Stork Documentation: TPFile
Trusted Packages File
The Trusted Packages File (TPFILE) defines which files you trust to be installed.
This helps your nodes stay secure, as files will be
verified through a set of hash codes. Even if
two files share the same name, your nodes will only receive the one that
matches the hash obtained when the Trusted Packages File was created
(preventing your nodes from downloading maliciously modified packages in the
repository). You are also allowed to trust other users, allowing your nodes
to accept packages from those users exclusively. This will let your nodes
download and install applications created by other trusted users. Note that adding packages to
your TPFILE will not download the packages; it just notifies Stork which packages
you trust to be downloaded.
Adding a package to your tpfile:
To add a package to your tpfile, use the command
./storkutil.py
addfile FILE [FILE]...
where FILE is the location of the package you would
like to trust. If the tpfile does not exist, storkutil will create one for
you. Storkutil will look at the file, create a hash, and write it to your
tpfile. If you upload
the package to the repository and run
stork to install the package, your node will select your specific file and
install it.
For example, we will add packages 'package1' and 'package2'.
./storkutil.py addfile package1.tar.gz package2.tar.gz
No tpfile found for foo. Generating new tpfile.
File 'foo.tpfile' successfully signed
File 'foo.tpfile' has been copied to 'foo.~~~.tpfile'
Unembeded trusted packages file 'foo.tpfile' removed.
|
This script will run whenever Stork fails to find a trusted package
file for the default user. It will then continue to the regular package adding script:
Using trustedpackages file '~~~~.tpfile'
Successfully added file 'package1.tar.gz'.
Successfully added file 'package2.tar.gz'.
File '~~~.tpfile' successfully signed
|
Storkutil will automatically sign your trusted packages file using
your key. Also note that your TPFile will be named as your public key followed by
your username, with the .tpfile extension.
Viewing your tpfile:
Afterwards, we can look at the trusted packages file by running:
./storkutil.py view tpfile
Viewing: foo.~~.tpfile
TRUSTED PACKAGES FILE
ALLOW package1.tar.gz
ALLOW package2.tar.gz
|
We can confirm that the packages were added to our trusted packages
file in this way.
Removing a package from the tpfile:
You can remove a file from your TPFile, just use the 'removefile' command.
./storkutil.py removefile package1.tar.gz
Adding and removing trusted users:
Before adding a user to your TPFile, you will need to obtain their
publickey.
To trust users, you can use the adduser command:
storkutil.py adduser USER USER.publickey (allow|deny|any) AFFECTEDPACKAGES
Where USER is the name of the user you want to trust, followed by the
public key that user has made available. AFFECTEDPACKAGES is a pattern
that defines the packages you want to accept. If the tpfile does not exist,
storkutil will create one for you.
Examples:
storkutil.py adduser USER1 USER1.publickey allow user-4-2.tar.gz
storkutil.py adduser USER2 USER2.publickey deny java\*
storkutil.py adduser PlanetLab PlanetLab.publickey allow \*
storkutil.py adduser USER3
The first example shows how to accept a single package from the user
USER1. The second example will deny all files from USER2 that have the
pattern java*. The third example shows how to accept all packages from the
user PlanetLab (be sure to shell escape the * character instead of using * by itself).
Note that this is not necessary; the PlanetLab node is trusted by default when
a tpfile is created to allow default PlanetLab files to be installed,
and the PlanetLab publickey is included in the enduser tarball.
You can again use the view tpfile
command to see the contents of your TPFILE. You can also remove users using
the removeuser command.
./storkutil.py removeuser USER2
Return to the documentation contents.
Home Top
|