Subject: Re: Speeding up check-vulnerable
To: Roland Illig <>
From: Hubert Feyrer <>
List: tech-pkg
Date: 02/27/2005 03:42:26
On Sat, 26 Feb 2005, Roland Illig wrote:
> One point for discussion is clearly the naming. When you call
>    $ pkg_admin vuln perl-5.8.6nb2 \
>                /var/cache/distfiles/pkg-vulnerabilities

First, I see no real gain in adding this to pkg_admin, as I think it's 
rather uncommon to run this interactively. Waiting 5-15 seconds in the 
daily output shouldn't hurt to add this to pkg_*. (I'm conservative about 
breaking up the "combine tools" approach).

Then, the syntax seems backwards. What you seem to want is to check one, 
several, or all pkgs against a list of patterns, and see if it matches.

For a more generic approach, you want to have
  * a list with patterns (only; easy to get, and doesn't hardcode the
    format of the pkg-vulnerabilities file into pkg_admin).
  * none, one or more packages or pkg patterns, that then get checked
    against the list of patterns, and print all the names (not?) matching.
    See the "pkg_admin check" syntax.

Maybe someone else wants to voice an opinion if all this should be 

  - Hubert

NetBSD - Free AND Open!      (And of course secure, portable, yadda yadda)