WHAT ARE .exe FILES AND HOW ARE THEY GENERATED ?
  WHAT ARE .bff FILES ?
  HOW CAN I BE SURE THAT THE .bff FILE HAS NOT BEEN MODIFIED ? (may not be up to date !)
  HOW TO INSTALL AIX TOOLBOX FOR LINUX PACKAGE (RPM Format : IBM link)

This page describes how to install freeware and shareware utilities for AIX v4 and v5  delivered in ".exe" files. These installation instructions will use the example of the package lsof-4.41.0.0.exe.

1. Download the package required.

2. Change the file modes so that the package is executable and, as a non-root user, execute the package as shown in the following example:
   • $ chmod +x lsof-4.41.0.0.exe
   • $ ./lsof-4.41.0.0.exe

     UnZipSFX 5.32 of 3 November 1997, by Info-ZIP (Zip-Bugs@lists.wku.edu).
       inflating: lsof-4.41.0.0.bff
       inflating: lsof-4.41.0.0.bff.asc 

3. The file lsof-4.41.0.0.bff.asc above is an ASCII file that contains information (including a PGP signature) that can be used to verify the LPP downloaded. It should be read carefully.
   
4. Log in as root and use the following commands to install the bff file
   • # rm -f .toc
   • # smit install_latest
     

5. When smit asks for the "INPUT device / directory for software", type in the name of the directory where the file is stored (or just answer with "." if the file is in the current directory), and then type RETURN.

6. When the next set of menus are displayed, use F4 to generate a list of packagesin the directory. Use F7 to select the LPP to install and press RETURN to finish choosing. Keep the default values for all the other choices, and press RETURN twice to start the install.s

• export  MANPATH=/usr/share/man:/usr/local/man:/uman:

Some LPPs require additional modifications to the machine or to the environment.
Please refer to the README or INSTALL files delivered with the LPPs.

To list all the files installed by the LPP, use the command :

• lslpp -f "freeware.lsof.*"

• lslpp -f "freeware*" "shareware*" | grep -i readme

The packages on this server have been compressed using "zip", a powerful freeware compression tool that uses the same compression algorithm as "gzip", but uses the file format of PK-ZIP (a PC compression tool).
The zip-files generated by the Unix tool "zip" are compatible with pkzip zip-files.
To decompress (unzip) the .exe files on this server, no additional tools are required. All the files are packaged as self-decompressing zip-files. Simply copy the ".exe" file to your disk, set the file modes to allow execution, and then execute the file to extract the ".bff" file it contains. This can (should?) be done without being "root".
These .exe files are generated by concatenating a tool delivered in the "unzip" package with the zip-file containing the .bff archive, as follows :
    $ cat /usr/local/bin/unzipsfx lsof-3.68.0.0.zip > lsof-3.68.0.0.exe

"bff" stands for "Backup File Format", which just means that the file was created using the AIX® "backup" tool and can be read using AIX® tool "restore".
Under AIX®, the standard product packaging system uses the BFF format. However additional information about the individual files delivered in the product are included inside the BFF package. This packaging is said to be an LPP. LPP means "Licensed Product Package", but in the case of freeware the concepts of "license" and "product" very different from what IBM planned in the beginning.
The freeware and shareware are on the server http://www.bullfreeware.com and its mirrors

Europe
• http://www.bull.de/pub/
• http://ftp.univie.ac.at/aix/
• ftp://ftp.TU-Cottbus.De/aix/bull.mirror
North America
• http://www.rge.com/pub/systems/aix/bull/
• ftp://ftp.rge.com/pub/systems/aix/bull/

The newer freeware packages on this server have been signed a Pretty Good Privacy (PGP) key belonging to Ciaran Deignan. Currently this signature has not been signed by any "trusted third parties", so the first time you download the signature you will have to make a "leap of faith" the first time you use it.

The PGP signature is contained in the .asc file delivered inside the AIX-autoextractable zipfile. Of course, it is a bad idea to execute anything before you have verified it, so in a perfect world it should be unzipped using unzip under unix or pkunzip on a PC.

My Public PGP Key should be added you your public keyring as follows:

$ pgpk -a ciaran_deignan.pgp

Adding keys:

Key ring: 'ciaran_deignan.pgp'
Type Bits KeyID      Created    Expires    Algorithm       Use
pub  1024 0x22F02AED 1999-03-15 ---------- RSA             Sign & Encrypt
uid  xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

1 matching key found

Add these keys to your keyring? [Y/n]

Keys added successfully.

Once my PGP Key has been added to your keyring, the signature can be verified as follows:

$ pgpv lsof-4.41.0.0.bff.asc
Opening file "/dev/null" type text.
This signature applies to another message
File to check signature against [lsof-4.41.0.0.bff]:
Good signature made 1999-03-19 13:40 GMT by key:
  1024 bits, Key ID 22F02AED, Created 1999-03-15

WARNING: The signing key is not trusted to belong to:
xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx

The above message indicates that the signature is good, but the key in not necessarily mine. The rest is a question of faith.

The next best way to verify that nothing has been modified is to check the MD5 checksum. The MD5 checksums for all the BFF files is in the file 00_MD5.txt. These checksums were generated using the "siggen" tool in the "tripwire" package.

[ Home Page ]

Last Updated : June 3rd , 2004