[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
pkg/39090: pkg_admin from pkg_install-renovation fails to run with 'fetch-pkg-vulnerabilities'
>Synopsis: pkg_admin from pkg_install-renovation fails to run with
>Arrival-Date: Thu Jul 03 10:35:00 +0000 2008
>Originator: Stuart Shelton
>Release: pkgsrc latest from CVS
IRIX64 6.5.30m; MIPSpro Compilers: Version 7.4.4m
I'm unsure as to whether this problem affects pkg_install (which no longer
builds on IRIX) or only pkg_install-renovation:
download-vulnerability-list is now a wrapper around 'pkg_admin
fetch-pkg-vulnerabilities'. However, when invoked this only outputs:
usage: pkg_admin [-bqSvV] [-C config] [-d lsdir] [-K pkg_dbdir] [-s sfx]
command args ...
Where 'commands' and 'args' are:
rebuild - rebuild pkgdb from +CONTENTS files
rebuild-tree - rebuild +REQUIRED_BY files from forward deps
check [pkg ...] - check md5 checksum of installed files
add pkg ... - add pkg files to database
delete pkg ... - delete file entries for pkg in database
set variable=value pkg ... - set installation variable for package
unset variable pkg ... - unset installation variable for package
lsall /path/to/pkgpattern - list all pkgs matching the pattern
lsbest /path/to/pkgpattern - list pkgs matching the pattern best
dump - dump database
pmatch pattern pkg - returns true if pkg matches pattern, otherwise
fetch-pkg-vulnerabilities [-s] - fetch new vulnerability file
check-pkg-vulnerabilities [-s] <file> - check syntax and checksums of the
audit [-es] [-t type] ... - check installed packages for vulnerabilities
audit-pkg [-es] [-t type] ... - check listed packages for vulnerabilities
audit-batch [-es] [-t type] ... - check packages in listed files for
audit-history [-t type] ... - print all advisories for package names
config-var name - print current value of the configuration
check-signature ... - verify the signature of packages
sign-package pkg spkg key cert - create signature
... furthermore manually running:
# pkg_admin -K /usr/bsd/var/db/pkg fetch-pkg-vulnerabilities
... results in the same output.
Looking at a trace of what pkg_admin is doing, it repeatedly tries from open
"/usr/bsd/etc/pkg_install.conf", and then print its usage string when this
This file doesn't exist on my system - having created one from the values in
the manpage, it is read but I still see the usage text.
I've added values for VERIFIED_INSTALLATION, PKGVULNDIR, and PKGVULNURL. I
don't know what the correct value is for CERTIFICATE_ANCHOR_PKGS or
CERTIFICATE_CHAIN, however (assuming that these do need to exist in advance) -
but would a lack of this value cause vulnerabilities to not even be downloaded?
pkg_admin really needs better error reporting, to make it clear what values it
is expecting to find and can't - and so why it is failing.
Main Index |
Thread Index |