Module Name: src
Committed By: jmmv
Date: Fri Feb 5 16:29:02 UTC 2010
Modified Files:
src/etc: daily security
src/etc/defaults: daily.conf security.conf
Log Message:
Deprecate the pkgdb_dir settings from daily.conf and security.conf in
favor of the PKG_DBDIR variable in /etc/pkg_install.conf. The purpose
of this is to only have to define the location of the packages database
in a single place and have all other system components pick it up.
pkgdb_dir is still honored if defined and the scripts will spit out a
warning in that case, asking the administrator to migrate to the
PKG_DBDIR setting. We can't remove this compatibility workaround until,
at least, after NetBSD 6 is released.
To generate a diff of this commit:
cvs rdiff -u -r1.75 -r1.76 src/etc/daily
cvs rdiff -u -r1.107 -r1.108 src/etc/security
cvs rdiff -u -r1.13 -r1.14 src/etc/defaults/daily.conf
cvs rdiff -u -r1.22 -r1.23 src/etc/defaults/security.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
Modified files:
Index: src/etc/daily
diff -u src/etc/daily:1.75 src/etc/daily:1.76
--- src/etc/daily:1.75 Wed Jan 27 16:22:41 2010
+++ src/etc/daily Fri Feb 5 16:29:02 2010
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $NetBSD: daily,v 1.75 2010/01/27 16:22:41 jmmv Exp $
+# $NetBSD: daily,v 1.76 2010/02/05 16:29:02 jmmv Exp $
# @(#)daily 8.2 (Berkeley) 1/25/94
#
@@ -30,6 +30,12 @@
MAILTO=root
fi
+if [ -n "${pkgdb_dir}" ]; then
+ echo "WARNING: Setting pkgdb_dir in daily.conf(5) is deprecated"
+ echo "WARNING: Please define PKG_DBDIR in pkg_install.conf(5) instead"
+ _compat_K_flag="-K ${pkgdb_dir}"
+fi
+
echo ""
echo "Uptime: " `uptime`
@@ -242,13 +248,11 @@
fi
fi
-: ${pkgdb_dir:=/var/db/pkg}
-
-if pkg_info -K ${pkgdb_dir} -q -E '*'; then
+if pkg_info ${_compat_K_flag} -q -E '*'; then
echo ""
echo "Fetching package vulnerabilities database:"
if checkyesno fetch_pkg_vulnerabilities; then
- ( umask 022 && pkg_admin -K ${pkgdb_dir} \
+ ( umask 022 && pkg_admin ${_compat_K_flag} \
fetch-pkg-vulnerabilities -u )
else
echo "fetch_pkg_vulnerabilities is set to NO in daily.conf(5)."
Index: src/etc/security
diff -u src/etc/security:1.107 src/etc/security:1.108
--- src/etc/security:1.107 Tue Jan 19 22:08:11 2010
+++ src/etc/security Fri Feb 5 16:29:02 2010
@@ -1,6 +1,6 @@
#!/bin/sh -
#
-# $NetBSD: security,v 1.107 2010/01/19 22:08:11 jmmv Exp $
+# $NetBSD: security,v 1.108 2010/02/05 16:29:02 jmmv Exp $
# from: @(#)security 8.1 (Berkeley) 6/9/93
#
@@ -25,7 +25,6 @@
# Set reasonable defaults (if they're not set in security.conf)
#
backup_dir=${backup_dir:-/var/backups}
-pkgdb_dir=${pkgdb_dir:-/var/db/pkg} # TODO Inherit from daily.conf.
max_loginlen=${max_loginlen:-8}
max_grouplen=${max_grouplen:-8}
pkg_info=${pkg_info:-/usr/sbin/pkg_info}
@@ -63,6 +62,16 @@
CHANGEFILES=changefiles.$$
SPECIALSPEC=specialspec.$$
+if [ -n "${pkgdb_dir}" ]; then
+ echo "WARNING: Setting pkgdb_dir in security.conf(5) is deprecated"
+ echo "WARNING: Please define PKG_DBDIR in pkg_install.conf(5) instead"
+ _compat_K_flag="-K ${pkgdb_dir}"
+fi
+
+have_pkgs() {
+ $pkg_info ${_compat_K_flag} -q -E '*'
+}
+
# migrate_file old new
# Determine if the "${old}" path name needs to be migrated to the
# "${new}" path. Also checks if "${old}.current" needs migrating,
@@ -910,10 +919,12 @@
# Check for changes in the list of installed pkgs
#
-if checkyesno check_pkgs && [ -d $pkgdb_dir ]; then
+if checkyesno check_pkgs && have_pkgs; then
pkgs=$work_dir/pkgs
migrate_file "$backup_dir/pkgs" "$pkgs"
- ( cd $pkgdb_dir
+ pkg_dbdir=$(pkg_admin config-var PKG_DBDIR)
+ : ${pkg_dbdir:=/var/db/pkg}
+ ( cd $pkg_dbdir
$pkg_info | sort
echo ""
find . \( -name +REQUIRED_BY -o -name +CONTENTS \) -print0 |
@@ -992,9 +1003,9 @@
done
fi
-if pkg_info -K ${pkgdb_dir} -q -E '*'; then
+if have_pkgs; then
if checkyesno check_pkg_vulnerabilities; then
- pkg_admin -K ${pkgdb_dir} audit >${OUTPUT} 2>&1
+ pkg_admin ${_compat_K_flag} audit >${OUTPUT} 2>&1
if [ -s ${OUTPUT} ]; then
printf "\nInstalled vulnerable packages:\n"
cat ${OUTPUT}
@@ -1002,7 +1013,7 @@
fi
if checkyesno check_pkg_signatures; then
- pkg_admin -K ${pkgdb_dir} check >${OUTPUT} 2>&1
+ pkg_admin ${_compat_K_flag} check >${OUTPUT} 2>&1
if [ $? -ne 0 ]; then
printf "\nFiles with invalid signatures:\n"
cat ${OUTPUT}
Index: src/etc/defaults/daily.conf
diff -u src/etc/defaults/daily.conf:1.13 src/etc/defaults/daily.conf:1.14
--- src/etc/defaults/daily.conf:1.13 Wed Jan 20 22:19:20 2010
+++ src/etc/defaults/daily.conf Fri Feb 5 16:29:02 2010
@@ -1,4 +1,4 @@
-# $NetBSD: daily.conf,v 1.13 2010/01/20 22:19:20 jmmv Exp $
+# $NetBSD: daily.conf,v 1.14 2010/02/05 16:29:02 jmmv Exp $
#
# /etc/defaults/daily.conf --
# default configuration of /etc/daily.conf
@@ -28,7 +28,6 @@
run_rdist=YES
run_security=YES
run_skeyaudit=YES
-pkgdb_dir=/var/db/pkg
fetch_pkg_vulnerabilities=NO
send_empty_security=NO
Index: src/etc/defaults/security.conf
diff -u src/etc/defaults/security.conf:1.22 src/etc/defaults/security.conf:1.23
--- src/etc/defaults/security.conf:1.22 Tue Jan 19 22:08:11 2010
+++ src/etc/defaults/security.conf Fri Feb 5 16:29:02 2010
@@ -1,4 +1,4 @@
-# $NetBSD: security.conf,v 1.22 2010/01/19 22:08:11 jmmv Exp $
+# $NetBSD: security.conf,v 1.23 2010/02/05 16:29:02 jmmv Exp $
#
# /etc/defaults/security.conf --
# default configuration of /etc/security.conf
@@ -30,7 +30,6 @@
backup_dir=/var/backups
backup_uses_rcs=YES
diff_options=-u
-pkgdb_dir=/var/db/pkg
pkg_info=/usr/sbin/pkg_info
check_homes_permit_usergroups=NO