(C) 2006,2007 the Hardened Linux Project, http://hardenedlinux.sf.net
License: GNU Free Documentation License
HL uses a hybrid package system. Lots of packages are original
Slackware packages we use unmodified in
our system and lots of others are our own packages that use our own
package system. The user does not have
to care about the underlying package system since our front-end called
cpfos can handle both
Most Linux users only know the term package. A package is (in
most cases) a software programm
or some kind of a documentation archive. It can documentation, programm
files, and maybe images,
configuration files and the like). If you for example install the
package of the
the package includes the programm files (binaries) and its
A package was built from a port. A port includes the source code of a package and a file that contains the order how to auto-build the software based on the source code and it also includes the information how to create the whole package (and maybe even the installation scripts we use).
Hardened Linux ships both: packages and ports. Ports are only available for our own packages, not for the one we took from Slackware. You can build a package on your own (and with optimization for your processor) if you want to (what can also increse their performance).
You can always use our pre-compiled packages (like with other distributions like Debian and Slackware too) but you also can always build a package on your own (if you want to). And you can always see, how we build it and what patches we apply and so on.
The Crazy Packager From Outa Space (
package management tool is a tiny meta
tool that runs all the underlying tools of our package system. All parts
of the package system are written
bash and are very tiny.
cpfos package system is powerful nevertheless!
It is fast, provides secure online
updates and support for dependencies.
Users only should use the
cpfos tool itself and not the
underlying tools like
upkg (they are described in the
It is very easy to use
cpfos install package.tgz
cpfos remove package (no .tgz
cpfos search keyword (will also search
the package descriptions for the
given keyword and not only the package name)
cpfos update. This needs a checked out
/usr/src/hardenedlinux or /hardenedlinux. Updates are
secure since we use HTTPS.
Creating a package from source:
(start this command in the directory
of the package or port you want to create)
To generate a package (either from a port or from a package) you need a checked out source/ repository on your disk.
For example, if you want to build the
source/packages/arpwatch and run
cpfos create. The
built package will be located
in /tmp and named
arpwatch-version-architecture-build_number.tgz, for example
# cd source/packages/arpwatch # cpfos create ... # cpfos install /tmp/arpwatch-2.1a15-i486-1.tgz ...
Note: The path /tmp may will change in future because of security reasons.
Files in Port directories
The file always needed for each port is called pkginf. It
includes the name of the port,
the version number, the build numer, the changelog, maybe a todo list,
the path were the software
archive can be downloaded from (if needed), the archive name to download
(if needed), the md5sum
of the archive file (if needed), the dependencies of the package, the
maintainer contact information
and some other information. See
cpfos(8) (PKGINF section)