Date: Sat, 13 Apr 2013 23:13:53 +0200 From: Michael Gmelin <freebsd@grem.de> To: freebsd-ports@freebsd.org Cc: Baptiste Daroussin <bapt@FreeBSD.org> Subject: Re: Setting fetch environment in pkg.conf (pkgng) Message-ID: <20130413231353.20eea473@bsd64.grem.de> In-Reply-To: <20130413201039.GL95891@ithaqua.etoilebsd.net> References: <20130413214839.3d59a743@bsd64.grem.de> <20130413201039.GL95891@ithaqua.etoilebsd.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 13 Apr 2013 22:10:39 +0200 Baptiste Daroussin <bapt@FreeBSD.org> wrote: > On Sat, Apr 13, 2013 at 09:48:39PM +0200, Michael Gmelin wrote: > > Hi, > > > > I recently converted a host from to pkgng and getting the following > > error: > > > > Checking for packages with security vulnerabilities: > > pkg: http://portaudit.FreeBSD.org/auditfile.tbz: No route to host > > pkg: Cannot fetch audit file! > > > > Portaudit was configured to use a proxy > > in /usr/local/etc/portaudit.conf: > > > > portaudit_fetch_env="HTTP_PROXY=http://192.168.1.2:8080/" > > > > I'm aware that pkg uses libfetch directly, but since most > > configuration in libfetch happens through setting environment > > variables, it would be great if it could be set before calls to > > libfetch's fetchGet* functions instead of setting it in the > > environment used (modify cron jobs etc.). Since there are different > > applications for fetch in pkg I would suggest the following settings > > (examples): > > > > # environment for fetching auditfile (pkg-audit(8)) > > audit_fetch_env = "HTTP_PROXY=http://192.168.1.2:8080/" > > > > # environment for talking to the repo (pkg-update(8), > > pkg-upgrade(8)...) repo_fetch_env = > > "SSL_CLIENT_KEY_FILE=/etc/ssl/pkgclient01.key \ > > SSL_CLIENT_CERT_FILE=/etc/ssl/pkgclient01.crt \ > > SSL_CA_CERT_FILE=/etc/ssl/pkgmaster.pem" > > > > In case there are other uses of libfetch in the code, further > > settings could be added - also for talking to multiple repositories. > > > > Thoughts? > > > > Just add HTTP_PROXY=... in pkg.conf and pkgng will do it :) > > regards, > Bapt Thanks for your response. Just for the records: It's HTTP_PROXY: ... (not =) and it works only for HTTP_PROXY and a couple of other fetch related variables (like max retry), but not in a generic way - besides the SSL variables I need libfetch also offers a couple of other useful settings. Also, these variables (including HTTP_PROXY) are not mentioned in pkg.conf(5). So unfortunately no other configuration options can be set for fetch. Do you think it would be possible to add a facility to pkg.conf that allows setting of arbitrary environment variables (either like I suggested or in an even more generic way)? Cheers, Michael -- Michael Gmelin
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20130413231353.20eea473>