stork logo
Stork Documentation

Stork Documentation: TPFile

Trusted Packages File

The Trusted Packages File (TPFILE) defines which files you trust to be installed. This helps your nodes stay secure, as files will be verified through a set of hash codes. Even if two files share the same name, your nodes will only receive the one that matches the hash obtained when the Trusted Packages File was created (preventing your nodes from downloading maliciously modified packages in the repository). You are also allowed to trust other users, allowing your nodes to accept packages from those users exclusively. This will let your nodes download and install applications created by other trusted users. Note that adding packages to your TPFILE will not download the packages; it just notifies Stork which packages you trust to be downloaded.

Adding a package to your tpfile:
To add a package to your tpfile, use the command
./storkutil.py addfile FILE [FILE]...
where FILE is the location of the package you would like to trust. If the tpfile does not exist, storkutil will create one for you. Storkutil will look at the file, create a hash, and write it to your tpfile. If you upload the package to the repository and run stork to install the package, your node will select your specific file and install it.

For example, we will add packages 'package1' and 'package2'.

./storkutil.py addfile package1.tar.gz package2.tar.gz
No tpfile found for foo. Generating new tpfile.
File 'foo.tpfile' successfully signed
File 'foo.tpfile' has been copied to 'foo.~~~.tpfile'
Unembeded trusted packages file 'foo.tpfile' removed.

This script will run whenever Stork fails to find a trusted package file for the default user. It will then continue to the regular package adding script:

Using trustedpackages file '~~~~.tpfile'
Successfully added file 'package1.tar.gz'.
Successfully added file 'package2.tar.gz'.
File '~~~.tpfile' successfully signed

Storkutil will automatically sign your trusted packages file using your key. Also note that your TPFile will be named as your public key followed by your username, with the .tpfile extension.

Viewing your tpfile:
Afterwards, we can look at the trusted packages file by running:

./storkutil.py view tpfile
Viewing: foo.~~.tpfile

TRUSTED PACKAGES FILE
ALLOW package1.tar.gz
ALLOW package2.tar.gz

We can confirm that the packages were added to our trusted packages file in this way.

Removing a package from the tpfile:
You can remove a file from your TPFile, just use the 'removefile' command.

./storkutil.py removefile package1.tar.gz

Adding and removing trusted users:
Before adding a user to your TPFile, you will need to obtain their publickey.
To trust users, you can use the adduser command:
storkutil.py adduser USER USER.publickey (allow|deny|any) AFFECTEDPACKAGES
Where USER is the name of the user you want to trust, followed by the public key that user has made available. AFFECTEDPACKAGES is a pattern that defines the packages you want to accept. If the tpfile does not exist, storkutil will create one for you.

Examples:
storkutil.py adduser USER1 USER1.publickey allow user-4-2.tar.gz
storkutil.py adduser USER2 USER2.publickey deny java\*
storkutil.py adduser PlanetLab PlanetLab.publickey allow \*
storkutil.py adduser USER3

The first example shows how to accept a single package from the user USER1. The second example will deny all files from USER2 that have the pattern java*. The third example shows how to accept all packages from the user PlanetLab (be sure to shell escape the * character instead of using * by itself). Note that this is not necessary; the PlanetLab node is trusted by default when a tpfile is created to allow default PlanetLab files to be installed, and the PlanetLab publickey is included in the enduser tarball. You can again use the view tpfile command to see the contents of your TPFILE. You can also remove users using the removeuser command.

./storkutil.py removeuser USER2

Return to the documentation contents.

Home Top
powered by planetlab University of Arizona, Computer Science logo