FreeBSD Bugzilla – Attachment 143944 Details for
Bug 190949
portaudit is replaced by pkg audit
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
Patch for security/chapter.xml and ports/chapter.xml
portaudit-pkgaudit.diff.txt (text/plain), 6.20 KB, created by
Anders Jensen-Waud
on 2014-06-19 22:58:04 UTC
(
hide
)
Description:
Patch for security/chapter.xml and ports/chapter.xml
Filename:
MIME Type:
Creator:
Anders Jensen-Waud
Created:
2014-06-19 22:58:04 UTC
Size:
6.20 KB
patch
obsolete
>Index: security/chapter.xml >=================================================================== >--- security/chapter.xml (revision 45078) >+++ security/chapter.xml (working copy) >@@ -78,8 +78,8 @@ > </listitem> > > <listitem> >- <para>How to use <application>portaudit</application> to audit >- third party software packages installed from the Ports >+ <para>How to use <application>pkg audit</application> to audit >+ third pary software packages installed from the Ports > Collection.</para> > </listitem> > >@@ -3100,7 +3100,7 @@ > </info> > > <indexterm> >- <primary>portaudit</primary> >+ <primary>pkg audit</primary> > </indexterm> > > <para>In recent years, the security world has made many >@@ -3114,35 +3114,38 @@ > for every third party utility is beyond the &os; Project's > capability. There is a way to mitigate third party > vulnerabilities and warn administrators of known security >- issues. A &os; add on utility known as >- <application>portaudit</application> exists solely for this >+ issues. A &os; utility known as >+ <application>pkg audit</application> exists solely for this > purpose.</para> > > <para>The >- <package>ports-mgmt/portaudit</package> >+ <application>pkg audit</application> > port polls a database, which is updated and maintained by the > &os; Security Team and ports developers, for known security > issues.</para> > >- <para>To install <application>portaudit</application> from the >- Ports Collection:</para> >+ <warning> >+ <para>Prior to FreeBSD 10, <application>portaudit</application> >+ (<package>ports-mgmt/portaudit</package>) had to be installed >+ to perform automated security audits. >+ With the introduction >+ of <application>pkg</application> in FreeBSD 10, audit >+ is an integrated part of <application>pkg</application> >+ in the base system.</para> >+ </warning> > >- <screen>&prompt.root; <userinput>cd /usr/ports/ports-mgmt/portaudit && make install clean</userinput></screen> >+ <para>From FreeBSD 10, the configuration files for >+ &man.periodic.8; include <application>pkg audit</application> >+ output in the daily security runs. Ensure that the daily >+ security run emails, which are sent to <systemitem >+ class="username">root</systemitem>'s required.</para> > >- <para>During the installation, the configuration files for >- &man.periodic.8; will be updated, permitting >- <application>portaudit</application> output in the daily >- security runs. Ensure that the daily security run emails, which >- are sent to <systemitem class="username">root</systemitem>'s >- email account, are being read. No other configuration is >- required.</para> >+ <para>An administrator can update the >+ database and view known vulnerabilities in installed packages >+ by invoking the following command:</para> > >- <para>After installation, an administrator can update the >- database and view known vulnerabilities in installed packages >- by invoking the following command:</para> >+ <screen>&prompt.root; <userinput>pkg audit -F</userinput></screen> > >- <screen>&prompt.root; <userinput>portaudit -Fda</userinput></screen> >- > <note> > <para>The database is automatically updated during the > &man.periodic.8; run. The above command is optional and can >@@ -3153,9 +3156,9 @@ > the Ports Collection at anytime, an administrator can run the > following command:</para> > >- <screen>&prompt.root; <userinput>portaudit -a</userinput></screen> >+ <screen>&prompt.root; <userinput>pkg audit</userinput></screen> > >- <para><application>portaudit</application> will display messages >+ <para><application>pkg audit</application> will display messages > for any installed vulnerable packages:</para> > > <programlisting>Affected package: cups-base-1.1.22.0_1 >@@ -3172,7 +3175,7 @@ > versions affected, by &os; port version, along with other web > sites which may contain security advisories.</para> > >- <para><application>portaudit</application> is a powerful utility >+ <para><application>pkg audit</application> is a powerful utility > and is extremely useful when coupled with the > <application>portmaster</application> port.</para> > </sect1> >Index: ports/chapter.xml >=================================================================== >--- ports/chapter.xml (revision 45078) >+++ ports/chapter.xml (working copy) >@@ -199,13 +199,9 @@ > <warning> > <para>Before installing any application, check <uri > xlink:href="http://vuxml.freebsd.org/">http://vuxml.freebsd.org/</uri> >- for security issues related to the application or install >- <package>ports-mgmt/portaudit</package>. Once installed, type >- <command>portaudit -F -a</command> to check all installed >- applications for known vulnerabilities. When >- <application>pkg</application> is being used the audit >- functionality is built in. Execute <command>pkg audit >- -F</command> to get a report on vulnerable packages.</para> >+ for security issues related to the application or use >+ <command>pkg audit -F</command> to check all installed >+ packages for known vulneratilibies.</para> > </warning> > > <para>The remainder of this chapter explains how to use packages >@@ -1113,14 +1109,14 @@ > <uri > xlink:href="http://vuxml.freebsd.org/">http://vuxml.freebsd.org/</uri> > for known security issues related to the port. Alternately, >- if <package>ports-mgmt/portaudit</package> is installed, run >- <command>portaudit -F</command> before installing a new >- port. This command can be configured to automatically >+ run >+ <command>pkg audit -F</command> before installing a new port >+ or package. This command can be configured to automatically > perform a security audit and an update of the vulnerability >- database during the daily security system check. For more >- information, refer to the manual page for >- <application>portaudit</application> and >- &man.periodic.8;.</para> >+ database during the daily security system check. >+ For more >+ information please refer to the manual page for >+ <application>pkg</application> and &man.periodic.8;.</para> > </warning> > > <para>Using the Ports Collection assumes a working Internet
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=143944">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 190949
: 143944