Subject: Re: pkg-vulnverabilities location
To: Jeremy C. Reed <reed@reedmedia.net>
From: Geert Hendrickx <ghen@telenet.be>
List: tech-pkg
Date: 02/11/2005 10:34:15
On Thu, Feb 10, 2005 at 12:45:25PM -0800, Jeremy C. Reed wrote:
> On Thu, 10 Feb 2005, Geert Hendrickx wrote:
> 
> > Maybe you're talking about -CURRENT?  I only have 2.0-release on my
> > machines...
> 
> No pkgsrc specific for 2.0-release except pkgsrc-2004Q4.
> 
> Both scripts have it:
> 
> if [ -r @PKG_SYSCONFDIR@/audit-packages.conf ]; then
>         echo "Reading settings from @PKG_SYSCONFDIR@/audit-packages.conf"
>         . @PKG_SYSCONFDIR@/audit-packages.conf
> fi
> 
> See
> http://cvsweb.netbsd.org/bsdweb.cgi/pkgsrc/security/audit-packages/files/?only_with_tag=pkgsrc-2004Q4

Hm, yes, must have looked over it.  But I know why: download-vulnerability-
list *first* creates the PKGVULNDIR, and *then* reads audit-packages.conf.  

Doesn't seem quite logical, does it? :-)  Shall I file a PR for that?  

GH