The spf-unpack program

spf-unpack [$SP_ROOT]/package/host/[+spf+tag][-2.0[+spf+tag]] [...]

spf-unpack unpacks one or more package source archives. It is typically invoked by way of spf-install. For each package directory name like "/package/host/" given on the command line, it:

spf-unpack can handle source archives in tar, zip, cpio, RPM/SRPM, and shar format, possibly compressed with compress, gzip, bzip2, or lzma.

If a compressed file or SRPM is unpacked, temporary files are created in $TMPDIR (defaulting to /tmp).

If the sources already exist for a given package, spf-unpack will not unpack the archives again, to save time and preserve local modifications. You can set $SP_REUNPACK=y to force spf-unpack to unpack an archive even when the sources exist.

If $SP_COMPILE_USER is set, spf-unpack will create the package directory, chown it to $SP_COMPILE_USER, unpack the archives as $SP_COMPILE_USER, and chown it back to the calling user and group. This ensures that no files outside the package directory will be overwritten by unpacking the archive, assuming no other files under $SP_ROOT/package are owned by that user.