usr.sbin/pkg_add/package.5

.\"	$OpenBSD: package.5,v 1.12 2011/09/29 17:57:09 jmc Exp $
.\" Copyright (c) 2005-2006 Marc Espie <espie@openbsd.org>
.\"
.\" Permission to use, copy, modify, and distribute this software for any
.\" purpose with or without fee is hereby granted, provided that the above
.\" copyright notice and this permission notice appear in all copies.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
.\" OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.Dd $Mdocdate: September 29 2011 $
.Dt PACKAGE 5
.Os
.Sh NAME
.Nm package
.Nd format for
.Ox
binary packages
.Sh DESCRIPTION
Binary packages for
.Ox
can be created using
.Xr pkg_create 1
and are usually manipulated using
.Xr pkg_add 1 ,
.Xr pkg_mklocatedb 1 ,
or
.Xr pkg_info 1 .
.Pp
The basic underlying format is an archive following the ustar specification
that can be handled with
.Xr tar 1
and compressed using
.Xr gzip 1 .
.Pp
Package names always end in
.Dq .tgz ;
the file name itself should conform to
.Xr packages-specs 7 .
.Pp
Note that the base distribution tarballs of
.Ox
(e.g.\&
.Pa baseXXX.tgz ,
.Pa compXXX.tgz ,
\&...) are not binary packages fit for
.Xr pkg_add 1 .
.Pp
All types of archive contents can be present in a package,
including files, directories, hardlinks, symlinks, fifos, block and character
devices.
.Pp
In order to allow just-in-time extraction,
packages always begin with a table of contents, named
.Pa +CONTENTS .
This table of contents can be read using the API described in
.Xr OpenBSD::PackingList 3p .
.Pp
All the remaining information in the archive should be referenced in
the packing-list, including all relevant information: symlinks destinations,
special permissions, and file owners.
See
.Xr pkg_create 1
for annotation details.
.Pp
This table of contents is always followed by a few special files, some of
which are optional: the package description (+DESC),
a display message (+DISPLAY), etc.
.Pp
The ustar format has some limitations with respect to file names.
Accordingly, the package tools will replace very long names with
.Pa LongName#n
and long link names with
.Pa LongLink#n .
The packing-list will hold the real file names, and the package tools
will reconstitute the correct names behind the scenes.
.Sh PACKAGE SIGNATURES
All information within a package is checksummed, using SHA256 since
.Ox 4.4 .
During creation and installation, meta-information, such as file owners and
permissions, are also checked: any important stuff that isn't recorded
in the packing-list is an error.
.Pp
Packing-lists can be signed.
If a signature is found, then it will be checked
during installation, and failure to verify will prevent the package from
installing correctly.
Currently, only X.509-style signatures are supported.
They rely on a certificate authority file being present as
.Pa /etc/ssl/pkgca.pem
and all signatures will be checked against it.
Once the packing-list signature is checked, all individual packing elements
will be checksummed, resulting in a
.Sq just-in-time
signature checking.
.Pp
Fat packages were removed in
.Ox 5.1 ,
since no practical application was found.
.Sh SEE ALSO
.Xr pkg_add 1 ,
.Xr pkg_create 1 ,
.Xr pkg_info 1 ,
.Xr packages 7 ,
.Xr packages-specs 7
.Sh STANDARDS
Packages are valid gzip'ed ustar archives that can be extracted using
.Xr tar 1 .
In particular, hardlink names should be valid, and all items will
extract to different names.
However, it may be a bit difficult to make sense of the package contents
without peeking at the packing-list.