Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 30 Jul 2014 16:06:50 +0100
From:      Matthew Seaman <matthew@freebsd.org>
To:        freebsd-questions@freebsd.org
Subject:   Re: pkg audit not working like portaudit
Message-ID:  <53D90A0A.3080103@freebsd.org>
In-Reply-To: <CACcSE1y0bt27o36yvFXRPXviZ9BS6d7eKN6+4mP8C-aXQZVJvA@mail.gmail.com>
References:  <CACcSE1y0bt27o36yvFXRPXviZ9BS6d7eKN6+4mP8C-aXQZVJvA@mail.gmail.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Xqv5gRvwSWSwNv998S7C2S7buOltfO0lp
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 07/30/14 15:22, Aleksandr Miroslav wrote:
> I used to be able to do something like this with portaudit in my cron j=
obs:
>=20
>     portaudit > /dev/null || portaudit |mailx -s portaudit root
>=20
> i.e. portaudit returned a non-zero value when there were vulnerabilitie=
s.
>=20
> I expected "pkg audit" to do the same, but apparently it always
> returns zero. Is there some way to get the old portaudit behavior or
> do I have to write a script to parse the output?

Not indicating the presence of vulnerabilities in the return code of
'pkg audit' is certainly worth opening an issue at
https://github.com/freebsd/pkg/issues

However, try using:

    pkg audit -q

which should not print anything unless it does find vulnerabilities, so
by the usual cron logic, you'll only get an email when there's a problem.=


There's also /usr/local/etc/periodic/security/410.pkg-audit which you
can enable as a normal periodic(8) job.

	Cheers,

	Matthew




--Xqv5gRvwSWSwNv998S7C2S7buOltfO0lp
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/

iQJ8BAEBCgBmBQJT2QoUXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw
MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnwAkP/RTggcmqF4mDBYpzOU+OUiWb
q/OjIK9hmAi/aX1FZ57ot1vhCpn9tZyRQ5sxy6YQZMhRVn5agrAzKg2/tWMf/Atp
qeX64HUlU8zPVbjk9tOOTKPomHAqy0pYmUAJGlm9ZnJ4w30o/SX/8abTT/s/6L8q
KEP01rm9BgRTJB3verqAOtGOLC94YGIlVHtNfX1Ox9i1Z/yk3Qe2SHS6S6X7NuRG
VkGcYhFRASCfTz1fCC1RgHtIv8FupLuemZU83JevugylZ/IHMpyFgGMFjvVr2F0t
rDBopMFIw1aoK7GayuwK8uybgbRVMLsH5qJQjK5jzxtWasRv/TT1wuwLKcSHRRA3
p0hHtaBRO8o109J4TMX3gFKZ0d1d+81+Oiv+ItFPoma6KcA9nD4et8dqR+VvB4Gj
8LGwx6/jdEVLjGHZfehHZ6l6nxGFvjOwex0hfjKwdBsTLWiPMp6X6d04P/uJzFCK
paRY4jfvZXH4ivho1txuS+X29ir9JgTgCa8crmCGvWT0vmNsjg6XGK7ImNeseyLT
mGT2Pwnw1oEiNbjtmoJzC3hyeLXlbVb0ICND9VVbfRUU6x2UWTGK3gmc5xUJKeK2
VynQ4sMG9lwmg16BBvB61vpGLpr0u2gJEjfgBrBiahQd5B+TiMky04Nb4+w9+Oei
AtRirRdxUKIjTR51E53j
=u5d7
-----END PGP SIGNATURE-----

--Xqv5gRvwSWSwNv998S7C2S7buOltfO0lp--



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?53D90A0A.3080103>