Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Jun 2009 20:50:59 +1000 (AEST)
From:      John Marshall <john@rwsrv05.mby.riverwillow.net.au>
To:        FreeBSD-gnats-submit@FreeBSD.org
Subject:   ports/135471: [patch] ports-mgmt/portaudit-db packaudit.conf sourced too late in packaudit.sh
Message-ID:  <200906111050.n5BAoxd5070196@rwsrv05.mby.riverwillow.net.au>
Resent-Message-ID: <200906111100.n5BB0286089055@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         135471
>Category:       ports
>Synopsis:       [patch] ports-mgmt/portaudit-db packaudit.conf sourced too late in packaudit.sh
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 11 11:00:02 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     John Marshall
>Release:        FreeBSD 7.2-RELEASE i386
>Organization:
Riverwillow Pty Ltd
>Environment:
System: FreeBSD rwsrv05.mby.riverwillow.net.au 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Fri May 1 21:02:03 AEST 2009 root@rwsrv05.mby.riverwillow.net.au:/spare/obj/usr/src/sys/RWSRV05 i386


	
>Description:

It looks like the line in packaudit which sources packaudit.conf landed
in the wrong place by accident - and stayed there.

This patch:

 - relocates the sourcing of packaudit.conf to earlier in the file where
   I think it belongs
 - doesn't touch the port revision number in the Makefile because I'm not
   sure what should be done with that in this case.  I have left this
   decision for a potential commiter.

packaudit defines all its variables in such a way as to allow for the
names to be already defined (e.g. via packaudit.conf or the environment)
and supplies its own defaults.  Then it sources packaudit.conf.  I have
deliberately increased the diff context window in the attached patch so
that reviewers can easily see what lies between the current and proposed
location of the packaudit.conf file sourcing.

>How-To-Repeat:

Define things in /usr/local/etc/packaudit.conf and watch them get
silently ignored - or watch packaudit test default locations and then
use untested locations from packaudit.conf.

>Fix:


--- portaudit-db-patch begins here ---
diff -rNU 13 portaudit-db/files/packaudit.sh portaudit-db-mod/files/packaudit.sh
--- portaudit-db/files/packaudit.sh	2007-02-19 23:37:15.000000000 +1100
+++ portaudit-db-mod/files/packaudit.sh	2009-06-11 17:48:20.000000000 +1000
@@ -34,54 +34,54 @@
 AWK=/usr/bin/awk
 BASENAME=/usr/bin/basename
 CAT=/bin/cat
 DATE=/bin/date
 ENV=/usr/bin/env
 MD5=/sbin/md5
 MKDIR="/bin/mkdir -p"
 MKTEMP=/usr/bin/mktemp
 RM=/bin/rm
 SED=/usr/bin/sed
 TAR=/usr/bin/tar
 XSLTPROC=%%LOCALBASE%%/bin/xsltproc
 
+[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
+
 PORTSDIR="${PORTSDIR:-%%PORTSDIR%%}"
 VUXMLDIR="${VUXMLDIR:-$PORTSDIR/security/vuxml}"
 PORTAUDITDBDIR="${PORTAUDITDBDIR:-$PORTSDIR/ports-mgmt/portaudit-db}"
 
 DATABASEDIR="${DATABASEDIR:-%%DATABASEDIR%%}"
 
 STYLESHEET="%%DATADIR%%/vuxml2portaudit.xslt"
 
 PUBLIC_HTML="${PUBLIC_HTML:-$HOME/public_html/portaudit}"
 HTMLSHEET="%%DATADIR%%/vuxml2html.xslt"
 BASEURL="${BASEURL:-http://www.freebsd.org/ports/portaudit/}"
 
 PORTAUDIT2VUXML="%%DATADIR%%/portaudit2vuxml.awk"
 
 [ -d "$DATABASEDIR" ] || $MKDIR "$DATABASEDIR"
 
 if [ ! -w "$DATABASEDIR" ]; then
     echo "$DATABASEDIR is not writable by you, exiting."
     exit 1
 fi
 
 TMPNAME=`$BASENAME "$0"`
 
 VULVER=`$SED -En -e '/^.*\\$FreeBSD\: [^$ ]+,v ([0-9]+(\.[0-9]+)+) [^$]+\\$.*$/{s//\1/p;q;}' "$VUXMLDIR/vuln.xml"`
 VULURL="http://cvsweb.freebsd.org/ports/security/vuxml/vuln.xml?rev=$VULVER"
 
-[ -r "%%PREFIX%%/etc/packaudit.conf" ] && . "%%PREFIX%%/etc/packaudit.conf"
-
 if [ -d "$PUBLIC_HTML" -a -w "$PUBLIC_HTML" ]; then
   VULNMD5=`$CAT "$VUXMLDIR/vuln.xml" "$PORTAUDITDBDIR/database/portaudit.xml" "$PORTAUDITDBDIR/database/portaudit.txt" | $MD5`
   if [ -f "$PUBLIC_HTML/portaudit.md5" ]; then
     VULNMD5_OLD=`$CAT "$PUBLIC_HTML/portaudit.md5"`
   fi
   if [ "$VULNMD5" != "$VULNMD5_OLD" ]; then
     echo -n "$VULNMD5" > "$PUBLIC_HTML/portaudit.md5"
     TMPXML=`$MKTEMP -t "$TMPNAME.$$"` || exit 1
     $PORTAUDIT2VUXML "$PORTAUDITDBDIR/database/portaudit.txt" "$PORTAUDITDBDIR/database/portaudit.xml" > "$TMPXML"
     $XSLTPROC $XSLTPROC_EXTRA_ARGS --stringparam vulurl "$VULURL" --stringparam extradoc "$TMPXML" \
       -o "$PUBLIC_HTML/" "$HTMLSHEET" "$VUXMLDIR/vuln.xml"
     $RM "$TMPXML"
   fi
--- portaudit-db-patch ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200906111050.n5BAoxd5070196>