mirror of
https://github.com/vbatts/go-mtree.git
synced 2024-11-25 17:45:39 +00:00
Vincent Batts
e19072ac1c
Update the README to show the validate subcommand by default. This doesn't eliminate the default behavior of _not_ using the command, but begins the visibility of using it by default. Also copy one of the existing tests, to ensure the same behaviour works as we add more subcommands and/or global flags. Signed-off-by: Vincent Batts <vbatts@hashbangbash.com>
207 lines
7 KiB
Markdown
207 lines
7 KiB
Markdown
# go-mtree
|
|
|
|
[![Go](https://github.com/vbatts/go-mtree/actions/workflows/go.yml/badge.svg)](https://github.com/vbatts/go-mtree/actions/workflows/go.yml)
|
|
[![Go Report Card](https://goreportcard.com/badge/github.com/vbatts/go-mtree)](https://goreportcard.com/report/github.com/vbatts/go-mtree)
|
|
|
|
`mtree` is a filesystem hierarchy validation tooling and format.
|
|
This is a library and simple cli tool for [mtree(8)][mtree(8)] support.
|
|
|
|
While the traditional `mtree` cli utility is primarily on BSDs (FreeBSD,
|
|
openBSD, etc), even broader support for the `mtree` specification format is
|
|
provided with libarchive ([libarchive-formats(5)][libarchive-formats(5)]).
|
|
|
|
There is also an [mtree port for Linux][archiecobbs/mtree-port] though it is not widely packaged for Linux distributions.
|
|
|
|
There was a [Google Summer of Code project to create a portable library and parser for mtree](https://wiki.freebsd.org/SummerOfCode2015/mtreeParsingLibrary).
|
|
It is available at [github.com/mratajsky/libmtree](https://github.com/mratajsky/libmtree) and a [talk on it](https://papers.freebsd.org/2016/asiabsdcon/ratajsky-mtree-parsing/).
|
|
|
|
## Format
|
|
|
|
The BSD mtree specification is published in [mtree(5)][mtree(5)].
|
|
|
|
The format of hierarchy specification is consistent with the `# mtree v2.0` format.
|
|
Both the BSD `mtree` and libarchive ought to be interoperable with it with only one definite caveat.
|
|
On Linux, extended attributes (`xattr`) on files are often a critical aspect of the file, holding ACLs, capabilities, etc.
|
|
While FreeBSD filesystem do support `extattr`, this feature has not made its way into their `mtree`.
|
|
|
|
This implementation of mtree supports a few non-upstream "keyword"s, such as: `xattr` and `tar_time`.
|
|
If you include these keywords, the FreeBSD `mtree` will fail, as they are unknown keywords to that implementation.
|
|
|
|
To have `go-mtree` produce specifications that will be strictly compatible with the BSD `mtree`, use the `-bsd-keywords` flag when creating a manifest.
|
|
This will make sure that only the keywords supported by BSD `mtree` are used in the program.
|
|
|
|
### Typical form
|
|
|
|
With the standard keywords, plus say `sha256digest`, the hierarchy specification looks like:
|
|
|
|
```mtree
|
|
# .
|
|
/set type=file nlink=1 mode=0664 uid=1000 gid=100
|
|
. size=4096 type=dir mode=0755 nlink=6 time=1459370393.273231538
|
|
LICENSE size=1502 mode=0644 time=1458851690.0 sha256digest=ef4e53d83096be56dc38dbf9bc8ba9e3068bec1ec37c179033d1e8f99a1c2a95
|
|
README.md size=2820 mode=0644 time=1459370256.316148361 sha256digest=d9b955134d99f84b17c0a711ce507515cc93cd7080a9dcd50400e3d993d876ac
|
|
|
|
[...]
|
|
```
|
|
|
|
See the directory presently in, and the files present.
|
|
Along with each path, is provided the keywords and the unique values for each path.
|
|
Any common keyword and values are established in the `/set` command.
|
|
|
|
### Extended attributes form
|
|
|
|
```mtree
|
|
# .
|
|
/set type=file nlink=1 mode=0664 uid=1000 gid=1000
|
|
. size=4096 type=dir mode=0775 nlink=6 time=1459370191.11179595 xattr.security.selinux=dW5jb25maW5lZF91Om9iamVjdF9yOnVzZXJfaG9tZV90OnMwAA==
|
|
LICENSE size=1502 time=1458851690.583562292 xattr.security.selinux=dW5jb25maW5lZF91Om9iamVjdF9yOnVzZXJfaG9tZV90OnMwAA==
|
|
README.md size=2366 mode=0644 time=1459369604.0 xattr.security.selinux=dW5jb25maW5lZF91Om9iamVjdF9yOnVzZXJfaG9tZV90OnMwAA==
|
|
|
|
[...]
|
|
```
|
|
|
|
See the keyword prefixed with `xattr.` followed by the extended attribute's namespace and keyword.
|
|
This setup is consistent for use with Linux extended attributes as well as FreeBSD extended attributes.
|
|
|
|
Since extended attributes are an unordered hashmap, this approach allows for checking each `<namespace>.<key>` individually.
|
|
|
|
The value is the [base64 encoded][base64] of the value of the particular extended attribute.
|
|
Since the values themselves could be raw bytes, this approach avoids issues with encoding.
|
|
|
|
### Tar form
|
|
|
|
```mtree
|
|
# .
|
|
/set type=file mode=0664 uid=1000 gid=1000
|
|
. type=dir mode=0775 tar_time=1468430408.000000000
|
|
|
|
# samedir
|
|
samedir type=dir mode=0775 tar_time=1468000972.000000000
|
|
file2 size=0 tar_time=1467999782.000000000
|
|
file1 size=0 tar_time=1467999781.000000000
|
|
|
|
[...]
|
|
```
|
|
|
|
While `go-mtree` serves mainly as a library for upstream `mtree` support, `go-mtree` is also compatible with [tar archives][tar] (which is not an upstream feature).
|
|
This means that we can now create and validate a manifest by specifying a tar file.
|
|
More interestingly, this also means that we can create a manifest from an archive, and then validate this manifest against a filesystem hierarchy that's on disk, and vice versa.
|
|
|
|
Notice that for the output of creating a validation manifest from a tar file, the default behavior for evaluating a notion of time is to use the `tar_time` keyword.
|
|
In the "filesystem hierarchy" format of mtree, `time` is being evaluated with nanosecond precision.
|
|
However, GNU tar truncates a file's modification time to 1-second precision.
|
|
That is, if a file's full modification time is 123456789.123456789, the "tar time" equivalent would be 123456789.000000000.
|
|
This way, if you validate a manifest created using a tar file against an actual root directory, there will be no complaints from `go-mtree` so long as the 1-second precision time of a file in the root directory is the same.
|
|
|
|
## Usage
|
|
|
|
To use the Go programming language library, see [the docs][godoc].
|
|
|
|
To use the command line tool, first [build it](#Building), then the following.
|
|
|
|
### Create a manifest
|
|
|
|
This will also include the sha512 digest of the files.
|
|
|
|
```shell
|
|
gomtree validate -c -K sha512digest -p . > /tmp/root.mtree
|
|
```
|
|
|
|
With a tar file:
|
|
|
|
```shell
|
|
gomtree validate -c -K sha512digest -T sometarfile.tar > /tmp/tar.mtree
|
|
```
|
|
|
|
### Validate a manifest
|
|
|
|
```shell
|
|
gomtree validate -p . -f /tmp/root.mtree
|
|
```
|
|
|
|
With a tar file:
|
|
|
|
```shell
|
|
gomtree validate -T sometarfile.tar -f /tmp/root.mtree
|
|
```
|
|
|
|
### See the supported keywords
|
|
|
|
```shell
|
|
gomtree validate -list-keywords
|
|
Available keywords:
|
|
uname
|
|
sha1
|
|
sha1digest
|
|
sha256digest
|
|
xattrs (not upstream)
|
|
link (default)
|
|
nlink (default)
|
|
md5digest
|
|
rmd160digest
|
|
mode (default)
|
|
cksum
|
|
md5
|
|
rmd160
|
|
type (default)
|
|
time (default)
|
|
uid (default)
|
|
gid (default)
|
|
sha256
|
|
sha384
|
|
sha512
|
|
xattr (not upstream)
|
|
tar_time (not upstream)
|
|
size (default)
|
|
ripemd160digest
|
|
sha384digest
|
|
sha512digest
|
|
```
|
|
|
|
## Building
|
|
|
|
Either:
|
|
|
|
```shell
|
|
go install github.com/vbatts/go-mtree/cmd/gomtree@latest
|
|
```
|
|
|
|
or
|
|
|
|
```shell
|
|
git clone git://github.com/vbatts/go-mtree.git $GOPATH/src/github.com/vbatts/go-mtree
|
|
cd $GOPATH/src/github.com/vbatts/go-mtree
|
|
go build ./cmd/gomtree
|
|
```
|
|
|
|
### Build for many OS/Arch
|
|
|
|
```shell
|
|
make build.arches
|
|
```
|
|
|
|
## Testing
|
|
|
|
On Linux:
|
|
|
|
```shell
|
|
cd $GOPATH/src/github.com/vbatts/go-mtree
|
|
make
|
|
```
|
|
|
|
On FreeBSD:
|
|
|
|
```shell
|
|
cd $GOPATH/src/github.com/vbatts/go-mtree
|
|
gmake
|
|
```
|
|
|
|
## Related tools
|
|
|
|
[mtree(5)]: https://man.freebsd.org/cgi/man.cgi?query=mtree&sektion=5&format=html
|
|
[mtree(8)]: https://www.freebsd.org/cgi/man.cgi?mtree(8)
|
|
[libarchive-formats(5)]: https://www.freebsd.org/cgi/man.cgi?query=libarchive-formats&sektion=5&n=1
|
|
[archiecobbs/mtree-port]: https://github.com/archiecobbs/mtree-port
|
|
[godoc]: https://pkg.go.dev/github.com/vbatts/go-mtree
|
|
[tar]: http://man7.org/linux/man-pages/man1/tar.1.html
|
|
[base64]: https://tools.ietf.org/html/rfc4648
|