/portzap

A utility for managing the HardenedBSD ports tree.

Primary LanguageShellBSD Zero Clause License0BSD

About

portzap is a utility that manages a local copy of the HardenedBSD ports tree. The copy of the ports tree is maintained by members of the _portzap group, and the copy of the ports tree can be installed into /usr/ports/ by root.

CLI

CLI: setup

portzap setup should be run after installing portzap for the first time.
There is no harm in running portzap setup multiple times:

# Add the '_portzap' user, group and home directory
# This command requires root privileges
root@localhost# portzap setup

# Reverse the changes made by 'portzap setup'
# This command requires root privileges
root@localhost# portzap teardown

CLI: group

The following commands are delegated to the _portzap user and restricted to members of the _portzap group. The restrictions are enforced by portzap and to a lesser extent by doas(1):

  • portzap clone
    Clone the HardenedBSD ports tree into /home/_portzap/ports/

  • portzap pull
    Pull updates into /home/_portzap/ports/

  • portzap checkout
    Checkout a branch other than the default: hardenedbsd/main

  • portzap sh
    Run /bin/sh within /home/_portzap/ports/

CLI: superuser

The following commands are restricted to root.
The restrictions are enforced by portzap:

  • portzap rm
    Remove the contents of /usr/ports/ and /home/_portzap/ports/

  • portzap install
    Install /home/_portzap/ports/ into /usr/ports/

Environment

  • $PORTZAP_CLONEURL
    The URL of a git repository
    Default: https://github.com/HardenedBSD/ports

  • $PORTZAP_INSTALLDIR
    The directory where the ports collection will be installed
    Default: /usr/ports/

Install

portzap is available from the HardenedBSD ports tree. pkg install portzap should work too but expect slower updates. The most recent version of portzap can be installed via git:

# Clone
user@localhost$ git clone https://git.hardenedbsd.org/0x1eef/portzap.git
user@localhost$ cd portzap

# Install
root@localhost# make install
root@localhost# portzap setup

# Add user to '_portzap' group
root@localhost# pw groupmod -n _portzap -m <user>

Requirements

Sources

License

BSD Zero Clause
See LICENSE