pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: README.html: cannot find vulnerability list



David Lord wrote:
> On 2 Aug 2007, at 14:24, Joerg Sonnenberger wrote:
> 
>> Index: check.mk
>> ===================================================================
>> RCS file: /home/joerg/repo/netbsd/pkgsrc/mk/flavor/pkg/check.mk,v
>> retrieving revision 1.4
>> diff -u -r1.4 check.mk
>> --- check.mk 14 Jul 2007 17:17:46 -0000      1.4
>> +++ check.mk 1 Aug 2007 11:44:03 -0000
>> @@ -11,8 +11,7 @@
>>  #
>>  _flavor-check-vulnerable: .PHONY
>>      ${_PKG_SILENT}${_PKG_DEBUG}                                     \
>> -    _INFO_VER=`${PKG_INFO} -V`;                                     \
>> -    if ${PKG_ADMIN} pmatch 'pkg_install<20070714' pkg_install-$$_INFO_VER; 
>> then \
>> +    if ${PKG_ADMIN} pmatch 'pkg_install<20070714' 
>> pkg_install-${PKGTOOLS_VERSION}; then \
>>              vulnfile=${PKGVULNDIR:Q}/pkg-vulnerabilities;           \
>>              if ${TEST} ! -f "$$vulnfile"; then                      \
>>                      ${PHASE_MSG} "Skipping vulnerability checks.";  \
> 
> I've been using separate PKGVULNDIR (/var/db/audit-packages) with 
> PKGVULNDIR set in both mk.conf and audit-packages.conf.

If you're using pkg_install>=20070714 there's only a need to set it in
audit-packages.conf.  Any setting of PKGVULNDIR in /etc/mk.conf _should_
be ignored.

> 
> Prior to patch the script was looking for /pkg-vulnerabilities and 
> now looking for it in /usr/pkgsrc_distfiles.
> 
> David

If you run 'audit-packages -v' it should tell you which configuration
file it's using.  Could you just check that that's the one you expect it
to be and that you have correctly set PKGVULNDIR in it.

OTOH, there something wrong going on here and joerg@'s patch is a lot
nicer way to do it than it's currently done.  I'll have a look into this.

thanks,

adrian.



Home | Main Index | Thread Index | Old Index