Bug 135471 - [patch] ports-mgmt/portaudit-db packaudit.conf sourced too late in packaudit.sh
[patch] ports-mgmt/portaudit-db packaudit.conf sourced too late in packaudit.sh
Status: Closed FIXED
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s)
Latest
Any Any
: Normal Affects Only Me
Assigned To: Security Team
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-06-11 12:00 UTC by john
Modified: 2013-08-09 08:40 UTC (History)
0 users

See Also:


Attachments
portaudit-db-patch (2.20 KB, text/plain)
2009-06-11 12:00 UTC, john
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
Description john 2009-06-11 12:00:02 UTC
It looks like the line in packaudit which sources packaudit.conf landed
in the wrong place by accident - and stayed there.

This patch:

 - relocates the sourcing of packaudit.conf to earlier in the file where
   I think it belongs
 - doesn't touch the port revision number in the Makefile because I'm not
   sure what should be done with that in this case.  I have left this
   decision for a potential commiter.

packaudit defines all its variables in such a way as to allow for the
names to be already defined (e.g. via packaudit.conf or the environment)
and supplies its own defaults.  Then it sources packaudit.conf.  I have
deliberately increased the diff context window in the attached patch so
that reviewers can easily see what lies between the current and proposed
location of the packaudit.conf file sourcing.

How-To-Repeat: 
Define things in /usr/local/etc/packaudit.conf and watch them get
silently ignored - or watch packaudit test default locations and then
use untested locations from packaudit.conf.
Comment 1 Edwin Groothuis freebsd_committer 2009-06-11 12:00:27 UTC
Responsible Changed
From-To: freebsd-ports-bugs->secteam

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Remko Lodder freebsd_committer 2013-08-01 21:36:16 UTC
State Changed
From-To: open->closed

While your intentions are OK, I am not sure whether it is worth the 
change. All variable declarations are still 'active' when we read the 
packaudit.conf and we read it in before we use the possible .conf 
variables. Thank you for submitting this nevertheless!
Comment 3 dfilter freebsd_committer 2013-08-09 08:34:44 UTC
Author: remko (src,doc committer)
Date: Fri Aug  9 07:34:31 2013
New Revision: 324417
URL: http://svnweb.freebsd.org/changeset/ports/324417

Log:
  Move the sourcing of packaudit.conf higher up in the tree
  so that for examplee DATABASEDIR can be specified there and
  is not "ignored"
  
  PR:		135471
  Submitted by:	John Marshall <john@rwsrv05.mby.riverwillow.net.au>
  Discussed with:	des

Modified:
  head/ports-mgmt/portaudit-db/Makefile
  head/ports-mgmt/portaudit-db/files/packaudit.sh

Modified: head/ports-mgmt/portaudit-db/Makefile
==============================================================================
--- head/ports-mgmt/portaudit-db/Makefile	Fri Aug  9 07:16:28 2013	(r324416)
+++ head/ports-mgmt/portaudit-db/Makefile	Fri Aug  9 07:34:31 2013	(r324417)
@@ -7,7 +7,7 @@
 
 PORTNAME=	portaudit-db
 PORTVERSION=	0.2.3
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	ports-mgmt
 DISTFILES=
 

Modified: head/ports-mgmt/portaudit-db/files/packaudit.sh
==============================================================================
--- head/ports-mgmt/portaudit-db/files/packaudit.sh	Fri Aug  9 07:16:28 2013	(r324416)
+++ head/ports-mgmt/portaudit-db/files/packaudit.sh	Fri Aug  9 07:34:31 2013	(r324417)
@@ -44,6 +44,8 @@ SED=/usr/bin/sed
 TAR=/usr/bin/tar
 XSLTPROC=%%LOCALBASE%%/bin/xsltproc
 
+[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
+
 PORTSDIR="${PORTSDIR:-%%PORTSDIR%%}"
 VUXMLDIR="${VUXMLDIR:-$PORTSDIR/security/vuxml}"
 PORTAUDITDBDIR="${PORTAUDITDBDIR:-$PORTSDIR/ports-mgmt/portaudit-db}"
@@ -89,8 +91,6 @@ if [ -z  "$VULPATH" ]; then
 fi
 VULURL="https://svnweb.freebsd.org/ports/$VULPATH"
 
-[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
-
 if [ -d "$PUBLIC_HTML" -a -w "$PUBLIC_HTML" ]; then
   VULNMD5=`$CAT "$VUXMLDIR/vuln.xml" "$PORTAUDITDBDIR/database/portaudit.xml" "$PORTAUDITDBDIR/database/portaudit.txt" | $MD5`
   if [ -f "$PUBLIC_HTML/portaudit.md5" ]; then
_______________________________________________
svn-ports-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-ports-all
To unsubscribe, send any mail to "svn-ports-all-unsubscribe@freebsd.org"