tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Merge of pkg_install-renovation

Hi all,
unless reasonable objections are voiced, I plan to merge the
pkg_install-renovation branch around the weekend.

Major changes:
- no more runtime dependencies on ftp or pax, pkg_install is essentially
- introduction of pkg_install.conf:
  - will be used by the upcoming optional vulnerability check in pkg_add
  - in terms of options a superset of audit_packages.conf, but using
    simpler / more restricted syntax for now
- audit-packages and download-vulnerability-list are now simple wrapper
  scripts around pkg_admin; auditing itself is much faster
- x509 based signature validation for packages on both packages and
  pkg-vulnerabilities for all systems with openssl in base (for those
  without the question of static linkage needs to be addressed)
  - signed packages can be installed from a remote site
  - options to require signatures via pkg_install.conf are present
- pkg_add no longer extracts to /var/tmp, in-place installation is the
- pkg_add/pkg_delete can deal with chroot-like subtrees. For full use,
  +INSTALL/+DEINSTALL need to honour the PKG_DESTDIR environment variable.
- automatic detection of conflicts based on +CONTENTS

- currently no support for GPG based signatures
  - existing support only ever worked for local packages anyway and even
    in that case TOCTOA issues remained, so running gpg by hand before is
    as secure as the old code
  - the signature format can be easily extended to deal with GPG signatures
    once the issue of having a proper standalone library exists; hacks to
    call gpg would be possible, but have issues like bootstrapping

Open issues:
- documentation of the x509 support needs improvement and especially
  attention from someone not deeply involved in PKI setups


Home | Main Index | Thread Index | Old Index