tech-pkg archive
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index][
Old Index]
Merge of pkg_install-renovation
Hi all,
unless reasonable objections are voiced, I plan to merge the
pkg_install-renovation branch around the weekend.
Major changes:
- no more runtime dependencies on ftp or pax, pkg_install is essentially
self-contained
- introduction of pkg_install.conf:
- will be used by the upcoming optional vulnerability check in pkg_add
- in terms of options a superset of audit_packages.conf, but using
simpler / more restricted syntax for now
- audit-packages and download-vulnerability-list are now simple wrapper
scripts around pkg_admin; auditing itself is much faster
- x509 based signature validation for packages on both packages and
pkg-vulnerabilities for all systems with openssl in base (for those
without the question of static linkage needs to be addressed)
- signed packages can be installed from a remote site
- options to require signatures via pkg_install.conf are present
- pkg_add no longer extracts to /var/tmp, in-place installation is the
default
- pkg_add/pkg_delete can deal with chroot-like subtrees. For full use,
+INSTALL/+DEINSTALL need to honour the PKG_DESTDIR environment variable.
- automatic detection of conflicts based on +CONTENTS
Regressions:
- currently no support for GPG based signatures
- existing support only ever worked for local packages anyway and even
in that case TOCTOA issues remained, so running gpg by hand before is
as secure as the old code
- the signature format can be easily extended to deal with GPG signatures
once the issue of having a proper standalone library exists; hacks to
call gpg would be possible, but have issues like bootstrapping
Open issues:
- documentation of the x509 support needs improvement and especially
attention from someone not deeply involved in PKI setups
Joerg
Home |
Main Index |
Thread Index |
Old Index