From owner-freebsd-hackers@FreeBSD.ORG Mon Oct 6 12:22:18 2008 Return-Path: Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D6C051065692; Mon, 6 Oct 2008 12:22:18 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) Received: from 0.mx.codelabs.ru (0.mx.codelabs.ru [144.206.177.45]) by mx1.freebsd.org (Postfix) with ESMTP id 61C188FC12; Mon, 6 Oct 2008 12:22:18 +0000 (UTC) (envelope-from rea-fbsd@codelabs.ru) DomainKey-Signature: a=rsa-sha1; q=dns; c=simple; s=one; d=codelabs.ru; h=Received:Date:From:To:Cc:Subject:Message-ID:References:MIME-Version:Content-Type:Content-Disposition:In-Reply-To:Sender; b=jhQcisJ2fDvgWs8EQuyg49SWqIfjUm2JOmpApnRytxMCCOeVMPRye5hZUQ6WMnYeV/BIUarlxaQHAeV5LLVREvY9WiFvTldAjei/TKX4NjrvWGdtTkILNM6DuyJNN4fNzX9e6T/LxD6bUuoj9OpL4m8PRHY1s/lPUkQVDfhDHFA=; Received: from void.codelabs.ru (void.codelabs.ru [144.206.177.25]) by 0.mx.codelabs.ru with esmtpsa (TLSv1:AES256-SHA:256) id 1Kmp6N-000Mb5-3Q; Mon, 06 Oct 2008 16:22:15 +0400 Date: Mon, 6 Oct 2008 16:22:13 +0400 From: Eygene Ryabinkin To: Mel Message-ID: References: <200810061124.55209.fbsd.hackers@rachie.is-a-geek.net> <200810061307.51977.fbsd.hackers@rachie.is-a-geek.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="3BL0Ng5d1iPP6beU" Content-Disposition: inline In-Reply-To: <200810061307.51977.fbsd.hackers@rachie.is-a-geek.net> Sender: rea-fbsd@codelabs.ru Cc: freebsd-hackers@freebsd.org, freebsd-ports@freebsd.org, Miroslav Lachman <000.fbsd@quip.cz>, bug-followup@freebsd.org Subject: Re: ports/126853: ports-mgmt/portaudit: speed up audit of installed packages X-BeenThere: freebsd-hackers@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Technical Discussions relating to FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Oct 2008 12:22:19 -0000 --3BL0Ng5d1iPP6beU Content-Type: text/plain; charset=koi8-r Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Mel, Mon, Oct 06, 2008 at 01:07:51PM +0200, Mel wrote: > On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote: > Once you have the origin of the port, you can: > - make -C $PORTSDIR/$origin -V PKGNAME > - get the matching origin(s) out of ${INDEXDIR}/${INDEXFILE} > - get the matching origin(s) out of a downloaded INDEX.bz2 >=20 > This covers the majority of cases. >=20 > What portaudit lacks, is providing the origin along with the installed pa= ckage > name in easily parseable format. So, a central server wanting to query al= l=20 > the machines for vulnerable packages, now has to do an extra step of goin= g=20 > into $PKG_DBDIR/$pkgname/+CONTENTS and getting the @comment ORIGIN: line,= =20 > while (port|pkg_)audit has just been there. >=20 > This would be something I'd expect: > ssh clientmachine "/usr/sbin/pkg_audit -l" > foo-1.2,3:misc/foo > bar-4.5_6:devel/bar > ... OK, got it. There is one neat: pkg_audit should be feeded with the contents of the auditfile and the latter is located in the tar archive. So, if you wouldn't mind about the following sequence ----- tar xf /var/db/portaudit/auditfile.tbz pkg_audit < auditfile | portaudit-checknew -o | cut -d '|' -f1,4,5 ----- then I can add the flag '-o' to the portaudit-checknew: it will additionally output the port origin along with the new version. Is that what you meant? --=20 Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual =20 )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook=20 {_.-``-' {_/ # --3BL0Ng5d1iPP6beU Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkjqAvUACgkQthUKNsbL7YiaFACfVxP/ieDIZZrUGE4O+DKgfvTh YpgAn02ufj2yxuThuKezaIdezmBYuDYt =UeZL -----END PGP SIGNATURE----- --3BL0Ng5d1iPP6beU--