import repository from arizona
[raven.git] / webpage / doctp.html
1 <html>
2 <head>
3 <title> Stork Project </title>
4 <LINK href="stork.css" rel="stylesheet" type="text/css">
5
6 </head>
7
8 <body>
9
10
11 <div class="display" align="center">
12         <table border="0">
13         <tr>
14                 <td width="170" valign="top">
15
16                                 <br/>
17                                 <table cellpadding="3" width="170" id="links" class="links">
18                                         <tr>
19                                                 <td align="right">
20
21                                                         <ul class="links">
22
23                                                                 <a href = "index.html"><h3>Stork</h3></a>
24                                                                 <li class="links"><a href="tutmain.html">Stork Tutorial</a></li>
25
26                                                                 <li class="links"><a href="advanced.html">Advanced Usage</a></li>
27                                                                 <li class="links"><a href="arch.html">Stork Architecture</a></li>
28                                                                 <li class="links"><a href="filelist.html">Stork File List</a></li>
29                                                                 <li class="links"><a href="about.html">About Us</a></li>
30                                                                 <li class="links"><a href="apps.html">Related Links</a></li>
31                                                                 <li class="links"><a href="contact.html">Contact Stork</a></li>
32                                                                 <h4>Links</h4>
33                                                                 <li class="links"><a href="http://appmanager.berkeley.intel-research.net/plcontrol/apps.php?appid=1029">
34                                                                 Slice Status</a></li>
35                                                                 <li class="links"><a href="https://stork-repository.cs.arizona.edu">Stork Repository</a></li>
36                                                         </ul>
37
38                                                  </td>
39                                         </tr>
40                                 </table>
41                                 <br/>
42                 </td>
43
44                 <td valign="top">
45                 <table class="info" cellpadding="0" width="700" >
46                 <tr  height="75"><td colspan="3"><img style="margin-left: -0px;" src="images/stork-header.png" alt="stork logo"/></td></tr>
47                 <tr  bgcolor="#444444" class="headerrow" width="100%" height="2">
48
49                         <th colspan="2"> Stork Documentation </th>
50
51                 </tr>
52                 <tr valign="top" align="left">
53
54                         <td>
55                                 <table cellpadding="8" id="content" class="content">
56                                         <tr>
57                                                 <td>
58
59                                                         <h1><a name = "top"></a>Stork Documentation: TPFile</h1>
60                                                         <a name = "tpfile"><h3>Trusted Packages File</h3></a>
61                                                         The Trusted Packages File (TPFILE) defines which files you trust to be installed.
62                                                         This helps your nodes stay secure, as files will be
63                                                         verified through a set of hash codes. Even if
64                                                         two files share the same name, your nodes will only receive the one that
65                                                         matches the hash obtained when the Trusted Packages File was created
66                                                         (preventing your nodes from downloading maliciously modified packages in the
67                                                         repository). You are also allowed to trust other users, allowing your nodes
68                                                         to accept packages from those users exclusively. This will let your nodes
69                                                         download and install applications created by other trusted users. Note that adding packages to
70                                                         your TPFILE will not download the packages; it just notifies Stork which packages
71                                                         you trust to be downloaded.
72
73                                                         <p><b>Adding a package to your tpfile:</b>
74                                                         <br>To add a package to your tpfile, use the command
75                                                         <br><b><code>./storkutil.py
76                                                         addfile FILE [FILE]...</b></code>
77                                                         <br>where FILE is the location of the package you would
78                                                         like to trust. If the tpfile does not exist, storkutil will create one for
79                                                         you. Storkutil will look at the file, create a hash, and write it to your
80                                                         tpfile. If you <a href="https://stork-repository.cs.arizona.edu">upload</a>
81                                                         the package to the repository and run
82                                                         stork to install the package, your node will select your specific file and
83                                                         install it.
84                                                                 <p>For example, we will add packages 'package1' and 'package2'.
85 <p><table width=400 height=60 cellspacing=0 cellpadding=5 border=5 bordercolor="orange"><tr>
86 <td width="100%" align="left" valign="top" bgcolor="teal">
87 <span style="color: white">
88                                                                 <code><b>./storkutil.py addfile package1.tar.gz package2.tar.gz</b>
89                                                                 <br>No tpfile found for foo. Generating new tpfile.
90                                                                 <br>File 'foo.tpfile' successfully signed
91                                                                 <br>File 'foo.tpfile' has been copied to 'foo.~~~.tpfile'
92                                                                 <br>Unembeded trusted packages file 'foo.tpfile' removed.</code>
93 </span></td></tr></table>
94
95
96                                                                 <br>This script will run whenever Stork fails to find a trusted package
97                                                                 file for the default user. It will then continue to the regular package adding script:
98
99 <p><table width=400 height=60 cellspacing=0 cellpadding=5 border=5 bordercolor="orange"><tr>
100 <td width="100%" align="left" valign="top" bgcolor="teal">
101 <span style="color: white">
102                                                                 <code>Using trustedpackages file '~~~~.tpfile'
103                                                                 <br>Successfully added file 'package1.tar.gz'.
104                                                                 <br>Successfully added file 'package2.tar.gz'.
105                                                                 <br>File '~~~.tpfile' successfully signed</code>
106
107 </span></td></tr></table>
108                                                                 <br>Storkutil will automatically sign your trusted packages file using
109                                                                 your key. Also note that your TPFile will be named as your public key followed by
110                                                                 your username, with the .tpfile extension.
111
112
113                                                         <p><b>Viewing your tpfile:</b>
114                                                                 <br>Afterwards, we can look at the trusted packages file by running:
115 <p><table width=400 height=60 cellspacing=0 cellpadding=5 border=5 bordercolor="orange"><tr>
116 <td width="100%" align="left" valign="top" bgcolor="teal">
117 <span style="color: white">
118                                                                 <code><b>./storkutil.py view tpfile</b>
119                                                                 <br>Viewing: foo.~~.tpfile
120                                                                 <br><br>TRUSTED PACKAGES FILE
121                                                                 <br>    ALLOW package1.tar.gz
122                                                                 <br>    ALLOW package2.tar.gz</code>
123
124 </span></td></tr></table>
125
126
127                                                                 <br>We can confirm that the packages were added to our trusted packages
128                                                                 file in this way.
129
130                                                         <p><b>Removing a package from the tpfile:</b>
131                                                         <br>You can remove a file from your TPFile, just use the 'removefile' command.
132                                                         <p><code><b> ./storkutil.py removefile package1.tar.gz</b>
133
134                                                         <p><b>Adding and removing trusted users:</b>
135                                                         <br>Before adding a user to your TPFile, you will need to obtain their
136                                                         publickey.
137                                                         <br>To trust users, you can use the <code>adduser</code> command:
138                                                         <br><code><b>storkutil.py adduser USER USER.publickey (allow|deny|any) AFFECTEDPACKAGES</b></code>
139                                                         <br>Where USER is the name of the user you want to trust, followed by the
140                                                         public key that user has made available. AFFECTEDPACKAGES is a pattern
141                                                         that defines the packages you want to accept. If the tpfile does not exist,
142                                                         storkutil will create one for you.
143                                                         <p>Examples:
144                                                         <br><b><code>storkutil.py adduser USER1 USER1.publickey allow user-4-2.tar.gz
145                                                         <br>storkutil.py adduser USER2 USER2.publickey deny java\*
146                                                         <br>storkutil.py adduser PlanetLab PlanetLab.publickey allow \*
147                                                         <br>storkutil.py adduser USER3</b></code>
148
149                                                         <p>The first example shows how to accept a single package from the user
150                                                         USER1. The second example will deny all files from USER2 that have the
151                                                         pattern java*. The third example shows how to accept all packages from the
152                                                         user PlanetLab (be sure to shell escape the * character instead of using * by itself).
153                                                         Note that this is not necessary; the PlanetLab node is <b>trusted by default</b> when
154                                                         a tpfile is created to allow default PlanetLab files to be installed,
155                                                         and the PlanetLab publickey is included in the enduser tarball.
156                                                         You can again use the <code>view tpfile</code>
157                                                         command to see the contents of your TPFILE. You can also remove users using
158                                                         the <code>removeuser</code> command.
159
160                                                                 <p><b><code>./storkutil.py removeuser USER2</code></b>
161                                                         <p><img src="blkfade.gif" width="100%"></img>
162
163                                                         <p>Return to the <a href="docmain.html">documentation contents.</a>
164
165                                                         <center><a href = "index.html">Home</a>     <a href = "#top">Top</a></center>
166
167
168                                                 </td>
169                                         </tr>
170                                 </table>
171                         </td>
172                 </tr>
173
174        </table>
175        </td>
176
177      </tr>
178      <tr>
179         <td></td>
180         <td>
181                 <a href="http://www.planet-lab.org"><img style="border: 0px; border-style: none;" src="images/powered_by_pl_grey.png" alt="powered by planetlab"></a>
182
183                                         <a href="http://www.cs.arizona.edu"><img style="position:relative; left: 20px; border: 0px; border-style: none;" src="images/template_logo_small_grey.png" alt="University of Arizona, Computer Science logo"></a>
184
185
186
187
188
189         </td>
190      </tr>
191
192 </table>
193
194 </div>
195
196
197 <script src="http://www.google-analytics.com/urchin.js" type="text/javascript">
198 </script>
199 <script type="text/javascript">
200 _uacct = "UA-1868232-1";
201 urchinTracker();
202 </script>
203 </body>
204 </html>