0x1eef/portzap: Manages a local copy of the HardenedBSD ports tree

Manages a local copy of the HardenedBSD ports tree

Find a file

0x1eef 5328bd72e0 Some checks failed portzap / shellcheck (push) Has been cancelled Details v1.1.0		2024-08-24 10:18:54 -03:00
.github/workflows	Add shellcheck target	2024-04-02 13:40:16 -03:00
bin	s\|rev\|commit\|g, s\|revfile\|commitfile\|g	2024-08-20 02:19:42 -03:00
libexec/portzap	s\|rev\|commit\|g, s\|revfile\|commitfile\|g	2024-08-20 02:19:42 -03:00
man/man8	Add 'portzap [setup\|teardown]'	2024-08-17 17:15:30 -03:00
share/portzap	v1.1.0	2024-08-24 10:18:54 -03:00
.projectile	Add HardenedBSD source	2023-01-29 07:48:09 -03:00
Makefile	Break up 'portzap-install' into multiple files	2024-08-19 00:01:12 -03:00
README.md	Add 'portzap [setup\|teardown]'	2024-08-17 17:15:30 -03:00

README.md

About

portzap is a utility that manages a local copy of the HardenedBSD ports tree. The copy of the ports tree is maintained by members of the _portzap group, and the copy of the ports tree can be installed into /usr/ports/ by root.

CLI

CLI: setup

portzap setup should be run after installing portzap for the first time.
There is no harm in running portzap setup multiple times:

# Add the '_portzap' user, group and home directory
# This command requires root privileges
root@localhost# portzap setup

# Reverse the changes made by 'portzap setup'
# This command requires root privileges
root@localhost# portzap teardown

CLI: group

The following commands are delegated to the _portzap user and restricted to members of the _portzap group. The restrictions are enforced by portzap and to a lesser extent by doas(1):

portzap clone
Clone the HardenedBSD ports tree into /home/_portzap/ports/
portzap pull
Pull updates into /home/_portzap/ports/
portzap checkout
Checkout a branch other than the default: hardenedbsd/main
portzap sh
Run /bin/sh within /home/_portzap/ports/

CLI: superuser

The following commands are restricted to root.
The restrictions are enforced by portzap:

portzap rm
Remove the contents of /usr/ports/ and /home/_portzap/ports/
portzap install
Install /home/_portzap/ports/ into /usr/ports/

Environment

$PORTZAP_CLONEURL
The URL of a git repository
Default: https://git.HardenedBSD.org/HardenedBSD/ports.git
$PORTZAP_INSTALLDIR
The directory where the ports collection will be installed
Default: /usr/ports/

Install

portzap is available from the HardenedBSD ports tree. pkg install portzap should work too but expect slower updates. The most recent version of portzap can be installed via git:

# Clone
user@localhost$ git clone https://git.hardenedbsd.org/0x1eef/portzap.git
user@localhost$ cd portzap

# Install
root@localhost# make install
root@localhost# portzap setup

# Add user to '_portzap' group
root@localhost# pw groupmod -n _portzap -m <user>