pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/doc/guide/files Mention the new ALLOW_VULNERABILITIES ...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/478087483fc8
branches:  trunk
changeset: 503236:478087483fc8
user:      erh <erh%pkgsrc.org@localhost>
date:      Wed Nov 16 22:07:04 2005 +0000

description:
Mention the new ALLOW_VULNERABILITIES and SKIP_AUDIT_PACKAGES variables.

diffstat:

 doc/guide/files/configuring.xml |  19 +++++++++++++++++--
 doc/guide/files/faq.xml         |   7 ++++++-
 2 files changed, 23 insertions(+), 3 deletions(-)

diffs (61 lines):

diff -r 0499074adbf9 -r 478087483fc8 doc/guide/files/configuring.xml
--- a/doc/guide/files/configuring.xml   Wed Nov 16 21:46:08 2005 +0000
+++ b/doc/guide/files/configuring.xml   Wed Nov 16 22:07:04 2005 +0000
@@ -1,4 +1,4 @@
-<!-- $NetBSD: configuring.xml,v 1.7 2005/10/23 11:25:58 rillig Exp $ -->
+<!-- $NetBSD: configuring.xml,v 1.8 2005/11/16 22:07:04 erh Exp $ -->
 
 <chapter id="configuring">
   <title>Configuring pkgsrc</title>
@@ -101,7 +101,6 @@
   <!-- PKG_SYSCONFDIR.foobar -->
 
   <!-- Security -->
-  <!-- ALLOW_VULNERABLE_PACKAGES -->
   <!-- PKGVULNDIR -->
 
   <sect1 id="developer-advanced-settings">
@@ -131,6 +130,22 @@
            the shell commands before their invocation, and their
            actual execution progress with <command>set -x</command>
            will be displayed.</para></listitem>
+       <listitem><para><varname>ALLOW_VULNERABILITIES.<replaceable>pkgbase</replaceable></varname>:
+           A space separated list of vulnerability IDs that may be ignored when
+               performing the automated security checks.  These IDs are listed in the
+               pkg-vulnerabilities file and are displayed by
+               <command>audit-packages</command> when
+               it finds a vulnerable package.  
+         </para>
+       </listitem>
+       <listitem><para><varname>SKIP_AUDIT_PACKAGES</varname>:
+           If this is set to <quote>yes</quote>, the automated security checks
+               (which use the <filename role="pkg">security/audit-packages</filename>
+               package) will be <emphasis role="strong">entirely</emphasis> skipped
+               for <emphasis role="strong">all</emphasis> packages built.  Normally
+               you'll want to use ALLOW_VULNERABILITIES instead of this.
+         </para>
+       </listitem>
       </itemizedlist>
     </para>
   </sect1>
diff -r 0499074adbf9 -r 478087483fc8 doc/guide/files/faq.xml
--- a/doc/guide/files/faq.xml   Wed Nov 16 21:46:08 2005 +0000
+++ b/doc/guide/files/faq.xml   Wed Nov 16 22:07:04 2005 +0000
@@ -1,4 +1,4 @@
-<!-- $NetBSD: faq.xml,v 1.16 2005/10/23 11:25:58 rillig Exp $ -->
+<!-- $NetBSD: faq.xml,v 1.17 2005/11/16 22:07:04 erh Exp $ -->
 
 <chapter id="faq"> <?dbhtml filename="faq.html"?>
 <title>Frequently Asked Questions</title>
@@ -542,6 +542,11 @@
 the package's message, which you can get by running <userinput>pkg_info -D
 audit-package</userinput>.</para>
 
+<para>If this package is installed, pkgsrc builds will use it to perform
+a security check before building any package.  See
+<xref linkend="variables-affecting-build"/> for way to control this check.
+</para>
+
 </sect1>
 
 </chapter>



Home | Main Index | Thread Index | Old Index