Subject: Re: pkg/30246: download-vulnerability-list doesn't use FETCH_CMD
To: None <pkg-manager@netbsd.org, gnats-admin@netbsd.org,>
From: Quentin Garnier <cube@cubidou.net>
List: pkgsrc-bugs
Date: 05/16/2005 18:34:01
The following reply was made to PR pkg/30246; it has been noted by GNATS.
From: Quentin Garnier <cube@cubidou.net>
To: "Jeremy C. Reed" <reed@NetBSD.org>
Cc: gnats-bugs@netbsd.org
Subject: Re: pkg/30246: download-vulnerability-list doesn't use FETCH_CMD
Date: Mon, 16 May 2005 20:37:42 +0200
--SqfawxHnX56H7Ukl
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, May 16, 2005 at 11:24:47AM -0700, Jeremy C. Reed wrote:
> On Mon, 16 May 2005, Quentin Garnier wrote:
>=20
> > > And the end resulting script:
> > >
> > > utility=3D`echo "/usr/bin/ftp" | /usr/bin/awk '{ print $1 }'`
> > > case "$utility" in
> > > *curl) /usr/bin/ftp ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
> > > *ftp) /usr/bin/ftp ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
> > > *wget) /usr/bin/ftp ${FETCH_ARGS} -O ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
> > > *fetch) /usr/bin/ftp ${FETCH_ARGS} -o ${NEW_VUL_LIST} ${VUL_SOURCE} ;;
> > >
> > > The utility is hard-coded once you install as shown above.
> > >
> > > Notice that curl, wget, fetch would never match in examples (using de=
fault
> > > ftp) as this was implemented.
> >
> > The way I look at it, I believe this is the intended behaviour. That
> > way it supports about any FETCH_CMD you set for pkgsrc without having
> > to do complicated patching in order to make sure the correct options
> > are passed to the final command.
>=20
> If that is the intended behaviour then the resulting script could just
> have one line instead of several lines shown above.
The logic would be in the package Makefile in that case, it's much easier
to have it there.
[...]
> > Also, note that FETCH_ARGS is documented as settable in
> > audit-packages(8), while FETCH_CMD is not.
>=20
> FETCH_CMD could easily be documented.
Sure. My point was: "it was the intended behaviour". I.e., feature,
not bug. Now, maybe someone clever can say why it is better not to have
FETCH_CMD settable at run-time.
Not using tnftp for pkgsrc is dangerous, anyway. Last time I checked,
pkg_install used FETCH_CMD, and yet assumed it is tnftp (most notably
for the automatic-download-using-interactive-ftp "feature").
--=20
Quentin Garnier - cube@cubidou.net - cube@NetBSD.org
"When I find the controls, I'll go where I like, I'll know where I want
to be, but maybe for now I'll stay right here on a silent sea."
KT Tunstall, Silent Sea, Eye to the Telescope, 2004.
--SqfawxHnX56H7Ukl
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (NetBSD)
iQEVAwUBQojodtgoQloHrPnoAQJFXwf/YMrActQQoWSQjs1uUZnIv5WFz4AlXVXq
mf0Q50bTH4UVkgzGgPe8n7hs+yIcDAqyB3siKxvf+4WCKJM8nelHTi4i5yoiUSIl
Jzrojb5/9jd7EWwtjcjdcp1SdFp2Oa9dqAVePiCYSAYiLzxPMONg5luwbKokGCIu
I+mTsKp9p8eszXk3GzHKk1S87bda+2iY4YAcisAwHTUrGpp3JeZooR7TFhCEB9bF
znalHeUpPtEhNL0gFaOzRD/fCDcZ6JH0o8MSE2w4omf2K+mgw1E6nqSsL63B6SfO
pyb2KKYA3KWFoJE1x3uKY1nr8han+rukexjuwRNgC4OZXeNfv8+1lQ==
=VgWz
-----END PGP SIGNATURE-----
--SqfawxHnX56H7Ukl--