From owner-freebsd-hackers@FreeBSD.ORG Sun Sep 28 09:49:21 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id B7F82106569A; Sun, 28 Sep 2008 09:49:21 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 63FEC8FC15; Sun, 28 Sep 2008 09:49:21 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=nKTkIaWmy53nTooJKzT4LwOXXmt41gN6iz02n9hBqA9c21gP4/19a2XBLtQv9F+WKsR2Ct8Rr6qn8oJyxYU5oVmYjyV8XYYcpwmbYdqt8kWhBOsjoHaDvb75DDmoxT8+DYGllDZaG3Ayi+f0b/2+H7tokvtoxcRMEM8xKlK9WCk=; Received: from phoenix.codelabs.ru ([91.78.250.120]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1Kjsu0-0005BS-Ar; Sun, 28 Sep 2008 13:49:20 +0400 Date: Sun, 28 Sep 2008 13:49:18 +0400 From: Eygene Ryabinkin To: Roman Kurakin Message-ID: References: <48DE5CC0.9000708@localhost.inse.ru> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VV4b6MQE+OnNyhkM" Content-Disposition: inline In-Reply-To: <48DE5CC0.9000708@localhost.inse.ru> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, freebsd-ports@freebsd.org, bug-followup@freebsd.org Subject: Re: ports/126853: ports-mgmt/portaudit: speed up audit of installed packages X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 28 Sep 2008 09:49:21 -0000 --VV4b6MQE+OnNyhkM Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Roman, good day. Sat, Sep 27, 2008 at 08:18:08PM +0400, Roman Kurakin wrote: > Have you also posted this to ports@? No, forgot to do it. CC'ing ports@ Thanks! The original posting to hackers@ goes below. It will be double-posted to the bug-followup@ -- sorry for this. > Eygene Ryabinkin wrote: > > Good day. > > > > A while ago I had created the new utility that serves as VuXML > > filter for the installed packages: > > http://www.freebsd.org/cgi/query-pr.cgi?pr=3Dports/126853 > > > > My primary intention was to speed up the process of auditing the > > vulnerable ports: I needed to run portaudit checks with Nagios and to > > avoid large timeouts. > > > > The new utility is called pkg_audit and it serves as a simple text > > filter: on input it takes the full VuXML feed and on output it puts > > VuXML entries that matches ports that are installed in the system with > > port version specification substituted with the actual port versions. > > > > No harm is done to the actual poartudit -- if pkg_audit is missing, old > > code path is activated. > > > > If someone is interested and will be able to test -- I am all ears. Additional clarifications inspired by the off-line talk with rik@: I could take another route and add this functionality to the pkg_info. I took another approach for the following reasons. 1. pkg_info's option list is already quite big -- around 32 options and switches. 2. It is easier to test for the presence of the new tool (pkg_audit) and use it, instead of checking the support for the new option in pkg_info. 3. I see no options in pkg_info that can be naturally extended to absorbe the new functionality. The closest is '-E', but pkg_audit needs to read VuXML entries, choose ones that are present in the system and output the found VuXML entries with version templates substituted with the real entries, so pkg_audit is filter-like utility. In my opinion, such extension of pkg_info's "-E" will be very unnatural. 4. I feel that it is Unix-way to do the things: create small utilities that do their (small) job in a proper fashion. Moreover, since the majority of a code sits in the pkg_install's library, there is a very slight code duplication, if any. Thanks for you time. --=20 Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual =20 )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook=20 {_.-``-' {_/ # --VV4b6MQE+OnNyhkM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkjfUx4ACgkQthUKNsbL7YhBbwCfSA2OhrF4uP6vfYW/eQ2kQ7/p LbgAmwTYjAJor/5W5Tc5lzeVW3RQXgQx =xsRg -----END PGP SIGNATURE----- --VV4b6MQE+OnNyhkM--