Add apt/brew package info for binwalk and {mk,un}squashfs

[ANogin]

• [ X] I have reviewed the OFRAK contributor guide and attest that this pull request is in accordance with it.

One sentence summary of this PR (This should go in the CHANGELOG!) Add apt/brew package info for binwalk and mksqashfs/unsquashfs

Link to Related Issue(s) N/A

Please describe the changes in your request. Added apt/brew package info for binwalk and mksqashfs/unsquashfs - not sure why it was not there already?

Anyone you think should look at this, specifically? Not sure

[rbs-jacob]

Binwalk apt/brew package info not included because it is assumed binwalk is installed from source, not from either of those package managers.

https://github.com/redballoonsecurity/ofrak/blob/6052e9b5340213fecc72e8d443ea17d2e911babf/ofrak_core/requirements-non-pypi.txt#L2

If I recall correctly, the apt version of binwalk in the base Docker images we use is insanely out of date, and caused some problems at some point.

But also, in general, having as many of the dependencies as possible installed via pip (rather than using system package managers) is preferable in my opinion. It means that a user who does pip install ofrak gets many of the dependencies, even if they don't do further installation steps using their system package manager. It also means OFRAK is more portable to systems with package managers for which we do not have explicit support.

[ANogin]

@rbs-jacob makes sense. Unfortunately binwalk in PyPI is even more out of date, so we end up having to have the ofrak/ofrak_core/requirements-non-pypi.txt (since PyPI disallows a dependency on a non-PyPI package :( ).

Does apt/brew make sense to include for {mk,un}squashfs? If yes, I will mutate this PR to just that (or should I do a fresh one instead)?; if no, should just close this PR.

[rbs-jacob]

Tough to say about {mk,un}squashfs. We do build a specific version in Docker, I believe because apt ones were too out-of-date to have support for a particular command-line flag we need. But I don't know if that's necessarily a good case for not having the brew/apt package names listed in OFRAK.

https://github.com/redballoonsecurity/ofrak/blob/6052e9b5340213fecc72e8d443ea17d2e911babf/ofrak_core/Dockerstub#L50-L60

I defer to @whyitfor and/or @EdwardLarson on this one.

[ANogin]

Actually, brew does install a recent binwalk (2.3.3) and squashfstools v4.6.1 (newer than what we do), so probably should be included.

For apt:

• Ubuntu 20.04 installs binwalk 2.2.0+dfsg1 and squashfs-tools 4.4
• Ubuntu 22.04 installs binwalk 2.3.3+dfsg1 and squashfs-tools 4.5

so perhaps good enough at least in some cases?

P.S. Broader longer-term question - should ofrak deps be capable of checking and then reporting to the user when a dependency is present, but is too old to be usable? At least for some of these, where the OS is likely to come with ones that are too old?

[rbs-jacob]

In the case of unsquashfs, the ofrak deps command will check that a new enough version is used.

https://github.com/redballoonsecurity/ofrak/blob/5c1cd3b7c303677560baae893bcd8c314f356949/ofrak_core/ofrak/core/squashfs.py#L25-L48