Subject: Re: pkg/30246: download-vulnerability-list doesn't use FETCH_CMD
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: Quentin Garnier <cube@cubidou.net>
List: pkgsrc-bugs
Date: 05/16/2005 18:17:02
The following reply was made to PR pkg/30246; it has been noted by GNATS.

From: Quentin Garnier <cube@cubidou.net>
To: gnats-bugs@netbsd.org
Cc: reed@netbsd.org
Subject: Re: pkg/30246: download-vulnerability-list doesn't use FETCH_CMD
Date: Mon, 16 May 2005 20:20:32 +0200

 --asNXdz5DenlsLVVk
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 Content-Transfer-Encoding: quoted-printable
 
 On Mon, May 16, 2005 at 05:57:00PM +0000, reed@reedmedia.net wrote:
 [...]
 > >Description:
 > I noticed that the code for figuring out the fetch command and that
 > complaint of unknown fetch command probably should be done at pkgsrc
 > build time of the package and not needed in the end result script.
 >=20
 > I was then told that the FETCH_CMD can be used to allow people
 > to use their own utility.
 
 Yes, in mk.conf.
 
 > But it doesn't work that way.
 
 It does, at build time.
 
 > Have a look at template:
 >=20
 > utility=3D`echo "@FETCH_CMD@" | @AWK@ '{ print $1 }'`
 > case "$utility" in
 > *curl)  @FETCH_CMD@ ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 > *ftp)   @FETCH_CMD@ ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 > *wget)  @FETCH_CMD@ ${FETCH_ARGS} -O ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 > *fetch) @FETCH_CMD@ ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 >=20
 > And the end resulting script:
 >=20
 > utility=3D`echo "/usr/bin/ftp" | /usr/bin/awk '{ print $1 }'`
 > case "$utility" in
 > *curl)  /usr/bin/ftp ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 > *ftp)   /usr/bin/ftp ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 > *wget)  /usr/bin/ftp ${FETCH_ARGS} -O ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 > *fetch) /usr/bin/ftp ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
 >=20
 > The utility is hard-coded once you install as shown above.
 >=20
 > Notice that curl, wget, fetch would never match in examples (using default
 > ftp) as this was implemented.
 
 The way I look at it, I believe this is the intended behaviour.  That
 way it supports about any FETCH_CMD you set for pkgsrc without having
 to do complicated patching in order to make sure the correct options
 are passed to the final command.
 
 Also, note that FETCH_ARGS is documented as settable in
 audit-packages(8), while FETCH_CMD is not.
 
 --=20
 Quentin Garnier - cube@cubidou.net - cube@NetBSD.org
 "When I find the controls, I'll go where I like, I'll know where I want
 to be, but maybe for now I'll stay right here on a silent sea."
 KT Tunstall, Silent Sea, Eye to the Telescope, 2004.
 
 --asNXdz5DenlsLVVk
 Content-Type: application/pgp-signature
 Content-Disposition: inline
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1.2.6 (NetBSD)
 
 iQEVAwUBQojkcNgoQloHrPnoAQI6+gf9HA+M6uhhfgQReFMCag45JmTi57m6q4mc
 enb+0WQUZLLPfSJAjFkbtOVDxMD8/m7yTO6mzRTw0v4SQqV7nLXPzBcZLOxgVbAj
 t9Y3C0ZtIfa/90ORIGRTb4l97EaFHNB+eiJ4F1YNI0OKnAOY87SPuNlaGxgdXz2u
 1NyFuThRj1SG5QtwGxouDUlhwzxrMc/UbB65wlIVUD7U4hZdBq72rUF4dt42PiMU
 Ya645EkAIo6GveO+yliEdK51+OanvLRpypUnf+kUGKoGqAZSM0acH9cZ1J0O5hwL
 A6d38gJiAQ/FFNi6/B1HqgFJybUKxQIvVfMRYTJVuU9db9wIpJO6eg==
 =0Jif
 -----END PGP SIGNATURE-----
 
 --asNXdz5DenlsLVVk--