tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

RFC: Fix for PR 47645



I've looked at uwe's PR 47645, and thought that the best way
(especially going forward if we want to move to using pkg tools form
pkgsrc) is to separate the pkg definitions out into their own
/etc/pkg.conf and /etc/defaults/pkg.conf

Accordingly, diffs here for review (I haven't done a pkg.conf(5) as
I didn't think it necessary). More concerned about the instance of
an /etc/wibble.conf where no /etc/wibble script exists.

Comments?

Thanks,
Alistair
--- /dev/null   2013-04-27 17:44:46.000000000 -0700
+++ pkg.conf    2013-04-27 17:34:13.000000000 -0700
@@ -0,0 +1,10 @@
+#      $NetBSD: security.conf,v 1.8 2000/10/01 05:53:03 lukem Exp $
+#
+# packaging tools configuration
+
+if [ -r /etc/defaults/pkg.conf ]; then
+       . /etc/defaults/pkg.conf
+fi
+
+# Add local overrides below
+#
--- /dev/null   2013-04-27 17:44:46.000000000 -0700
+++ defaults/pkg.conf   2013-04-27 17:33:26.000000000 -0700
@@ -0,0 +1,13 @@
+#      $NetBSD: security.conf,v 1.24 2012/04/05 09:09:27 spz Exp $
+#
+# /etc/defaults/pkg.conf --
+#      default configuration of /etc/pkg.conf
+#
+# packaging tools configuration
+#
+# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE.
+# EDIT /etc/security.conf INSTEAD.
+#
+
+pkg_admin=/usr/sbin/pkg_admin
+pkg_info=/usr/sbin/pkg_info
Index: daily
===================================================================
RCS file: /cvsroot/src/etc/daily,v
retrieving revision 1.88
diff -u -r1.88 daily
--- daily       8 Mar 2013 14:32:12 -0000       1.88
+++ daily       28 Apr 2013 00:48:48 -0000
@@ -10,6 +10,9 @@
 if [ -s /etc/daily.conf ]; then
        . /etc/daily.conf
 fi
+if [ -s /etc/pkg.conf ]; then
+       . /etc/pkg.conf
+fi
 
 host="$(hostname)"
 date="$(date)"
@@ -257,7 +260,7 @@
        fi
 fi
 
-if pkg_info ${_compat_K_flag} -q -E '*'; then
+if ${pkg_info} ${_compat_K_flag} -q -E '*'; then
        if [ -z "$fetch_pkg_vulnerabilities" ]; then
                echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)."
                echo "You should set it to YES to enable vulnerability checks"
@@ -265,7 +268,7 @@
        elif checkyesno fetch_pkg_vulnerabilities; then
                echo ""
                echo "Fetching package vulnerabilities database:"
-               ( umask 022 && pkg_admin ${_compat_K_flag} \
+               ( umask 022 && ${pkg_admin} ${_compat_K_flag} \
                    fetch-pkg-vulnerabilities -u )
        fi
 fi
Index: security
===================================================================
RCS file: /cvsroot/src/etc/security,v
retrieving revision 1.111
diff -u -r1.111 security
--- security    5 Apr 2012 09:09:27 -0000       1.111
+++ security    28 Apr 2013 00:48:48 -0000
@@ -21,6 +21,9 @@
 if [ -s /etc/security.conf ]; then
        . /etc/security.conf
 fi
+if [ -s /etc/pkg.conf ]; then
+       . /etc/pkg.conf
+fi
 
 # Set reasonable defaults (if they're not set in security.conf)
 #
@@ -926,7 +929,7 @@
 if checkyesno check_pkgs && have_pkgs; then
        pkgs=$work_dir/pkgs
        migrate_file "$backup_dir/pkgs" "$pkgs"
-       pkg_dbdir=$(pkg_admin config-var PKG_DBDIR)
+       pkg_dbdir=$(${pkg_admin} config-var PKG_DBDIR)
        : ${pkg_dbdir:=/var/db/pkg}
        (       cd $pkg_dbdir
                $pkg_info | sort
@@ -1009,7 +1012,7 @@
 
 if have_pkgs; then
        if checkyesno check_pkg_vulnerabilities; then
-               pkg_admin ${_compat_K_flag} audit >${OUTPUT} 2>&1
+               ${pkg_admin} ${_compat_K_flag} audit >${OUTPUT} 2>&1
                if [ -s ${OUTPUT} ]; then
                        printf "\nInstalled vulnerable packages:\n"
                        cat ${OUTPUT}
@@ -1017,7 +1020,7 @@
        fi
 
        if checkyesno check_pkg_signatures; then
-               pkg_admin ${_compat_K_flag} check >${OUTPUT} 2>&1
+               ${pkg_admin} ${_compat_K_flag} check >${OUTPUT} 2>&1
                if [ $? -ne 0 ]; then
                        printf "\nFiles with invalid signatures:\n"
                        cat ${OUTPUT}
Index: defaults/security.conf
===================================================================
RCS file: /cvsroot/src/etc/defaults/security.conf,v
retrieving revision 1.24
diff -u -r1.24 security.conf
--- defaults/security.conf      5 Apr 2012 09:09:27 -0000       1.24
+++ defaults/security.conf      28 Apr 2013 00:48:48 -0000
@@ -30,7 +30,6 @@
 backup_dir=/var/backups
 backup_uses_rcs=YES
 diff_options=-u
-pkg_info=/usr/sbin/pkg_info
 
 check_homes_permit_usergroups=NO
 


Home | Main Index | Thread Index | Old Index