Mel, Mon, Oct 06, 2008 at 01:07:51PM +0200, Mel wrote: > On Monday 06 October 2008 12:28:48 Eygene Ryabinkin wrote: > Once you have the origin of the port, you can: > - make -C $PORTSDIR/$origin -V PKGNAME > - get the matching origin(s) out of ${INDEXDIR}/${INDEXFILE} > - get the matching origin(s) out of a downloaded INDEX.bz2 > > This covers the majority of cases. > > What portaudit lacks, is providing the origin along with the installed package > name in easily parseable format. So, a central server wanting to query all > the machines for vulnerable packages, now has to do an extra step of going > into $PKG_DBDIR/$pkgname/+CONTENTS and getting the @comment ORIGIN: line, > while (port|pkg_)audit has just been there. > > This would be something I'd expect: > ssh clientmachine "/usr/sbin/pkg_audit -l" > foo-1.2,3:misc/foo > bar-4.5_6:devel/bar > ...
OK, got it. There is one neat: pkg_audit should be feeded with the contents of the auditfile and the latter is located in the tar archive. So, if you wouldn't mind about the following sequence ----- tar xf /var/db/portaudit/auditfile.tbz pkg_audit < auditfile | portaudit-checknew -o | cut -d '|' -f1,4,5 ----- then I can add the flag '-o' to the portaudit-checknew: it will additionally output the port origin along with the new version. Is that what you meant? -- Eygene _ ___ _.--. # \`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard / ' ` , __.--' # to read the on-line manual )/' _/ \ `-_, / # while single-stepping the kernel. `-'" `"\_ ,_.-;_.-\_ ', fsc/as # _.-'_./ {_.' ; / # -- FreeBSD Developers handbook {_.-``-' {_/ #
pgpnTKHygtKTG.pgp
Description: PGP signature