SQUASHFS-TOOLS 4.5.1 - A squashed read-only filesystem for Linux Copyright 2002-2022 Phillip Lougher Released under the GPL licence (version 2 or later). Welcome to Squashfs-Tools 4.5.1. This release adds Manpages, a fix for CVE-2021-41072 and the usual minor improvements and bug fixes. Please see the CHANGES file for a full list. The 4.5.1 release follows on from the 4.5 release last year, which had the following improvements. Summary of changes (and sections below) --------------------------------------- 1. Major improvements in Mksquashfs =================================== 1.1 Mksquashfs now supports "Actions". These are modelled on "find" and allow compression, fragment packing, file exclusion and file attributes to be changed on a per-file basis (see section 4). 1.2 New sqfstar command which will create a Squashfs image from a tar archive (see section 5). 1.3 Tar style handling of source pathnames in Mksquashfs. If option is specified, Mksquashfs will not strip leading directories (see section 6). 1.4 Cpio style handling of source pathnames in Mksquashfs. If this option is specified, files will be read in from stdin. No leading directories will be stripped (see section 7). 1.5 New option to throttle the amount of CPU and I/O Mksquashfs uses (see section 8). 1.6 New Pseudo file definitions which support timestamps (see section 9). 1.7 New Pseudo file definitions to create File references (Hard Links) (see section 10). 1.8 New Pseudo file definitions to create Sockets/Fifos (see section 11). 1.9 Mksquashfs now allows no source directory ( specified as - ) to be specified, with all input from pseudo file definitions (see section 12). 1.10 New Pseudo file "R" definition which allows a Regular file to be created with data stored within the Pseudo file (see 2.5 below). 2. Major improvements in Unsquashfs =================================== 2.1 New Sqfscat command which outputs the contents of files to standard out (see section 13). 2.2 Symbolic links are now followed in extract files, if -follow-symlinks or -missing-symlinks option specified (see section 14). 2.3 Unsquashfs now supports "exclude" files in addition to "extract" files (see section 15). 2.4 Max depth traversal option added (see section 16). 2.5 Unsquashfs can now output a "Pseudo file" representing the input Squashfs filesystem. This can be altered and given as input to Mksquashfs to re-generate the filesystem without unpacking it (see section 17). 3. Minor improvements and bug fixes =================================== 3.1 The progress bar is now displayed and updated whilst the input is being scanned (blocks to be compressed will increase). This means on large (or slow to read) input sources, Mksquashfs will not appear to hang doing nothing. 3.2 New -one-file-system option in Mksquashfs, which tells Mksquashfs to not cross filesystem boundaries when scanning the sources. 3.3 New -no-hardlinks option in Mksquashfs, which makes Mksquashfs treat hardlinked files as duplicates instead. 3.4 New -help options in Mksquashfs and Unsquashfs which output to standard out, rather than standard error. 3.5 New -root-uid option in Mksquashfs, which allows the uid of the root directory to be set. 3.6 New -root-gid option in Mksquashfs, which allows the gid of the root directory to be set. 3.7 New -root-time option in Mksquashfs, which allows the time of the root directory to be set. 3.8 -no-exit-code option added to Unsquashfs which makes it not output an error exit code. 3.9 Exit code in Unsquashfs changed to distinguish between non-fatal errors (exit of 2), and fatal errors (exit code of 1). 3.10 Mksquashfs when appending, now writes the recovery file to the home directory ($HOME), rather than the current directory. A new option -recovery-path has been added, which specifies that is to be used as the recovery file directory. 3.11 Xattr id count added in Unsquashfs "-stat" output. 3.12 Unsquashfs "write outside directory" exploit fixed. 3.13 Error handling in Unsquashfs writer thread fixed. 3.14 Fix failure to truncate destination file when appending aborted in Mksquashfs. 3.15 Prevent Mksquashfs reading the destination file as input. 4. Mksquashfs Actions Introduction ================================== The new Mksquashfs Actions code allows an "action" to be executed on a file if one or more "tests" succeed. If you're familiar with the "find" command, then an action is similar to "-print", and a test is similar to say "-name" or "-type". To illustrate this it is useful to give two concrete examples. example 1: the fragment action % mksquashfs /home/phillip/github github.sqsh -action "fragment(cfiles) @ name(*.[ch])" -action "fragment(ofiles) @ name(*.o)" This example defines two "fragment actions" which control the packing of files within fragments. Specifically, it creates a specialised fragment called "cfiles" which packs files matching the wildcard name "*.[ch]". It also creates another specialised fragment called "ofiles" which packs files matching the wilcard name "*.o". Producing specialised fragments which only pack files which match a range of tests, can produce better compression and/or I/O performance as it can optimise similarity or access patterns. But it can also produce worse compression, and so you should always test the effect. Additionally, you should be able to see that an action definition is split into an action function before the "@", and one or more test functions after the @. Quoting is necessary here to protect it from interpretation by the shell. Also the spacing before and after the "@" isn't necessary and is used here for added readability. example 2: the uncompressed action % mksquashfs /home/phillip backup.sqsh -action "uncompressed @ ( name(*.jpg) || name(*.mpg) ) || ( name(*.img) && filesize(+1G) )" This is a more complex example. It tells Mksquashfs to not try and compress any file which matches the wildcard names "*.jpg" and "*.mpg". But it also tells Mksquashfs not to try and compress files which match the wildcard name "*.img" and are also 1 Gigabyte in size or larger. This example introduces the fact that tests can be combined using the logical operators && (and), || (or) and ! (not), and can be bracketed. Please see the ACTIONS-README file for syntax and extra information. 5. New Sqfstar command to create image from a tar archive ========================================================= Mksquashfs when run as "sqfstar" (either named as such, or via a hard or symbolic link) will read a tar archive from standard in (stdin), and create a Squashfs image from it. Syntax: sqfstar [options] image [list of exclude dirs/files] Where is the output Squashfs filesystem. The tar archive should be uncompressed (pipe it though a decompressor if compressed). Sqfstar supports V7, ustar, bsdtar (libarchive), GNU tar and PAX extensions. Sparse file extensions are supported, including the "old GNU format, type S", and PAX formats, Versions 0.0, 0.1 and the current 1.0. Sqfstar supports extended attributes, and recognises the SCHILY xattr PAX extension (used by GNU tar), and the LIBARCHIVE xattr PAX extension (used by bsdtar). Files and directories may be excluded, and both anchored and non-anchored exclude files are supported (see section 3.5.2 in USAGE file and examples later). Wildcards (globbing) is supported by default. Sqfstar can also by invoked by running "mksquashfs source dest -tar", if the Sqfstar link isn't available. 5.1 Usage examples ------------------ % sqfstar image.sqfs < archive.tar Create a Squashfs image from archive.tar, using defaults (gzip compression, 128K blocks). % sqfstar -comp xz -b 1M image.sqfs < archive.tar As previous, but use XZ compression and 1Mbyte block sizes. % zcat archive.tgz | sqfstar image.sqfs Create a Squashfs image from a gzip compressed tar archive. % sqfstar -root-uid 0 -root-gid 0 image.sqfs < archive.tar Tar files do not supply a definition for the root directory, and the default is to make the directory owned/group owned by the user running Sqfstar. The above command sets the ownership/group ownership to root. % sqfstar -root-mode 0755 image.sqfs < archive.tar The default permissions for the root directory is 0777 (rwxrwxrwx). The above command sets the permissions to 0755 (rwxr-xr-x). % sqfstar image.sqsh dir1/file1 dir2/file2 < archive.tar Create a Squashfs image but exclude the files "file1" and "file2". % sqfstar image.sqsh "... *.[ch]" < archive.tar Create a Squashfs image but exclude any file matching "*.[ch]" anywhere in the archive. 5.2 Sqfstar options list ------------------------ The following is the full list of options supported by Sqfstar. Filesystem build options: -comp select compression Compressors available: gzip (default) -b set data block to . Default 128 Kbytes Optionally a suffix of K or M can be given to specify Kbytes or Mbytes respectively -reproducible build images that are reproducible (default) -not-reproducible build images that are not reproducible -mkfs-time