Date: Wed, 30 Jul 2014 16:06:50 +0100 From: Matthew Seaman <matthew@freebsd.org> To: freebsd-questions@freebsd.org Subject: Re: pkg audit not working like portaudit Message-ID: <53D90A0A.3080103@freebsd.org> In-Reply-To: <CACcSE1y0bt27o36yvFXRPXviZ9BS6d7eKN6%2B4mP8C-aXQZVJvA@mail.gmail.com> References: <CACcSE1y0bt27o36yvFXRPXviZ9BS6d7eKN6%2B4mP8C-aXQZVJvA@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On 07/30/14 15:22, Aleksandr Miroslav wrote: > I used to be able to do something like this with portaudit in my cron jobs: > > portaudit > /dev/null || portaudit |mailx -s portaudit root > > i.e. portaudit returned a non-zero value when there were vulnerabilities. > > I expected "pkg audit" to do the same, but apparently it always > returns zero. Is there some way to get the old portaudit behavior or > do I have to write a script to parse the output? Not indicating the presence of vulnerabilities in the return code of 'pkg audit' is certainly worth opening an issue at https://github.com/freebsd/pkg/issues However, try using: pkg audit -q which should not print anything unless it does find vulnerabilities, so by the usual cron logic, you'll only get an email when there's a problem. There's also /usr/local/etc/periodic/security/410.pkg-audit which you can enable as a normal periodic(8) job. Cheers, Matthew [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iQJ8BAEBCgBmBQJT2QoUXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQxOUYxNTRFQ0JGMTEyRTUwNTQ0RTNGMzAw MDUxM0YxMEUwQTlFNEU3AAoJEABRPxDgqeTnwAkP/RTggcmqF4mDBYpzOU+OUiWb q/OjIK9hmAi/aX1FZ57ot1vhCpn9tZyRQ5sxy6YQZMhRVn5agrAzKg2/tWMf/Atp qeX64HUlU8zPVbjk9tOOTKPomHAqy0pYmUAJGlm9ZnJ4w30o/SX/8abTT/s/6L8q KEP01rm9BgRTJB3verqAOtGOLC94YGIlVHtNfX1Ox9i1Z/yk3Qe2SHS6S6X7NuRG VkGcYhFRASCfTz1fCC1RgHtIv8FupLuemZU83JevugylZ/IHMpyFgGMFjvVr2F0t rDBopMFIw1aoK7GayuwK8uybgbRVMLsH5qJQjK5jzxtWasRv/TT1wuwLKcSHRRA3 p0hHtaBRO8o109J4TMX3gFKZ0d1d+81+Oiv+ItFPoma6KcA9nD4et8dqR+VvB4Gj 8LGwx6/jdEVLjGHZfehHZ6l6nxGFvjOwex0hfjKwdBsTLWiPMp6X6d04P/uJzFCK paRY4jfvZXH4ivho1txuS+X29ir9JgTgCa8crmCGvWT0vmNsjg6XGK7ImNeseyLT mGT2Pwnw1oEiNbjtmoJzC3hyeLXlbVb0ICND9VVbfRUU6x2UWTGK3gmc5xUJKeK2 VynQ4sMG9lwmg16BBvB61vpGLpr0u2gJEjfgBrBiahQd5B+TiMky04Nb4+w9+Oei AtRirRdxUKIjTR51E53j =u5d7 -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?53D90A0A.3080103>