FreeBSD Bugzilla – Attachment 188871 Details for
Bug 224239
security/base-audit: update to 0.2
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
updated patch file
security_base-audit.patch (text/plain), 4.62 KB, created by
Yasuhiro Kimura
on 2017-12-16 05:09:00 UTC
(
hide
)
Description:
updated patch file
Filename:
MIME Type:
Creator:
Yasuhiro Kimura
Created:
2017-12-16 05:09:00 UTC
Size:
4.62 KB
patch
obsolete
>Index: Makefile >=================================================================== >--- Makefile (revision 456406) >+++ Makefile (working copy) >@@ -3,6 +3,7 @@ > > PORTNAME= base-audit > PORTVERSION= 0.1 >+PORTREVISION= 1 > CATEGORIES= security > MASTER_SITES= # none > DISTFILES= # none >Index: files/405.pkg-base-audit.in >=================================================================== >--- files/405.pkg-base-audit.in (revision 456406) >+++ files/405.pkg-base-audit.in (working copy) >@@ -38,6 +38,13 @@ > source_periodic_confs > fi > >+: ${security_status_baseaudit_enable:=YES} >+: ${security_status_baseaudit_period:=daily} >+: ${security_status_baseaudit_quiet:=NO} >+: ${security_status_baseaudit_chroots=$pkg_chroots} >+: ${security_status_baseaudit_jails=$pkg_jails} >+: ${security_status_baseaudit_expiry:=2} >+ > # Compute PKG_DBDIR from the config file. > pkgcmd=%%PREFIX%%/sbin/pkg > PKG_DBDIR=`${pkgcmd} config PKG_DBDIR` >@@ -91,7 +98,7 @@ > now=`date +%s` || rc=3 > ## Add 10 minutes of padding since the check is in seconds. > if [ $rc -ne 0 -o \ >- $(( 86400 \* "${daily_status_security_baseaudit_expiry:-2}" )) \ >+ $(( 86400 \* "${security_status_baseaudit_expiry}" )) \ > -le $(( ${now} - ${then} + 600 )) ]; then > ## Random delay so the mirrors do not get slammed when run by periodic(8) > if [ ! -t 0 ]; then >@@ -117,8 +124,8 @@ > # Use $pkg_chroots to provide a default list of chroots, and > # $pkg_jails to provide a default list of jails (or '*' for all jails) > # for all pkg periodic scripts, or set >-# $daily_status_security_baseaudit_chroots and >-# $daily_status_security_baseaudit_jails for this script only. >+# $security_status_baseaudit_chroots and >+# $security_status_baseaudit_jails for this script only. > > audit_base_all() { > local rc >@@ -125,15 +132,12 @@ > local last_rc > local jails > >- : ${daily_status_security_baseaudit_chroots=$pkg_chroots} >- : ${daily_status_security_baseaudit_jails=$pkg_jails} >- > # We always show audit results for the base system, but only print > # a banner line if we're also showing audit results for any > # chroots or jails. > >- if [ -n "${daily_status_security_baseaudit_chroots}" -o \ >- -n "${daily_status_security_baseaudit_jails}" ]; then >+ if [ -n "${security_status_baseaudit_chroots}" -o \ >+ -n "${security_status_baseaudit_jails}" ]; then > echo "Host system:" > fi > >@@ -141,7 +145,7 @@ > last_rc=$? > [ $last_rc -gt 1 ] && rc=$last_rc > >- for c in $daily_status_security_baseaudit_chroots ; do >+ for c in $security_status_baseaudit_chroots ; do > echo > echo "chroot: $c" > audit_base "-c $c" $c >@@ -149,7 +153,7 @@ > [ $last_rc -gt 1 ] && rc=$last_rc > done > >- case $daily_status_security_baseaudit_jails in >+ case $security_status_baseaudit_jails in > \*) > jails=$(jls -q -h name path | sed -e 1d -e 's/ /|/') > ;; >@@ -159,7 +163,7 @@ > *) > # Given the jail name or jid, find the jail path > jails= >- for j in $daily_status_security_baseaudit_jails ; do >+ for j in $security_status_baseaudit_jails ; do > p=$(jls -j $j -h name path | sed -e 1d -e 's/ /|/') > jails="${jails} ${p}" > done >@@ -177,11 +181,16 @@ > return $rc > } > >+security_daily_compat_var security_status_baseaudit_enable >+security_daily_compat_var security_status_baseaudit_quiet >+security_daily_compat_var security_status_baseaudit_chroots >+security_daily_compat_var security_status_baseaudit_jails >+security_daily_compat_var security_status_baseaudit_exipiry >+ > rc=0 > >-case "${daily_status_security_baseaudit_enable:-YES}" in >-[Nn][Oo]) ;; >-*) >+if check_yesno_period security_status_baseaudit_enable >+then > echo > echo 'Checking for security vulnerabilities in base (userland & kernel):' > >@@ -189,7 +198,7 @@ > echo 'pkg-audit is enabled but pkg is not used' > rc=2 > else >- case "${daily_status_security_baseaudit_quiet:-NO}" in >+ case "${security_status_baseaudit_quiet}" in > [Yy][Ee][Ss]) > q='-q' > ;; >@@ -200,7 +209,6 @@ > > audit_base_all ; rc=$? > fi >- ;; >-esac >+fi > > exit "$rc" >Index: pkg-message >=================================================================== >--- pkg-message (revision 456406) >+++ pkg-message (working copy) >@@ -1,11 +1,11 @@ > Add the following lines to /etc/periodic.conf(.local) to enable periodic check >- daily_status_security_baseaudit_enable="YES" >- daily_status_security_baseaudit_quiet="NO" >+ security_status_baseaudit_enable="YES" >+ security_status_baseaudit_quiet="NO" > > Use pkg_chroots to provide a default list of chroots > and pkg_jails to provide a default list of jails (or '*' for all jails) > for all pkg periodic scripts, or set >- daily_status_security_baseaudit_chroots >+ security_status_baseaudit_chroots > and >- daily_status_security_baseaudit_jails >+ security_status_baseaudit_jails > for this script only.
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 224239
:
188706
| 188871 |
189378
|
189379