Creating a manifest file manually in Scratchbox
In most cases, the Aegis manifest file is created automatically during packaging. For more information, see the Security guide and Aegis manifest file generation tool. However if you need to create the manifest file manually, you can run the aegis-manifest tool.
To use the aegis-manifest tool:
Prerequisites
You need to have aegis-manifest-dev
package installed inside your development ARM target's file system and a recent version of Scratchbox development kit scratchbox-devkit-hashutils-squeeze-sdk
.
The aegis-manifest-dev
package includes:
- Manifest Generator tool
aegis-manifest
- a database for mapping API calls to tokens (in
/usr/share/aegis-manifest-dev/api
of the target)
The Manifest Generator detects API calls and compares them to the required tokens in the database. If credentials are required, it creates the manifest file with the required credentials automatically.
Note: Other languages than C/C++, such as scripts embedded in an application, are currently not supported.
Manifest Generator tool
To see possible command line options, run:
[sbox-armv7: ~] > aegis-manifest -h aegis-manifest: version harmattan
Generates Aegis manifests for binary packages based on a static scan. Manifest lists the required tokens for the application to function based on API calls made which are known to require tokens. The tool takes destination directory of a built binary package and output manifest file matching the package as arguments. If arguments are not supplied, the tool expects it is run inside an armel source package directory as a part of or after running dpkg-buildpackage, and processes installation destdirs for packages listed in debian/control . Options: -d Print debug messages to stderr. -t PREFIX Path and prefix to toolchain utilities. ex. '-t /toolchain/path/arm-none-linux-gnueabi-' also environment AEGIS_TOOL_PREFIX -a PATH Look for API definitions under this path. Default is /usr/share/aegis-manifest-dev/api also environment AEGIS_API_PATH -f Overwrite existing Aegis manifest files. -h Show this usage message. Arguments: DESTDIR Input destination directory to scan. AEGIS Output Aegis Manifest file.
You can edit the file by using a simple text editor.
Building a package that includes a manifest file
- To include your
<packagename>.aegis
manifest file in the application package, place it under the/debian
directory in the package source directory. - See the corresponding instructions below based on whether you want to use the
debhelper.mk/autotools.mk
command, or a manually createddebian/rules
file for building the package. - To build a
<packagename>_<version>.deb
file, run thedpkg-buildpackage
script. The manifest file is stored with the name_aegis
as the fourth file in addition to standard Debian files (debian-binary
,control.tar.gz
, anddata.tar.gz
).
Note: All standard Debian tools ignore files with names that start with "_". The _aegis
and <packagename>.aegis
files are identical.
debhelper.mk/autotools.mk
command
Add the following lines into the rules file of your application package:
include /usr/share/cdbs/1/rules/debhelper.mk include /usr/share/cdbs/1/class/autotools.mk PACKAGE_TARGETS := $(foreach pkg,$(DEB_ALL_PACKAGES),binary/$(pkg)) $(PACKAGE_TARGETS):: [ ! -f debian/$(notdir $@).aegis ] || aegis-deb-add -control debian/$(notdir $@)/DEBIAN/control .. debian/$(notdir $@).aegis=_aegis
You must also add a build dependency to the aegis_builder
package for your debian/control
file. The following example illustrates how to add the dependency:
Build-Depends: ..., aegis-builder (>= 1.4)
debian/rules
file
For each package that has a manifest file, add the calls to aegis-deb-add
after the rule that builds the actual Debian packages:
aegis-deb-add -control debian/<your_application_package>/DEBIAN/control .. debian/<your_application_package>.aegis=_aegis