pkgsrc-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[pkgsrc/trunk]: pkgsrc/mk/flavor/pkg Remove support for separate audit-packag...
details: https://anonhg.NetBSD.org/pkgsrc/rev/61d492fb3fdf
branches: trunk
changeset: 539876:61d492fb3fdf
user: joerg <joerg%pkgsrc.org@localhost>
date: Sat Mar 15 16:12:27 2008 +0000
description:
Remove support for separate audit-packages, PKGTOOLS_REQD has been
bumped in the mean time.
diffstat:
mk/flavor/pkg/check.mk | 66 ++++++++++---------------------------------------
1 files changed, 14 insertions(+), 52 deletions(-)
diffs (78 lines):
diff -r 122f0a814921 -r 61d492fb3fdf mk/flavor/pkg/check.mk
--- a/mk/flavor/pkg/check.mk Sat Mar 15 15:09:54 2008 +0000
+++ b/mk/flavor/pkg/check.mk Sat Mar 15 16:12:27 2008 +0000
@@ -1,4 +1,4 @@
-# $NetBSD: check.mk,v 1.6 2008/01/03 20:51:21 adrianp Exp $
+# $NetBSD: check.mk,v 1.7 2008/03/15 16:12:27 joerg Exp $
#
# _flavor-check-vulnerable:
@@ -11,55 +11,17 @@
#
_flavor-check-vulnerable: .PHONY
${_PKG_SILENT}${_PKG_DEBUG} \
- if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${PKGTOOLS_VERSION}; then \
- vulnfile=${PKGVULNDIR:Q}/pkg-vulnerabilities; \
- if ${TEST} ! -f "$$vulnfile"; then \
- ${PHASE_MSG} "Skipping vulnerability checks."; \
- ${WARNING_MSG} "No $$vulnfile file found."; \
- ${WARNING_MSG} "To fix, install the pkgsrc/security/audit-packages"; \
- ${WARNING_MSG} "package and run: \`${DOWNLOAD_VULN_LIST}'."; \
- exit 0; \
- fi; \
- ${PHASE_MSG} "Checking for vulnerabilities in ${PKGNAME}"; \
- conffile=; \
- for dir in \
- __dummy \
- ${PKG_SYSCONFDIR.audit-packages:Q}"" \
- ${PKG_SYSCONFDIR:Q}""; \
- do \
- case $$dir in \
- /*) conffile="$$dir/audit-packages.conf"; break ;; \
- *) continue ;; \
- esac; \
- done; \
- if ${TEST} -z "$$conffile" -a -f "$$conffile"; then \
- . $$conffile; \
- fi; \
- ${SETENV} PKGNAME=${PKGNAME} \
- PKGBASE=${PKGBASE} \
- ${AWK} 'BEGIN { exitcode = 0 } \
- /^$$/ { next } \
- /^#.*/ { next } \
- $$1 !~ ENVIRON["PKGBASE"] && $$1 !~ /\{/ { next } \
- { s = sprintf("${PKG_ADMIN} pmatch \"%s\" %s && ${ERROR_MSG:S/"/\"/g} \"%s vulnerability in %s - see %s for more information\"", $$1, ENVIRON["PKGNAME"], $$2,
ENVIRON["PKGNAME"], $$3); if (system(s) == 0) { print $$1; exitcode += 1 }; } \
- END { exit exitcode }' < $$vulnfile || ${FALSE}; \
- if ${TEST} "$$?" -ne 0; then \
- ${ERROR_MSG} "Define ALLOW_VULNERABLE_PACKAGES if this package is absolutely essential"; \
- ${FALSE}; \
- fi; \
- else \
- _PKGVULNDIR=`${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR`; \
- vulnfile=$$_PKGVULNDIR/pkg-vulnerabilities; \
- if ${TEST} ! -f "$$vulnfile"; then \
- ${PHASE_MSG} "Skipping vulnerability checks."; \
- ${WARNING_MSG} "No $$vulnfile file found."; \
- ${WARNING_MSG} "To fix run: \`${DOWNLOAD_VULN_LIST}'."; \
- exit 0; \
- fi; \
- ${PHASE_MSG} "Checking for vulnerabilities in ${PKGNAME}"; \
- ${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -n ${PKGNAME}; \
- if ${TEST} "$$?" -ne 0; then \
- ${ERROR_MSG} "Define ALLOW_VULNERABLE_PACKAGES in mk.conf or IGNORE_URLS in audit-packages.conf(5) if this package is absolutely essential."; \
- ${FALSE}; \
- fi; \
+ _PKGVULNDIR=`${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR`; \
+ vulnfile=$$_PKGVULNDIR/pkg-vulnerabilities; \
+ if ${TEST} ! -f "$$vulnfile"; then \
+ ${PHASE_MSG} "Skipping vulnerability checks."; \
+ ${WARNING_MSG} "No $$vulnfile file found."; \
+ ${WARNING_MSG} "To fix run: \`${DOWNLOAD_VULN_LIST}'."; \
+ exit 0; \
+ fi; \
+ ${PHASE_MSG} "Checking for vulnerabilities in ${PKGNAME}"; \
+ ${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -n ${PKGNAME}; \
+ if ${TEST} "$$?" -ne 0; then \
+ ${ERROR_MSG} "Define ALLOW_VULNERABLE_PACKAGES in mk.conf or IGNORE_URLS in audit-packages.conf(5) if this package is absolutely essential."; \
+ ${FALSE}; \
fi
Home |
Main Index |
Thread Index |
Old Index