[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
On Mon, Sep 03, 2012 at 05:07:28PM +0300, Aleksey Cheusov wrote:
> > And woe unto ye if you want to try and maintain bulk binary updates.
> > The only real tool we have for this kind of thing is pkg_chk.
> This is not true. Have you ever tried pkgtools/nih or pkgtools/pkgin?
Until you mentioned them just now, I never knew they existed. Exciting,
actually. I'll try and give them some play time this afternoon; if I
The real question though is why I, who is by no measure a newbie, have
never heard of them?
> > And it's not pkg_install.conf friendly.
> Explain please.
pkg_chk does not look at /etc/pkg_install.conf and thereby pickup what
are supposed to be, according to the pkg_install.conf(5) anyway, "system
defaults for the package installation tools" when it builds its
> > Nor does it understand PKG_PATH, if memory serves.
> NIH definitely honors PKGPATH if you mean that after installation
> installed package's PKGPATH should not change.
PKG_PATH is the list locations (directory or URL) of where binary
packages are supposed to live, such that pkg_add and others can find
> > [Yes, I agree that updates are so critical to security that responsible
> > administrators should be doing these things via manual selection and
> > pkg_add -u. And yet.]
> nih audit
> nih status
> nih install
I had meant security in the more general sense like stability. Ever
have a pkg_chk run nuke your login shell? I have.
. ___ ___ . . ___
. \ / |\ |\ \
. _\_ /__ |-\ |-\ \__
Main Index |
Thread Index |