The Official Unofficial Zorp project
 
Overview| Examples| Bugs| FAQ | White papers | Download | Help wanted | SourceForge Project page | Filltable utility  
 
 
SourceForge.net: SF.net Project News: Zorp unofficial
  • zorp 2.0.9-6 has been released
  • iptables-utils zorp-unoff version has been released
  • New whitepaper, even more FAQs
  • Zorp whitepapers released, new FAQs
  • New tproxy versions
  • New Zorp version: get the DN
  • The best bughunter
  • Bughunting contest extended
  • Valentine day bughunting contest!
  • Site updates: FAQ, design
    		•
    SourceForge.net: Project File Releases: Zorp unofficial
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:49:58 GMT)
  • zorp 2.0.9-6 released (Mon, 01 Nov 2004 21:40:56 GMT)
  • iptables-utils 1.21-1 released (Mon, 01 Nov 2004 21:19:42 GMT)
  • zorp 2.0.9-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorplibll 2.0.26.24-1 released (Sat, 12 Jun 2004 00:00:00 GMT)
  • zorp zorp_2.0.8-1 released (Thu, 11 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-2 released (Wed, 03 Dec 2003 00:00:00 GMT)
  • zorp zorp_2.0.7-1 released (Tue, 11 Nov 2003 00:00:00 GMT)
  • zorplibll zorplibll_2.0.26.23-1 released (Mon, 10 Nov 2003 00:00:00 GMT)
    		•
    		Next Previous Contents

    2. CM plan

    GNU arch is used throughout the development of the TOE as a CM system (ACM_AUT.2.1D,ACM_CAP.4.2D).

    2.1 Use of the CM system

    The documentation of GNU arch can be read at http://www.gnu.org/software/gnu-arch/tutorial/arch.html , or you can issue "tla help" to see its commands, or "tla command --help" to see the help on a specific command.

    This section describes how GNU arch is used as the CM system for the TOE. (ACM_AUT.2.3C, ACM_AUT.2.4C, ACM_CAP.4.7C), in the "What changed?" subsection shows how to ascertain the changes between the TOE and its preceeding version in an automated way (ACM_AUT.2.5C).

    The repository

    The repository is at "/home/.mag/mag11/{archives}/2003-public" on my personal notebook. You can find a mirror of it at http://zorp-unoff.sourceforge.net/mag@debian.org--2003-public. You can register the public mirror as 

    tla register-archive mag@2003-public-http  http://zorp-unoff.sourceforge.net/mag@debian.org--2003-public
    on the name mag@2003-public-http. You can make it as your default archive with the command 
    tla my-default-archive mag@2003-public-http
    The filltable utility is at category "filltable". You can browse the filltable category of your default archive with the command 
    tla abrowse filltable
    There are two important branches of the category. The branch called "magtree" is the mainline development branch, and the branch called release contains the releases of the stuff (code which is undergone the acceptance procedure).

    Checkout

    You can check out the source with "tla get". To get the latest development tree, do a 

    tla get filltable--magtree
    To fresh up your source tree to the latest patch, do a "tle replay".

    Commit

    Well, the only person who commits to the main repository is me. You should send a unified context diff or a whole-tree changeset created by "tla mkpatch".

    If you have set up your ownrepository, you can use "tla log" and "tla commit" to check in, or a script like the one I use as tla-commit: 

    #!/bin/bash
logfile=`tla make-log`
tla what-changed -v >>$logfile
vi $logfile
tla commit

    Tagging

    I use tagging to "move" trees between branches. I use the following script called tla-tag: 

    #!/bin/bash

tmpnam=`mktemp /tmp/tla-tag-log.XXXXXXXXXXXXX`

echo -e "Summary:\nKeywords:\n\n$*\n" >$tmpnam 
vi $tmpnam
tla tag -l $tmpnam $*
rm -f $tmpnam
    To tag the last version of version 0.0 of the development branch to version 0.0 of the release branch I issue the command 
    tla-tag filltable--magtree--0.0 filltable--release--0.0

    What changed?

    If you want to see the difference between the repository and your source tree, first you have to see if there are new or deleted files, using "tla tree-lint". (This is an approximation of what tree-lint does, see the documentation for details.)

    If you make tree-lint happy (maybe with "make clean", "tla tag" or "tla delete"), you can explore the changes with "tla what-changed". To generate a patch for a tree where no new or deleted files, you can issue 

    tla what-changed --diffs
    You can give the revision in the repository to which you want to see the changes.

    Changelogs

    To see the change log of a revision from the archive, you can use "tla cat-archive-log". For example to see the log for filltable--magtree--0.0--patch-1, you can issue 

    cat-archive-log filltable--magtree--0.0--patch-1
    This way and with tla abrowse you can follow who has commited what, and when. This way you can check that the CM system is operating in accordance with the CM plan (ACM_CAP.4.8C), and that all configuration items have been and are being effectively maintained under the CM system (ACM_CAP.4.9C).

    2.2 Other rules and effects of using GNU arch

    As the master repository on my personal notebook, where I am the only user, and there are strict securrity measures, only I can change the master repository. That means that only authorized changes are made to the TOE implementation representation and to all other configuration items (ACM_AUT.2.1C, ACM_CAP.4.10C), as I have appointed myself as the authority upon the changes:)

    Because of the naming scheme of GNU arch, the TOE source tree is uniquely referenced with its branch, version and revision, and the source tree is labelled with its reference. (ACM_CAP.4.1D, ACM_CAP.4.1C, ACM_CAP.4.2C) The TOE itself is labeled with a version number derived from this unique reference in the following way: 

    tla logs -f|sed 's/^.*filltable--\(.\).*--\(.*\)--.*-\(.*\)$/\1.\2.\3/'|tail -1
    The correct reference is checked in build time by FIXME.

    The files describing the generation of the TOE (making a debian package of it) are in the source tree (this means debian/rules and Makefile), so under the control of GNU arch. (ACM_AUT.2.2C, ACM_CAP.4.11C)

    2.3 Configuration items

    The configuration items of the TOE are sets of different source files in the source tree. All of them are uniquely referenced with the TOE branch, version and revision (see above), and their path relative to the source tree root. (ACM_CAP.4.6C)

    You can identify all configuration items with the help of the "ls" or "find" commands, and looking up the corresponding patterns in the configuration list below. (ACM_CAP.4.5C)

    As there are only one configuration item (filltable) which contains implementation representation, there are no dependencies between configuration items.(ACM_AUT.2.6C is not relevant)

    You can see the list of all evaluation evidences in the configuration list. You can confirm there that the source code, the security flaws and the evaluation evidence are there. (ACM_SCP.2.1C)

    Next Previous Contents