From owner-freebsd-ports@freebsd.org Thu Jun 22 06:15:40 2017 Return-Path: Delivered-To: freebsd-ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 59B03DA71FB for ; Thu, 22 Jun 2017 06:15:40 +0000 (UTC) (envelope-from ml@netfence.it) Received: from mailman.ysv.freebsd.org (mailman.ysv.freebsd.org [IPv6:2001:1900:2254:206a::50:5]) by mx1.freebsd.org (Postfix) with ESMTP id 4303A6F0BF for ; Thu, 22 Jun 2017 06:15:40 +0000 (UTC) (envelope-from ml@netfence.it) Received: by mailman.ysv.freebsd.org (Postfix) id 42575DA71FA; Thu, 22 Jun 2017 06:15:40 +0000 (UTC) Delivered-To: ports@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 41EE7DA71F9 for ; Thu, 22 Jun 2017 06:15:40 +0000 (UTC) (envelope-from ml@netfence.it) Received: from smtp205.alice.it (smtp205.alice.it [82.57.200.101]) by mx1.freebsd.org (Postfix) with ESMTP id CBDF96F0BE for ; Thu, 22 Jun 2017 06:15:39 +0000 (UTC) (envelope-from ml@netfence.it) Received: from soth.ventu (95.250.147.61) by smtp205.alice.it (8.6.060.28) (authenticated as acanedi@alice.it) id 594595F406DBF2EB; Thu, 22 Jun 2017 08:15:13 +0200 Received: from alamar.ventu (alamar.local.netfence.it [10.1.2.18]) by soth.ventu (8.15.2/8.15.2) with ESMTP id v5M6FBqs038319; Thu, 22 Jun 2017 08:15:12 +0200 (CEST) (envelope-from ml@netfence.it) X-Authentication-Warning: soth.ventu: Host alamar.local.netfence.it [10.1.2.18] claimed to be alamar.ventu Subject: Re: net-mgmt/nagios-check_ports and jails To: Ryan Frederick Cc: ports@freebsd.org References: <2cfd5c8c-b8b4-720a-5950-02bb59fe070b@netfence.it> <23a5901a-75e0-2624-066f-563fa0b181d3@gmail.com> From: Andrea Venturoli Message-ID: <1c9c0c88-eca5-7278-e498-50172bc5ef70@netfence.it> Date: Thu, 22 Jun 2017 08:15:11 +0200 User-Agent: Mozilla/5.0 (X11; FreeBSD i386; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 MIME-Version: 1.0 In-Reply-To: <23a5901a-75e0-2624-066f-563fa0b181d3@gmail.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-BeenThere: freebsd-ports@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Porting software to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 22 Jun 2017 06:15:40 -0000 On 06/21/17 20:09, Ryan Frederick wrote: > Andrea, > > I took a look at ports-mgmt/jailaudit, and it works a bit differently > than ports-mgmt/nagios-check_ports. jailaudit makes a list of packages > installed in the jail and runs pkg(8) audit outside of the jail against > the list. nagios-check_ports, on the other hand, calls pkg(8) audit with > the -j option to run inside the jail and thus requires a copy of > vuln.xml within the jail. That's what I suspected. > I would suggest running `pkg audit -F` within the jails regularly or > setup something to copy vuln.xml into the jails. > > That being said I do have a bugfix to commit upstream that unbreaks > checking for updates within a jail from outside the jail. I'll hopefully > get that released soon. I'm in no hurry, so I can wait for soon :) Thanks for your work. bye av.