On 2 Aug 2007, at 17:35, Adrian Portelli wrote:

> David Lord wrote:
> > On 2 Aug 2007, at 14:24, Joerg Sonnenberger wrote:
> > 
> >> Index: check.mk
> >> ===================================================================
> >> RCS file: /home/joerg/repo/netbsd/pkgsrc/mk/flavor/pkg/check.mk,v
> >> retrieving revision 1.4
> >> diff -u -r1.4 check.mk
> >> --- check.mk	14 Jul 2007 17:17:46 -0000	1.4
> >> +++ check.mk	1 Aug 2007 11:44:03 -0000
> >> @@ -11,8 +11,7 @@
> >>  #
> >>  _flavor-check-vulnerable: .PHONY
> >>  	${_PKG_SILENT}${_PKG_DEBUG}					\
> >> -	_INFO_VER=`${PKG_INFO} -V`;					\
> >> -	if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-$$_INFO_VER; then \
> >> +	if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-${PKGTOOLS_VERSION}; then \
> >>  		vulnfile=${PKGVULNDIR:Q}/pkg-vulnerabilities;		\
> >>  		if ${TEST} ! -f "$$vulnfile"; then			\
> >>  			${PHASE_MSG} "Skipping vulnerability checks.";	\
> > 
> > I've been using separate PKGVULNDIR (/var/db/audit-packages) with 
> > PKGVULNDIR set in both mk.conf and audit-packages.conf.
> 
> If you're using pkg_install>=20070714 there's only a need to set it in
> audit-packages.conf.  Any setting of PKGVULNDIR in /etc/mk.conf _should_
> be ignored.
> 
> > 
> > Prior to patch the script was looking for /pkg-vulnerabilities and 
> > now looking for it in /usr/pkgsrc_distfiles.
> > 
> > David
> 
> If you run 'audit-packages -v' it should tell you which configuration
> file it's using.  Could you just check that that's the one you expect it
> to be and that you have correctly set PKGVULNDIR in it.
> 
> OTOH, there something wrong going on here and joerg@'s patch is a lot
> nicer way to do it than it's currently done.  I'll have a look into this.

The patch solves the original problem for default location of 
/usr/pkgsrc_distfiles. Here audit-packages.conf is being used and  
this is first problem I've noticed. There is a note in check.mk that 
implies database is being accessed outside audit-packages.


cheers

David