Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 11 Mar 2014 23:54:30 GMT
From:      Adam McDougall <mcdouga9@egr.msu.edu>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   ports/187464: pkg-1.2.6 410.pkg-audit.in depends on periodic.conf vars from 9 and lower
Message-ID:  <201403112354.s2BNsUgY093775@cgiserv.freebsd.org>
Resent-Message-ID: <201403120000.s2C001q1064964@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         187464
>Category:       ports
>Synopsis:       pkg-1.2.6 410.pkg-audit.in depends on periodic.conf vars from 9 and lower
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Wed Mar 12 00:00:00 UTC 2014
>Closed-Date:
>Last-Modified:
>Originator:     Adam McDougall
>Release:        FreeBSD 10.0-STABLE
>Organization:
>Environment:
FreeBSD build10 10.0-STABLE FreeBSD 10.0-STABLE #0 r262298: Fri Feb 21 18:28:26 EST 2014     root@build10:/usr/obj/usr/src/sys/BUILD10  amd64
>Description:
pkg-1.2.6/scripts/periodic/410.pkg-audit.in reads some variables from /etc/periodic.conf and/or /etc/defaults/periodic.conf to decide whether to run daily or not, run quiet, how often to update pkgaudit db, etc.  These variables got renamed in 10 (r254974 with some followup commits).  Although the current state of periodic scripts in 10 have compat shims to allow the old style variables to work, it complains when you use them, so I put in effort to update my 10 installs to the new format.  pkg is a port and not tied to an OS major version but the periodic script it installs from pkg-1.2.6/scripts/periodic/410.pkg-audit.in is currently specific to FreeBSD 9 and below.  I last worked on this a few months ago and settled for a custom hack, and I don't remember how close I could get to the daily execution I wanted.  I vaguely recall it was only running weekly which was insufficient.  In any case, the script should handle either <=9 and 10+ configs or maybe install an appropriate script d
 epending on the version.
>How-To-Repeat:
Install pkg on 10, see how often you receive pkg audit reports when something vulnerable is installed.  If someone wants to refute this report, I will set up a test system and confirm, but the script is definitely only using the old style periodic variables.
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403112354.s2BNsUgY093775>