1 .\"----------------------------------------------------------------------------
2 .\""THE BEER-WARE LICENSE" (Revision 42):
3 .\"<joerg@FreeBSD.org> wrote this file. As long as you retain this notice you
4 .\"can do whatever you want with this stuff. If we meet some day, and you think
5 .\"this stuff is worth it, you can buy me a beer in return. Joerg Wunsch
6 .\"----------------------------------------------------------------------------
8 .\" This manual page is partially obtained from Poul-Hennings CTM README
11 .\" CTM and ctm(1) by <phk@FreeBSD.org>
13 .\" $FreeBSD: src/usr.sbin/ctm/ctm/ctm.1,v 1.17.2.9 2003/03/12 22:08:14 trhodes Exp $
14 .\" $DragonFly: src/usr.sbin/ctm/ctm/Attic/ctm.1,v 1.2 2003/06/17 04:29:53 dillon Exp $
21 .Nd source code mirror program
26 .Op Fl B Ar backup-file
27 .Op Fl e Ar include-regex
28 .Op Fl t Ar tar-command
31 .Op Fl x Ar exclude-regex
36 utility was originally
37 .Dq Cvs Through eMail ,
38 but now instead it seems more fitting to call it
39 .Dq Current Through eMail .
43 utility is now meant to be the definitive way to make and apply a delta between
44 two versions of a directory tree.
46 There are two parts to this, making the delta and applying it. These are two
47 entirely different things.
49 To apply a CTM delta, you pass it to the
51 command. You can pass a CTM delta on stdin, or you can give the
52 filename as an argument. If you do the latter, you make life a lot
53 easier for your self, since the program can accept gzip'ed files and
54 since it will not have to make a temporary copy of your file. You can
55 specify multiple deltas at one time, they will be processed one at a
56 time. Deltas that are already applied will be ignored.
60 command runs in a number of passes. It will process the entire
61 input file in each pass, before commencing with the next pass.
63 Before working on a file
66 first checks for the existence of the file
72 Pass 1 will verify that the input file is OK. The syntax, the data
73 and the global MD5 checksum will be checked. If any of these fail,
75 will simply reject the input file.
77 Pass 2 will validate that the directory tree is in the state expected by
78 the CTM delta. This is done by looking for files and directories which
79 should/should not exist and by checking the MD5 checksums of files.
83 had been specified using the
85 option, all files that would be modified by this
87 invocation are backed up
88 to this file using the archiver command specified by the
90 option. The default archiver command is
91 .Nm "tar -rf %s -T -" .
93 Pass 3 will actually apply the delta.
95 The list of files that would be modified by
97 is subject to filtering regular expressions specified
107 options are applied in order of appearance on the command line. The last
108 filter that matched a given file name determines whether the file would be
109 operated on or left alone by
115 will extract the file hierarchy below its working directory. Absolute
116 filenames or filenames containing references through
120 are explicitly prohibited as a security measure.
122 .Bl -tag -width indent
127 .It Fl B Ar backup-file
128 Backup all files that would be modified by this CTM run to
130 If any filters are specified using the
134 options, then the final set of files backed up are those that would be
135 modified by CTM after the filters are applied.
137 Check it out, don't do anything.
138 .It Fl e Ar regular_expression
139 Match each name in the CTM file against
140 .Ar regular_expression ,
141 and if it matches process the file, otherwise leave it alone. There may be
142 any number of these options. Use of this option disables the
144 sequence number checks. For example, the expression
146 for example, will select the
148 source directory and all pathnames under it.
150 Pathnames can be disabled from being considered by CTM using the
156 Keep files and directories and don't remove them even if the CTM file
157 specifies they are to be removed. If the
159 option is specified, these files and directories will not be backed up.
161 List files that would be modified by this invocation of CTM and the
162 actions that would be performed on them. Use of the
166 checks and integrity checks on the source tree being operated on. The
168 option can be combined with the
172 options to determine which files would be modified by the given set of
173 command line options.
176 .It Fl t Ar tar-command
179 instead of the default archiver
181 This option takes effect only if a backup file had been specified using the
183 option. A %s in the tar command will be replaced by the name of the backup
186 Put temporary files under
189 Set modification time of created and modified files to the CTM delta
196 is the level of verbosity.
197 .It Fl x Ar regular_expression
198 Match each name in the CTM file against
199 .Ar regular_expression
200 and if it matches, leave the file alone. There may be any number of these
201 options. Use of this option disables the
203 sequence number checks.
205 Pathnames can be selected for CTM's consideration using the
210 On its own, CTM is an insecure protocol
211 - there is no authentication performed that the
212 changes applied to the source code were sent by a
213 trusted party, and so care should be taken if the
214 CTM deltas are obtained via an unauthenticated
215 medium such as regular email.
216 It is a relatively simple matter for an attacker
217 to forge a CTM delta to replace or precede the
218 legitimate one and insert malicious code into your
220 If the legitimate delta is somehow prevented from
221 arriving, this will go unnoticed until a later
222 delta attempts to touch the same file, at which
223 point the MD5 checksum will fail.
225 To remedy this insecurity, CTM pieces generated by
226 FreeBSD.org are cryptographically signed in a
227 format compatible with the GNU Privacy Guard
228 utility, available in /usr/ports/security/gpg, and
229 the Pretty Good Privacy v5 utility,
230 /usr/ports/security/pgp5.
231 The relevant public key can be obtained by
232 fingering ctm@FreeBSD.org.
234 CTM deltas which are thus signed cannot be
235 undetectably altered by an attacker.
236 Therefore it is recommended that you make use of
237 GPG or PGP5 to verify the signatures if you
238 receive your CTM deltas via email.
241 if set to a pathname, will cause ctm to use that pathname
242 as the location of temporary file.
245 for more details on this.
246 The same effect may be achieved with the
251 contains the sequence number of the last CTM delta applied. Changing
252 or removing this file will greatly confuse
259 options can update a partial subset of the source tree and causes sources
260 to be in an inconsistent state. It is assumed that you know what you are
261 doing when you use these options.
265 /usr/sbin/ctm ~ctm/cvs-*
268 To extract and patch all sources under `lib'
271 /usr/sbin/ctm -e '^lib' ~ctm/src-cur*
274 Numerous messages, hopefully self-explanatory. The
276 can be adjusted with the
286 Initial trials were run during the work on
289 methods were hashed out.
296 The CTM system has been designed and implemented by
297 .An Poul-Henning Kamp
298 .Aq phk@FreeBSD.org .
301 .Aq joerg@FreeBSD.org