[pkgsrc/trunk]: pkgsrc/doc/guide/files Update documentation since vulnerable ...

[wiz <wiz%pkgsrc.org@localhost>]

details:   https://anonhg.NetBSD.org/pkgsrc/rev/8e8d93ba9128
branches:  trunk
changeset: 573580:8e8d93ba9128
user:      wiz <wiz%pkgsrc.org@localhost>
date:      Thu Mar 18 10:56:18 2010 +0000

description:
Update documentation since vulnerable packages are not moved
to the vulnerable/ directory any longer.

diffstat:

 doc/guide/files/bulk.xml  |  18 ++++++++----------
 doc/guide/files/faq.xml   |   4 ++--
 doc/guide/files/using.xml |  15 ++++-----------
 3 files changed, 14 insertions(+), 23 deletions(-)

diffs (93 lines):

diff -r 50d507f0f594 -r 8e8d93ba9128 doc/guide/files/bulk.xml
--- a/doc/guide/files/bulk.xml  Thu Mar 18 10:49:32 2010 +0000
+++ b/doc/guide/files/bulk.xml  Thu Mar 18 10:56:18 2010 +0000
@@ -1,4 +1,4 @@
-<!-- $NetBSD: bulk.xml,v 1.7 2009/10/11 20:50:48 rillig Exp $ -->
+<!-- $NetBSD: bulk.xml,v 1.8 2010/03/18 10:56:18 wiz Exp $ -->
 
 <chapter id="bulk">
 <title>Creating binary packages for everything in pkgsrc (bulk
@@ -157,13 +157,12 @@
        <itemizedlist>
 
          <listitem><para><varname>ALLOW_VULNERABLE_PACKAGES</varname>
-         should be set to <literal>yes</literal>. The purpose of the bulk
-         builds is creating binary packages, no matter if they are
-         vulnerable or not. When uploading the packages to a public
-         server, the vulnerable packages will be put into a directory of
-         their own. Leaving this variable unset would prevent the bulk
-         build system from even trying to build them, so possible
-         building errors would not show up.</para></listitem>
+         should be set to <literal>yes</literal>. The purpose of the
+         bulk builds is creating binary packages, no matter if they
+         are vulnerable or not. Leaving this variable unset would
+         prevent the bulk build system from even trying to build
+         them, so possible building errors would not show
+         up.</para></listitem>
 
          <listitem><para><varname>CHECK_FILES</varname>
          (<filename>pkgsrc/mk/check/check-files.mk</filename>) can be set to
@@ -585,8 +584,7 @@
       <para>The upload process may take quite some time. Use &man.ls.1; or
       &man.du.1; on the FTP server to monitor progress of the
       upload. The upload script will take care of not uploading
-      restricted packages and putting vulnerable packages into the
-      <filename>vulnerable</filename> subdirectory.</para>
+      restricted packages.</para>
 
       <para>After the upload has ended, first thing is to revoke ssh access:</para>
 
diff -r 50d507f0f594 -r 8e8d93ba9128 doc/guide/files/faq.xml
--- a/doc/guide/files/faq.xml   Thu Mar 18 10:49:32 2010 +0000
+++ b/doc/guide/files/faq.xml   Thu Mar 18 10:56:18 2010 +0000
@@ -1,4 +1,4 @@
-<!-- $NetBSD: faq.xml,v 1.45 2009/04/20 17:07:13 ver Exp $ -->
+<!-- $NetBSD: faq.xml,v 1.46 2010/03/18 10:56:18 wiz Exp $ -->
 
 <chapter id="faq"> <?dbhtml filename="faq.html"?>
 <title>Frequently Asked Questions</title>
@@ -528,7 +528,7 @@
 
   <listitem>
     <para><command>pkg_admin audit</command>, an easy way to audit the
-    current machine, checking each vulnerability which is known.  If a
+    current machine, checking each known vulnerability.  If a
     vulnerable package is installed, it will be shown by output to stdout,
     including a description of the type of vulnerability, and a URL
     containing more information.</para>
diff -r 50d507f0f594 -r 8e8d93ba9128 doc/guide/files/using.xml
--- a/doc/guide/files/using.xml Thu Mar 18 10:49:32 2010 +0000
+++ b/doc/guide/files/using.xml Thu Mar 18 10:56:18 2010 +0000
@@ -1,4 +1,4 @@
-<!-- $NetBSD: using.xml,v 1.37 2009/08/25 13:19:50 wiz Exp $ -->
+<!-- $NetBSD: using.xml,v 1.38 2010/03/18 10:56:18 wiz Exp $ -->
 
 <chapter id="using"> <?dbhtml filename="using.html"?>
 <title>Using pkgsrc</title>
@@ -60,9 +60,7 @@
     subdirectory called <filename>All</filename>, which contains all the
     binary packages that are available for the platform, excluding those
     that may not be distributed via FTP or CDROM (depending on which
-    medium you are using), and the ones that have vulnerabilities and
-    therefore are considered insecure to install without thinking
-    before.</para>
+    medium you are using).</para>
 
     <para>To install packages directly from an FTP or HTTP server, run
     the following commands in a Bourne-compatible shell (be sure to
@@ -93,13 +91,8 @@
     package in question will be installed, too, assuming they are
     present where you install from.</para>
 
-    <para>As mentioned above, packages for which vulnerabilities get
-    known are not stored in the <filename>All</filename> subdirectory.
-    They don't get deleted since that could be very frustrating if many
-    other packages depend on it. Instead, they are moved to the
-    <filename>vulnerable</filename> subdirectory. So you may need to add
-    this directory to the <varname>PKG_PATH</varname> variable. 
-    However, you should run <command>pkg_admin audit</command>
+    <para>Adding packages might install vulnerable packages.
+    Thus you should run <command>pkg_admin audit</command>
     regularly, especially after installing new packages, and verify
     that the vulnerabilities are acceptable for your configuration.</para>