Subject: Re: nessus3 package + handling binary only packages.
To: Lubomir Sedlacik <>
From: Jake Kupersmith <>
List: tech-pkg
Date: 11/15/2006 17:53:43
> > RPMFILES=               Nessus-3.0.4-suse10.0.${SUSE_ARCH}.rpm
> i don't understand, how could SUSE redistribute the binary package
> when the license agreement clearly prohibits them from doing so?

Sorry for the confusion.  This line is clearly wrong as well as misleading.


The binary is not available in suse, you must download it from after registering with them.

Are there existing packages (java?) that have a similar procedure of
manually downloading the distfile?

> or is that file the official one from Nessus?  it should not
> be called suse_nessus3 in that case.

It's an official build from Tenable Security (authors of nessus).
They have binary packages for several OS'.  However, NetBSD, is not
one of them.  I chose the suse 10 build because of the existing suse10
emulation built into netbsd and pkgsrc.

Would it be better for us to ask for a build for NetBSD and scrap the
os emulation?

> in any way, even that i use the software on a regular basis
> i am not going to import a package into pkgsrc unless it's
> clear whether we actually can do it without being sued.

provided what was just said, do you still think there is a legal risk to pkgsrc?