list stored in the
       <path>/catalog/dfiles/files attribute file as follows:

       In this example, the package has a single path name prefix called,
       namedir and the file owner/group are root.  These restrictions are
       suited to source packages.
       Verify the signature:

         tar cf - -b1 --owner=root --group=root \
         --exclude=namedir/catalog/dfiles/signature  \
         namedir/catalog | gpg --verify namedir/catalog/dfiles/signature -

        If this fails try using GNU tar option --posix.  If this fails then
       you are out of luck as nothing in the catalog section can be trusted.

       Verify the payload digests:

         grep -v namedir/catalog  namedir/catalog/dfiles/files | \
         tar cf - -b1 --owner=root --group=root \
         --files-from=- --no-recursion | md5sum
         cat namedir/catalog/dfiles/md5sum

        Likewise for the sha1 digest.

       If the package has symbolic links, Verify the adjunct_md5sum:

         grep -v namedir/catalog  namedir/catalog/dfiles/files | \
         ( while read file; do if [ ! -h $file ]; then echo $file; fi done; )|\
         tar cf - -b1 --owner=root --group=root \
         --files-from=- --no-recursion | md5sum
         cat namedir/catalog/dfiles/adjunct_md5sum

        The symbolic link files must be verified manually by comparing to the
       INFO file information.


       The output format is either one of two formats specified in POSIX.1
       (ISO/IEC 9945-1) which are tar (header magic=ustar) or cpio (header
       magic=070707).  The default format of the swbis implementation is
       "ustar".  The POSIX spec under specifies definitions for some of the
       ustar header fields.  The personality of the default swbis ustar format
       mimics GNU tar 1.15.1 and is designed to be compliant to POSIX.1.  The
       personality of the "ustar0" format mimics, for pathnames less than 99
       octets,  GNU tar 1.13.25 using the "-b1 --posix" options.  This bit-
       for-bit sameness does not exist for pathnames greater than 99 chars as
       swbis follows the POSIX spec and GNU tar 1.13.25 does not.  The
       "ustar0" ustar personality is deprecated.  It is only slightly
       different from 'ustar' in how device number fields are filled (with
       spaces, zeros or NULs) for non-device files.

       In addition the swbis implementation supports several other tar
       variants including bit-for-bit mimicry of GNU tar (1.13.25) default
       format which uses a non-standard name split and file type (type 'L').
       This format is known as '--format=oldgnu'.  Also supported is the gnu
       format of GNU tar 1.15.1 specified by '--format=gnu'

       The defacto cpio formats are also supported.  "new ASCII" (sometimes
       called SVR4 cpio) and "crc" cpio formats with header magic "070701" and
       "070702" respectively.

       Support for "pax Interchange Format" (Extended header tar) described in
       IEEE 1003.1-2001 under the "pax" manual page has been implemented for
       POSIX file attributes as of release 1.12 (c Aug2014).  The 'swpackage'
       utility will generate extended headers on an as needed basis when the
       --format=pax is used.  Support for POSIX ACL and SELinux attributes is

       The entirety of the output byte stream is a single valid file of one
       the formats mentioned above.

       The swbis implementation writes its output to stdout.  The default
       output block size is 10240 bytes.  The last block is not padded and
       therefore the last write(2) may be a short write.  The selected block
       size does not affect the output file contents.

       The swbis implementation is biased, in terms of capability and default
       settings, to the tar format.  Package signing is only supported in tar


       The input file is called a product specification file or PSF.  It
       contains information to direct swpackage and information that is
       package meta-data [that is merely transferred unchanged into the global
       INDEX file].

       A PSF may contain object keywords, attributes (keyword/value pairs) and
       Extended Definitions (described below).  An object keyword connotes a
       logical object (i.e. software structure) supported by the standard.  An
       object keyword does not have a value field after it, as it contains
       Attributes and Extended Definitions.  An attribute keyword conotes an
       attribute which is always in the form of a keyword/value pair.

       Attribute keywords not recognized by the standard are allowed and are
       transferred into the INDEX file.  Object keywords not recognized by the
       standard are not allowed and will generate an error.  Extended
       Definitions may only appear in a PSF (never in a INDEX or INFO created
       by swpackage).  Extended Definitions are translated [by swpackage] into
       object keywords (objects) and attributes recognized by the standard.

       Comments in a PSF are not transferred into the INDEX file by the swbis
       implementation of swpackage.

       The file syntax is the same as a INDEX, or INFO file.  A PSF may
       contain all objects defined by the standard as well as extended

       For additional information see
       XDSA C701 http://www.opengroup.org/publications/catalog/c701.htm, or
       sw manual page.

       A Product Specification File (PSF) can contain Extended Definitions in
       the fileset, product or bundle software definitions.  They would have
       the same level or containment relationship as a file or control_file
       definition in the same contaning object.

       Extended Definitions represent a minimal, expressive form for
       specifying files and file attributes.  Their use in a PSF is optional
       in that an equivalent PSF can be constructed without using them,
       however, their use is encouraged for the sake of brevity and

       The swbis implementation requires that no [ordinary] attributes appear
       after Extended Definitions in the containing object, and, requires that
       Extended Definitions appear before logically contained objects.  That
       is, the parser uses the next object keyword to syntacticly and
       logically terminate the current object even if the current object has
       logically contained objects.

   o  Extended Control File Definitions
            checkinstall  source  [path]
            preinstall    source  [path]
            postinstall   source  [path]
            verify        source  [path]
            fix           source  [path]
            checkremove   source  [path]
            preremove     source  [path]
            postremove    source  [path]
            configure     source  [path]
            unconfigure   source  [path]
            request       source  [path]
            unpreinstall  source  [path]
            unpostinstall source  [path]
            space         source  [path]
            control_file  source  [path]

       The source attribute defines the location in distributors's development
       system where the swpackage utility will find the script.  The keyword
       is the value of the tag attribute and tells the utilities when to
       execute the script.  The path attribute is optional and specifies the
       file name in the packages distribution relative to the
       control_directory for software containing the script. If not given the
       tag value is used as the filename.

   o  Directory Mapping
          directory  source  [destination]

       Applies the source attribute as the directory under which the
       subsequently listed files are located.  If destination is defined it
       will be used as a prefix to the path (implied) file definition.  source
       is typically a temporary or build location and dest is its unrealized
       absolute pathname destination.

   o  Recursive File Definition
         file *

       Specifies every file in current source directory.  The directory
       extended definition must be used before the recursive specification.

   o  Explicit File Definition
         file [-t type] [-m mode] [-o owner[,uid]] [-g group[,gid]] [-n] [-v] source [path]


              source defines the pathname of the file to be used as the source
              of file data and/or attributes.  If it is a relative path, then
              swpackage searches for this file relative to the the source
              argument of the directory keyword, if set.  If directory keyword
              is not set then the search is relative to the current working
              directory of the swpackage utility's invocation.

              All attributes for the destination file are taken from the
              source file, unless a file_permissions keyword is active, or the
              -m, -o, or -g options are also included in the file


              path defines the destination path where the file will be created
              or installed.  If it is a relative path, then the destination
              path of the of the directory keyword must be active and will be
              used as the path prefix.  If path is not specified then source
              is used as the value of path and directory mapping applied (if

       -t type

              type may one of 'd' (directory), or  'h' (hard link), or 's'
              (symbolic link).

              -t d  Create a directory.
              If path is not specified source is used as the path attribute.

              -t h  Create a hard link.
              path and source are specified.  source is used as the value of
              the link_source attribute, and path is the value of the path

              -t s  Create a symbolic link.
              path and source are specified.  source is used as the value of
              the link_source attribute, and path is the value of the path

       -m mode

              mode defines the octal mode for the file.

   o  Default Permission Definition
         file_permissions [-m mode] [-u umask] [-o [owner[,]][uid]] [-g [group[,]][gid]]

       Applies to subsequently listed file definitions in a fileset.  These
       attributes will apply where the file attributes were not specified
       explicitly in a file definition.  Subsequent file_permissions
       definitions simply replace previous definitions (resetting all the

       To reset the file_permission state (i.e. turn it off) use one of the
           file_permissions ""
            or the preferred way is
           file_permissions -u 000

   o  Excluding Files
          exclude source

       Excludes a previously included file or an entire directory.

   o  Including Files
          include <filename

       The contents of filename may be more definitions for files.  The syntax
       of the included file is PSF syntax.

       This section describes attribute usage and conventions imposed by the
       swbis implementation.  Not all attributes are listed here.  Those that
       are have important effects or particular interest.

   o Distribution Attributes
       The standard defines a limited set of attributes for the distribution
       object.  An expanded set is suggested by the informative annex however
       a conforming implementation is not required act on them.  The reason
       for this is a distribution may be acted upon by a conforming utility in
       such a way that attributes of the distribution become invalid.  For
       this reason, some attributes that refer to an entire "package" [in
       other package managers] are referred from the product object and attain
       their broadened scope by the distributor's convention that their
       distribution contains just one product.

       For example, the package NAME and VERSION are referred from the product
       tag and revision, not the distribution's.  This convention supports
       multiple products in a distribution and is consistent with the


              tag is the short, file system friendly, name of the
              distribution.  Providing a distribution tag is optional.  The
              swbis implementation will use this as the [single] path name
              prefix if there is no distribution.control_directory attribute.
              A distribution tag attribute and swpackage's response to it is
              an implementation extension.  The leading package path can also
              be controlled with the ''-W dir'' option.


              control_directory, in a distribution object, is the constant
              leading package path.  Providing this attribute is optional.  A
              distribution control_directory attribute and swpackage's
              response to it is an implementation extension.  The leading
              package path can also be controlled with the ''-W dir'' option.
              This attribute will be generated by swpackage if not set in a

   o Bundle Attributes
       A bundle defines a collection of products whether or not the
       distribution has all the products present.


              tag is the short, file system friendly, name of the bundle.
              This value is used by the swbis implementation as a path name
              component in the installed software catalog.  If it is not
              present the product tag is used.

   o Product Attributes
       A product defines the software product.


              tag is the short, file system friendly, name of the product.
              This value is used by the swbis implementation as a path name
              component in the installed software catalog.  It is required.
              The swbis implementation uses it in a way that is analogous to
              the RPMTAG_NAME attribute, namely as the public recognizable
              name of the package.


              Is the directory name in the distribution under which the
              product contents are located.  This value has no affect on the
              installed software catalog.  If it is not given in a PSF then
              the tag is used.


              Is the product revision.  It should not contain a "RELEASE"
              attribute part or other version suffix modifiers.  This value is
              used by the swbis implementation as a path name component in the
              installed software catalog.  It is required by swinstall.


              This is a short identifying name of the distributor that
              supplied the product and may associate (refer to) a vendor
              object from the INDEX file that has a matching tag attribute.
              This attribute is optional.  This attribute value should strive
              to be unique among all distributors. The swbis implementation
              modifies the intended usage slightly as a string that strives to
              be globally unique for a given product.tag and product.revision.
              In this capacity it serves to distinguish products with the same
              revision and tag from the same or different distributor.  It
              most closely maps to the RPMTAG_RELEASE or "debian_revision"
              attributes.  It is one of the version distinguishing attributes
              of a product specified by the standard.  It is transfered into
              the installed_software catalog (not as a path name component) by
              swinstall.  If this attribute exists there should also be a
              vendor object in the PSF in the distribution object that has
              this tag.  This attribute is assigned the value of
              RPMTAG_RELEASE by swpackage when translating an RPM.


              This string is one of the version attributes.  It is used to
              disambiguate products that have the same tag, revision and
              vendor_tag.  It is not used for determining a products
              compatibility with a host.  The form is implementation defined.
              swbis uses the output of GNU config.guess as the value of this
              string.  A wildcard pattern should not be used.  The canonical
              swbis architecture string can be listed with swlist. For example

              swlist -a architecture @ localhost

               Here are some example outputs from real systems.

                  System      `uname -srm`              architecture
              Red Hat 8.0:  Linux 2.4.18 i686        i686-pc-linux-gnu
              OpenSolaris:  SunOS 5.11 i86pc         i386-pc-solaris2.11
              NetBSD 3.1:   NetBSD 3.1 i386          i386-unknown-netbsdelf3.1
              Red Hat 4.1:  Linux 2.0.36 i586        i586-pc-linux-gnulibc1
              Debian 3.1:   Linux 2.6.8-2-386 i686   i686-pc-linux-gnu

       os_name os_release os_version machine_type

              These attributes are used to determine compatibility with a
              host.  They correspond to the uname attributes defined by
              POSIX.1.  If an value is nil or non-existent it is assumed to
              match the host.  All attributes must match for there to be
              compatibility.  Distributors may wish to make these values a
              shell pattern in their PSF's so to match the intended collection
              of hosts.  swbis uses fnmatch (with FLAGS=0) to determine a

   o Fileset Attributes
       A fileset defines the fileset.


              tag is the short, file system friendly, name of the fileset.  It
              is required although selection of filesets is  not yet supported
              therefore the end user will have little to do with the fileset


              Is the directory name in the product under which the fileset
              contents are located.  This value has no affect on the installed
              software catalog.  If it is not given in a PSF then the tag is

   o Example Source Package PSF
       This PSF packages every file is current directory. It uses nil control
       directories so the package structure does not change relative to a
       vanilla tarball.

          description "fooit - a program from fooware
       that does everything."
          title "fooit - a really cool program"
          COPYING < /usr/local/fooware/legalstuff/COPYING
          the_term_vendor_is_misleading false
          tag fooware
          title fooware Consultancy Services, Inc.
          description ""
          the_term_vendor_is_misleading true
          tag myfixes1
          title Bug fixes, Set 1
          description "a place for more detailed description"
          tag fooit
          control_directory ""
          revision 1.0
          vendor_tag myfixes1  # Matches the vendor object above
           tag fooit-SOURCE
           control_directory ""
           directory .
           file *
           exclude catalog

   o Example Runtime (Binary) Package PSF
       This is a sample PSF for a runtime package.  It implies multiple
       products (e.g. sub-packages) using the bundle.contents attribute.
       Since the bundle and product tags exist in a un-regulated namespace and
       are seen by end users they should be carefully chosen.   Note that the
       bundle and product have the same tag which may force downstream users
       to disambiguate using software selection syntax such as fooit,bv=* or
       fooit,pv=* .

          description "fooit - a program from fooware
       that does everything."
          title "fooit - a really cool program"
          COPYING < /usr/local/fooware/legalstuff/COPYING

               the_term_vendor_is_misleading false
               tag fooware
               title fooware Consultancy Services, Inc.
               description "Provider of the programs
        that do everything"

               the_term_vendor_is_misleading true
                tag fw0
                title fooware fixes
                description "More fixes from the fooware users"

       #  Bundle definition:  Use a bundle
                tag fooit
                vendor_tag fooware
                contents fooit,v=fw0 fooit-devel fooit-doc

       #  Product definition:
                tag fooit   # This is the package name
                revision 1.0 # This is the package version
                vendor_tag fw0 # This is a release name e.g. RPMTAG_RELEASE
                postinstall scripts/postinstall
                 tag fooit-RUN
                 file doc/man/man1/fooit.1 /usr/man/man1/fooit.1
                 file src/fooit /usr/bin/fooit


       This section shows several example PSF files.

   o   A minimal PSF to package all files in current directory.
          tag prod
          control_directory ""
          revision 1.0
           tag files
           control_directory ""
           directory .
           file *

   o   A PSF that uses directory mapping.
       This PSF creates a package with live system paths from source that is
       installed in non-live temporary locations. It is modeled on the swbis
       source package.

          tag somepackage  # this is the package name
          control_directory ""
          revision 1.0  # this is the package revision
           tag files
           control_directory ""

           file_permissions -o root -g root
           directory swprogs /usr/bin
           file swpackage
           file swinstall
           file swverify

           file -m 755 -o root -g root / /usr/libexec/swbis

           directory swprogs /usr/libexec/swbis
           file swbisparse

           directory swsupplib/progs /usr/libexec/swbis
           file swbistar

           file -m 755 -o root -g root / /usr/share/doc/swbis
           directory . /usr/share/doc/swbis
           file -m 444 ./README
           file -m 444 CHANGES

       When this PSF is processed by the command:

                   swpackage -Wsign -s - @- | tar tvf -

       It produces the following:

        drwxr-x--- root/root      0 2003-06-03 ... catalog/
        -rw-r----- root/root    307 2003-06-03 ... catalog/INDEX
        drwxr-x--- root/root      0 2003-06-03 ... catalog/dfiles/
        -rw-r----- root/root     65 2003-06-03 ... catalog/dfiles/INFO
        -rw-r----- root/root     33 2003-06-03 ... catalog/dfiles/md5sum
        -rw-r----- root/root     41 2003-06-03 ... catalog/dfiles/sha1sum
        -rw-r----- root/root     33 2003-06-03 ... catalog/dfiles/adjunct_md5sum
        -rw-r----- root/root    512 2003-06-03 ... catalog/dfiles/sig_header
        -rw-r----- root/root   1024 2003-06-03 ... catalog/dfiles/signature
        drwxr-x--- root/root      0 2003-06-03 ... catalog/pfiles/
        -rw-r----- root/root     65 2003-06-03 ... catalog/pfiles/INFO
        -rw-r----- root/root   1503 2003-06-03 ... catalog/INFO
        -rwxr-xr-x root/root 510787 2003-06-03 ... usr/bin/swpackage
        -rwxr-xr-x root/root 301255 2003-06-03 ... usr/bin/swinstall
        -rwxr-xr-x root/root   4105 2003-06-03 ... usr/bin/swverify
        drwxr-xr-x root/root      0 2003-06-03 ... usr/libexec/swbis/
        -rwxr-xr-x root/root 365105 2003-06-03 ... usr/libexec/swbis/swbisparse
        -rwxr-xr-x root/root 243190 2003-06-03 ... usr/libexec/swbis/swbistar
        drwxr-xr-x root/root      0 2003-06-03 ... usr/share/doc/swbis/
        -r--r--r-- root/root   8654 2003-05-27 ... usr/share/doc/swbis/README
        -r--r--r-- root/root  10952 2003-06-03 ... usr/share/doc/swbis/CHANGES

   o   Create a PSF from a list of files.
                  find . -print |  swpackage -Wfiles-from=- -Wlist-psf


       0 on success, 1 on error and target medium not modified, 2 on error if
       target medium modified.


        No temporary files are used in the package generation process.  When
       using the default target of stdout (directed to /dev/null), there are
       no file system side effects from swpackage.  GNU Privacy Guard (gpg)
       may alter its keys when invoked for package signing.


              Sets the --passphrase-fd option.  Set the option arg to a
              integer value of the file descriptor, or to "env" to read the
              passphrase from the environment variable SWPACKAGEPASSPHRASE, or
              to "agent" to cause gpg to use gpg-agent, or to "tty" to restore
              default behavoir to reading passphrase from the terminal.

              Use the value as the passphrase if --passphrase-fd is set to

              Sets the --gpg-home option.

              Sets the --gpg-name option, which is turn set the --local-user
              option of gpg.


       Swpackage does not use any archive writing utilities, it has its own
       code to generate archives.
       Package signing uses one of the following:
        /usr/bin/pgp   (PGP 2.6.x)
        /usr/bin/pgps  (PGP 5)

       Swpackage will use /usr/bin/uuidgen if present to create the uuid.




       ISO/IEC 15068-2:1999, Open Group CAE C701.


       info swbis

       sw(5), swbis(1), swpackage(5), swbisparse(1), swign(1), swverify(8)


        swpackage(8): The packaging utility of the swbis project.
        Author: Jim Lowe   Email: jhlowe at acm.org
        Version: 1.13
        Last Updated: 2014-07-15
        Copying: GNU Free Documentation License


       A comment after an object keyword is wrongly not allowed by this PSF
       parser.  The --dir="" does not do what one would expect sometimes.  The
       output stream content is unaffected by the blocksize, that is the last
       write may be short write.  Signing is broken for cpio format archives.