185147 – [patch] ports-mgmt/portaudit complain if pkg-ng is in use

Bug 185147 - [patch] ports-mgmt/portaudit complain if pkg-ng is in use

Summary: [patch] ports-mgmt/portaudit complain if pkg-ng is in use

Status:	Closed FIXED

Alias:	None

Product:	Ports & Packages
Classification:	Unclassified
Component:	Individual Port(s) (show other bugs)
Version:	Latest
Hardware:	Any Any

Importance:	Normal Affects Only Me
Assignee:	Ports Security Team

URL:
Keywords:

Depends on:
Blocks:

Reported:	2013-12-23 21:50 UTC by Olli Hauer
Modified:	2013-12-23 22:30 UTC (History)
CC List:	0 users

See Also:

Attachments
portaudit.diff (1.01 KB, patch) 2013-12-23 21:50 UTC, Olli Hauer	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Olli Hauer freebsd_committer

2013-12-23 21:50:00 UTC

In case a system is running already with the new pkg tools portaudit is useless.

If now also some leftovers are found in /var/db/pkg strange results can be presented
to the user. For example see PR ports/184976

I suspect this can abd will be happend to more users migrating to the new pkg tools.

The fix is not optimal but a starting point for the maintainers.

How-To-Repeat: See PR ports/184976

Comment 1 Edwin Groothuis freebsd_committer

2013-12-23 21:50:07 UTC

Responsible Changed
From-To: freebsd-ports-bugs->ports-secteam

Over to maintainer (via the GNATS Auto Assign Tool)

Comment 2 dfilter service freebsd_committer

2013-12-23 22:26:50 UTC

Author: delphij
Date: Mon Dec 23 22:26:43 2013
New Revision: 337303
URL: http://svnweb.freebsd.org/changeset/ports/337303

Log:
  Detect pkgNG.  When pkgNG is present and there is packages managed by pkgNG,
  give user a warning and run pkg audit -F instead.
  
  PR:		ports/185147
  Submitted by:	ohauer

Modified:
  head/ports-mgmt/portaudit/Makefile
  head/ports-mgmt/portaudit/files/portaudit-cmd.sh

Modified: head/ports-mgmt/portaudit/Makefile
==============================================================================
--- head/ports-mgmt/portaudit/Makefile	Mon Dec 23 22:04:06 2013	(r337302)
+++ head/ports-mgmt/portaudit/Makefile	Mon Dec 23 22:26:43 2013	(r337303)
@@ -2,7 +2,7 @@
 # $FreeBSD$
 
 PORTNAME=	portaudit
-PORTVERSION=	0.6.1
+PORTVERSION=	0.6.2
 CATEGORIES=	ports-mgmt security
 DISTFILES=
 

Modified: head/ports-mgmt/portaudit/files/portaudit-cmd.sh
==============================================================================
--- head/ports-mgmt/portaudit/files/portaudit-cmd.sh	Mon Dec 23 22:04:06 2013	(r337302)
+++ head/ports-mgmt/portaudit/files/portaudit-cmd.sh	Mon Dec 23 22:26:43 2013	(r337303)
@@ -53,6 +53,10 @@ portaudit_confs()
 
 	: ${portaudit_fixed=""}
 	: ${portaudit_openssl:="/usr/bin/openssl"}
+
+	# check if new pkg tools are in use
+	: ${pkgng_db:="/var/db/pkg/local.sqlite"}
+	: ${PKGSTATIC:="%%PREFIX%%/sbin/pkg-static"}
 }
 
 extract_auditfile_raw()
@@ -438,6 +442,20 @@ if $opt_version; then
 	echo "portaudit version %%PORTVERSION%%"
 fi
 
+if [ -e ${pkgng_db} -a -x ${PKGSTATIC} ]; then
+	IPKGNG=`echo 'SELECT COUNT() FROM packages;' | $PKGSTATIC shell`
+	if [ ${IPKGNG} -ge 1 ]; then
+		echo "New pkg tools detected: found ${IPKGNG} installed packages."
+		echo
+		echo "The portaudit tool is now obsolete, please remove portaudit and use the"
+		echo "command 'pkg audit' instead.  See man pkg-audit(8) for more information."
+		echo
+		echo "Running ${PKGSTATIC} audit -F:"
+		${PKGSTATIC} audit -F
+		exit 1
+	fi
+fi
+
 if $opt_fetch; then
 	if $opt_quiet ; then
 		portaudit_fetch_cmd="${portaudit_fetch_cmd} -q"
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"

Comment 3 Xin LI freebsd_committer

2013-12-23 22:26:56 UTC

State Changed
From-To: open->closed

Committed, thanks!