RFC: Unified package metadata format
I'm looking at implementing support for IMA file signatures inside
dpkg. The previous patches posted for this
(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=850340) did so
using extended PAX metadata, but people didn't seem terribly
enthusiastic about that.
https://wiki.debian.org/Teams/Dpkg/Spec/MetadataTracking suggested
mtree as a potential format, so I thought I'd try to kick off some
discussion and see whether I'm missing any requirements or whether
there were any better ideas. So:
Debian package unified metadata format
Format:
The file shall be stored within the control archive with the name
“mtree” and shall start with the following string:
#mtree v2.0
Each entry shall be of the form
/path/name key1=foo key2=bar
Ie, a leading space, a slash, and the path name of the installed file
followed by a series of space-separated key=value pairs followed by a
line feed. The following keys are supported (extracted from mtree(5)):
* gid - the file group as a numeric value
* gname - the file group as a symbolic name
* md5 - the MD5 message digest of the file
* md5digest - a synonym for md5
* sha1 - the FIPS 160-1 (“SHA-1”) message digest of the file
* sha1digest - a synonym for sha1
* sha256 - the FIPS 180-2 (“SHA-256”) message digest of the file
* sha256digest - a synonym for sha256
* mode - the file’s permissions as a numeric (octal) value
* uid - the file owner as a numeric value
* uname - the file owner as a symbolic name
* size - the size, in bytes, of the file
* link - the file referenced by a symbolic link
* type - The type of the file; may be set to any one of the follow:
* block - block special device
* char - character special device
* dir - directory
* fifo - fifo
* file - regular file
* link - symbolic link
* socket - socket
The following keys are supported but not present in mtree(5):
* major - the major number of a device node
* minor - the minor number of a device node
* xattr.* - a base64-encoded extended attribute that will be
associated with the file if the underlying filesystem supports
extended attribute. The name of the attribute will follow the “xattr.”
string - eg, “xattr.security.selinux=dW5jb25maW5lZF91Om9iamVjdF9yOnVzZXJfaG9tZV90OnMwAA==”
would set the security.selinux extended attribute to
unconfined_u:object_r:user_home_t:s0. This format is present in
go-mtree.
* override.* - if present, will override the contents of a key
applying to the same file. This may be used to apply local system
policy and must not be present in shipped files.
Outstanding questions:
* Should overrides instead be kept in a separate mtree.override file?
This would avoid having to read the existing mtree file and merge its
contents with the mtree file in the package before writing out
/var/lib/dpkg/*.mtree. However, this advantage is reduced if
per-package metadata is merged into a single file.
* Are any other keys required? Should dpkg-divert be implemented using
this format?
* Existing mtree implementations will either error or ignore
additional keys, which limits interoperability. Is there another
format that would make more sense than mtree?
Thoughts?
Reply to: