1.0 Working Examples

The following are working examples for those too impatient to read the manual.

1.1 Creating a signed tarball from a directory

These example shows how to sign directories and create a tarball from a directory.

First set up the GNU Privacy Guard Settings. You can use the environment variable or command line options for this.

SWPACKAGEPASSFD=agent  # Use the GPG agent, which must be running 
echo $GPG_AGENT_INFO   # Must point to the running agent

# The GPG agent is optional, unsetting SWPACKAGEPASSFD will cause
# swpackage to ask for your passphrase from the terminal.

Create a tarball from the current directory.

swign -s. --file-ownerships  @- | tar tvf -

A tar archive will be written to standard output.
This is a tar archive with an embedded GPG signature. It is able to be verified with swverify

swign -s. --file-ownerships @- | swverify -d @-

Now, for packaging up source code and other information where file ownerships are not important you can specify the file owners.

swign -s. -o 0 -g 0 @- | swverify -d @-

The first step in creating an archive is loading the GPG signed meta-data, hence we simply short circuit the operation to sign a directory. The directory can then be verified against the GPG signed information. For this you need the checkdigest.sh script.

cd /your/directory/
swign -s. --file-ownerships -D $HOME/checkdigest.sh --sign-only

Now verify the contents.

swverify -d @.
# If this fails try
swverify --order-catalog -d @.

Now pull the contents as is since you are satisfied nothing has changed and verify it again or copy the archive whereever you want.

swign --file-ownerships --emit-only | swverify -d @-
swign --file-ownerships --emit-only | swcopy -s - @ root@

1.2 Copying arbitrary Data

The program swcopy can be used to copy directories (as tar archives) or arbitrary data streams from one host to another.

Unpack a compressed tarball

swcopy -s - @. 

Translate and Unpack at a new location

swcopy -s - @/tmp/myname/xx/ <somepackage-1.0.tar.bz2
# Note: a trailing slash determines the target is a directory
#       or interpretation as a directory can be forced
#       with the --extract option

Here are examples of copying a data stream.

swcopy --no-audit --show-progress -s /dev/zero @ /dev/null

Now run the data through localhost

swcopy --no-audit --show-progress -s /dev/zero @ localhost:/dev/null

And now copy the data out to remote host as another user.

swcopy --no-audit --show-progress -s /dev/zero @ root@

Now copy a directory from another host.

swcopy --no-audit --show-progress -s root@ @ - | tar tvf -

copy several files to a new location

swcopy --no-audit -s /etc/rc.d -s /etc/resolv.conf @ /tmp/new_etc/

1.3 Package Management Cycle

First, create a sample binary package

# PSF (swpackage input file) for sample package

# And whitespace doesn't matter
        tag somepackage
        # control_directory ""  # For nil control directory
        revision 10.1
        tag bin
        # control_directory ""  # For nil control directory
        directory /etc /tmp  # Example of directory mapping
	file_permissions -o root,0 -g root,0
        file /etc/hosts
        file /etc/issue
        file /etc/resolv.conf

Now, use this file as input to swpackage

swpackage -s PSF -p -v       # Preview only
swpackage -s PSF | tar tvf - # Make and view the archive listing

Now, install this package, in this example to a alternate root

swpackage -s PSF | swinstall -vv -s - @ /tmp/newloc

Now, list the installed packages

# swlist @ /tmp/newloc
sys   somepackage               r=10.1          i=0

Now, list the files of the installed package

swlist --files somepackage @ /tmp/newloc

Now, verify the installed package. To get this to work, you must have signed the package when it was created using the ''--sign'' option of swpackage.

Recreate and reinstall the package. For this particular PSF, you must install as ''root'' to preserve the ownerships specified in the package. Privlidge escalation is accomplished via SSH.

swpackage --no-defaults --gpg-name="YourNameID" --sign --file-digests -s PSF |
swinstall -vv -x reinstall=y -s - @ root@localhost:/tmp/newloc
swverify -vv somepackage @ /tmp/newloc

Now list the package files as specified in the metadata

swlist --sig-level=1 --files -x verbose=2 somepackage @ root@localhost:/tmp/newloc

Now remove the package

swremove -vv --sig-level=1 somepackage @ root@localhost:/tmp/newloc