Packages in Hardened Linux

(C) 2006,2007 the Hardened Linux Project,

License: GNU Free Documentation License

How packages are organized

HL uses a hybrid package system. Lots of packages are original Slackware packages we use unmodified in our system and lots of others are our own packages that use our own package system. The user does not have to care about the underlying package system since our front-end called cpfos can handle both package formats.

Ports? Packages?

Most Linux users only know the term package. A package is (in most cases) a software programm or some kind of a documentation archive. It can documentation, programm files, and maybe images, configuration files and the like). If you for example install the package of the vim editor, the package includes the programm files (binaries) and its documentation.

A package was built from a port. A port includes the source code of a package and a file that contains the order how to auto-build the software based on the source code and it also includes the information how to create the whole package (and maybe even the installation scripts we use).

Hardened Linux ships both: packages and ports. Ports are only available for our own packages, not for the one we took from Slackware. You can build a package on your own (and with optimization for your processor) if you want to (what can also increse their performance).

You can always use our pre-compiled packages (like with other distributions like Debian and Slackware too) but you also can always build a package on your own (if you want to). And you can always see, how we build it and what patches we apply and so on.

cpfos Introduction

The Crazy Packager From Outa Space (cpfos) package management tool is a tiny meta tool that runs all the underlying tools of our package system. All parts of the package system are written in the bash and are very tiny.

But the cpfos package system is powerful nevertheless! It is fast, provides secure online updates and support for dependencies.

Users only should use the cpfos tool itself and not the underlying tools like upkg (they are described in the cpfos(8) manpage).

How to use cpfos?

It is very easy to use cpfos:

Installing: cpfos install package.tgz

Removing: cpfos remove package (no .tgz needed)

Searching: cpfos search keyword (will also search the package descriptions for the given keyword and not only the package name)

Updating: cpfos update. This needs a checked out repository in /usr/src/hardenedlinux or /hardenedlinux. Updates are secure since we use HTTPS.

Creating a package from source: cpfos create (start this command in the directory of the package or port you want to create)

The Hardened Linux Ports and Packages System


To generate a package (either from a port or from a package) you need a checked out source/ repository on your disk.

For example, if you want to build the arpwatch port: change into source/packages/arpwatch and run cpfos create. The built package will be located in /tmp and named arpwatch-version-architecture-build_number.tgz, for example /tmp/arpwatch-2.1a15-i486-1.tgz

# cd source/packages/arpwatch
# cpfos create
# cpfos install /tmp/arpwatch-2.1a15-i486-1.tgz

Note: The path /tmp may will change in future because of security reasons.

Files in Port directories

The file always needed for each port is called pkginf. It includes the name of the port, the version number, the build numer, the changelog, maybe a todo list, the path were the software archive can be downloaded from (if needed), the archive name to download (if needed), the md5sum of the archive file (if needed), the dependencies of the package, the maintainer contact information and some other information. See cpfos(8) (PKGINF section) for details.