Installing Tarsnap from source
At the present time, pre-built binaries are not available for Tarsnap — it must be compiled from the source code.
- Download the source tarball and signed SHA256 hash file (see below for links to these files for the latest version of Tarsnap).
Verify that the files have not been tampered with (this step may be
skipped if you're not worried about security):
Verify the GPG signature on the SHA256 hash file using
GnuPG and the
Tarsnap code signing GPG key
Older versions are signed with older keys
$ gpg --decrypt tarsnap-sigs-126.96.36.199.asc SHA256 (tarsnap-autoconf-188.8.131.52.tgz) = a2909e01e2f983179d63ef2094c42102c92c716032864e66ef25ae341ea28690 gpg: Signature made Fri Aug 21 08:59:42 2015 PDT using RSA key ID 46B64BEB gpg: Good signature from "Tarsnap source code signing key (Colin Percival) <firstname.lastname@example.org>"
Verify that the SHA256 hash of the tarball matches the value in
the signed SHA256 hash file (on Linux systems, you may need to use
sha256sumcommand, and on OS X you may need to use
shasum -a 256instead of
$ sha256 tarsnap-autoconf-184.108.40.206.tgz SHA256 (tarsnap-autoconf-220.127.116.11.tgz) = a2909e01e2f983179d63ef2094c42102c92c716032864e66ef25ae341ea28690
- Verify the GPG signature on the SHA256 hash file using GnuPG and the Tarsnap code signing GPG key
Make sure you have the necessary package dependencies installed:
A C compiler (gcc or clang), make, system header files, OpenSSL
(including header files), zlib (including header files), and on
ext2fs/ext2_fs.hheader (which is NOT the same as the
On most UNIX systems all the necessary packages will already be present, but on Linux they may need to be installed manually:
On Debian, Ubuntu, and related distributions, make sure the
e2fslibs-devpackages are installed.
On RedHat, SuSE, Amazon Linux, and related distributions, make
e2fsprogs-develpackages are installed.
- If you run another flavour of Linux, you can probably figure out which packages you need, but please contact me so I can update this list.
- On Debian, Ubuntu, and related distributions, make sure the
- Extract the tarball and "cd" into that directory.
./configureto configure Tarsnap for your system.
- If the configure script complains about OpenSSL, zlib, or ext2_fs.h not being present, you didn't install the right dependent packages. Make sure you got the "development" versions (which have the header files Tarsnap needs) and not just the "library" versions.
make all install cleanto build and install Tarsnap.
Latest Tarsnap release
Tarsnap 18.104.22.168 (August 20, 2015)
Changes since version 1.0.35:
- A theoretically exploitable one-byte buffer overflow when archiving objects with long path names is fixed.
- A vulnerability which allowed a corrupt archive to cause tarsnap to allocate a large amount of memory upon listing archives or reading the corrupt archive is fixed.
- Tarsnap no longer crashes if its first DNS lookup fails.
- Tarsnap no longer exits with "Callbacks uninitialized" when running on a dual-stack network if the first IP stack it attempts fails to connect.
tarsnap -c --dry-runcan now run without a keyfile, allowing users to predict how much Tarsnap will cost before signing up.
- Tarsnap now includes bash completion scripts.
- Tarsnap now automatically detects and uses AESNI and SSE2 cpu features.
Changes since version 1.0.36:
- Tarsnap now works around an OS X standards-compliance bug which was making tarsnap fail to build.