Subject: Re: pkg-vulnverabilities location
To: Jeremy C. Reed <>
From: Julio M. Merino Vidal <>
List: tech-pkg
Date: 02/10/2005 23:36:14
On Thu, 2005-02-10 at 13:33 -0800, Jeremy C. Reed wrote:
> On Thu, 10 Feb 2005, Julio M. Merino Vidal wrote:
> > On Thu, 2005-02-10 at 13:50 -0600, Eric Haszlakiewicz wrote:
> > >     I customize it too, but just to keep all relatively static package
> > > stuff in one place.  (all under /usr/pkg as /usr/pkg/var/db/pkg)
> > >     So what do you consider to be the "right" place?
> > I'm actually using ${PREFIX}/libdata/pkgdb.  After all this data is
> > only modified during (de)installation, and at that time, you already
> I don't understand. It is could be used very frequently, like
> download-vulnerability-list via daily cron. It doesn't appear to be used
> at installation nor deinstallation. And is not registered in PLIST either
> which is vote from me to keep in VARBASE.
> > have write access to ${PREFIX}.  Plus this data needs to be shared
> > across computers if you share PREFIX.  There is no reason for it to
> > live in /var.
> I may be misunderstanding this thread now though. Maybe it is not about
> pkg-vulnerabilities in ${PKGVULNDIR} any more ...
> (I do agree that files that are only modified during install/deinstall
> could go to in libdata.)

Eeehh... humm... I got confused due to the last reply and just got out
of the thread's main point...

Sorry for the inconvenience,

Julio M. Merino Vidal <>
The NetBSD Project -