pkgsrc-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[pkgsrc/trunk]: pkgsrc/security/audit-packages Retire audit-packages in favou...



details:   https://anonhg.NetBSD.org/pkgsrc/rev/12102aeed740
branches:  trunk
changeset: 537672:12102aeed740
user:      adrianp <adrianp%pkgsrc.org@localhost>
date:      Sun Jan 13 20:20:06 2008 +0000

description:
Retire audit-packages in favour of pkg_install>=20070714.
All functionality in this package is now in pkg_install>=20070714.

As discussed on pkgsrc-users@ and OK'ed by agc@.

diffstat:

 security/audit-packages/DESCR                             |   12 -
 security/audit-packages/MESSAGE                           |   22 -
 security/audit-packages/MESSAGE.DragonFly                 |   23 -
 security/audit-packages/Makefile                          |  102 ----
 security/audit-packages/PLIST                             |    9 -
 security/audit-packages/files/audit-packages              |  235 ----------
 security/audit-packages/files/audit-packages.0            |  173 -------
 security/audit-packages/files/audit-packages.8            |  307 --------------
 security/audit-packages/files/audit-packages.conf         |   26 -
 security/audit-packages/files/download-vulnerability-list |  128 -----
 10 files changed, 0 insertions(+), 1037 deletions(-)

diffs (truncated from 1077 to 300 lines):

diff -r 2035a10c2c91 -r 12102aeed740 security/audit-packages/DESCR
--- a/security/audit-packages/DESCR     Sun Jan 13 19:25:58 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,12 +0,0 @@
-The audit-packages tools provide two scripts:
-
-(1) download-vulnerability-list, an easy way to download a list of
-security vulnerabilities which have been published.  This list is kept
-up to date by the NetBSD security officer.  It is held at the
-well-known URL:
-
-ftp://ftp.NetBSD.org/pub/NetBSD/packages/distfiles/vulnerabilities
-
-(2) audit-packages, an easy way to audit the current machine, checking
-each vulnerability listed by the security officer.  If a vulnerable
-package is installed, it will be shown by output to stdout.
diff -r 2035a10c2c91 -r 12102aeed740 security/audit-packages/MESSAGE
--- a/security/audit-packages/MESSAGE   Sun Jan 13 19:25:58 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,22 +0,0 @@
-===========================================================================
-$NetBSD: MESSAGE,v 1.3 2003/09/02 10:20:27 agc Exp $
-
-You may wish to have the vulnerabilities file downloaded daily so that
-it remains current.  This may be done by adding an appropriate entry
-to the root users crontab(5) entry.  For example the entry
-
-# download vulnerabilities file
-0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1
-
-will update the vulnerability list every day at 3AM. You may wish to do
-this more often than once a day.
-
-In addition, you may wish to run the package audit from the daily
-security script.  This may be accomplished by adding the following
-lines to /etc/security.local
-
-if [ -x ${PREFIX}/sbin/audit-packages ]; then
-        ${PREFIX}/sbin/audit-packages
-fi
-
-===========================================================================
diff -r 2035a10c2c91 -r 12102aeed740 security/audit-packages/MESSAGE.DragonFly
--- a/security/audit-packages/MESSAGE.DragonFly Sun Jan 13 19:25:58 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,23 +0,0 @@
-===========================================================================
-$NetBSD: MESSAGE.DragonFly,v 1.2 2006/03/02 18:31:49 joerg Exp $
-
-You may wish to have the vulnerabilities file downloaded daily so that
-it remains current.  This may be done by adding an appropriate entry
-to the root users crontab(5) entry.  For example the entry
-
-# download vulnerabilities file
-0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1
-
-will update the vulnerability list every day at 3AM. You may wish to do
-this more often than once a day.
-
-In addition, you may wish to run the package audit from the daily
-security script.  This may be accomplished by adding the following
-lines to /etc/periodic/security/NNN.audit-packages, where NNN is a
-number specifying the order of execution.
-
-if [ -x ${PREFIX}/sbin/audit-packages ]; then
-        ${PREFIX}/sbin/audit-packages
-fi
-
-===========================================================================
diff -r 2035a10c2c91 -r 12102aeed740 security/audit-packages/Makefile
--- a/security/audit-packages/Makefile  Sun Jan 13 19:25:58 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,102 +0,0 @@
-# $NetBSD: Makefile,v 1.78 2008/01/02 09:00:34 adrianp Exp $
-
-DISTNAME=      audit-packages-1.46
-CATEGORIES=    security pkgtools
-MASTER_SITES=  # empty
-DISTFILES=     # empty
-
-MAINTAINER=    agc%NetBSD.org@localhost
-COMMENT=       Tools to show vulnerabilities in installed packages
-
-PKG_INSTALLATION_TYPES=        overwrite pkgviews
-PKG_DESTDIR_SUPPORT=   user-destdir
-
-CONFLICTS+=    pkg_install>=20070714
-
-USE_TOOLS+=    digest:run
-
-BUILD_DEFS+=   PKGVULNDIR
-
-WRKSRC=                ${WRKDIR}
-NO_CHECKSUM=   yes
-
-OWN_DIRS=      ${PKGVULNDIR}
-MAN8DIR=       ${PREFIX}/${PKGMANDIR}/man8
-CAT8DIR=       ${PREFIX}/${PKGMANDIR}/cat8
-INSTALLATION_DIRS=     ${CAT8DIR} ${MAN8DIR} sbin \
-                       share/examples/audit-packages
-
-.include "../../mk/bsd.prefs.mk"
-
-.if ${OPSYS} == "DragonFly"
-MESSAGE_SRC=   ${PKGDIR}/MESSAGE.DragonFly
-.else
-MESSAGE_SRC=   ${PKGDIR}/MESSAGE
-.endif
-
-# If you're running NetBSD it's possible that you may already have
-# audit-packages installed as a part of the base OS.
-#
-.if ${OPSYS} == "NetBSD"
-.      if exists(/usr/sbin/audit-packages)
-PKG_FAIL_REASON+=      "audit-packages is already installed on this system"
-.      endif
-.endif
-
-CONF_FILES=    ${PREFIX}/share/examples/audit-packages/audit-packages.conf \
-               ${PKG_SYSCONFDIR}/audit-packages.conf
-
-SUBST_CLASSES=         paths
-SUBST_STAGE.paths=     post-build
-SUBST_FILES.paths=     audit-packages audit-packages.0 audit-packages.8
-SUBST_FILES.paths+=    download-vulnerability-list
-SUBST_SED.paths=       -e 's|@PKGVULNDIR@|${PKGVULNDIR}|g'
-SUBST_SED.paths+=      -e 's|@AWK@|${AWK}|g'
-SUBST_SED.paths+=      -e 's|@FETCH_CMD@|${FETCH_CMD:Q}|g'
-SUBST_SED.paths+=      -e 's|@FETCH_CMD_SHORT@|${FETCH_CMD:T:Q}|g'
-SUBST_SED.paths+=      -e 's|@PKGSRCDIR@|${PKGSRCDIR}|g'
-SUBST_SED.paths+=      -e 's|@PKG_TOOLS_BIN@|${PKG_TOOLS_BIN}|g'
-SUBST_SED.paths+=      -e 's|@PREFIX@|${PREFIX}|g'
-SUBST_SED.paths+=      -e 's|@SH@|${SH}|g'
-SUBST_SED.paths+=      -e 's|@DIGEST@|${DIGEST}|g'
-SUBST_SED.paths+=      -e 's|@CHMOD@|${CHMOD}|g'
-SUBST_SED.paths+=      -e 's|@MV@|${MV}|g'
-SUBST_SED.paths+=      -e 's|@RM@|${RM}|g'
-SUBST_SED.paths+=      -e 's|@MKDIR@|${MKDIR}|g'
-SUBST_SED.paths+=      -e 's|@PKG_SYSCONFDIR@|${PKG_SYSCONFDIR}|g'
-SUBST_SED.paths+=      -e 's|@FIND@|${FIND}|g'
-SUBST_MESSAGE.paths=   Fixing paths.
-
-.if ${OPSYS} == "SunOS" || ${OPSYS} == "AIX"
-USE_TOOLS+=    nroff
-.endif
-
-do-build:
-       for f in audit-packages audit-packages.0 audit-packages.8       \
-               download-vulnerability-list; do                         \
-               ${CP} ${FILESDIR}/$$f ${WRKSRC} ;                       \
-       done
-
-.if ${OPSYS} == "SunOS" || ${OPSYS} == "AIX"
-       # pre-created man-pages are "mandoc" pages, these OS need "man",
-       # so regen the .0 page
-       ${NROFF} -man ${WRKSRC}/audit-packages.8 >${WRKSRC}/audit-packages.0
-.endif
-
-do-install:
-       ${INSTALL_DATA} ${FILESDIR}/audit-packages.conf \
-               ${DESTDIR}${PREFIX}/share/examples/audit-packages
-
-       for f in audit-packages download-vulnerability-list; do \
-               ${INSTALL_SCRIPT} ${WRKSRC}/$$f ${DESTDIR}${PREFIX}/sbin; \
-       done
-
-       ${INSTALL_MAN} ${WRKSRC}/audit-packages.0 ${DESTDIR}${CAT8DIR}/
-       ${INSTALL_MAN} ${WRKSRC}/audit-packages.8 ${DESTDIR}${MAN8DIR}/
-
-       ${RM} -f ${DESTDIR}${CAT8DIR}/download-vulnerability-list.0
-       ${LN} -s audit-packages.0 ${DESTDIR}${CAT8DIR}/download-vulnerability-list.0
-       ${RM} -f ${DESTDIR}${MAN8DIR}/download-vulnerability-list.8
-       ${LN} -s audit-packages.8 ${DESTDIR}${MAN8DIR}/download-vulnerability-list.8
-
-.include "../../mk/bsd.pkg.mk"
diff -r 2035a10c2c91 -r 12102aeed740 security/audit-packages/PLIST
--- a/security/audit-packages/PLIST     Sun Jan 13 19:25:58 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,9 +0,0 @@
-@comment $NetBSD: PLIST,v 1.3 2006/12/09 12:30:47 adrianp Exp $
-man/cat8/audit-packages.0
-man/cat8/download-vulnerability-list.0
-man/man8/audit-packages.8
-man/man8/download-vulnerability-list.8
-sbin/audit-packages
-sbin/download-vulnerability-list
-share/examples/audit-packages/audit-packages.conf
-@dirrm share/examples/audit-packages
diff -r 2035a10c2c91 -r 12102aeed740 security/audit-packages/files/audit-packages
--- a/security/audit-packages/files/audit-packages      Sun Jan 13 19:25:58 2008 +0000
+++ /dev/null   Thu Jan 01 00:00:00 1970 +0000
@@ -1,235 +0,0 @@
-#! @SH@
-#
-# $NetBSD: audit-packages,v 1.31 2007/07/10 15:27:57 joerg Exp $
-#
-# Copyright (c) 2000-2003 Alistair Crooks.  All rights reserved.
-#
-# Redistribution and use in source and binary forms, with or without
-# modification, are permitted provided that the following conditions
-# are met:
-# 1. Redistributions of source code must retain the above copyright
-#    notice, this list of conditions and the following disclaimer.
-# 2. Redistributions in binary form must reproduce the above copyright
-#    notice, this list of conditions and the following disclaimer in the
-#    documentation and/or other materials provided with the distribution.
-# 3. All advertising materials mentioning features or use of this software
-#    must display the following acknowledgement:
-#      This product includes software developed by Alistair Crooks
-#      for the NetBSD project.
-# 4. The name of the author may not be used to endorse or promote
-#    products derived from this software without specific prior written
-#    permission.
-#
-# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
-# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
-# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
-# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
-# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
-# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
-# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
-# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
-# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
-# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
-# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
-#
-
-ERR_DOWNLOAD="Please run download-vulnerability-list."
-ERR_UPGRADE="Please upgrade security/audit-packages to the newest version."
-ERR_PKGINSTALL="Please upgrade pkgtools/pkg_install to the newest version."
-
-: ${PKGVULNDIR=@PKGVULNDIR@}
-
-FORMAT_MAJOR=1
-FORMAT_MINOR=0
-FORMAT_TEENY=0
-PKG_INSTALL_REQUIRED=20050530
-
-usage() {
-       argv0="${1##*/}"
-       cat <<EOF
-$2
-Usage: $argv0 [-dv] [-K pkg_dbdir] [-p package]
-    -d : Run download-vulnerability-list before anything else.
-    -K : Use pkg_dbdir as PKG_DBDIR.
-    -p : Check a specific package for vulnerabilities.
-    -v : Verbose mode
-EOF
-       exit 1
-}
-
-settingsmsg=""
-if [ -r @PKG_SYSCONFDIR@/audit-packages.conf ]; then
-       settingsmsg="Reading settings from @PKG_SYSCONFDIR@/audit-packages.conf"
-       . @PKG_SYSCONFDIR@/audit-packages.conf
-fi
-
-vuls="${PKGVULNDIR}/pkg-vulnerabilities"
-
-download=no
-verbose=no
-one_package=
-while [ $# -gt 0 ]; do
-       case "$1" in
-       -d)     download=yes ;;
-       -v)     verbose=yes ;;
-       -p)
-               one_package="$2"
-               shift
-               ;;
-       -K)
-               export PKG_DBDIR="$2"
-               shift
-               ;;
-       *)
-               usage "$0" "Unknown option $1"
-       esac
-       shift
-done
-
-case $verbose in
-yes)   case "$settingsmsg" in
-       "")     ;;
-       *)      echo "$settingsmsg"
-               ;;
-       esac
-       ;;
-esac
-
-# try to download vulnerability list, as requested
-# the integrity of the list is checked below
-# so just issue a warning if there was a failure
-case "$download" in
-yes)   @PREFIX@/sbin/download-vulnerability-list || \
-               echo "***WARNING***: download-vulnerability-list failure" 1>&2;;
-esac
-
-errmsg=""
-
-# check for missing vulnerabilities file



Home | Main Index | Thread Index | Old Index