Subject: Re: CVS commit: pkgsrc/security/audit-packages
To: Alistair Crooks <agc@netbsd.org>
From: James Chacon <jmc@netbsd.org>
List: pkgsrc-changes
Date: 05/21/2003 12:45:44
There's no reason a directory under /var has to be owned as root.
We require you to be root to install pkgsrc in general, but this could
just as easily make the vulnerabilities dir owned/writable by whomever
you want.
James
>
>If you put it under /var, then you may be forcing the
>download-vulnerability-list script to be run as root. I'm of the opinion
>that the less work that is done by root, the better, which is why the list
>is downloaded to ${DISTDIR} (which is not necessarily /usr/pkgsrc/distfiles).
>The reason that ${DISTDIR} was chosen was that it was a directory that could
>be guaranteed to be there, and writable.
>
>Anyway, Stoned's changes mean that you can now put it where you want
>to - thanks, Stoned!
>
>Regards,
>Alistair
>
>On Wed, May 21, 2003 at 04:57:26PM +0200, Julio Merino wrote:
>> I wonder if we could change the default PKGVULNDIR directory... actually
>> it uses /usr/pkgsrc/distfiles; this directory is not suitable for machines
>> using binary packages exclusively (yes, it will work though).
>>
>> Personally, I have PKGVULNDIR set to /usr/pkg/share, but thinking about
>> it, this won't be good with machines having a read only /usr. Maybe
>> somewhere under /var?
>>
>> Cheers
>>
>>
>> On Wed, 21 May 2003 14:07:46 +0000 (UTC)
>> Stoned Elipot <seb@netbsd.org> wrote:
>>
>> >
>> > Module Name: pkgsrc
>> > Committed By: seb
>> > Date: Wed May 21 14:07:46 UTC 2003
>> >
>> > Modified Files:
>> > pkgsrc/security/audit-packages: Makefile
>> > pkgsrc/security/audit-packages/files: audit-packages
>> > download-vulnerability-list
>> >
>> > Log Message:
>> > Update to version 1.15.
>> >
>> > The directory ${PKGVULNDIR)} holding the 'vulnerabilities' file
>> > which default value is determined at configure time can now be
>> > overridden at runtime from the environment.
>> >
>> > As a side effect the strings substituted at configure time in
>> > files/{audit-packages,download-vulnerability-list} are now of the
>> > form '@VAR@' and not '${VAR}'.
>> >
>> >
>> > To generate a diff of this commit:
>> > cvs rdiff -r1.19 -r1.20 pkgsrc/security/audit-packages/Makefile
>> > cvs rdiff -r1.9 -r1.10 pkgsrc/security/audit-packages/files/audit-packages
>> > cvs rdiff -r1.13 -r1.14 \
>> > pkgsrc/security/audit-packages/files/download-vulnerability-list
>> >
>> > Please note that diffs are not public domain; they are subject to the
>> > copyright notices on the relevant files.
>> >
>>
>>
>> --
>> Julio M. Merino Vidal <jmmv@menta.net>
>> The NetBSD Project - http://www.NetBSD.org/
>
>
>