Subject: Re: pkg-vulnverabilities location
To: Julio M. Merino Vidal <>
From: Jeremy C. Reed <>
List: tech-pkg
Date: 02/10/2005 13:33:01
On Thu, 10 Feb 2005, Julio M. Merino Vidal wrote:

> On Thu, 2005-02-10 at 13:50 -0600, Eric Haszlakiewicz wrote:
> >     I customize it too, but just to keep all relatively static package
> > stuff in one place.  (all under /usr/pkg as /usr/pkg/var/db/pkg)
> >     So what do you consider to be the "right" place?

> I'm actually using ${PREFIX}/libdata/pkgdb.  After all this data is
> only modified during (de)installation, and at that time, you already

I don't understand. It is could be used very frequently, like
download-vulnerability-list via daily cron. It doesn't appear to be used
at installation nor deinstallation. And is not registered in PLIST either
which is vote from me to keep in VARBASE.

> have write access to ${PREFIX}.  Plus this data needs to be shared
> across computers if you share PREFIX.  There is no reason for it to
> live in /var.

I may be misunderstanding this thread now though. Maybe it is not about
pkg-vulnerabilities in ${PKGVULNDIR} any more ...

(I do agree that files that are only modified during install/deinstall
could go to in libdata.)

 Jeremy C. Reed

 	  	 	 technical support & remote administration