pkgsrc-Users archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: help with IGNORE_URL

On Sat, 18 Jul 2009 22:54:28 +0200
Joerg Sonnenberger <> wrote:

> On Fri, Jul 17, 2009 at 11:25:25PM -0400, Steven M. Bellovin wrote:
> > in /etc/pkg_install.conf; when I check it via
> > 
> >     # pkg_admin config-var IGNORE_URL
> >
> >     some-other-advisory
> A better check would be "pkg_admin audit-pkg pidgin-2.5.7", just as
> reference.

Good point.
> > I get what seems to be the right answer.  Nevertheless, when I try
> > to build it the system complains about the vulnerability:
> Do you have pkg_install installed from pkgsrc? That would use
> ${PREFIX}/etc/pkg_install.conf.
That was it, but it raises two more questions.

First -- why did pkg_admin find the copy in /etc, when 'make' did not?
Before I created the file, I actually checked the man page, which
specified /etc; I then ran pkg_admin to double-check.  Let me amend
that: I know why, in the sense that /usr/sbin/pkg_admin is found first
via my $PATH.  But why isn't the tool in pkgsrc using $PATH as well?

Second -- this distinction looks troublesome down the road.  Normally,
I don't install pkg_install from pkgsrc; presumably, that means that
the copy in /etc would be checked.  But sometimes, pkgsrc itself is
updated enough that 'make' fails until I update my package tools -- at
which point everything is going to look for a different copy.  Or am I
missing something?

                --Steve Bellovin,

Home | Main Index | Thread Index | Old Index