pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/pkgtools/pkg_install Update to pkg_install-20070714



details:   https://anonhg.NetBSD.org/pkgsrc/rev/9bf6c62c48b7
branches:  trunk
changeset: 530926:9bf6c62c48b7
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Sat Jul 14 20:17:06 2007 +0000

description:
Update to pkg_install-20070714
Merge of audit-packages with various improvements:
* Version 20070714
        Initial release of re-write in C
        Add support for notfication of eol packages (-e)
        Multiple levels of verbosity (e.g. -v -v)
        Specify a custom config file to use (-c)
        Query running config values (-Q)
        Default to download .gz compress pkg-vulnerabilities file
        Support for .bz2 compress pkg-vulnerabilities file
        Verify signature on downloaded files (-s)

Thanks to tron@, jschauma@, agc@, joerg@ and pkgsrc-security@ for feedback
and testing.

diffstat:

 pkgtools/pkg_install/MESSAGE                                                  |    42 +
 pkgtools/pkg_install/Makefile                                                 |    29 +-
 pkgtools/pkg_install/PLIST                                                    |    11 +-
 pkgtools/pkg_install/files/Makefile.in                                        |     4 +-
 pkgtools/pkg_install/files/README                                             |     5 +-
 pkgtools/pkg_install/files/audit-packages/AUTHORS                             |    11 +
 pkgtools/pkg_install/files/audit-packages/COPYING                             |    30 +
 pkgtools/pkg_install/files/audit-packages/Makefile.in                         |    85 +
 pkgtools/pkg_install/files/audit-packages/README                              |     5 +
 pkgtools/pkg_install/files/audit-packages/audit-packages.1.in                 |   336 +++
 pkgtools/pkg_install/files/audit-packages/audit-packages.c                    |  1093 ++++++++++
 pkgtools/pkg_install/files/audit-packages/audit-packages.cat1.in              |   183 +
 pkgtools/pkg_install/files/audit-packages/audit-packages.conf.5.in            |   123 +
 pkgtools/pkg_install/files/audit-packages/audit-packages.conf.cat5.in         |    70 +
 pkgtools/pkg_install/files/audit-packages/audit-packages.conf.in              |    78 +
 pkgtools/pkg_install/files/audit-packages/download-vulnerability-list.1.in    |   336 +++
 pkgtools/pkg_install/files/audit-packages/download-vulnerability-list.cat1.in |   183 +
 pkgtools/pkg_install/files/audit-packages/download-vulnerability-list.sh.in   |   205 +
 pkgtools/pkg_install/files/configure                                          |    13 +-
 pkgtools/pkg_install/files/configure.ac                                       |     9 +-
 20 files changed, 2841 insertions(+), 10 deletions(-)

diffs (truncated from 3037 to 300 lines):

diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/MESSAGE
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/pkgtools/pkg_install/MESSAGE      Sat Jul 14 20:17:06 2007 +0000
@@ -0,0 +1,42 @@
+===========================================================================
+$NetBSD: MESSAGE,v 1.1 2007/07/14 20:17:06 adrianp Exp $
+
+You may wish to have the vulnerabilities file downloaded daily so that
+it remains current.  This may be done by adding an appropriate entry
+to a users crontab(5) entry.  For example the entry
+
+# download vulnerabilities file
+0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1
+
+will update the vulnerability list every day at 3AM. You may wish to do
+this more often than once a day.
+
+In addition, you may wish to run the package audit from the daily
+security script.  This may be accomplished by adding the following
+lines to /etc/security.local
+
+if [ -x ${PREFIX}/sbin/audit-packages ]; then
+        ${PREFIX}/sbin/audit-packages
+fi
+
+Alternatively this can also be acomplished by adding an entry to a users
+crontab(5) file. e.g.:
+
+# run audit-packages
+0 3 * * * ${PREFIX}/sbin/audit-packages
+
+audit-packages and/or download-vulnerability-list need not be run by
+the root user.  They will function as an unpriveleged user just so
+long as the user chosen has permmission to write the pkg-vulnerabilites
+to ${PKGVULNDIR}.
+
+A sample audit-packages.conf has been installed to:
+
+       ${EGDIR}/audit-packages.conf
+
+You may want to customise this file and copy it to /etc/audit-packages.conf.
+If you want to use signature verification you will need to install GnuPG and
+set the path for GPG appropriately in your audit-packages.conf.  See
+audit-packages.conf(5) and audit-packages(8) for further information.
+
+===========================================================================
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/Makefile
--- a/pkgtools/pkg_install/Makefile     Sat Jul 14 19:12:22 2007 +0000
+++ b/pkgtools/pkg_install/Makefile     Sat Jul 14 20:17:06 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: Makefile,v 1.131 2007/07/10 15:19:18 joerg Exp $
+# $NetBSD: Makefile,v 1.132 2007/07/14 20:17:06 adrianp Exp $
 
 # Notes to package maintainers:
 #
@@ -17,13 +17,15 @@
 HOMEPAGE=              http://www.pkgsrc.org/
 COMMENT=               Package management and administration tools for pkgsrc
 
+CONFLICTS+=            audit-packages-[0-9]*
+
 GNU_CONFIGURE=         yes
 CONFIGURE_ARGS+=       --with-pkgdbdir=${PKG_DBDIR:Q}
 CONFIGURE_ARGS+=       --with-ftp="\"${FETCH_CMD}"\"
 CONFIGURE_ARGS+=       --with-mtree="\"${MTREE}"\"
 CONFIGURE_ARGS+=       --with-pax="\"${PAX}"\"
 CONFIGURE_ARGS+=       --with-tar="\"${TAR}"\"
-USE_TOOLS+=            mtree pax tar
+USE_TOOLS+=            mtree pax tar gzcat
 
 # The following tools are needed by pkg_view and linkfarm.
 USE_TOOLS+=            chmod cmp cp env find grep ln mkdir rm rmdir    \
@@ -48,6 +50,8 @@
 PKG_DELETE=            ${WRKSRC}/delete/pkg_delete
 
 CPPFLAGS+=             -DDEF_UMASK=${DEF_UMASK}
+CPPFLAGS+=             -DPREFIX="\"${PREFIX}\""
+CPPFLAGS+=             -DSYSCONFDIR="\"${PKG_SYSCONFDIR}\""
 
 MAKE_ENV+=             MACHINE_ARCH=${MACHINE_ARCH:Q}
 MAKE_ENV+=             OPSYS=${OPSYS:Q}
@@ -55,6 +59,7 @@
 PKG_DBDIR?=            /var/db/pkg
 PKG_INFO=              PKG_DBDIR=${PKG_DBDIR:Q} ${PKG_INFO_CMD}
 PKG_ADMIN=             PKG_DBDIR=${PKG_DBDIR:Q} ${PKG_ADMIN_CMD}
+EGDIR=                 ${PREFIX}/share/examples/pkg_install
 
 PLIST_SUBST+=          PKG_DBDIR=${PKG_DBDIR:Q}
 
@@ -63,12 +68,32 @@
 FILES_SUBST+=          PKG_DBDIR=${PKG_DBDIR:Q}                        \
                        PKG_TOOLS_BIN=${PKG_TOOLS_BIN:Q}                \
                        MKDIR=${MKDIR:Q}
+MESSAGE_SUBST+=                PKGVULNDIR=${PKG_DBDIR:Q}                       \
+                       EGDIR=${EGDIR:Q}
 
 .include "../../mk/bsd.prefs.mk"
 
 VERSION!=              ${AWK} -F '"' '/PKGTOOLS_VERSION/ {print $$2}' \
                        ${FILESDIR}/lib/version.h
 
+# Make sure download-vulnerability-list.sh picks up the right tools
+# in the right directories.
+#
+SUBST_CLASSES=         paths
+SUBST_STAGE.paths=     pre-configure
+SUBST_MESSAGE.paths=   Fixing paths in scripts.
+SUBST_FILES.paths=     audit-packages/download-vulnerability-list.sh.in
+SUBST_FILES.paths+=    audit-packages/audit-packages.1.in
+SUBST_FILES.paths+=    audit-packages/audit-packages.cat1.in
+SUBST_FILES.paths+=    audit-packages/audit-packages.conf.5.in
+SUBST_FILES.paths+=    audit-packages/audit-packages.conf.cat5.in
+SUBST_FILES.paths+=    audit-packages/audit-packages.conf.in
+SUBST_FILES.paths+=    audit-packages/download-vulnerability-list.1.in
+SUBST_FILES.paths+=    audit-packages/download-vulnerability-list.cat1.in
+SUBST_SED.paths=       -e 's,@gzcat@,${GZCAT},g'
+SUBST_SED.paths+=      -e 's,@sysconfdir@,${PKG_SYSCONFDIR},g'
+SUBST_SED.paths+=      -e 's,@prefix@/bin/gpg,${PREFIX}/bin/gpg,g'
+
 do-extract:
        @${CP} -R ${FILESDIR} ${WRKSRC}
 
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/PLIST
--- a/pkgtools/pkg_install/PLIST        Sat Jul 14 19:12:22 2007 +0000
+++ b/pkgtools/pkg_install/PLIST        Sat Jul 14 20:17:06 2007 +0000
@@ -1,4 +1,6 @@
-@comment $NetBSD: PLIST,v 1.8 2006/04/24 13:52:04 dillo Exp $
+@comment $NetBSD: PLIST,v 1.9 2007/07/14 20:17:06 adrianp Exp $
+man/cat1/audit-packages.0
+man/cat1/download-vulnerability-list.0
 man/cat1/linkfarm.0
 man/cat1/pkg_add.0
 man/cat1/pkg_admin.0
@@ -6,7 +8,10 @@
 man/cat1/pkg_delete.0
 man/cat1/pkg_info.0
 man/cat1/pkg_view.0
+man/cat5/audit-packages.conf.0
 man/cat5/pkg_summary.0
+man/man1/audit-packages.1
+man/man1/download-vulnerability-list.1
 man/man1/linkfarm.1
 man/man1/pkg_add.1
 man/man1/pkg_admin.1
@@ -14,7 +19,10 @@
 man/man1/pkg_delete.1
 man/man1/pkg_info.1
 man/man1/pkg_view.1
+man/man5/audit-packages.conf.5
 man/man5/pkg_summary.5
+sbin/audit-packages
+sbin/download-vulnerability-list
 sbin/linkfarm
 sbin/pkg_add
 sbin/pkg_admin
@@ -22,3 +30,4 @@
 sbin/pkg_delete
 sbin/pkg_info
 sbin/pkg_view
+share/examples/pkg_install/audit-packages.conf
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/files/Makefile.in
--- a/pkgtools/pkg_install/files/Makefile.in    Sat Jul 14 19:12:22 2007 +0000
+++ b/pkgtools/pkg_install/files/Makefile.in    Sat Jul 14 20:17:06 2007 +0000
@@ -1,6 +1,6 @@
-# $NetBSD: Makefile.in,v 1.6 2004/08/31 17:40:41 jlam Exp $
+# $NetBSD: Makefile.in,v 1.7 2007/07/14 20:17:06 adrianp Exp $
 
-SUBDIRS=       lib add admin create delete info view
+SUBDIRS=       lib add admin create delete info view audit-packages
 
 all:
        @for dir in $(SUBDIRS); do \
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/files/README
--- a/pkgtools/pkg_install/files/README Sat Jul 14 19:12:22 2007 +0000
+++ b/pkgtools/pkg_install/files/README Sat Jul 14 20:17:06 2007 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: README,v 1.7 2005/05/30 13:23:31 wiz Exp $
+# $NetBSD: README,v 1.8 2007/07/14 20:17:07 adrianp Exp $
 # Original from FreeBSD, no rcs id.
 
 This is the pkg_install suite of tools for doing maintainance of
@@ -12,7 +12,8 @@
 
 In another round of enhancements, NetBSD changes were added by
 Alistair Crooks, Hubert Feyrer, Thorsten Frueauf, Rene Hexel,
-Christian E. Hopps, Thomas Klausner, Johnny Lam, and Matthias Scheler.
+Christian E. Hopps, Thomas Klausner, Johnny Lam, Matthias Scheler and
+Adrian Portelli.
 
 When making snapshots, please modify PKGTOOLS_VERSION in lib/version.h
 to that day's date.
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/files/audit-packages/AUTHORS
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/pkgtools/pkg_install/files/audit-packages/AUTHORS Sat Jul 14 20:17:06 2007 +0000
@@ -0,0 +1,11 @@
+# $NetBSD: AUTHORS,v 1.1 2007/07/14 20:17:08 adrianp Exp $
+
+* The functions that deal with finding packages such as fixpkgname()
+  foundpkg() and checkforpkg() were taken from the pkg_install
+  set of tools.  Authors for this include Jordan Hubbard, John Kohl,
+  Alistair Crooks, Hubert Feyrer, Thorsten Frueauf, Rene Hexel,
+  Christian E. Hopps, Thomas Klausner, Johnny Lam, and Matthias Scheler.
+
+* This is basically a re-write in C of the audit-packages tool
+  by Adrian Portelli (adrianp%NetBSD.org@localhost).  The tool was originally 
+  authored by Alistair G. Crooks (agc%NetBSD.org@localhost).
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/files/audit-packages/COPYING
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/pkgtools/pkg_install/files/audit-packages/COPYING Sat Jul 14 20:17:06 2007 +0000
@@ -0,0 +1,30 @@
+/*
+ * Copyright (c) 2007 Adrian Portelli <adrianp%NetBSD.org@localhost>.  
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above
+ *    copyright notice, this list of conditions and the following
+ *    disclaimer in the documentation and/or other materials provided
+ *    with the distribution.
+ * 3. Neither the name of author(s) nor the names of its contributors 
+ *    may be used to endorse or promote products derived from this 
+ *    software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+ * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+ * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+ * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+ * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+ * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+ * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
diff -r e20b3081195f -r 9bf6c62c48b7 pkgtools/pkg_install/files/audit-packages/Makefile.in
--- /dev/null   Thu Jan 01 00:00:00 1970 +0000
+++ b/pkgtools/pkg_install/files/audit-packages/Makefile.in     Sat Jul 14 20:17:06 2007 +0000
@@ -0,0 +1,85 @@
+# $NetBSD: Makefile.in,v 1.1 2007/07/14 20:17:08 adrianp Exp $
+
+prefix = @prefix@
+exec_prefix = @exec_prefix@
+sbindir = @sbindir@
+mandir = @mandir@
+pprefix = @prefix@
+
+pkgdbdir = @pkgdbdir@
+sysconfdir = @sysconfdir@
+
+man5dir = $(mandir)/man5
+man1dir = $(mandir)/man1
+cat5dir = $(mandir)/cat5
+cat1dir = $(mandir)/cat1
+sharedir = $(prefix)/share/examples/pkg_install
+
+do_subst =     sed -e 's,_pkgdbdir_,$(pkgdbdir),g' \
+               -e 's,_sysconfdir_,$(sysconfdir),g' \
+               -e 's,_prefix_,$(prefix),g' \
+               -e 's,_pprefix_,$(pprefix),g' \
+               -e 's,_ftp_,@ftp@,g' \
+               -e 's,_gzcat_,@gzcat@,g'
+
+CC = @CC@
+CCLD= $(CC)
+LIBS= -linstall @LIBS@
+CPPFLAGS= @CPPFLAGS@ -DHOST=\"$(CANONICAL_HOST)\" -DPKGSRC -I. -I../lib
+DEFS= @DEFS@
+CFLAGS= @CFLAGS@ -Wall
+LDFLAGS= @LDFLAGS@ -L../lib
+SUBST_FILES= audit-packages.1 download-vulnerability-list.1 audit-packages.conf audit-packages.conf.5 audit-packages.conf.cat5
+
+INSTALL = @INSTALL@
+INSTALL_PROGRAM = @INSTALL_PROGRAM@
+INSTALL_DATA = @INSTALL_DATA@
+INSTALL_SCRIPT = @INSTALL_SCRIPT@
+CANONICAL_HOST = @CANONICAL_HOST@
+
+LINK= $(CCLD) $(CFLAGS) $(LDFLAGS) -o $@
+COMPILE= $(CC) $(DEFS) $(CPPFLAGS) $(CFLAGS)
+
+audit-packages_OBJS = audit-packages.o
+
+.c.o:
+       $(COMPILE) -c $< -o $@
+
+all: audit-packages
+
+audit-packages: $(audit-packages_OBJS)
+       $(LINK) $(audit-packages_OBJS) $(LIBS)
+
+subst:
+       @list='$(SUBST_FILES)'; for f in $$list; do \
+         $(do_subst) $$f > $$f.tmp; \
+         rm $$f; mv $$f.tmp $$f; \



Home | Main Index | Thread Index | Old Index