Subject: Re: two audit-packages regressions with the move to pkg_install
To: Greg Troxel <gdt@ir.bbn.com>
From: Adrian Portelli <adrianp@stindustries.net>
List: tech-pkg
Date: 08/10/2007 23:53:49
Greg Troxel wrote:
> Two things happened that broke some of my scripts.  I realize these were
> probably never declared as part of the interface contract, but they both
> surprised me.
> 
> 1) download-vulnerability-list fails as a non-root user; it used to work
> if one could write /usr/pkgsrc/distfiles.  While it's good to avoid
> /usr/pkgsrc, since audit-packages should work on systems without source,
> it seems unfortunate to require root.  It would see that
> /usr/pkg/share/vulnerabilities (a directory) would be a good place, so
> that people could arrange to chmod it as they wish.  Right now one
> really can't, and this issue is the only thing preventing
> straightforward download-vulnerability-list/audit-packages runs as
> non-root users.

I documented this in the MESSAGE but just in case I've now updated the
man page with a copy of the text from the MESSAGE which mentions the
permissions required for ${PKGDBDIR}.

> 
> 2) audit-packages writes to standard error.  It used to write to
> standard output (as I think it should), and it's documented to write to
> standard output.  I suspect this is just a bug.
> 

Fixed.

adrian.