Subject: Re: CVS commit: pkgsrc/mk
To: None <erh@netbsd.org>
From: Roland Illig <rillig@NetBSD.org>
List: pkgsrc-changes
Date: 11/17/2005 01:19:29 
This is a multi-part message in MIME format.
--------------050803020904030801040308
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Eric Haszlakiewicz wrote:
> Module Name:	pkgsrc
> Committed By:	erh
> Date:		Wed Nov 16 20:59:23 UTC 2005
> 
> Modified Files:
> 	pkgsrc/mk: bsd.pkg.mk bsd.prefs.mk
> 	pkgsrc/mk/defaults: mk.conf
> 
> Log Message:
> Improve the handling of allowed vulnerabilities.

My current bulk build produces this output:

Updating pkgtools
===> Cleaning for pkg_install-20051114
===> Checking for vulnerabilities in pkg_install-20051114
*** Error code 1

Stop.
make: stopped in /home/bulk/proj/pkgsrc/pkgtools/pkg_install
*** Error code 1

Stop.
make: stopped in /home/bulk/proj/pkgsrc/pkgtools/pkg_install
/home/bulk/proj/pkgsrc/mk/bulk/build: error:
     Could not update the package tools.

--eof--

The output from the check-vulnerable target is hidden completely because 
after the assigment vul=`${MAKE} ${MAKEFLAGS} check-vulnerable`, which 
returns FALSE, all further processing is inhibited. That includes the 
${ECHO} "$$vul".

The appended patch fixes that. Then the output looks like:

Updating pkgtools
===> Cleaning for pkg_install-20051114
===> Checking for vulnerabilities in pkg_install-20051114
===> *** The audit-packages package must be at least version 0.40
===> *** Please install pkgsrc/security/audit-packages package and run
===> *** '/home/bulk/pkg/sbin/download-vulnerability-list'.
*** Error code 1

Roland

--------------050803020904030801040308
Content-Type: text/plain;
 name="audit-package.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="audit-package.patch"

Index: bsd.pkg.mk
===================================================================
RCS file: /cvsroot/pkgsrc/mk/bsd.pkg.mk,v
retrieving revision 1.1753
diff -u -p -r1.1753 bsd.pkg.mk
--- bsd.pkg.mk	16 Nov 2005 21:43:40 -0000	1.1753
+++ bsd.pkg.mk	17 Nov 2005 00:12:40 -0000
@@ -1371,9 +1371,9 @@ _AUDIT_PACKAGES_OK!=	${PKG_INFO} -qe 'au
 .PHONY: check-vulnerable
 check-vulnerable:
 .if empty(_AUDIT_PACKAGES_OK:M0)
-	@${ECHO_MSG} "${_PKGSRC_IN}> *** The audit-packages package must be at least version ${_AUDIT_PACKAGES_MIN_VERSION}"
-	@${ECHO_MSG} "${_PKGSRC_IN}> *** Please install pkgsrc/security/audit-packages package and run";
-	@${ECHO_MSG} "${_PKGSRC_IN}> *** '${LOCALBASE}/sbin/download-vulnerability-list'.";
+	@${ECHO_MSG} "${_PKGSRC_IN}> *** The audit-packages package must be at least version ${_AUDIT_PACKAGES_MIN_VERSION}" 1>&2
+	@${ECHO_MSG} "${_PKGSRC_IN}> *** Please install pkgsrc/security/audit-packages package and run" 1>&2
+	@${ECHO_MSG} "${_PKGSRC_IN}> *** '${LOCALBASE}/sbin/download-vulnerability-list'." 1>&2
 	@false
 .else
 	@${AUDIT_PACKAGES} -i ""${ALLOW_VULNERABILITIES.${PKGBASE}:Q} -p ${PKGNAME:Q}

--------------050803020904030801040308--