Bug 135471 - [patch] ports-mgmt/portaudit-db packaudit.conf sourced too late in packaudit.sh
Summary: [patch] ports-mgmt/portaudit-db packaudit.conf sourced too late in packaudit.sh
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: Security Team
Depends on:
Reported: 2009-06-11 12:00 UTC by John Marshall
Modified: 2013-08-09 08:40 UTC (History)
0 users

See Also:

portaudit-db-patch (2.20 KB, text/plain)
2009-06-11 12:00 UTC, John Marshall
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description John Marshall 2009-06-11 12:00:02 UTC
It looks like the line in packaudit which sources packaudit.conf landed
in the wrong place by accident - and stayed there.

This patch:

 - relocates the sourcing of packaudit.conf to earlier in the file where
   I think it belongs
 - doesn't touch the port revision number in the Makefile because I'm not
   sure what should be done with that in this case.  I have left this
   decision for a potential commiter.

packaudit defines all its variables in such a way as to allow for the
names to be already defined (e.g. via packaudit.conf or the environment)
and supplies its own defaults.  Then it sources packaudit.conf.  I have
deliberately increased the diff context window in the attached patch so
that reviewers can easily see what lies between the current and proposed
location of the packaudit.conf file sourcing.

Define things in /usr/local/etc/packaudit.conf and watch them get
silently ignored - or watch packaudit test default locations and then
use untested locations from packaudit.conf.
Comment 1 Edwin Groothuis freebsd_committer 2009-06-11 12:00:27 UTC
Responsible Changed
From-To: freebsd-ports-bugs->secteam

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Remko Lodder freebsd_committer 2013-08-01 21:36:16 UTC
State Changed
From-To: open->closed

While your intentions are OK, I am not sure whether it is worth the 
change. All variable declarations are still 'active' when we read the 
packaudit.conf and we read it in before we use the possible .conf 
variables. Thank you for submitting this nevertheless!
Comment 3 dfilter service freebsd_committer 2013-08-09 08:34:44 UTC
Author: remko (src,doc committer)
Date: Fri Aug  9 07:34:31 2013
New Revision: 324417
URL: http://svnweb.freebsd.org/changeset/ports/324417

  Move the sourcing of packaudit.conf higher up in the tree
  so that for examplee DATABASEDIR can be specified there and
  is not "ignored"
  PR:		135471
  Submitted by:	John Marshall <john@rwsrv05.mby.riverwillow.net.au>
  Discussed with:	des


Modified: head/ports-mgmt/portaudit-db/Makefile
--- head/ports-mgmt/portaudit-db/Makefile	Fri Aug  9 07:16:28 2013	(r324416)
+++ head/ports-mgmt/portaudit-db/Makefile	Fri Aug  9 07:34:31 2013	(r324417)
@@ -7,7 +7,7 @@
 PORTNAME=	portaudit-db
 CATEGORIES=	ports-mgmt

Modified: head/ports-mgmt/portaudit-db/files/packaudit.sh
--- head/ports-mgmt/portaudit-db/files/packaudit.sh	Fri Aug  9 07:16:28 2013	(r324416)
+++ head/ports-mgmt/portaudit-db/files/packaudit.sh	Fri Aug  9 07:34:31 2013	(r324417)
@@ -44,6 +44,8 @@ SED=/usr/bin/sed
+[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
@@ -89,8 +91,6 @@ if [ -z  "$VULPATH" ]; then
-[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
 if [ -d "$PUBLIC_HTML" -a -w "$PUBLIC_HTML" ]; then
   VULNMD5=`$CAT "$VUXMLDIR/vuln.xml" "$PORTAUDITDBDIR/database/portaudit.xml" "$PORTAUDITDBDIR/database/portaudit.txt" | $MD5`
   if [ -f "$PUBLIC_HTML/portaudit.md5" ]; then
svn-ports-all@freebsd.org mailing list
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"