About
The sourcezap utility manages a local copy of the
HardenedBSD source tree.
The copy of the source tree is maintained by members of
the _sourcezap group, and the copy of the source tree
can be installed into /usr/src/ by root.
Roles
User
The following commands are restricted to members of the _sourcezap group.
The commands are delegated to the
_sourcezap user via the doas(1) command:
-
sourcezap clone
Clone the HardenedBSD source tree into/home/_sourcezap/src/ -
sourcezap pull
Pull updates into/home/_sourcezap/src/ -
sourcezap sh
Run /bin/sh within/home/_sourcezap/src/
Superuser
The following commands are restricted to root, or user id 0.
Permission to run the following commands is denied for any other user:
-
sourcezap rm
Remove the contents of/usr/src/and/home/_sourcezap/src/ -
sourcezap install
Install/home/_sourcezap/src/into/usr/src/
Configuration
Superuser
After installation is complete the sourcezap environment should be setup.
That includes the creation of the _sourcezap user and group, as well as
the creation of /home/_sourcezap. A user should also be added to the
_sourcezap group. The process is mostly automated, and the following
commands should be run as a superuser:
-
sourcezap setup
Creates the_sourcezapuser and group -
sourcezap teardown
Tears down the_sourcezapuser and group -
pw groupmod _sourcezap -m
<user>
Add a user to the_sourcezapgroup.
Install
Package
sourcezap is available
from the HardenedBSD src tree.
“pkg install sourcezap” should work too but expect slower updates.
Source
The first step is to clone the repository.
Afterwards sourcezap can be installed (and deinstalled) through make:
git clone https://github.com/0x1eef/sourcezap
cd sourcezap
doas -u root -- make install
doas -u root -- make deinstall