From nobody Tue May 6 21:00:48 2025 X-Original-To: freebsd-pkgbase@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ZsW5N12Bdz5vR2P for ; Tue, 06 May 2025 21:00:56 +0000 (UTC) (envelope-from dtxdf@disroot.org) Received: from layka.disroot.org (layka.disroot.org [178.21.23.139]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 4ZsW5M5Y50z3gB5; Tue, 06 May 2025 21:00:55 +0000 (UTC) (envelope-from dtxdf@disroot.org) Authentication-Results: mx1.freebsd.org; none Received: from mail01.disroot.lan (localhost [127.0.0.1]) by disroot.org (Postfix) with ESMTP id 2FF9225F34; Tue, 6 May 2025 23:00:54 +0200 (CEST) X-Virus-Scanned: SPAM Filter at disroot.org Received: from layka.disroot.org ([127.0.0.1]) by localhost (disroot.org [127.0.0.1]) (amavis, port 10024) with ESMTP id PA_33vHlXhZA; Tue, 6 May 2025 23:00:53 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=disroot.org; s=mail; t=1746565253; bh=GgDibuzx8s3/ySvz7NHOXe7g6cyijSrIjSqjdEzSa4Q=; h=Date:From:Subject:To:Cc:In-Reply-To:References; b=WQGmOAj9x7CTSG0oBnRyE0/G+/odQBHdiCS6ALuYLoO3U6UFsd+9aN6oLoq5zSKL7 0saN+l62cfmOhCIR8mU6zT4wNUhk4/HvCO+XoA6U2x9C4pegadBgFO+SmNiaBK0s77 q7MqJogZb3lrKi19HkVPNZryBmacoOKKvZSnYXZlq9AU7HI1R6d+QSgnFp+2Z2Azcn Zn9ni2O40YFh2mnT75K8SaK2E2vN9FCIkzEClPeaTT2qQWcXD8JzsSMDQl5rb7JZIZ f0ls17KwrGFBiV2ZIhbzxik/StirolMm8neZDZ3GjY0MJSHLjXWo47XA/G7tEg9r8m sAA7d7CpV2HSw== List-Id: Packaging the FreeBSD base system List-Archive: https://lists.freebsd.org/archives/freebsd-pkgbase List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-pkgbase@FreeBSD.org MIME-Version: 1.0 Date: Tue, 06 May 2025 21:00:48 +0000 Content-Type: multipart/alternative; boundary="3534a8d5-5569-4dcb-a428-2579c5211d98-1" From: "=?utf-8?B?SmVzw7pzIERhbmllbCBDb2xtZW5hcmVzIE92aWVkbw==?=" Message-ID: <81aa517f99b99b424049417a90b67d4d645c135f@disroot.org> TLS-Required: No Subject: Re: CFT: pkgbase support in 15.0 To: "Shawn Webb" , "Matthew Seaman" Cc: freebsd-pkgbase@freebsd.org In-Reply-To: References: <86a57t3cfu.fsf@asn.ftfl.ca> <300e71f8-4a35-4496-8bf3-9d947f90990a@FreeBSD.org> X-Rspamd-Queue-Id: 4ZsW5M5Y50z3gB5 X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:50673, ipnet:178.21.23.0/24, country:NL] X-Spamd-Bar: ---- --3534a8d5-5569-4dcb-a428-2579c5211d98-1 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Not tested yet, but there is an open issue in the pkg-provides(8) reposit= ory related to this thread: https://github.com/rosorio/pkg-provides/issues/7#issuecomment-1759876029 6 de mayo de 2025, 17:03, "Shawn Webb" escribi=C3=B3: >=20 >=20On Tue, May 06, 2025 at 09:07:36AM +0100, Matthew Seaman wrote: >=20 >=20>=20 >=20> On 05/05/2025 21:58, Chuck Tuffli wrote: > > One aspect of running pkg-base I've found tricky is figuring out whi= ch > > package provides a missing binary, library, or man page. The port > > pkg-provides answers this type of question for ports, but (seemingly= ) > > not for pkg-base (unless I'm being dumb?). Are there plans to add th= is > > type of support? Alternatively, if I'm being dumb, can someone point > > me at some docs? TIA > >=20=20 >=20> There's provision in `pkg repo` (see: pkg-repo(8)) to generate a > > `filesite.txz` file as repository metadata, which lists all of the f= iles, > > their checksums and various other per-file metadata for all of the f= iles in > > all of the packages in the repository. > >=20=20 >=20> This isn't normally generated for the repositories provided by the= project > > due to limitations on available space and bandwidth. > >=20=20 >=20> I've had the notion kicking around in my head for a while that hav= ing a > > database of all of the checksums of all of the files ever packaged a= nd > > provided by the project, with cryptographic signatures proving the > > authenticity and provenance of those data, would be a pretty awesome > > resource. Basically tripwire(8) built into pkg(8). However, it would > > require someone with pretty deep pockets to fund the necessary > > infrastructure. > >=20 >=20Over the past few years, I've had this simmering in the back of my > head as well. I think one approach could be to use filesystem extended > attributes. If you store the hash of the file (perhaps an > encrypted/signed hash?) in an extended attribute, then a MAC module > could verify that upon calls to open(2). >=20 >=20libarchive/bsdtar already supports filesystem extended attributes for > the tar archive format. The only thing FreeBSD would need to do is > integrate that support in pkg. HardenedBSD's version of pkg already > supports that, so perhaps that could be adopted by FreeBSD. >=20 >=20Thanks, >=20 >=20--=20 >=20Shawn Webb > Cofounder / Security Engineer > HardenedBSD >=20 >=20Signal Username: shawn_webb.74 > Tor-ified Signal: +1 303-901-1600 / shawn_webb_opsec.50 > https://git.hardenedbsd.org/hardenedbsd/pubkeys/-/raw/master/Shawn_Webb= /03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA.pub.asc > --3534a8d5-5569-4dcb-a428-2579c5211d98-1 Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable
Not tested yet, but there is= an open issue in the pkg-provides(8) repository related to this thread:<= /div>

6 de mayo de 2025, 1= 7:03, "Shawn Webb" <shawn.webb@hardenedbsd.org> escribi=C3=B3:

On Tue, May 06, 2025 at 09:07:36AM +0100, Matthew Seaman wrote:=
On 05/05/2025 21:58, Chuck Tuffli wrote:
One aspect o= f running pkg-base I've found tricky is figuring out which
package pr= ovides a missing binary, library, or man page. The port
pkg-provides = answers this type of question for ports, but (seemingly)
not for pkg-= base (unless I'm being dumb?). Are there plans to add this
type of su= pport? Alternatively, if I'm being dumb, can someone point
me at some= docs? TIA

There's provision in `pkg repo` (see: pkg-repo(8)) to= generate a
`filesite.txz` file as repository metadata, which lists a= ll of the files,
their checksums and various other per-file metadata = for all of the files in
all of the packages in the repository.
This isn't normally generated for the repositories provided by the pro= ject
due to limitations on available space and bandwidth.

I'= ve had the notion kicking around in my head for a while that having a
= database of all of the checksums of all of the files ever packaged and provided by the project, with cryptographic signatures proving the
= authenticity and provenance of those data, would be a pretty awesome
= resource. Basically tripwire(8) built into pkg(8). However, it would require someone with pretty deep pockets to fund the necessary
inf= rastructure.

Over the past few years, I've had this simme= ring in the back of my
head as well. I think one approach could be to = use filesystem extended
attributes. If you store the hash of the file = (perhaps an
encrypted/signed hash?) in an extended attribute, then a M= AC module
could verify that upon calls to open(2).

libarchive/b= sdtar already supports filesystem extended attributes for
the tar arch= ive format. The only thing FreeBSD would need to do is
integrate that = support in pkg. HardenedBSD's version of pkg already
supports that, so= perhaps that could be adopted by FreeBSD.

Thanks,

--
S= hawn Webb
Cofounder / Security Engineer
HardenedBSD

Signal U= sername: shawn_webb.74
Tor-ified Signal: +1 303-901-1600 / shawn_webb= _opsec.50
https://git.hardenedbsd.org/hardenedbsd= /pubkeys/-/raw/master/Shawn_Webb/03A4CBEBB82EA5A67D9F3853FF2E67A277F8E1FA= .pub.asc

--3534a8d5-5569-4dcb-a428-2579c5211d98-1--