Stork Tutorial: TPFile

Adding a package to your tpfile:
To add a package to your tpfile, use the command
./storkutil.py addfile FILE [FILE]...
where FILE is the location of the package you would like to trust. If the tpfile does not exist, storkutil will create one for you. Storkutil will look at the file, create a hash, and write it to your tpfile. If you upload the package to the repository and run stork to install the package, your node will select your specific file and install it.

For example, we will add packages 'package1' and 'package2'.

./storkutil.py addfile package1.tar.gz package2.tar.gz No tpfile found for foo. Generating new tpfile. File 'foo.tpfile' successfully signed File 'foo.tpfile' has been copied to 'foo.~~~.tpfile' Unembeded trusted packages file 'foo.tpfile' removed.

This script will run whenever Stork fails to find a trusted package file for the default user. It will then continue to the regular package adding script:

Using trustedpackages file '~~~~.tpfile' Successfully added file 'package1.tar.gz'. Successfully added file 'package2.tar.gz'. File '~~~.tpfile' successfully signed

Storkutil will automatically sign your trusted packages file using your key. Also note that your TPFile will be named as your public key followed by your username, with the .tpfile extension.

Viewing your tpfile:
Afterwards, we can look at the trusted packages file by running:

./storkutil.py view tpfile Viewing: foo.~~.tpfile TRUSTED PACKAGES FILE ALLOW package1.tar.gz ALLOW package2.tar.gz

We can confirm that the packages were added to our trusted packages file in this way.

Removing a package from the tpfile:
You can remove a file from your TPFile, just use the 'removefile' command.

./storkutil.py removefile package1.tar.gz

Adding and removing trusted users:
Before adding a user to your TPFile, you will need to obtain their publickey.
To trust users, you can use the adduser command:
storkutil.py adduser USER USER.publickey (allow|deny|any) AFFECTEDPACKAGES
Where USER is the name of the user you want to trust, followed by the public key that user has made available. AFFECTEDPACKAGES is a pattern that defines the packages you want to accept. If the tpfile does not exist, storkutil will create one for you.

Examples:
storkutil.py adduser USER1 USER1.publickey allow user-4-2.tar.gz
storkutil.py adduser USER2 USER2.publickey deny java\*
storkutil.py adduser PlanetLab PlanetLab.publickey allow \*
storkutil.py adduser USER3

The first example shows how to accept a single package from the user USER1. The second example will deny all files from USER2 that have the pattern java*. The third example shows how to accept all packages from the user PlanetLab (be sure to shell escape the * character instead of using * by itself). Note that this is not necessary; the PlanetLab node is trusted by default when a tpfile is created to allow default PlanetLab files to be installed, and the PlanetLab publickey is included in the enduser tarball. You can again use the view tpfile command to see the contents of your TPFILE. You can also remove users using the removeuser command.

./storkutil.py removeuser USER2

When you are done, you can upload the trusted packages file to your nodes through the upload website. After this, you can move on to installing your packages through Stork's package manager, pacman, or manually.

Return to the tutorial contents.