pkg_admin audit-history and more ...

To: tech-pkg%netbsd.org@localhost
Subject: pkg_admin audit-history and more ...
From: "Jeremy C. Reed" <reed%reedmedia.net@localhost>
Date: Fri, 22 May 2009 08:17:07 -0500 (CDT)

1) The pkg_admin manpage has:

     audit-history [-s] [-t type] [pkgbase] ...
             Print all vulnerabilities for the given base package names.

The brackets around pkgbase imply it is optional.

But running without it appears to do nothing (no output).

Either give error when missing argument and fix manpage --  or show for 
all.

2) Same thing with audit-pkg. Should give a warning and fix the manpage.

3) By the way, why have both audit and audit-pkg, both appear to check a 
given pkg name.

4) Also what about having check-pkg-vulnerabilities check the default 
location if the filename is not defined on command line?

5) Manpage says for  fetch-pkg-vulnerabilities: "... write it to
pkgdb" -- this made me think it was saved as a db(3) file. Maybe should 
say:
write it to PKGVULNDIR (as defined in
.Xref pkg_install.conf 5 )

6) pkg_install.conf.5 doesn't document all defaults, such as
CHECK_VULNERABILITIES.

7) pkg_admin.1 doesn't cross reference pkg_install.conf.5 -- doesn't it 
use that configuration?

8) pkg_add.1 doesn't cross reference pkg_install.conf.5 -- doesn't it use 
that configuration?

(I didn't fix these myself, as I want to make sure first.)

Follow-Ups:
- Re: pkg_admin audit-history and more ...
  - From: Jeremy C. Reed

Prev by Date: netbsd-5 pkg_admin: Failure during fetch of pkg-vulnerabilities:
Next by Date: Re: "Perl" license
Previous by Thread: netbsd-5 pkg_admin: Failure during fetch of pkg-vulnerabilities:
Next by Thread: Re: pkg_admin audit-history and more ...
Indexes:

Home | Main Index | Thread Index | Old Index