While upgrading packages, sane-backends installed pkgng as a dependency without notification and did not perform the necessary housekeeping to switch to the new package management system. As a result various errors and inconsistencies in the packages database were experienced, including portaudit flagging ports as vulnerable in error. The root cause took hours to track down. Once identified, the pkg system could not be initialized with file access errors being reported. Fix: After hours of tinkering I decided on a radical dissection of the installed packages, followed up with manual initialization of pkgng and reinstallation from scratch of everything. pkg_delete -a /usr/sbin/pkg pkg2ng Begin reinstalling desired packages. This is a most inelegant solution, but I could not find any documentation or advice after 90 minutes of searching. How-To-Repeat: Upgrade sane-backend without manually upgrading the system to pkgng
This is not pkg bug. It is mostly likely related to netsnmp package that adds the following dependency: # pkg-1.2 cannot handle this dependency well. .if !defined(WITH_PKGNG) LIB_DEPENDS= libpkg.so:${PORTSDIR}/ports-mgmt/pkg .endif Therefore, I think it is the question to net-snmp maintainer.
Installing ports-mgmt/pkg does not mean the system is suddenly converted to pkgng. You can have ports-mgmt/pkg installed and still use the legacy package framework without issue. Conversion to pkgng is not required to use net-snmp. What errors/inconsistencies or portaudit issues are you referring to?
No response from submitter.