tech-pkg archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
RFC: Fix for PR 47645
I've looked at uwe's PR 47645, and thought that the best way
(especially going forward if we want to move to using pkg tools form
pkgsrc) is to separate the pkg definitions out into their own
/etc/pkg.conf and /etc/defaults/pkg.conf
Accordingly, diffs here for review (I haven't done a pkg.conf(5) as
I didn't think it necessary). More concerned about the instance of
an /etc/wibble.conf where no /etc/wibble script exists.
Comments?
Thanks,
Alistair
--- /dev/null 2013-04-27 17:44:46.000000000 -0700
+++ pkg.conf 2013-04-27 17:34:13.000000000 -0700
@@ -0,0 +1,10 @@
+# $NetBSD: security.conf,v 1.8 2000/10/01 05:53:03 lukem Exp $
+#
+# packaging tools configuration
+
+if [ -r /etc/defaults/pkg.conf ]; then
+ . /etc/defaults/pkg.conf
+fi
+
+# Add local overrides below
+#
--- /dev/null 2013-04-27 17:44:46.000000000 -0700
+++ defaults/pkg.conf 2013-04-27 17:33:26.000000000 -0700
@@ -0,0 +1,13 @@
+# $NetBSD: security.conf,v 1.24 2012/04/05 09:09:27 spz Exp $
+#
+# /etc/defaults/pkg.conf --
+# default configuration of /etc/pkg.conf
+#
+# packaging tools configuration
+#
+# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE.
+# EDIT /etc/security.conf INSTEAD.
+#
+
+pkg_admin=/usr/sbin/pkg_admin
+pkg_info=/usr/sbin/pkg_info
Index: daily
===================================================================
RCS file: /cvsroot/src/etc/daily,v
retrieving revision 1.88
diff -u -r1.88 daily
--- daily 8 Mar 2013 14:32:12 -0000 1.88
+++ daily 28 Apr 2013 00:48:48 -0000
@@ -10,6 +10,9 @@
if [ -s /etc/daily.conf ]; then
. /etc/daily.conf
fi
+if [ -s /etc/pkg.conf ]; then
+ . /etc/pkg.conf
+fi
host="$(hostname)"
date="$(date)"
@@ -257,7 +260,7 @@
fi
fi
-if pkg_info ${_compat_K_flag} -q -E '*'; then
+if ${pkg_info} ${_compat_K_flag} -q -E '*'; then
if [ -z "$fetch_pkg_vulnerabilities" ]; then
echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)."
echo "You should set it to YES to enable vulnerability checks"
@@ -265,7 +268,7 @@
elif checkyesno fetch_pkg_vulnerabilities; then
echo ""
echo "Fetching package vulnerabilities database:"
- ( umask 022 && pkg_admin ${_compat_K_flag} \
+ ( umask 022 && ${pkg_admin} ${_compat_K_flag} \
fetch-pkg-vulnerabilities -u )
fi
fi
Index: security
===================================================================
RCS file: /cvsroot/src/etc/security,v
retrieving revision 1.111
diff -u -r1.111 security
--- security 5 Apr 2012 09:09:27 -0000 1.111
+++ security 28 Apr 2013 00:48:48 -0000
@@ -21,6 +21,9 @@
if [ -s /etc/security.conf ]; then
. /etc/security.conf
fi
+if [ -s /etc/pkg.conf ]; then
+ . /etc/pkg.conf
+fi
# Set reasonable defaults (if they're not set in security.conf)
#
@@ -926,7 +929,7 @@
if checkyesno check_pkgs && have_pkgs; then
pkgs=$work_dir/pkgs
migrate_file "$backup_dir/pkgs" "$pkgs"
- pkg_dbdir=$(pkg_admin config-var PKG_DBDIR)
+ pkg_dbdir=$(${pkg_admin} config-var PKG_DBDIR)
: ${pkg_dbdir:=/var/db/pkg}
( cd $pkg_dbdir
$pkg_info | sort
@@ -1009,7 +1012,7 @@
if have_pkgs; then
if checkyesno check_pkg_vulnerabilities; then
- pkg_admin ${_compat_K_flag} audit >${OUTPUT} 2>&1
+ ${pkg_admin} ${_compat_K_flag} audit >${OUTPUT} 2>&1
if [ -s ${OUTPUT} ]; then
printf "\nInstalled vulnerable packages:\n"
cat ${OUTPUT}
@@ -1017,7 +1020,7 @@
fi
if checkyesno check_pkg_signatures; then
- pkg_admin ${_compat_K_flag} check >${OUTPUT} 2>&1
+ ${pkg_admin} ${_compat_K_flag} check >${OUTPUT} 2>&1
if [ $? -ne 0 ]; then
printf "\nFiles with invalid signatures:\n"
cat ${OUTPUT}
Index: defaults/security.conf
===================================================================
RCS file: /cvsroot/src/etc/defaults/security.conf,v
retrieving revision 1.24
diff -u -r1.24 security.conf
--- defaults/security.conf 5 Apr 2012 09:09:27 -0000 1.24
+++ defaults/security.conf 28 Apr 2013 00:48:48 -0000
@@ -30,7 +30,6 @@
backup_dir=/var/backups
backup_uses_rcs=YES
diff_options=-u
-pkg_info=/usr/sbin/pkg_info
check_homes_permit_usergroups=NO
Home |
Main Index |
Thread Index |
Old Index