Bug 187464 - ports-mgmt/pkg: pkg-1.2.6 410.pkg-audit.in depends on periodic.conf vars from 9 and lower
Summary: ports-mgmt/pkg: pkg-1.2.6 410.pkg-audit.in depends on periodic.conf vars from...
Status: Closed FIXED
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: Any Any
: Normal Affects Only Me
Assignee: freebsd-pkg (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-12 00:00 UTC by Adam McDougall
Modified: 2018-01-11 17:51 UTC (History)
2 users (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Adam McDougall 2014-03-12 00:00:00 UTC
pkg-1.2.6/scripts/periodic/410.pkg-audit.in reads some variables from /etc/periodic.conf and/or /etc/defaults/periodic.conf to decide whether to run daily or not, run quiet, how often to update pkgaudit db, etc.  These variables got renamed in 10 (r254974 with some followup commits).  Although the current state of periodic scripts in 10 have compat shims to allow the old style variables to work, it complains when you use them, so I put in effort to update my 10 installs to the new format.  pkg is a port and not tied to an OS major version but the periodic script it installs from pkg-1.2.6/scripts/periodic/410.pkg-audit.in is currently specific to FreeBSD 9 and below.  I last worked on this a few months ago and settled for a custom hack, and I don't remember how close I could get to the daily execution I wanted.  I vaguely recall it was only running weekly which was insufficient.  In any case, the script should handle either <=9 and 10+ configs or maybe install an appropriate script d
 epending on the version.

How-To-Repeat: Install pkg on 10, see how often you receive pkg audit reports when something vulnerable is installed.  If someone wants to refute this report, I will set up a test system and confirm, but the script is definitely only using the old style periodic variables.
Comment 1 Edwin Groothuis freebsd_committer freebsd_triage 2014-03-12 07:32:00 UTC
Responsible Changed
From-To: freebsd-ports-bugs->portmgr

Over to maintainer (via the GNATS Auto Assign Tool)
Comment 2 Walter Schwarzenfeld freebsd_triage 2018-01-10 20:53:29 UTC
The were a lot of changes since this time. This is surely overcome by events.