Subject: Re: README.html: cannot find vulnerability list
To: David Lord <netbsd@lordynet.org>
From: Adrian Portelli <adrianp@stindustries.net>
List: pkgsrc-users
Date: 08/02/2007 17:35:02
David Lord wrote:
> On 2 Aug 2007, at 14:24, Joerg Sonnenberger wrote:
>
>> Index: check.mk
>> ===================================================================
>> RCS file: /home/joerg/repo/netbsd/pkgsrc/mk/flavor/pkg/check.mk,v
>> retrieving revision 1.4
>> diff -u -r1.4 check.mk
>> --- check.mk 14 Jul 2007 17:17:46 -0000 1.4
>> +++ check.mk 1 Aug 2007 11:44:03 -0000
>> @@ -11,8 +11,7 @@
>> #
>> _flavor-check-vulnerable: .PHONY
>> ${_PKG_SILENT}${_PKG_DEBUG} \
>> - _INFO_VER=`${PKG_INFO} -V`; \
>> - if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-$$_INFO_VER; then \
>> + if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${PKGTOOLS_VERSION}; then \
>> vulnfile=${PKGVULNDIR:Q}/pkg-vulnerabilities; \
>> if ${TEST} ! -f "$$vulnfile"; then \
>> ${PHASE_MSG} "Skipping vulnerability checks."; \
>
> I've been using separate PKGVULNDIR (/var/db/audit-packages) with
> PKGVULNDIR set in both mk.conf and audit-packages.conf.
If you're using pkg_install>=20070714 there's only a need to set it in
audit-packages.conf. Any setting of PKGVULNDIR in /etc/mk.conf _should_
be ignored.
>
> Prior to patch the script was looking for /pkg-vulnerabilities and
> now looking for it in /usr/pkgsrc_distfiles.
>
> David
If you run 'audit-packages -v' it should tell you which configuration
file it's using. Could you just check that that's the one you expect it
to be and that you have correctly set PKGVULNDIR in it.
OTOH, there something wrong going on here and joerg@'s patch is a lot
nicer way to do it than it's currently done. I'll have a look into this.
thanks,
adrian.