CVS commit: src

Tue, 30 Apr 2013 22:36:38 -0700 

Module Name:    src
Committed By:   agc
Date:           Wed May  1 05:36:25 UTC 2013

Modified Files:
        src/distrib/sets/lists/etc: mi
        src/etc: daily security
        src/etc/defaults: Makefile security.conf
Added Files:
        src/etc: pkgpath.conf
        src/etc/defaults: pkgpath.conf

Log Message:
Fix for problematic paths in /etc/daily and /etc/security reported in
PR/47645.

Add a separate file which contains the paths for the pkg_admin and
pkg_info utilities. This is called /etc/pkgpath.conf (to distinguish it
from pkg.conf).

Thanks also to Edgar Fuss for the sanity check.


To generate a diff of this commit:
cvs rdiff -u -r1.230 -r1.231 src/distrib/sets/lists/etc/mi
cvs rdiff -u -r1.88 -r1.89 src/etc/daily
cvs rdiff -u -r0 -r1.1 src/etc/pkgpath.conf
cvs rdiff -u -r1.111 -r1.112 src/etc/security
cvs rdiff -u -r1.5 -r1.6 src/etc/defaults/Makefile
cvs rdiff -u -r0 -r1.1 src/etc/defaults/pkgpath.conf
cvs rdiff -u -r1.24 -r1.25 src/etc/defaults/security.conf

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.


Modified files:

Index: src/distrib/sets/lists/etc/mi
diff -u src/distrib/sets/lists/etc/mi:1.230 src/distrib/sets/lists/etc/mi:1.231
--- src/distrib/sets/lists/etc/mi:1.230	Thu Apr 25 17:10:50 2013
+++ src/distrib/sets/lists/etc/mi	Wed May  1 05:36:25 2013
@@ -1,4 +1,4 @@
-# $NetBSD: mi,v 1.230 2013/04/25 17:10:50 christos Exp $
+# $NetBSD: mi,v 1.231 2013/05/01 05:36:25 agc Exp $
 #
 # Note: end-user configuration files that are moved to another location
 #	should not be marked "obsolete"; they should just be removed from
@@ -40,6 +40,7 @@
 ./etc/defaults/daily.conf			etc-sys-defaults
 ./etc/defaults/monthly.conf			etc-sys-defaults
 ./etc/defaults/pf.boot.conf			etc-pf-defaults		pf
+./etc/defaults/pkgpath.conf			etc-sys-defaults
 ./etc/defaults/rc.conf				etc-sys-defaults
 ./etc/defaults/security.conf			etc-sys-defaults
 ./etc/defaults/weekly.conf			etc-sys-defaults
@@ -133,6 +134,7 @@
 ./etc/pf.conf					etc-pf-etc		pf
 ./etc/pf.os					etc-pf-etc		pf
 ./etc/phones					etc-sys-etc
+./etc/pkgpath.conf				etc-sys-etc
 ./etc/postfix/README				etc-postfix-etc		postfix
 ./etc/postfix/main.cf				etc-postfix-etc		postfix
 ./etc/postfix/master.cf				etc-postfix-etc		postfix

Index: src/etc/daily
diff -u src/etc/daily:1.88 src/etc/daily:1.89
--- src/etc/daily:1.88	Fri Mar  8 14:32:12 2013
+++ src/etc/daily	Wed May  1 05:36:25 2013
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$NetBSD: daily,v 1.88 2013/03/08 14:32:12 christos Exp $
+#	$NetBSD: daily,v 1.89 2013/05/01 05:36:25 agc Exp $
 #	@(#)daily	8.2 (Berkeley) 1/25/94
 #
 
@@ -10,6 +10,9 @@ umask 077
 if [ -s /etc/daily.conf ]; then
 	. /etc/daily.conf
 fi
+if [ -s /etc/pkgpath.conf ]; then
+	. /etc/pkgpath.conf
+fi
 
 host="$(hostname)"
 date="$(date)"
@@ -257,7 +260,7 @@ if checkyesno run_rdist && [ -f /etc/Dis
 	fi
 fi
 
-if pkg_info ${_compat_K_flag} -q -E '*'; then
+if ${pkg_info} ${_compat_K_flag} -q -E '*'; then
 	if [ -z "$fetch_pkg_vulnerabilities" ]; then
 		echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)."
 		echo "You should set it to YES to enable vulnerability checks"
@@ -265,7 +268,7 @@ if pkg_info ${_compat_K_flag} -q -E '*';
 	elif checkyesno fetch_pkg_vulnerabilities; then
 		echo ""
 		echo "Fetching package vulnerabilities database:"
-		( umask 022 && pkg_admin ${_compat_K_flag} \
+		( umask 022 && ${pkg_admin} ${_compat_K_flag} \
 		    fetch-pkg-vulnerabilities -u )
 	fi
 fi

Index: src/etc/security
diff -u src/etc/security:1.111 src/etc/security:1.112
--- src/etc/security:1.111	Thu Apr  5 09:09:27 2012
+++ src/etc/security	Wed May  1 05:36:25 2013
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$NetBSD: security,v 1.111 2012/04/05 09:09:27 spz Exp $
+#	$NetBSD: security,v 1.112 2013/05/01 05:36:25 agc Exp $
 #	from: @(#)security	8.1 (Berkeley) 6/9/93
 #
 
@@ -21,6 +21,9 @@ TZ=UTC; export TZ
 if [ -s /etc/security.conf ]; then
 	. /etc/security.conf
 fi
+if [ -s /etc/pkgpath.conf ]; then
+	. /etc/pkgpath.conf
+fi
 
 # Set reasonable defaults (if they're not set in security.conf)
 #
@@ -926,7 +929,7 @@ fi
 if checkyesno check_pkgs && have_pkgs; then
 	pkgs=$work_dir/pkgs
 	migrate_file "$backup_dir/pkgs" "$pkgs"
-	pkg_dbdir=$(pkg_admin config-var PKG_DBDIR)
+	pkg_dbdir=$(${pkg_admin} config-var PKG_DBDIR)
 	: ${pkg_dbdir:=/var/db/pkg}
 	(	cd $pkg_dbdir
 		$pkg_info | sort
@@ -1009,7 +1012,7 @@ fi
 
 if have_pkgs; then
 	if checkyesno check_pkg_vulnerabilities; then
-		pkg_admin ${_compat_K_flag} audit >${OUTPUT} 2>&1
+		${pkg_admin} ${_compat_K_flag} audit >${OUTPUT} 2>&1
 		if [ -s ${OUTPUT} ]; then
 			printf "\nInstalled vulnerable packages:\n"
 			cat ${OUTPUT}
@@ -1017,7 +1020,7 @@ if have_pkgs; then
 	fi
 
 	if checkyesno check_pkg_signatures; then
-		pkg_admin ${_compat_K_flag} check >${OUTPUT} 2>&1
+		${pkg_admin} ${_compat_K_flag} check >${OUTPUT} 2>&1
 		if [ $? -ne 0 ]; then
 			printf "\nFiles with invalid signatures:\n"
 			cat ${OUTPUT}

Index: src/etc/defaults/Makefile
diff -u src/etc/defaults/Makefile:1.5 src/etc/defaults/Makefile:1.6
--- src/etc/defaults/Makefile:1.5	Mon Aug 22 20:48:38 2011
+++ src/etc/defaults/Makefile	Wed May  1 05:36:25 2013
@@ -1,8 +1,8 @@
-#	$NetBSD: Makefile,v 1.5 2011/08/22 20:48:38 jym Exp $
+#	$NetBSD: Makefile,v 1.6 2013/05/01 05:36:25 agc Exp $
 
 .include <bsd.own.mk>
 
-CONFIGFILES=	daily.conf monthly.conf security.conf weekly.conf
+CONFIGFILES=	daily.conf monthly.conf pkgpath.conf security.conf weekly.conf
 FILESDIR=	/etc/defaults
 FILESMODE=	${NONBINMODE}
 

Index: src/etc/defaults/security.conf
diff -u src/etc/defaults/security.conf:1.24 src/etc/defaults/security.conf:1.25
--- src/etc/defaults/security.conf:1.24	Thu Apr  5 09:09:27 2012
+++ src/etc/defaults/security.conf	Wed May  1 05:36:25 2013
@@ -1,4 +1,4 @@
-#	$NetBSD: security.conf,v 1.24 2012/04/05 09:09:27 spz Exp $
+#	$NetBSD: security.conf,v 1.25 2013/05/01 05:36:25 agc Exp $
 #
 # /etc/defaults/security.conf --
 #	default configuration of /etc/security.conf
@@ -30,7 +30,6 @@ check_pkg_signatures=YES
 backup_dir=/var/backups
 backup_uses_rcs=YES
 diff_options=-u
-pkg_info=/usr/sbin/pkg_info
 
 check_homes_permit_usergroups=NO
 

Added files:

Index: src/etc/pkgpath.conf
diff -u /dev/null src/etc/pkgpath.conf:1.1
--- /dev/null	Wed May  1 05:36:26 2013
+++ src/etc/pkgpath.conf	Wed May  1 05:36:25 2013
@@ -0,0 +1,10 @@
+#	$NetBSD: pkgpath.conf,v 1.1 2013/05/01 05:36:25 agc Exp $
+#
+# packaging tools configuration
+
+if [ -r /etc/defaults/pkgpath.conf ]; then
+	. /etc/defaults/pkgpath.conf
+fi
+
+# Add local overrides below
+#

Index: src/etc/defaults/pkgpath.conf
diff -u /dev/null src/etc/defaults/pkgpath.conf:1.1
--- /dev/null	Wed May  1 05:36:26 2013
+++ src/etc/defaults/pkgpath.conf	Wed May  1 05:36:25 2013
@@ -0,0 +1,13 @@
+#	$NetBSD: pkgpath.conf,v 1.1 2013/05/01 05:36:25 agc Exp $
+#
+# /etc/defaults/pkgpath.conf --
+#	default configuration of /etc/pkgpath.conf
+#
+# packaging tools configuration
+#
+# DO NOT EDIT THIS FILE DIRECTLY; IT MAY BE REPLACED DURING A SYSTEM UPGRADE.
+# EDIT /etc/pkgpath.conf INSTEAD.
+#
+
+pkg_admin=/usr/sbin/pkg_admin
+pkg_info=/usr/sbin/pkg_info

Reply via email to