Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merge pkg_install-20090201 and update build system.

Browse Source
This commit is contained in:
joerg 2009-02-02 20:47:19 +00:00
parent d66ee6c3fd
commit bb314659c8
35 changed files with 53 additions and 5756 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
distrib/sets/lists/base/mi
View File

@ -1,4 +1,4 @@
# $NetBSD: mi,v 1.794 2009/01/30 23:12:16 ghen Exp $
# $NetBSD: mi,v 1.795 2009/02/02 20:47:19 joerg Exp $
#
# Note: Don't delete entries from here - mark them as "obsolete" instead,
# unless otherwise stated below.
@ -1433,7 +1433,7 @@
./usr/sbin/kvm_mkdb base-obsolete obsolete
./usr/sbin/lastlogin base-sysutil-bin
./usr/sbin/link base-sysutil-bin
./usr/sbin/linkfarm base-pkgutil-bin
./usr/sbin/linkfarm base-obsolete obsolete
./usr/sbin/lmcconfig base-netutil-bin
./usr/sbin/lmtp base-obsolete obsolete
./usr/sbin/lockstat base-sysutil-bin
@ -1512,7 +1512,7 @@
./usr/sbin/pkg_create base-pkgutil-bin
./usr/sbin/pkg_delete base-pkgutil-bin
./usr/sbin/pkg_info base-pkgutil-bin
./usr/sbin/pkg_view base-pkgutil-bin
./usr/sbin/pkg_view base-obsolete obsolete
./usr/sbin/portmap base-obsolete obsolete
./usr/sbin/postalias base-postfix-bin postfix
./usr/sbin/postcat base-postfix-bin postfix

4
distrib/sets/lists/comp/mi
View File

@ -1,4 +1,4 @@
# $NetBSD: mi,v 1.1229 2009/01/31 00:50:13 agc Exp $
# $NetBSD: mi,v 1.1230 2009/02/02 20:47:19 joerg Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@ -3251,7 +3251,7 @@
./usr/libdata/debug/usr/sbin/amd.debug comp-amd-debug debug
./usr/libdata/debug/usr/sbin/amq.debug comp-amd-debug debug
./usr/libdata/debug/usr/sbin/arp.debug comp-netutil-debug debug
./usr/libdata/debug/usr/sbin/audit-packages.debug comp-pkgutil-debug debug
./usr/libdata/debug/usr/sbin/audit-packages.debug comp-obsolete obsolete
./usr/libdata/debug/usr/sbin/authpf.debug comp-pf-debug pf,debug
./usr/libdata/debug/usr/sbin/bootpd.debug comp-bootserver-debug debug
./usr/libdata/debug/usr/sbin/bootpef.debug comp-bootserver-debug debug

4
distrib/sets/lists/etc/mi
View File

@ -1,4 +1,4 @@
# $NetBSD: mi,v 1.206 2009/01/16 01:58:32 haad Exp $
# $NetBSD: mi,v 1.207 2009/02/02 20:47:20 joerg Exp $
#
# Note: end-user configuration files that are moved to another location
# should not be marked "obsolete"; they should just be removed from
@ -15,7 +15,7 @@
./dev/MAKEDEV.subr etc-obsolete obsolete
./etc/atf/NetBSD.conf etc-atf-etc
./etc/atf/atf-run.hooks etc-atf-etc
./etc/audit-packages.conf etc-util-etc
./etc/audit-packages.conf etc-obsolete obsolete
./etc/bootptab etc-bootserver-etc
./etc/changelist etc-sys-etc
./etc/csh.cshrc etc-util-etc

32
distrib/sets/lists/man/mi
View File

@ -1,4 +1,4 @@
# $NetBSD: mi,v 1.1120 2009/01/30 04:14:20 agc Exp $
# $NetBSD: mi,v 1.1121 2009/02/02 20:47:20 joerg Exp $
#
# Note: don't delete entries from here - mark them as "obsolete" instead.
#
@ -64,7 +64,7 @@
./usr/share/man/cat1/audioctl.0 man-audio-catman .cat
./usr/share/man/cat1/audioplay.0 man-audio-catman .cat
./usr/share/man/cat1/audiorecord.0 man-audio-catman .cat
./usr/share/man/cat1/audit-packages.0 man-pkgutil-catman .cat
./usr/share/man/cat1/audit-packages.0 man-obsolete obsolete
./usr/share/man/cat1/awk.0 man-util-catman .cat
./usr/share/man/cat1/banner.0 man-util-catman .cat
./usr/share/man/cat1/basename.0 man-util-catman .cat
@ -130,7 +130,7 @@
./usr/share/man/cat1/dnskeygen.0 man-obsolete obsolete
./usr/share/man/cat1/dnsquery.0 man-obsolete obsolete
./usr/share/man/cat1/domainname.0 man-nis-catman .cat
./usr/share/man/cat1/download-vulnerability-list.0 man-pkgutil-catman .cat
./usr/share/man/cat1/download-vulnerability-list.0 man-obsolete obsolete
./usr/share/man/cat1/dtmfdecode.0 man-isdn-catman .cat
./usr/share/man/cat1/du.0 man-util-catman .cat
./usr/share/man/cat1/echo.0 man-util-catman .cat
@ -240,7 +240,7 @@
./usr/share/man/cat1/less.0 man-util-catman .cat
./usr/share/man/cat1/lesskey.0 man-util-catman .cat
./usr/share/man/cat1/limit.0 man-util-catman .cat
./usr/share/man/cat1/linkfarm.0 man-pkgutil-catman .cat
./usr/share/man/cat1/linkfarm.0 man-obsolete obsolete
./usr/share/man/cat1/ln.0 man-util-catman .cat
./usr/share/man/cat1/locale.0 man-util-catman .cat
./usr/share/man/cat1/locate.0 man-util-catman .cat
@ -367,7 +367,7 @@
./usr/share/man/cat1/pkg_create.0 man-pkgutil-catman .cat
./usr/share/man/cat1/pkg_delete.0 man-pkgutil-catman .cat
./usr/share/man/cat1/pkg_info.0 man-pkgutil-catman .cat
./usr/share/man/cat1/pkg_view.0 man-pkgutil-catman .cat
./usr/share/man/cat1/pkg_view.0 man-obsolete obsolete
./usr/share/man/cat1/pkill.0 man-util-catman .cat
./usr/share/man/cat1/pmap.0 man-util-catman .cat
./usr/share/man/cat1/pmc.0 man-util-catman .cat
@ -1685,7 +1685,7 @@
./usr/share/man/cat5/amd.conf.0 man-amd-catman .cat
./usr/share/man/cat5/ar.0 man-sys-catman .cat
./usr/share/man/cat5/atf-formats.0 man-atf-catman .cat
./usr/share/man/cat5/audit-packages.conf.0 man-pkgutil-catman .cat
./usr/share/man/cat5/audit-packages.conf.0 man-obsolete obsolete
./usr/share/man/cat5/bluetooth.conf.0 man-obsolete obsolete
./usr/share/man/cat5/body_checks.0 man-postfix-catman postfix,.cat
./usr/share/man/cat5/boot.cfg.0 man-sys-catman .cat
@ -2725,7 +2725,7 @@
./usr/share/man/html1/audioctl.html man-audio-htmlman html
./usr/share/man/html1/audioplay.html man-audio-htmlman html
./usr/share/man/html1/audiorecord.html man-audio-htmlman html
./usr/share/man/html1/audit-packages.html man-pkgutil-htmlman html
./usr/share/man/html1/audit-packages.html man-obsolete obsolete
./usr/share/man/html1/awk.html man-util-htmlman html
./usr/share/man/html1/banner.html man-util-htmlman html
./usr/share/man/html1/basename.html man-util-htmlman html
@ -2789,7 +2789,7 @@
./usr/share/man/html1/dirname.html man-util-htmlman html
./usr/share/man/html1/dirs.html man-util-htmlman html
./usr/share/man/html1/domainname.html man-nis-htmlman html
./usr/share/man/html1/download-vulnerability-list.html man-pkgutil-htmlman html
./usr/share/man/html1/download-vulnerability-list.html man-obsolete obsolete
./usr/share/man/html1/dtmfdecode.html man-isdn-htmlman html
./usr/share/man/html1/du.html man-util-htmlman html
./usr/share/man/html1/echo.html man-util-htmlman html
@ -2886,7 +2886,7 @@
./usr/share/man/html1/less.html man-util-htmlman html
./usr/share/man/html1/lesskey.html man-util-htmlman html
./usr/share/man/html1/limit.html man-util-htmlman html
./usr/share/man/html1/linkfarm.html man-pkgutil-htmlman html
./usr/share/man/html1/linkfarm.html man-obsolete obsolete
./usr/share/man/html1/ln.html man-util-htmlman html
./usr/share/man/html1/locale.html man-util-htmlman html
./usr/share/man/html1/locate.html man-util-htmlman html
@ -3010,7 +3010,7 @@
./usr/share/man/html1/pkg_create.html man-pkgutil-htmlman html
./usr/share/man/html1/pkg_delete.html man-pkgutil-htmlman html
./usr/share/man/html1/pkg_info.html man-pkgutil-htmlman html
./usr/share/man/html1/pkg_view.html man-pkgutil-htmlman html
./usr/share/man/html1/pkg_view.html man-obsolete obsolete
./usr/share/man/html1/pkill.html man-util-htmlman html
./usr/share/man/html1/pmap.html man-util-htmlman html
./usr/share/man/html1/pmc.html man-util-htmlman html
@ -4185,7 +4185,7 @@
./usr/share/man/html5/amd.conf.html man-amd-htmlman html
./usr/share/man/html5/ar.html man-sys-htmlman html
./usr/share/man/html5/atf-formats.html man-atf-htmlman html
./usr/share/man/html5/audit-packages.conf.html man-pkgutil-htmlman html
./usr/share/man/html5/audit-packages.conf.html man-obsolete obsolete
./usr/share/man/html5/body_checks.html man-postfix-htmlman postfix,html
./usr/share/man/html5/boot.cfg.html man-sys-htmlman html
./usr/share/man/html5/bootparams.html man-bootserver-htmlman html
@ -5002,7 +5002,7 @@
./usr/share/man/man1/audioctl.1 man-audio-man .man
./usr/share/man/man1/audioplay.1 man-audio-man .man
./usr/share/man/man1/audiorecord.1 man-audio-man .man
./usr/share/man/man1/audit-packages.1 man-pkgutil-man .man
./usr/share/man/man1/audit-packages.1 man-obsolete obsolete
./usr/share/man/man1/awk.1 man-util-man .man
./usr/share/man/man1/banner.1 man-util-man .man
./usr/share/man/man1/basename.1 man-util-man .man
@ -5068,7 +5068,7 @@
./usr/share/man/man1/dnskeygen.1 man-obsolete obsolete
./usr/share/man/man1/dnsquery.1 man-obsolete obsolete
./usr/share/man/man1/domainname.1 man-nis-man .man
./usr/share/man/man1/download-vulnerability-list.1 man-pkgutil-man .man
./usr/share/man/man1/download-vulnerability-list.1 man-obsolete obsolete
./usr/share/man/man1/dtmfdecode.1 man-isdn-man .man
./usr/share/man/man1/du.1 man-util-man .man
./usr/share/man/man1/echo.1 man-util-man .man
@ -5178,7 +5178,7 @@
./usr/share/man/man1/less.1 man-util-man .man
./usr/share/man/man1/lesskey.1 man-util-man .man
./usr/share/man/man1/limit.1 man-util-man .man
./usr/share/man/man1/linkfarm.1 man-pkgutil-man .man
./usr/share/man/man1/linkfarm.1 man-obsolete obsolete
./usr/share/man/man1/ln.1 man-util-man .man
./usr/share/man/man1/locale.1 man-util-man .man
./usr/share/man/man1/locate.1 man-util-man .man
@ -5305,7 +5305,7 @@
./usr/share/man/man1/pkg_create.1 man-pkgutil-man .man
./usr/share/man/man1/pkg_delete.1 man-pkgutil-man .man
./usr/share/man/man1/pkg_info.1 man-pkgutil-man .man
./usr/share/man/man1/pkg_view.1 man-pkgutil-man .man
./usr/share/man/man1/pkg_view.1 man-obsolete obsolete
./usr/share/man/man1/pkill.1 man-util-man .man
./usr/share/man/man1/pmap.1 man-util-man .man
./usr/share/man/man1/pmc.1 man-util-man .man
@ -6623,7 +6623,7 @@
./usr/share/man/man5/amd.conf.5 man-amd-man .man
./usr/share/man/man5/ar.5 man-sys-man .man
./usr/share/man/man5/atf-formats.5 man-atf-man .man
./usr/share/man/man5/audit-packages.conf.5 man-pkgutil-man .man
./usr/share/man/man5/audit-packages.conf.5 man-obsolete obsolete
./usr/share/man/man5/bluetooth.conf.5 man-obsolete obsolete
./usr/share/man/man5/body_checks.5 man-postfix-man postfix,.man
./usr/share/man/man5/boot.cfg.5 man-sys-man .man

4
external/bsd/pkg_install/Makefile.inc vendored
View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile.inc,v 1.1 2008/09/30 19:19:56 joerg Exp $
# $NetBSD: Makefile.inc,v 1.2 2009/02/02 20:47:20 joerg Exp $
DIST= ${NETBSDSRCDIR}/external/bsd/pkg_install/dist
@ -6,7 +6,7 @@ USE_FORT?=yes # network client
CPPFLAGS+=-I${DIST}/lib
CPPFLAGS+=-I${NETBSDSRCDIR}/external/bsd/pkg_install/lib
CPPFLAGS+=-DHAVE_CONFIG_H -DNETBSD
CPPFLAGS+=-DHAVE_CONFIG_H -DNETBSD -DHAVE_SSL
CPPFLAGS+=-DSYSCONFDIR='"/etc"'
WARNS= 2

340
external/bsd/pkg_install/dist/add/extract.c vendored
View File

@ -1,340 +0,0 @@
/* $NetBSD: extract.c,v 1.1.1.1 2008/09/30 19:00:25 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <nbcompat.h>
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
#if HAVE_SYS_QUEUE_H
#include <sys/queue.h>
#endif
#ifndef lint
#if 0
static const char *rcsid = "FreeBSD - Id: extract.c,v 1.17 1997/10/08 07:45:35 charnier Exp";
#else
__RCSID("$NetBSD: extract.c,v 1.1.1.1 2008/09/30 19:00:25 joerg Exp $");
#endif
#endif
/*
* FreeBSD install - a package for the installation and maintainance
* of non-core utilities.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Jordan K. Hubbard
* 18 July 1993
*
* This is the package extraction code for the add module.
*
*/
#if HAVE_ERR_H
#include <err.h>
#endif
#include "lib.h"
#include "add.h"
lfile_head_t files;
lfile_head_t perms;
/*
* Copy files from staging area to todir.
* This is only used when the files cannot be directory rename()ed.
*/
static void
pushout(char *todir)
{
pipe_to_system_t *pipe_to;
char *file_args[4];
char **perm_argv;
int perm_argc = 1;
lfile_t *lfp;
int count;
/* set up arguments to run "pax -r -w -p e" */
file_args[0] = (char *)strrchr(PAX_CMD, '/');
if (file_args[0] == NULL)
file_args[0] = PAX_CMD;
else
file_args[0]++;
file_args[1] = "-rwpe";
file_args[2] = todir;
file_args[3] = NULL;
/* count entries for files */
count = 0;
TAILQ_FOREACH(lfp, &files, lf_link)
count++;
if (count > 0) {
/* open pipe, feed it files, close pipe */
pipe_to = pipe_to_system_begin(PAX_CMD, file_args, NULL);
while ((lfp = TAILQ_FIRST(&files)) != NULL) {
fprintf(pipe_to->fp, "%s\n", lfp->lf_name);
TAILQ_REMOVE(&files, lfp, lf_link);
free(lfp);
}
pipe_to_system_end(pipe_to);
}
/* count entries for permissions */
count = 0;
TAILQ_FOREACH(lfp, &perms, lf_link)
count++;
if (count > 0) {
perm_argv = malloc((count + 1) * sizeof(char *));
perm_argc = 0;
TAILQ_FOREACH(lfp, &perms, lf_link)
perm_argv[perm_argc++] = lfp->lf_name;
perm_argv[perm_argc] = NULL;
apply_perms(todir, perm_argv, perm_argc);
/* empty the perm list */
while ((lfp = TAILQ_FIRST(&perms)) != NULL) {
TAILQ_REMOVE(&perms, lfp, lf_link);
free(lfp);
}
free(perm_argv);
}
}
static void
rollback(char *name, char *home, plist_t *start, plist_t *stop)
{
plist_t *q;
char try[MaxPathSize], bup[MaxPathSize], *dir;
dir = home;
for (q = start; q != stop; q = q->next) {
if (q->type == PLIST_FILE) {
(void) snprintf(try, sizeof(try), "%s/%s", dir, q->name);
if (make_preserve_name(bup, sizeof(bup), name, try) && fexists(bup)) {
#if HAVE_CHFLAGS
(void) chflags(try, 0);
#endif
(void) unlink(try);
if (rename(bup, try))
warnx("rollback: unable to rename %s back to %s", bup, try);
}
} else if (q->type == PLIST_CWD) {
if (strcmp(q->name, "."))
dir = q->name;
else
dir = home;
}
}
}
/*
* Return 0 on error, 1 for success.
*/
int
extract_plist(char *home, package_t *pkg)
{
plist_t *p = pkg->head;
char *last_file;
char *last_chdir;
Boolean preserve;
lfile_t *lfp;
TAILQ_INIT(&files);
TAILQ_INIT(&perms);
last_chdir = 0;
preserve = find_plist_option(pkg, "preserve") ? TRUE : FALSE;
/* Reset the world */
Owner = NULL;
Group = NULL;
Mode = NULL;
last_file = NULL;
Directory = home;
if (!NoRecord) {
/* Open Package Database for writing */
if (!pkgdb_open(ReadWrite)) {
cleanup(0);
err(EXIT_FAILURE, "can't open pkgdb");
}
}
/* Do it */
while (p) {
char cmd[MaxPathSize];
switch (p->type) {
case PLIST_NAME:
PkgName = p->name;
if (Verbose)
printf("extract: Package name is %s\n", p->name);
break;
case PLIST_FILE:
last_file = p->name;
if (Verbose)
printf("extract: %s/%s\n", Directory, p->name);
if (!Fake) {
char try[MaxPathSize];
if (strrchr(p->name, '\'')) {
cleanup(0);
errx(2, "Bogus filename \"%s\"", p->name);
}
/* first try to rename it into place */
(void) snprintf(try, sizeof(try), "%s/%s", Directory, p->name);
if (fexists(try)) {
#if HAVE_CHFLAGS
(void) chflags(try, 0); /* XXX hack - if truly immutable, rename fails */
#endif
if (preserve && PkgName) {
char pf[MaxPathSize];
if (make_preserve_name(pf, sizeof(pf), PkgName, try)) {
if (rename(try, pf)) {
warnx(
"unable to back up %s to %s, aborting pkg_add",
try, pf);
rollback(PkgName, home, pkg->head, p);
return 0;
}
}
}
}
if (rename(p->name, try) == 0) {
if (!NoRecord) {
/* note in pkgdb */
char *s, t[MaxPathSize];
int rc;
(void) snprintf(t, sizeof(t), "%s/%s", Directory, p->name);
s = pkgdb_retrieve(t);
#ifdef PKGDB_DEBUG
printf("pkgdb_retrieve(\"%s\")=\"%s\"\n", t, s); /* pkgdb-debug - HF */
#endif
if (s)
warnx("Overwriting %s - pkg %s bogus/conflicting?", t, s);
else {
rc = pkgdb_store(t, PkgName);
#ifdef PKGDB_DEBUG
printf("pkgdb_store(\"%s\", \"%s\") = %d\n", t, PkgName, rc); /* pkgdb-debug - HF */
#endif
}
}
/* try to add to list of perms to be changed and run in bulk. */
if (p->name[0] == '/')
pushout(Directory);
LFILE_ADD(&perms, lfp, p->name);
} else {
/* rename failed, try copying with a big tar command */
if (last_chdir != Directory) {
if (last_chdir != NULL)
pushout(last_chdir);
last_chdir = Directory;
} else if (p->name[0] == '/') {
pushout(Directory);
}
if (!NoRecord) {
/* note in pkgdb */
/* XXX would be better to store in PUSHOUT, but
* that would probably affect too much code I prefer
* not to touch - HF */
char *s, t[MaxPathSize];
int rc;
LFILE_ADD(&files, lfp, p->name);
LFILE_ADD(&perms, lfp, p->name);
if (p->name[0] == '/')
errx(EXIT_FAILURE, "File names must not be absolute (%s).", p->name);
else {
(void) snprintf(t, sizeof(t), "%s/%s", Directory, p->name);
}
s = pkgdb_retrieve(t);
#ifdef PKGDB_DEBUG
printf("pkgdb_retrieve(\"%s\")=\"%s\"\n", t, s); /* pkgdb-debug - HF */
#endif
if (s)
warnx("Overwriting %s - pkg %s bogus/conflicting?", t, s);
else {
rc = pkgdb_store(t, PkgName);
#ifdef PKGDB_DEBUG
printf("pkgdb_store(\"%s\", \"%s\") = %d\n", t, PkgName, rc); /* pkgdb-debug - HF */
#endif
}
}
}
}
break;
case PLIST_CWD:
if (Verbose)
printf("extract: CWD to %s\n", p->name);
pushout(Directory);
if (strcmp(p->name, ".")) {
if (!Fake && make_hierarchy(p->name) == FAIL) {
cleanup(0);
errx(2, "unable to make directory '%s'", p->name);
}
Directory = p->name;
} else
Directory = home;
break;
case PLIST_CMD:
format_cmd(cmd, sizeof(cmd), p->name, Directory, last_file);
pushout(Directory);
printf("Executing '%s'\n", cmd);
if (!Fake && system(cmd))
warnx("command '%s' failed", cmd);
break;
case PLIST_CHMOD:
pushout(Directory);
Mode = p->name;
break;
case PLIST_CHOWN:
pushout(Directory);
Owner = p->name;
break;
case PLIST_CHGRP:
pushout(Directory);
Group = p->name;
break;
case PLIST_COMMENT:
break;
case PLIST_IGNORE:
p = p->next;
break;
default:
break;
}
p = p->next;
}
pushout(Directory);
if (!NoRecord)
pkgdb_close();
return 1;
}

151
external/bsd/pkg_install/dist/add/futil.c vendored
View File

@ -1,151 +0,0 @@
/* $NetBSD: futil.c,v 1.1.1.1 2008/09/30 19:00:25 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <nbcompat.h>
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
#ifndef lint
#if 0
static const char *rcsid = "from FreeBSD Id: futil.c,v 1.7 1997/10/08 07:45:39 charnier Exp";
#else
__RCSID("$NetBSD: futil.c,v 1.1.1.1 2008/09/30 19:00:25 joerg Exp $");
#endif
#endif
/*
* FreeBSD install - a package for the installation and maintainance
* of non-core utilities.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Jordan K. Hubbard
* 18 July 1993
*
* Miscellaneous file access utilities.
*
*/
#if HAVE_ERR_H
#include <err.h>
#endif
#include "lib.h"
#include "add.h"
/*
* Assuming dir is a desired directory name, make it and all intervening
* directories necessary.
*/
int
make_hierarchy(char *dir)
{
char *cp1, *cp2;
char *argv[2];
argv[0] = dir;
argv[1] = NULL;
if (dir[0] == '/')
cp1 = cp2 = dir + 1;
else
cp1 = cp2 = dir;
while (cp2) {
if ((cp2 = strchr(cp1, '/')) != NULL)
*cp2 = '\0';
if (fexists(dir)) {
if (!(isdir(dir) || islinktodir(dir)))
return FAIL;
} else {
if (fexec("mkdir", dir, NULL))
return FAIL;
apply_perms(NULL, argv, 1);
}
/* Put it back */
if (cp2) {
*cp2 = '/';
cp1 = cp2 + 1;
}
}
return SUCCESS;
}
/*
* Using permission defaults, apply them as necessary
*/
void
apply_perms(char *dir, char **args, int nargs)
{
char *cd_to;
char owner_group[128];
const char **argv;
int i;
argv = malloc((nargs + 4) * sizeof(char *));
/*
* elements 0..2 are set later depending on Mode.
* args is a NULL terminated list of file names.
* by appending them to argv, argv becomes NULL terminated also.
*/
for (i = 0; i <= nargs; i++)
argv[i + 3] = args[i];
if (!dir || args[0][0] == '/') /* absolute path? */
cd_to = "/";
else
cd_to = dir;
if (Mode) {
argv[0] = CHMOD_CMD;
argv[1] = "-R";
argv[2] = Mode;
if (pfcexec(cd_to, argv[0], argv))
warnx("couldn't change modes of '%s' ... to '%s'",
args[0], Mode);
}
if (Owner != NULL && Group != NULL) {
if (snprintf(owner_group, sizeof(owner_group),
"%s:%s", Owner, Group) > sizeof(owner_group)) {
warnx("'%s:%s' is too long (%lu max)",
Owner, Group, (unsigned long) sizeof(owner_group));
free(argv);
return;
}
argv[0] = CHOWN_CMD;
argv[1] = "-R";
argv[2] = owner_group;
if (pfcexec(cd_to, argv[0], argv))
warnx("couldn't change owner/group of '%s' ... to '%s:%s'",
args[0], Owner, Group);
free(argv);
return;
}
if (Owner != NULL) {
argv[0] = CHOWN_CMD;
argv[1] = "-R";
argv[2] = Owner;
if (pfcexec(cd_to, argv[0], argv))
warnx("couldn't change owner of '%s' ... to '%s'",
args[0], Owner);
free(argv);
return;
}
if (Group != NULL) {
argv[0] = CHGRP_CMD;
argv[1] = "-R";
argv[2] = Group;
if (pfcexec(cd_to, argv[0], argv))
warnx("couldn't change group of '%s' ... to '%s'",
args[0], Group);
}
free(argv);
}

179
external/bsd/pkg_install/dist/add/verify.c vendored
View File

@ -1,179 +0,0 @@
/* $NetBSD: verify.c,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $ */
/*
* Copyright (c) 2001 Alistair G. Crooks. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Alistair G. Crooks.
* 4. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <nbcompat.h>
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
#ifndef lint
__COPYRIGHT("@(#) Copyright (c) 1999 \
The NetBSD Foundation, Inc. All rights reserved.");
__RCSID("$NetBSD: verify.c,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $");
#endif
#if HAVE_SYS_TYPES_H
#include <sys/types.h>
#endif
#if HAVE_SYS_PARAM_H
#include <sys/param.h>
#endif
#if HAVE_SYS_STAT_H
#include <sys/stat.h>
#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
#if HAVE_STDLIB_H
#include <stdlib.h>
#endif
#if HAVE_STRING_H
#include <string.h>
#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#include "verify.h"
#include "lib.h"
enum {
MaxExtensions = 10
};
/* this struct defines a verification type */
typedef struct ver_t {
const char *name; /* name of type */
const char *command1; /* command to execute to verify */
const char *command2; /* command to execute to verify */
const char *extensions[MaxExtensions]; /* signature file extensions */
} ver_t;
static char *verification_type; /* the verification type which has been selected */
/* called when gpg verification type is selected */
static int
do_verify(const char *pkgname, const char *cmd1, const char *cmd2, const char *const *extensions)
{
struct stat st;
const char *const *ep;
char buf[BUFSIZ];
char f[MaxPathSize];
int ret;
int i;
if (cmd1 == NULL) {
return 1;
}
for (i = 0, ep = extensions ; i < MaxExtensions && *ep ; ep++, i++) {
(void) snprintf(f, sizeof(f), "%s%s", pkgname, *ep);
if (stat(f, &st) == 0) {
(void) fprintf(stderr, "pkg_add: Using signature file: %s\n", f);
ret = (cmd2 == NULL) ? fexec(cmd1, f, NULL) : fexec(cmd1, cmd2, f, NULL);
if (ret != 0) {
(void) fprintf(stderr, "*** WARNING ***: `%s' has a bad signature\n", f);
return 0;
}
(void) fprintf(stderr, "Proceed with addition of %s: [y/n]? ", pkgname);
if (fgets(buf, sizeof(buf), stdin) == NULL) {
(void) fprintf(stderr, "Exiting now...");
exit(EXIT_FAILURE);
}
switch(buf[0]) {
case 'Y':
case 'y':
case '1':
return 1;
}
(void) fprintf(stderr, "Package `%s' will not be added\n", pkgname);
return 0;
}
}
(void) fprintf(stderr, "No valid signature file found for `%s'\n", pkgname);
return 0;
}
/* table holding possible verifications which can be made */
static const ver_t vertab[] = {
{ "none", NULL, NULL, { NULL } },
{ "gpg", "gpg", "--verify", { ".sig", ".asc", NULL } },
{ "pgp5", "pgpv", NULL, { ".sig", ".asc", ".pgp", NULL } },
{ NULL }
};
/* set the verification type - usually called during command line processing */
void
set_verification(const char *type)
{
if (verification_type) {
(void) free(verification_type);
}
verification_type = strdup(type);
}
/* return the type of verification that is being used */
char *
get_verification(void)
{
const ver_t *vp;
if (verification_type != NULL) {
for (vp = vertab ; vp->name ; vp++) {
if (strcasecmp(verification_type, vp->name) == 0) {
return verification_type;
}
}
}
return "none";
}
/* verify the digital signature (if any) on a package */
int
verify(const char *pkg)
{
const ver_t *vp;
if (verification_type == NULL) {
return do_verify(pkg, NULL, NULL, NULL);
}
for (vp = vertab ; vp->name ; vp++) {
if (strcasecmp(verification_type, vp->name) == 0) {
return do_verify(pkg, vp->command1, vp->command2, vp->extensions);
}
}
(void) fprintf(stderr, "Can't find `%s' verification details\n", verification_type);
return 0;
}

40
external/bsd/pkg_install/dist/add/verify.h vendored
View File

@ -1,40 +0,0 @@
/* $NetBSD: verify.h,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $ */
/*
* Copyright (c) 2001 Alistair G. Crooks. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. All advertising materials mentioning features or use of this software
* must display the following acknowledgement:
* This product includes software developed by Alistair G. Crooks.
* 4. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
* OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
* DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
* GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
* INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
* WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef VERIFY_H_
#define VERIFY_H_
void set_verification(const char *);
char *get_verification(void);
int verify(const char *);
#endif /* VERIFY_H_ */

109
external/bsd/pkg_install/dist/admin/config.c vendored
View File

@ -1,109 +0,0 @@
/* $NetBSD: config.c,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <nbcompat.h>
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
#ifndef lint
__RCSID("$NetBSD: config.c,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $");
#endif
/*-
* Copyright (c) 2008 Joerg Sonnenberger <joerg@NetBSD.org>.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in
* the documentation and/or other materials provided with the
* distribution.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS
* FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE
* COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES (INCLUDING,
* BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED
* AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
* OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT
* OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*/
#if HAVE_ERR_H
#include <err.h>
#endif
#if HAVE_STRING_H
#include <string.h>
#endif
#include "admin.h"
#include "lib.h"
const char *pkg_vulnerabilities_dir;
const char *pkg_vulnerabilities_file;
const char *pkg_vulnerabilities_url;
const char *ignore_advisories = NULL;
const char tnf_vulnerability_base[] = "ftp://ftp.NetBSD.org/pub/NetBSD/packages/vulns";
static struct config_variable {
const char *name;
const char **var;
} config_variables[] = {
{ "GPG", &gpg_cmd },
{ "PKGVULNDIR", &pkg_vulnerabilities_dir },
{ "PKGVULNURL", &pkg_vulnerabilities_url },
{ "IGNORE_URL", &ignore_advisories },
{ NULL, NULL }
};
void
pkg_install_config(const char *config_file)
{
char *value;
int ret;
struct config_variable *var;
for (var = config_variables; var->name != NULL; ++var) {
value = var_get(config_file, var->name);
if (value != NULL)
*var->var = value;
}
if (pkg_vulnerabilities_dir == NULL)
pkg_vulnerabilities_dir = _pkgdb_getPKGDB_DIR();
ret = asprintf(&value, "%s/pkg-vulnerabilities", pkg_vulnerabilities_dir);
pkg_vulnerabilities_file = value;
if (ret == -1)
err(EXIT_FAILURE, "asprintf failed");
if (pkg_vulnerabilities_url == NULL) {
ret = asprintf(&value, "%s/pkg-vulnerabilities.gz",
tnf_vulnerability_base);
pkg_vulnerabilities_url = value;
if (ret == -1)
err(EXIT_FAILURE, "asprintf failed");
}
}
void
pkg_install_show_variable(const char *var_name)
{
struct config_variable *var;
for (var = config_variables; var->name != NULL; ++var) {
if (strcmp(var->name, var_name) != 0)
continue;
if (*var->var != NULL)
puts(*var->var);
}
}

11
external/bsd/pkg_install/dist/audit-packages/AUTHORS vendored
View File

@ -1,11 +0,0 @@
# $NetBSD: AUTHORS,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
* The functions that deal with finding packages such as fixpkgname()
foundpkg() and checkforpkg() were taken from the pkg_install
set of tools. Authors for this include Jordan Hubbard, John Kohl,
Alistair Crooks, Hubert Feyrer, Thorsten Frueauf, Rene Hexel,
Christian E. Hopps, Thomas Klausner, Johnny Lam, and Matthias Scheler.
* This is basically a re-write in C of the audit-packages tool
by Adrian Portelli (adrianp@NetBSD.org). The tool was originally
authored by Alistair G. Crooks (agc@NetBSD.org).

30
external/bsd/pkg_install/dist/audit-packages/COPYING vendored
View File

@ -1,30 +0,0 @@
/*
* Copyright (c) 2007 Adrian Portelli <adrianp@NetBSD.org>.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions are
* met:
*
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above
* copyright notice, this list of conditions and the following
* disclaimer in the documentation and/or other materials provided
* with the distribution.
* 3. Neither the name of author(s) nor the names of its contributors
* may be used to endorse or promote products derived from this
* software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
* OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
* LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
* OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/

5
external/bsd/pkg_install/dist/audit-packages/README vendored
View File

@ -1,5 +0,0 @@
# $NetBSD: README,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
audit-packages, an easy way to audit the current machine, checking
for each vulnerability listed by the security officer. If a vulnerable
package is installed, it will be shown by output to stdout.

378
external/bsd/pkg_install/dist/audit-packages/audit-packages.1.in vendored
View File

@ -1,378 +0,0 @@
.\" $NetBSD: audit-packages.1.in,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
.\"
.\" Copyright (c) 2003 Jeremy C. Reed. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by Jeremy C. Reed
.\" for the NetBSD project.
.\" 4. The name of the author may not be used to endorse or promote
.\" products derived from this software without specific prior written
.\" permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
.\" GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd January 7, 2008
.Os
.Dt AUDIT-PACKAGES 1
.Sh NAME
.Nm audit-packages ,
.Nm download-vulnerability-list
.Nd show vulnerabilities in installed packages
.Sh SYNOPSIS
.Nm
.Op Fl deqsVv
.Op Fl c Ar config_file
.Op Fl F Ar file
.Op Fl g Ar file
.Op Fl h Ar file
.Op Fl K Ar pkg_dbdir
.Op Fl n Ar package
.Op Fl p Ar package
.Op Fl Q Ar varname
.Op Fl t Ar type
.Nm download-vulnerability-list
.Op Fl hs
.Op Fl c Ar config_file
.Sh DESCRIPTION
The
.Nm
program compares the installed packages with the
.Pa pkg-vulnerabilities
file and reports any known security issues to standard output.
This output contains the name and version of the package, the
type of vulnerability, and an URL for further information for each
vulnerable package.
.Pp
The following flags are supported:
.Bl -tag -width XcXconfigXfileXX
.It Fl d
Attempt to download the vulnerabilities file using the
.Nm download-vulnerability-list
script before scanning the installed packages for vulnerabilities.
.It Fl e
Check for end-of-life (eol) packages.
.It Fl q
Be ``quiet'' in emitting report headers and such, just dump the
raw info (basically, assume a non-human reading).
.It Fl s
Verify the signature of the current
.Pa pkg-vulnerabilities
file.
The key used to sign the file is available from:
.Pa ftp://ftp.netbsd.org/pub/NetBSD/security/PGP/pkgsrc-security@NetBSD.org.asc
.Pp
In order for this to function correctly the above key must be
added to the gpg keyring of the user who runs
.Ic audit-packages -s
and/or
.Ic download-vulnerability-list -s .
In addition to this the gpg binary must be installed on your system.
The path to the gpg binary can be set in
.Xr audit-packages.conf 5 .
.Pp
The requirement for GnuPG may go away in the future when a suitable
replacement is implemented.
.It Fl V
Display the version number and exit.
.It Fl v
Be more verbose.
Specify multiple
.Fl v
flags to increase verbosity.
Currently a maximum level of three is supported.
.It Fl c Ar config_file
Specify a custom
.Ar config_file
configuration file to use.
.It Fl F Ar file
Load a
.Ar file
containing a list of package names and or package patterns to check.
.It Fl g Ar file
Compute the SHA512 hash on
.Ar file .
.It Fl h Ar file
Check the SHA512 hash of a
.Ar file
against the internally stored value.
.It Fl K Ar pkg_dbdir
Use package database directory
.Ar pkg_dbdir .
.It Fl n Ar package
Check only the package
.Ar package
for vulnerabilities.
.It Fl p Ar package
Check only the installed package
.Ar package
for vulnerabilities.
.It Fl Q Ar varname
Display the current value of
.Ar varname
and exit.
Currently supported
.Ar varname
are
.Dv GPG ,
.Dv PKGVULNDIR ,
and
.Dv IGNORE_URLS .
.It Fl t Ar type
Only check for the specified
.Ar type
of vulnerability.
.El
.Pp
The
.Nm download-vulnerability-list
program downloads the
.Pa pkg-vulnerabilities
file from
.Pa ftp.NetBSD.org
using
.Xr ftp 1
by default.
This vulnerabilities file documents all known security issues in
pkgsrc packages and is kept up-to-date by the
.Nx
pkgsrc-security team.
.Pp
The following flags are supported:
.Bl -tag -width XcXconfigXfileXX
.It Fl c Ar config_file
Specify a custom
.Ar config_file
configuration file to use.
.It Fl h
Display program usage.
.It Fl s
Verify the signature of the current
.Pa pkg-vulnerabilities
file.
In order for this to function correctly you will need to add the
pkgsrc Security Team key to your gpg keyring and trust it.
The key is available from:
.Pa ftp://ftp.netbsd.org/pub/NetBSD/security/PGP/pkgsrc-security@NetBSD.org.asc
In addition to this the gpg binary must be installed on your system.
The path to the gpg binary can be set in
.Xr audit-packages.conf 5 .
.El
.Pp
By default
.Nm download-vulnerability-list
will download a compressed version of
.Pa pkg-vulnerabilities
from ftp.netbsd.org.
The default file downloaded is compressed using
.Xr gzip 1 .
The compression tool used can set in
.Xr audit-packages.conf 5 .
Currently only
.Xr gzcat 1
and
.Xr bzcat 1
are supported.
.Pp
.Nm audit-packages
and/or
.Nm download-vulnerability-list
need not be run by the root user. They will function as an unpriveleged
user just so long as the user chosen has permmission to write the
downloded
.Pa pkg-vulnerabilites
file to the location specified in
.Xr audit-packages.conf 5 .
.Pp
Each line lists the package and vulnerable versions, the type of exploit,
and an Internet address for further information:
.Bl -item
.It
.Aq package pattern
.Aq type
.Aq url
.El
.Pp
The type of exploit can be any text, although
some common types of exploits listed are:
.Bl -bullet -compact -offset indent
.It
cross-site-html
.It
cross-site-scripting
.It
denial-of-service
.It
eol
.It
file-permissions
.It
local-access
.It
local-code-execution
.It
local-file-read
.It
local-file-removal
.It
local-file-write
.It
local-root-file-view
.It
local-root-shell
.It
local-symlink-race
.It
local-user-file-view
.It
local-user-shell
.It
privacy-leak
.It
remote-code-execution
.It
remote-command-inject
.It
remote-file-creation
.It
remote-file-read
.It
remote-file-view
.It
remote-file-write
.It
remote-key-theft
.It
remote-root-access
.It
remote-root-shell
.It
remote-script-inject
.It
remote-server-admin
.It
remote-use-of-secret
.It
remote-user-access
.It
remote-user-file-view
.It
remote-user-shell
.It
unknown
.It
weak-authentication
.It
weak-encryption
.It
weak-ssl-authentication
.El
.Pp
The type
.Pa eol
implies that the package is no longer maintained by the software vendor but
is provided by the pkgsrc team for your convenience only.
It may contain any number of the above mentioned vulnerabilities.
Any packages of type eol are not reported by default.
Run
.Nm Fl e
to also report on eol packages.
.Pp
By default, the vulnerabilities file is stored in the
.Dv PKG_DBDIR
directory.
On a standard installation this will be set to @pkgdbdir@.
If you have installed pkgsrc on a supported platform this will be what
ever you specifed when bootstrapping pkgsrc i.e.,
.Fl -pkgdbdir Aq Ar pkgdbdir .
The path to the
.Pa pkg-vulnerabilities
file can be set in
.Xr audit-packages.conf 5 .
.Sh EXIT STATUS
.Ex -std audit-packages
.Sh FILES
.Bl -tag
.It Pa @pkgdbdir@/pkg-vulnerabilities
Vulnerabilities database.
.It Pa @sysconfdir@/audit-packages.conf
.Nm
configuration file.
.It Pa ftp://ftp.netbsd.org/pub/NetBSD/security/PGP/pkgsrc-security@NetBSD.org.asc
Key used to sign the vulnerabilities file.
.El
.Sh EXAMPLES
The
.Nm download-vulnerability-list
command can be run via
.Xr cron 8
to update the
.Pa pkg-vulnerabilities
file daily.
.Nm
can be run via
.Xr cron 8
(or with
.Nx Ap s
.Pa /etc/security.local
daily security script).
.Pp
The
.Nm download-vulnerability-list
command can be forced to use IPv4 with the following setting in
@sysconfdir@/audit-packages.conf:
.Pp
FETCH_ARGS="-4"
.Pp
The
.Nm download-vulnerability-list
command can be forced to use http to download the
.Pa pkg-vulnerabilities
file with the following setting in
@sysconfdir@/audit-packages.conf:
.Pp
FETCH_PROTO="http"
.Sh SEE ALSO
.Xr pkg_info 1 ,
.Xr audit-packages.conf 5 ,
.Xr mk.conf 5 ,
.Xr pkgsrc 7 ,
.Rs
.%T "Documentation on the NetBSD Package System"
.Re
.Sh HISTORY
.An -nosplit
The
.Nm
and
.Nm download-vulnerability-list
commands were originally implemented and added to
.Nx Ap s
pkgsrc by
.An Alistair Crooks
on September 19, 2000.
During April 2007
.Nm
was re-written by
.An Adrian Portelli
and support was added for compressed files and checking signatures
on downloaded files.
The original idea came from Roland Dowdeswell and Bill Sommerfeld.

1156
external/bsd/pkg_install/dist/audit-packages/audit-packages.c vendored
View File

File diff suppressed because it is too large Load Diff

126
external/bsd/pkg_install/dist/audit-packages/audit-packages.conf.5.in vendored
View File

@ -1,126 +0,0 @@
.\" $NetBSD: audit-packages.conf.5.in,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
.\"
.\" Copyright (c) 2007 Adrian Portelli. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by Adrian Portelli
.\" for the NetBSD project.
.\" 4. The name of the author may not be used to endorse or promote
.\" products derived from this software without specific prior written
.\" permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
.\" GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd July 07, 2007
.Os
.Dt audit-packages.conf 5
.Sh NAME
.Nm audit-packages.conf
.Nd audit-packages and download-vulnerability-list configuration file.
.Sh DESCRIPTION
The
.Nm
file contains the configuration information for
.Xr download-vulnerability-list 8
and
.Xr audit-packages 8 .
.Pp
These variables can be defined in the
.Xr audit-packages.conf 8
file.
.Pp
.Bl -tag -width COMPRESS_TYPE
.It Ev GPG
The full path to the location of the binary used to verify the signature
on the downloaded
.Pa pkg-vulnerabilities
file. Currently only GnuPG is supported.
.Pp
The default is "@prefix@/bin/gpg".
.It Ev PKGVULNDIR
Specifies the directory containing the
.Pa pkg-vulnerabilities
file.
.Pp
The default is "@pkgdbdir@".
.It Ev COMPRESS_TYPE
Specifies which type of compressed
.Pa pkg-vulnerabilities
file to download. You can also specify COMPRESS_TYPE="" to use
and uncompressed version of the file. If you change this from the
default you must specify a COMPRESS_TOOL. The
currently accepted options are gzip and bzip2.
.It Ev COMPRESS_TOOL
The full path to the location of the binary used to
decompress the downloaded
.Pa pkg-vulnerabilities
file.
.Pp
The default is "@gzcat@".
.It Ev FETCH_CMD
Specifies the client used to download the
.Pa pkg-vulnerabilities
file. Currently known tools include curl, ftp, wget and fetch.
.Pp
The default is @ftp@.
.It Ev FETCH_PRE_ARGS
Specifies optional arguments for the
.Pa download-vulnerability-list
client. These options appear before FETCH_CMD.
.It Ev FETCH_ARGS
Specifies optional arguments for the client used to download the
.Pa pkg-vulnerabilities
file.
.It Ev FETCH_PROTO
Specifies the protocol to use when fetching the
.Pa pkg-vulnerabilities
file.
Currently supports only http and ftp.
.Pp
The default is "ftp".
.It Ev IGNORE_URLS
A list of vulnerability URLs to be ignored.
This allows for ignoring certain URLs that are attached to a
vulnerability.
.El
.Sh FILES
@sysconfdir@/audit-packages.conf
.Sh SEE ALSO
.Xr pkg_info 1 ,
.Xr mk.conf 5 ,
.Xr pkgsrc 7 ,
.Xr audit-packages 8 and
.%T "Documentation on the NetBSD Package System"
.Sh HISTORY
The
.Nm audit-packages
and
.Nm download-vulnerability-list
commands were originally implemented and added to
.Nx Ap s
pkgsrc by
.An Alistair Crooks
on September 19, 2000. During April 2007
.Nm audit-packages
was re-written by Adrian Portelli and support was added for compressed
files and checking signatures on downloaded files. The original idea
came from Roland Dowdeswell and Bill Sommerfeld.

87
external/bsd/pkg_install/dist/audit-packages/audit-packages.conf.in vendored
View File

@ -1,87 +0,0 @@
# $NetBSD: audit-packages.conf.in,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
#
# sample configuration file for audit-packages(8) and
# download-vulnerability-list(8)
#
# GPG
#
# Specifies the full path to the gpg tool that will be used for verifying
# the signature on the downloaded pkg-vulnerabilities file.
#
# Used by: audit-packages download-vulnerability-list
# Supported: /path/to/gpg
# Default: GPG="@prefix@/bin/gpg"
# PKGVULNDIR
#
# Specifies the directory the pkg-vulnerabilities file is located in.
#
# Used by: audit-packages download-vulnerability-list
# Supported: /path/to/pkg-vulnerabilities/
# Default: PKGVULNDIR="@pkgdbdir@"
# COMPRESS_TYPE
#
# Specifies which type of compressed pkg-vulnerabilities file to
# download. You can also specify COMPRESS_TYPE="" to use
# and uncompressed version of the file.
#
# If you change this from the default you must specify a COMPRESS_TOOL.
#
# Used by: download-vulnerability-list
# Supported: gzip bzip2 (none)
# Default: COMPRESS_TYPE="gzip"
# COMPRESS_TOOL
#
# Specifies which tool will be used when dealing with the compressed
# pkg-vulnerabilities file.
#
# Used by: download-vulnerability-list
# Supported: Any local binary that can decompress the
# pkg-vulnerabilities file to stdout
# Default: COMPRESS_TOOL="@gzcat@"
# FETCH_CMD
#
# Specifies the tool that will be used to fetch the pkg-vulnerabilities
# file.
#
# Used by: download-vulnerability-list
# Supported: /path/to/curl /path/to/ftp /path/to/wget /path/to/fetch
# Default: FETCH_CMD=@ftp@
# FETCH_PRE_ARGS
#
# Specifies optional arguments for the download-vulnerability-list client.
# These options appear before ${FETCH_CMD}.
#
# Used by: download-vulnerability-list
# Supported: Any valid arguments for FETCH_CMD
# Default: FETCH_PRE_ARGS=
# FETCH_ARGS
#
# Specifies optional arguments for the download-vulnerability-list client.
#
# Used by: download-vulnerability-list
# Supported: Any valid arguments for FETCH_CMD
# Default: FETCH_ARGS=
# FETCH_PROTO
#
# Specifies the protocol to use when fetching the pkg-vulnerabilities file.
#
# Used by: download-vulnerability-list
# Supported: ftp http
# Default: FETCH_PROTO="ftp"
# IGNORE_URLS
#
# A list of vulnerability URLs to be ignored.
#
# Used by: audit-packages
# Supported: Valid URL(s) from pkg-vulnerabilities
# Default: IGNORE_URLS=

336
external/bsd/pkg_install/dist/audit-packages/download-vulnerability-list.1.in vendored
View File

@ -1,336 +0,0 @@
.\" $NetBSD: download-vulnerability-list.1.in,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
.\"
.\" Copyright (c) 2003 Jeremy C. Reed. All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by Jeremy C. Reed
.\" for the NetBSD project.
.\" 4. The name of the author may not be used to endorse or promote
.\" products derived from this software without specific prior written
.\" permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
.\" OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
.\" WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
.\" DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
.\" GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
.\" WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
.\" NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
.\" SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd July 07, 2007
.Os
.Dt AUDIT-PACKAGES 1
.Sh NAME
.Nm audit-packages ,
.Nm download-vulnerability-list
.Nd show vulnerabilities in installed packages
.Sh SYNOPSIS
.Nm
.Op Fl desVv
.Op Fl c Ar config_file
.Op Fl g Ar file
.Op Fl h Ar file
.Op Fl K Ar pkg_dbdir
.Op Fl n Ar package
.Op Fl p Ar package
.Op Fl Q Ar varname
.Op Fl t Ar type
.Nm download-vulnerability-list
.Op Fl hs
.Op Fl c Ar config_file
.Sh DESCRIPTION
The
.Nm
program compares the installed packages with the
.Pa pkg-vulnerabilities
file and reports any known security issues to standard output.
This output contains the name and version of the package, the
type of vulnerability, and an URL for further information for each
vulnerable package.
.Pp
The following flags are supported:
.Bl -tag -width Ar
.It Fl d
Attempt to download the vulnerabilities
file using the
.Pa download-vulnerability-list
script before scanning the installed packages for vulnerabilities.
.It Fl e
Check for end-of-life (eol) packages.
.It Fl s
Verify the signature of the current
.Pa pkg-vulnerabilities
file. The key used to sign the file is available from:
.Pa ftp.netbsd.org/pub/NetBSD/security/PGP/pkgsrc-security@NetBSD.org.asc
.Pp
In order for this to function correctly the above key must be
added to the gpg keyring of the user who runs
.Pa audit-packages -s
and/or
.Pa download-vulnerability-list -s .
In addition to this the gpg binary must be installed on your system.
The path to the gpg binary can be set in
.Xr audit-packages.conf 5 .
.Pp
The requirement for GnuPG may go away in the future when a suitable
replacement is implemented.
.It Fl V
Display the version number and exit.
.It Fl v
Be more verbose. Specify multiple -v flags to increase verbosity.
Currently a maximum level of three is supported.
.It Fl c Ar conf_file
Specify a custom
.Ar conf_file
configuration file to use.
.It Fl g Ar file
Compute the SHA512 hash on
.Ar file .
.It Fl h Ar file
Check the SHA512 hash of a
.Ar file
against the internally stored value.
.It Fl K Ar pkg_dbdir
Use package database directory
.Ar pkg_dbdir .
.It Fl n Ar package
Check only the package
.Ar package
for vulnerabilities.
.It Fl p Ar package
Check only the installed package
.Ar package
for vulnerabilities.
.It Fl Q Ar varname
Display the current value of
.Ar varname
and exit. Currently supported
.Ar varname
are GPG, PKGVULNDIR and IGNORE_URLS.
.It Fl t Ar type
Only check for the specified
.Ar type
of vulnerability.
.El
.Pp
The
.Nm download-vulnerability-list
program downloads the
.Pa pkg-vulnerabilities
file from
.Pa ftp.NetBSD.org
using
.Xr ftp 1
by default. This vulnerabilities file documents all known security issues in
pkgsrc packages and is kept up-to-date by the
.Nx
pkgsrc-security team.
.Pp
The following flags are supported:
.Bl -tag -width Ar
.It Fl h
Display program usage.
.It Fl s
Verify the signature of the current
.Pa pkg-vulnerabilities
file. In order for this to function correctly you will need to add the
pkgsrc Security Team key to your gpg keyring and trust it. The key is
available from:
.Pa ftp.netbsd.org/pub/NetBSD/security/PGP/pkgsrc-security@NetBSD.org.asc
In addition to this the gpg binary must be installed on your system.
The path to the gpg binary can be set in
.Xr audit-packages.conf 5 .
.It Fl c Ar conf_file
Specify a custom
.Ar conf_file
configuration file to use.
.El
.Pp
By default
.Nm download-vulnerability-list
will download a compressed version of
.Pa pkg-vulnerabilities
from ftp.netbsd.org. The default file downloaded is compressed using
.Xr gzip 1 .
The compression tool used can set in
.Xr audit-packages.conf 5 .
Currently only
.Xr gzcat 1
and
.Xr bzcat 1
are supported.
.Pp
Each line lists the package and vulnerable versions, the type of exploit,
and an Internet address for further information:
.Bl -item
.It
.Aq package pattern
.Aq type
.Aq url
.El
.Pp
The type of exploit can be any text, although
some common types of exploits listed are:
.Bl -bullet -compact -offset indent
.It
cross-site-html
.It
cross-site-scripting
.It
denial-of-service
.It
eol
.It
file-permissions
.It
local-access
.It
local-code-execution
.It
local-file-read
.It
local-file-removal
.It
local-file-write
.It
local-root-file-view
.It
local-root-shell
.It
local-symlink-race
.It
local-user-file-view
.It
local-user-shell
.It
privacy-leak
.It
remote-code-execution
.It
remote-command-inject
.It
remote-file-creation
.It
remote-file-read
.It
remote-file-view
.It
remote-file-write
.It
remote-key-theft
.It
remote-root-access
.It
remote-root-shell
.It
remote-script-inject
.It
remote-server-admin
.It
remote-use-of-secret
.It
remote-user-access
.It
remote-user-file-view
.It
remote-user-shell
.It
unknown
.It
weak-authentication
.It
weak-encryption
.It
weak-ssl-authentication
.El
.Pp
The type
.Pa eol
implies that the package is no longer maintained by the software vendor but
is provided by the pkgsrc team for your convenience only. It may contain any
number of the above mentioned vulnerabilities. Any packages of type eol
are not reported by default. Run
.Nm Fl e
to also report on eol packages.
.Pp
By default, the vulnerabilities file is stored in the
PKG_DBDIR
directory. On a standard installation this will be set to @pkgdbdir@.
If you have installed pkgsrc on a supported platform this will be what
ever you specifed when bootstrapping pkgsrc i.e. --pkgdbdir <pkgdbdir>.
The path to the
.Pa pkg-vulnerabilities
file can be set in
.Xr audit-packages.conf 5 .
.Sh EXIT STATUS
.Ex -std audit-packages
.Sh FILES
@pkgdbdir@/pkg-vulnerabilities
.Pp
@sysconfdir@/audit-packages.conf
.Sh EXAMPLES
The
.Nm download-vulnerability-list
command can be run via
.Xr cron 8
to update the
.Pa pkg-vulnerabilities
file daily.
And
.Nm
can be run via
.Xr cron 8
(or with
.Nx Ap s
.Pa /etc/security.local
daily security script).
.Pp
The
.Nm download-vulnerability-list
command can be forced to use IPv4 with the following setting in
@sysconfdir@/audit-packages.conf:
.Pp
FETCH_ARGS="-4"
.Pp
The
.Nm download-vulnerability-list
command can be forced to use http to download the
.Pa pkg-vulnerabilities
file with the following setting in
@sysconfdir@/audit-packages.conf:
.Pp
FETCH_PROTO="http"
.Sh SEE ALSO
.Xr pkg_info 1 ,
.Xr audit-packages.conf 5 ,
.Xr mk.conf 5 ,
.Xr pkgsrc 7 ,
.%T "Documentation on the NetBSD Package System"
.Sh HISTORY
The
.Nm
and
.Nm download-vulnerability-list
commands were originally implemented and added to
.Nx Ap s
pkgsrc by
.An Alistair Crooks
on September 19, 2000. During April 2007
.Nm
was re-written by Adrian Portelli
and support was added for compressed files and checking signatures on downloaded
files.
The original idea came from Roland Dowdeswell and Bill Sommerfeld.

217
external/bsd/pkg_install/dist/audit-packages/download-vulnerability-list.sh.in vendored
View File

@ -1,217 +0,0 @@
#!/bin/sh
# $NetBSD: download-vulnerability-list.sh.in,v 1.1.1.1 2008/09/30 19:00:26 joerg Exp $
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
# must display the following acknowledgement:
# This product includes software developed by Alistair Crooks
# for the NetBSD project.
# 4. The name of the author may not be used to endorse or promote
# products derived from this software without specific prior written
# permission.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
#
: ${PKGVULNDIR="@pkgdbdir@"}
: ${COMPRESS_TYPE="gzip"}
: ${FETCH_PRE_ARGS=""}
: ${FETCH_CMD=@ftp@}
: ${FETCH_ARGS=""}
: ${FETCH_PROTO=ftp}
prefix=@prefix@
AP=@exec_prefix@/sbin/audit-packages
NEW_VUL_LIST=pkg-vulnerabilities.$$
EXIST_VUL_LIST=pkg-vulnerabilities
FETCH_PATH="ftp.NetBSD.org/pub/NetBSD/packages/vulns"
_CONF_FILE="@sysconfdir@/audit-packages.conf"
COMPRESS_TOOL=""
usage()
{
argv0="${1##*/}"
cat <<EOF
$2
Usage: $argv0 [-s] [-c config-file]
-s : Verify the signature on the downloaded file.
-c : Specify a custom configuration file to use.
EOF
exit 1
}
verify=no
custom_conf=no
conf_found=no
neednew=no
while [ $# -gt 0 ]; do
case "$1" in
-s)
verify=yes
;;
-c)
custom_conf=yes
local_conf="$2"
shift
;;
*)
usage "$0" "Unknown option $1"
esac
shift
done
# generic conf file handler
if [ -r ${_CONF_FILE} ]; then
conf_found=yes
fi
# see if the user wants us to use a custom config file
if [ "x${custom_conf}" = "xyes" ]; then
if [ -r ${local_conf} ]; then
conf_found=yes
_CONF_FILE=${local_conf}
fi
fi
# only do the following if we have found a config file to use
if [ "x${conf_found}" = "xyes" ]; then
if [ -r ${_CONF_FILE} ]; then
echo "Reading settings from ${_CONF_FILE}"
. ${_CONF_FILE}
fi
fi
# setup the compression type
case "${COMPRESS_TYPE}" in
bzip2) COMPRESS_EXTN=.bz2
compressed=yes
;;
gzip) COMPRESS_EXTN=.gz
compressed=yes
;;
none) COMPRESS_EXTN=""
compressed=no
;;
*) echo "***ERROR*** Unknown COMPRESS_TYPE specified - Only bzip2 and gzip are currently supported."
exit 1
;;
esac
# setup the compression tool and arguments
if [ "x${compressed}" = "xyes" ]; then
if [ "x${COMPRESS_TYPE}" = "xgzip" -a "x${COMPRESS_TOOL}" = "x" ]; then
COMPRESS_TOOL="@gzcat@"
fi
if [ "x${COMPRESS_TYPE}" != "xgzip" -a "x${COMPRESS_TOOL}" = "x" ]; then
echo "***ERROR*** A non-default COMPRESS_TYPE has been specified without a COMPRESS_TOOL"
exit 1
fi
fi
VUL_SOURCE="${FETCH_PROTO}://${FETCH_PATH}/pkg-vulnerabilities${COMPRESS_EXTN}"
if [ ! -d ${PKGVULNDIR}/. ]; then
echo "Creating ${PKGVULNDIR}"
/bin/mkdir ${PKGVULNDIR}
if [ ! -d ${PKGVULNDIR} ]; then
echo "***ERROR*** Can't create: ${PKGVULNDIR}"
exit 1
fi
fi
echo "audit-packages" > ${PKGVULNDIR}/.cookie
if [ -f ${PKGVULNDIR}/.cookie ]; then
rm -f ${PKGVULNDIR}/.cookie
else
echo "***ERROR*** Can't write to: ${PKGVULNDIR}"
exit 1
fi
if [ ! "x${FETCH_PROTO}" = "xhttp" -a ! "x${FETCH_PROTO}" = "xftp" ]; then
echo "***ERROR*** Unknown FETCH_PROTO specified - Only http and ftp are currently supported."
exit 1
fi
cd ${PKGVULNDIR}
utility=`basename "${FETCH_CMD}"`
case "${utility}" in
curl|fetch|ftp) ${FETCH_PRE_ARGS} ${FETCH_CMD} ${FETCH_ARGS} \
-o ${NEW_VUL_LIST}${COMPRESS_EXTN} ${VUL_SOURCE} ;;
wget) ${FETCH_PRE_ARGS} ${FETCH_CMD} ${FETCH_ARGS} \
-O ${NEW_VUL_LIST}${COMPRESS_EXTN} ${VUL_SOURCE} ;;
*) echo "Unknown fetch command - please use send-pr to send in support for your fetch command" 1>&2
exit 1
;;
esac
# see if we got a file
if [ ! -f "${NEW_VUL_LIST}${COMPRESS_EXTN}" ]; then
echo "***ERROR*** Download of vulnerabilities file failed" 1>&2
exit 1
fi
# decompress the downloaded file and delete the download
if [ "x${compressed}" = "xyes" ]; then
${COMPRESS_TOOL} ${NEW_VUL_LIST}${COMPRESS_EXTN} > ${NEW_VUL_LIST}
/bin/rm -f ${NEW_VUL_LIST}${COMPRESS_EXTN}
fi
# compare the old and new files to see if there's a difference
if [ -f ${EXIST_VUL_LIST} ]; then
exist_hash=`${AP} -g ${EXIST_VUL_LIST}`
new_hash=`${AP} -g ${NEW_VUL_LIST}`
if [ "x${exist_hash}" != "x${new_hash}" ]; then
neednew=yes
else
echo "No change from existing package vulnerabilities file"
/bin/rm -f ${NEW_VUL_LIST}
exit 0
fi
else
neednew=yes
fi
# check the hash and/or sig on the new file
if [ "x${verify}" = "xyes" ]; then
${AP} -s -h ${NEW_VUL_LIST}
else
${AP} -h ${NEW_VUL_LIST}
fi
ec=$?;
if [ $ec -ne 0 ]; then
echo "***ERROR*** Failed to verify the newly downloaded vulnerabilities file" 1>&2
/bin/rm -f ${NEW_VUL_LIST}
exit 1
fi
# move the new file into position
echo "Package vulnerabilities file has been updated"
/bin/chmod a+r ${NEW_VUL_LIST}
/bin/mv -f ${NEW_VUL_LIST} ${EXIST_VUL_LIST}
exit 0

1252
external/bsd/pkg_install/dist/lib/ftpio.c vendored
View File

File diff suppressed because it is too large Load Diff

206
external/bsd/pkg_install/dist/lib/pen.c vendored
View File

@ -1,206 +0,0 @@
/* $NetBSD: pen.c,v 1.1.1.1 2008/09/30 19:00:27 joerg Exp $ */
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <nbcompat.h>
#if HAVE_SYS_CDEFS_H
#include <sys/cdefs.h>
#endif
#ifndef lint
#if 0
static const char *rcsid = "from FreeBSD Id: pen.c,v 1.25 1997/10/08 07:48:12 charnier Exp";
#else
__RCSID("$NetBSD: pen.c,v 1.1.1.1 2008/09/30 19:00:27 joerg Exp $");
#endif
#endif
/*
* FreeBSD install - a package for the installation and maintainance
* of non-core utilities.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
*
* Jordan K. Hubbard
* 18 July 1993
*
* Routines for managing the "play pen".
*
*/
#if HAVE_ERR_H
#include <err.h>
#endif
#include "lib.h"
#if HAVE_SYS_SIGNAL_H
#include <sys/signal.h>
#endif
/* For keeping track of where we are */
static char Current[MaxPathSize];
static char Previous[MaxPathSize];
static int CurrentSet; /* rm -fr Current only if it's really set! */
/* CurrentSet is set to 0 before strcpy()s
* to prevent rm'ing of a partial string
* when interrupted by ^C */
char *
where_playpen(void)
{
return Current;
}
/*
* Find a good place to play.
*/
static char *
find_play_pen(char *pen, size_t pensize, size_t sz)
{
const char **cp;
struct stat sb;
char *r;
const char *tmpdir[] = {
"PKG_TMPDIR",
"TMPDIR",
"/var/tmp",
"/tmp",
"/usr/tmp",
NULL
};
if (pen == NULL) {
cleanup(0);
errx(2, "find_play_pen(): 'pen' variable is NULL\n"
"(this should not happen, please report!)");
return NULL;
}
if (pen[0] && (r = strrchr(pen, '/')) != NULL) {
*r = '\0';
if (stat(pen, &sb) != FAIL && (min_free(pen) >= sz)) {
*r = '/';
return pen;
}
}
for (cp = tmpdir; *cp; cp++) {
const char *d = (**cp == '/') ? *cp : getenv(*cp);
if (d == NULL || stat(d, &sb) == FAIL || min_free(d) < sz)
continue;
(void)snprintf(pen, pensize, "%s/instmp.XXXXXX", d);
return pen;
}
cleanup(0);
errx(2, "Can't find enough temporary space to extract the files.\n"
"Please set your PKG_TMPDIR environment variable to a location "
"with at least %zu bytes free", sz);
return NULL;
}
/*
* Make a temporary directory to play in and chdir() to it, returning
* pathname of previous working directory.
*/
char *
make_playpen(char *pen, size_t pensize, size_t sz)
{
if (!find_play_pen(pen, pensize, sz))
return NULL;
if (!mkdtemp(pen)) {
cleanup(0);
errx(2, "can't mkdtemp '%s'", pen);
}
/*
* On at least NetBSD, the temporary directory may have a group
* that isn't in the group list of the current user. In that
* case, it is impossible to extract setgid binaries from the
* package, since chmod(2) doesn't allow to set the S_ISGID bit
* for a group that isn't yours.
*/
(void)chown(pen, -1, getegid());
if (Verbose) {
if (sz)
fprintf(stderr,
"Requested space: %lu bytes, free space: %lld bytes in %s\n",
(u_long) sz, (long long) min_free(pen), pen);
}
if (min_free(pen) < sz) {
rmdir(pen);
cleanup(0);
errx(2, "not enough free space to create '%s'.\n"
"Please set your PKG_TMPDIR environment variable to a location\n"
"with more space and\ntry the command again", pen);
}
if (Current[0])
strlcpy(Previous, Current, sizeof(Previous));
else if (!getcwd(Previous, MaxPathSize)) {
cleanup(0);
err(EXIT_FAILURE, "fatal error during execution: getcwd");
}
if (chdir(pen) == FAIL) {
cleanup(0);
errx(2, "can't chdir to '%s'", pen);
}
CurrentSet = 0; strlcpy(Current, pen, sizeof(Current)); CurrentSet = 1;
return Previous;
}
/*
* Convenience routine for getting out of playpen
*/
void
leave_playpen(char *save)
{
void (*oldsig) (int);
/* Make us interruptable while we're cleaning up - just in case... */
oldsig = signal(SIGINT, SIG_DFL);
if (Previous[0] && chdir(Previous) == FAIL) {
cleanup(0);
errx(2, "can't chdir back to '%s'", Previous);
} else if (CurrentSet && Current[0] && strcmp(Current, Previous)) {
if (strcmp(Current, "/") == 0) {
fprintf(stderr, "PANIC: About to rm -fr / (not doing so, aborting)\n");
abort();
}
if (fexec("rm", "-fr", Current, NULL))
warnx("couldn't remove temporary dir '%s'", Current);
strlcpy(Current, Previous, sizeof(Current));
}
if (save)
strlcpy(Previous, save, sizeof(Previous));
else
Previous[0] = '\0';
signal(SIGINT, oldsig);
}
/*
* Return free disk space (in bytes) on given file system.
* Returns size in a uint64_t since off_t isn't 64 bits on all
* operating systems.
*/
uint64_t
min_free(const char *tmpdir)
{
struct statvfs buf;
if (statvfs(tmpdir, &buf) != 0) {
warn("statvfs");
return 0;
}
return (uint64_t)buf.f_bavail * buf.f_bsize;
}

110
external/bsd/pkg_install/dist/lib/pexec.c vendored
View File

@ -1,110 +0,0 @@
#if HAVE_CONFIG_H
#include "config.h"
#endif
#include <nbcompat.h>
#if HAVE_SYS_WAIT_H
#include <sys/wait.h>
#endif
#if HAVE_ERR_H
#include <err.h>
#endif
#if HAVE_ERRNO_H
#include <errno.h>
#endif
#if HAVE_STDLIB_H
#include <stdlib.h>
#endif
#if HAVE_UNISTD_H
#include <unistd.h>
#endif
#if HAVE_STDIO_H
#include <stdio.h>
#endif
#include "lib.h"
/*
* If the supplied callback is not NULL, then call it.
*/
static void call_callback(void (*callback)(void))
{
if (callback != NULL) {
callback();
}
}
/*
* create pipe, fork and exec file with arguments in argv
* child takes stdin from pipe, set up fp for parent to
* output to pipe, and return this information.
*/
pipe_to_system_t *pipe_to_system_begin(const char *file, char *const argv[],
void (*cleanup_callback)(void))
{
pipe_to_system_t *retval;
retval = malloc(sizeof(pipe_to_system_t));
if (retval == NULL) {
call_callback(cleanup_callback);
errx(2, "can't get pipe space");
}
retval->cleanup = cleanup_callback;
if (pipe(retval->fds) == -1) {
call_callback(retval->cleanup);
errx(2, "cannot create pipe");
}
retval->pid = fork();
if (retval->pid == -1) {
call_callback(retval->cleanup);
errx(2, "cannot fork process for %s", file);
}
if (retval->pid == 0) { /* The child */
if (retval->fds[0] != 0) {
dup2(retval->fds[0], 0);
close(retval->fds[0]);
}
close(retval->fds[1]);
execvp(file, argv);
warn("failed to execute %s command", file);
_exit(2);
}
/* Meanwhile, back in the parent process ... */
close(retval->fds[0]);
retval->fp = fdopen(retval->fds[1], "w");
if (retval->fp == NULL) {
call_callback(retval->cleanup);
errx(2, "fdopen failed");
}
return retval;
}
/*
* close pipe and wait for child to exit. on non-zero exit status,
* call cleanup callback. return exit status.
*/
int pipe_to_system_end(pipe_to_system_t *to_pipe)
{
int status;
int wait_ret;
fclose(to_pipe->fp);
do {
wait_ret = waitpid(to_pipe->pid, &status, 0);
} while (wait_ret == -1 && errno == EINTR);
if (wait_ret < 0) {
call_callback(to_pipe->cleanup);
errx(2, "waitpid returned failure");
}
if (!WIFEXITED(status)) {
call_callback(to_pipe->cleanup);
errx(2, "waitpid: process terminated abnormally");
}
free(to_pipe);
return WEXITSTATUS(status);
}

147
external/bsd/pkg_install/dist/view/linkfarm.1 vendored
View File

@ -1,147 +0,0 @@
.\" $NetBSD: linkfarm.1,v 1.1.1.1 2008/09/30 19:00:27 joerg Exp $
.\"
.\" Copyright (c) 2003 The NetBSD Foundation, Inc.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the NetBSD
.\" Foundation, Inc. and its contributors.
.\" 4. Neither the name of The NetBSD Foundation nor the names of its
.\" contributors may be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 2, 2003
.Dt LINKFARM 1
.Os
.Sh NAME
.Nm linkfarm
.Nd manage symbolic links to package files
.Sh SYNOPSIS
.Nm
.Op Fl cDnRVv
.Op Fl d Ar stowdir
.Op Fl s Ar subdir
.Op Fl t Ar target
.Ar package
.Sh DESCRIPTION
The
.Nm
command is used to manage a "linkfarm", a directory tree of symbolic links in
.Ar target
to the files in the
.Ar package
sub-directory of
.Ar stowdir .
The default action is to create a linkfarm to a package.
.Pp
The following command-line options are supported:
.Bl -tag -width indent
.It Fl c
Check whether a package contains a linkfarm in
.Ar target .
If
.Ar package
has no symbolic links in
.Ar target
that correspond to its files, then return 0, otherwise return 1.
.It Fl D
Delete the linkfarm for
.Ar package .
.It Fl d Ar stowdir
Set
.Ar stowdir
as the directory in which
.Ar package
can be found.
The default
.Ar stowdir
is the
.Pa packages
sub-directory in the default
.Ar target
directory.
.It Fl n
Don't actually execute the commands for removing and creating the symbolic
links and directories.
.It Fl R
Delete and re-create the linkfarm for
.Ar package .
.It Fl s Ar subdir
The root of the package hierarchy for the linkfarm is the
.Ar subdir
sub-directory in the package.
By default, assume the root of the package hierarchy is simply the
.Ar package
directory.
.It Fl t Ar target
Set
.Ar target
as the directory in which to create and delete the linkfarm for
.Ar package .
The default
.Ar target
directory is
.Pa /usr/pkg
but may be overridden by the
.Ev LOCALBASE
environment variable.
.It Fl V
Print version number and exit.
.It Fl v
Turn on verbose output.
Specifying
.Fl v
multiple times increases the level of verbosity.
.El
.Sh ENVIRONMENT
.Bl -tag -width indent
.It Ev LOCALBASE
The standard packages directory,
.Pa /usr/pkg ,
can be overridden by specifying an alternative directory in the
.Ev LOCALBASE
environment variable. This affects the default
.Ar target
and
.Ar stowdir
directories.
.It Ev PLIST_IGNORE_FILES
This can be used to specify files in
.Ar package
that should ignored when creating and deleting symbolic links in
.Ar target .
.Ev PLIST_IGNORE_FILES
is a space-separated list of shell glob patterns that match files relative
to the
.Ar package
directory, and it defaults to "info/dir *[~#] *.OLD *.orig *,v".
.El
.Sh SEE ALSO
.Xr lndir 1 ,
.Xr pkg_view 1
.Sh AUTHORS
The
.Nm
utility was written by
.An Alistair G. Crooks Aq agc@NetBSD.org .

232
external/bsd/pkg_install/dist/view/linkfarm.sh.in vendored
View File

@ -1,232 +0,0 @@
#! /bin/sh
# $NetBSD: linkfarm.sh.in,v 1.1.1.1 2008/09/30 19:00:27 joerg Exp $
#
# Copyright (c) 2002 Alistair G. Crooks. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
# must display the following acknowledgement:
# This product includes software developed by Alistair G. Crooks.
# 4. The name of the author may not be used to endorse or promote
# products derived from this software without specific prior written
# permission.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# set -x
prefix="@prefix@"
exec_prefix="@exec_prefix@"
sbindir="@sbindir@"
# set up program definitions
findprog="@FIND@"
grepprog="@GREP@"
lnprog="@LN@"
mkdirprog="@MKDIR@"
pkginfoprog="@sbindir@/pkg_info"
rmprog="@RM@"
rmdirprog="@RMDIR@"
sedprog="@SED@"
sortprog="@SORT@"
usage() {
echo 'Usage: linkfarm [options] package'
exit 1
}
version() {
$pkginfoprog -V
exit 0
}
checkdir() {
if [ ! -d "$1" ]; then
echo "linkfarm: \`$1' doesn't exist"
exit 1
fi
}
ignorefiles=${PLIST_IGNORE_FILES:-"info/dir *[~#] *.OLD *.orig *,v"}
linktype=-s
# default action: create a linkfarm in $target from $stowdir/$1
# i.e. linkfarm --target=${prefix}/${view} --dir=${prefix}/packages $1
#
doit=""
target=${LOCALBASE:-/usr/pkg}
stowdir=${target}/packages
subdir=""
verbose=0
# default action is to create
check=no
delete=no
create=yes
# process args - can't use getopt(1) because of '--' style args
while [ $# -gt 0 ]; do
case "$1" in
-D) delete=yes; create=no ;;
-R) delete=yes; create=yes ;;
-V) version ;;
-c) check=yes; doit=":" ;;
-d) stowdir=$2; shift ;;
-d*) stowdir=`echo $1 | $sedprog -e 's|-d||'` ;;
-s) subdir=$2; shift ;;
-s*) subdir=`echo $1 | $sedprog -e 's|-s||'` ;;
-t) target=$2; shift ;;
-t*) target=`echo $1 | $sedprog -e 's|-t||'` ;;
-n) doit=":" ;;
-v) verbose=`expr $verbose + 1` ;;
--delete) delete=yes; create=no ;;
--dir=*) stowdir=`echo $1 | $sedprog -e 's|--dir=||'` ;;
--restow) delete=yes; create=yes ;;
--subdir=*) subdir=`echo $1 | $sedprog -e 's|--subdir=||'` ;;
--target=*) target=`echo $1 | $sedprog -e 's|--target=||'` ;;
--version) version ;;
--) shift; break ;;
*) break ;;
esac
shift
done
# set the package name
package=$1
# make sure stowdir has a full pathname
case $stowdir in
/*) ;;
*) stowdir=`pwd`/$stowdir ;;
esac
# Set the directory from which we symlink.
case $subdir in
"") fromdir=$stowdir/$package ;;
*) fromdir=$stowdir/$package/$subdir ;;
esac
# Set the directory to which we symlink.
case $target in
/*) todir=$target ;;
*) todir=`pwd`/$target ;;
esac
# if we're checking the entries, check, then exit
case $check in
yes)
checkdir $fromdir
(cd $fromdir
ex=0
$findprog . ! -type d -print | \
$sedprog -e 's|^\./||' | \
while read f; do
if [ -e $todir/$f ]; then
ignore=no
for i in $ignorefiles; do
case $f in
$i) ignore=yes; break ;;
esac
done
case $ignore in
no)
echo "${f}"; ex=1 ;;
esac
fi
done
exit $ex) || exit 1
;;
esac
# if we need to get rid of old linkfarms, do it
case $delete in
yes)
checkdir $fromdir
(cd $fromdir
$findprog . ! -type d -print | \
$sedprog -e 's|^\./||' | \
while read f; do
ignore=no
for i in $ignorefiles; do
case $f in
$i) ignore=yes; break ;;
esac
done
case $ignore in
no)
if [ $verbose -gt 0 ]; then
echo "$rmprog -f $todir/$f"
fi
$doit $rmprog -f $todir/$f ;;
esac
done
$findprog . -type d -print | \
$sedprog -e 's|^\./||' | \
$sortprog -r | \
while read d; do
if [ $verbose -gt 0 ]; then
echo "$rmdirprog $todir/$d"
fi
$doit $rmdirprog $todir/$d > /dev/null 2>&1
done)
;;
esac
# if we need to create new linkfarms, do it
case $create in
yes)
checkdir $fromdir
(cd $fromdir
$findprog . -type d -print | \
$sedprog -e 's|^\./||' | \
while read d; do
case "$d" in
"") continue ;;
esac
if [ $verbose -gt 0 ]; then
echo "$mkdirprog -p $todir/$d"
fi
$doit $mkdirprog -p $todir/$d > /dev/null 2>&1
done
$findprog . ! -type d -print | \
$sedprog -e 's|^\./||' | \
while read f; do
ignore=no
for i in $ignorefiles; do
case $f in
$i) ignore=yes; break ;;
esac
done
case $ignore in
no)
if [ $verbose -gt 0 ]; then
echo "$lnprog ${linktype} $fromdir/$f $todir/$f"
fi
$doit $lnprog ${linktype} $fromdir/$f $todir/$f ;;
esac
done)
;;
esac
exit 0

278
external/bsd/pkg_install/dist/view/pkg_view.1 vendored
View File

@ -1,278 +0,0 @@
.\" $NetBSD: pkg_view.1,v 1.1.1.1 2008/09/30 19:00:27 joerg Exp $
.\"
.\" Copyright (c) 2003 The NetBSD Foundation, Inc.
.\" All rights reserved.
.\"
.\" Redistribution and use in source and binary forms, with or without
.\" modification, are permitted provided that the following conditions
.\" are met:
.\" 1. Redistributions of source code must retain the above copyright
.\" notice, this list of conditions and the following disclaimer.
.\" 2. Redistributions in binary form must reproduce the above copyright
.\" notice, this list of conditions and the following disclaimer in the
.\" documentation and/or other materials provided with the distribution.
.\" 3. All advertising materials mentioning features or use of this software
.\" must display the following acknowledgement:
.\" This product includes software developed by the NetBSD
.\" Foundation, Inc. and its contributors.
.\" 4. Neither the name of The NetBSD Foundation nor the names of its
.\" contributors may be used to endorse or promote products derived
.\" from this software without specific prior written permission.
.\"
.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
.\" POSSIBILITY OF SUCH DAMAGE.
.\"
.Dd September 8, 2003
.Dt PKG_VIEW 1
.Os
.Sh NAME
.Nm pkg_view
.Nd add and delete instances of depoted packages in views
.Sh SYNOPSIS
.Nm
.Op Fl nVv
.Op Fl d Ar stowdir
.Op Fl i Ar ignore
.Op Fl k Ar pkg_dbdir
.Op Fl W Ar viewbase
.Op Fl w Ar view
.Ar command
.Ar package ...
.Sh DESCRIPTION
The
.Nm
command is used to add and delete instances of depoted packages in
.Ar stowdir
in a
.Ar view
in the
.Ar viewbase
directory.
.Sh WARNING
.Bf -emphasis
Since the
.Nm
command may execute scripts or programs provided by a package file,
your system may be susceptible to
.Dq Trojan horses
or other subtle
attacks from miscreants who create dangerous package files.
.Pp
You are advised to verify the competence and identity of those who
provide installable package files.
For extra protection, examine all the package control files in the
package database directory
.Pa ( /usr/pkg/packages/\*[Lt]pkg-name\*[Gt]/ ) .
Pay particular attention to any
.Pa +INSTALL
or
.Pa +DEINSTALL
files, and inspect the
.Pa +CONTENTS
file for
.Cm @cwd ,
.Cm @mode
(check for setuid),
.Cm @dirrm ,
.Cm @exec ,
and
.Cm @unexec
directives, and/or use the
.Xr pkg_info 1
command to examine the installed package control files.
.Ef
.Sh OPTIONS
The following command-line options are supported:
.Bl -tag -width indent
.It Fl d Ar stowdir
Set
.Ar stowdir
as the directory in which the depoted packages can be found.
If this option isn't specified, then the
.Ar stowdir
is taken from the value of the environment variable
.Ev DEPOTBASE
if it's set, otherwise the default
.Ar stowdir
is the path to the
.Pa packages
directory under
.Ar viewbase .
.It Fl i Ar ignore
Add
.Ar ignore
to the list of files in
.Ar package
that should ignored when adding or removing the package instance from
.Ar view .
.It Fl k Ar pkg_dbdir
Set
.Ar pkg_dbdir
as the package database directory for the default (empty) view.
If this option isn't specified, then the package database directory is
taken from the value of the environment variable
.Ev PKG_DBDIR ,
otherwise it defaults to
.Pa /var/db/pkg .
.It Fl n
Don't actually execute the commands for manipulating the package instances.
.It Fl V
Print the version number and exit.
.It Fl v
Turn on verbose output.
Specifying
.Fl v
multiple times increases the level of verbosity.
.It Fl W Ar viewbase
Set
.Ar viewbase
as the directory in which all the views are managed.
The default
.Ar viewbase
directory is
.Pa /usr/pkg
but may be overridden by the
.Ev LOCALBASE
environment variable.
.It Fl w Ar view
Set
.Ar view
as the directory in
.Ar viewbase
in which the package instances should be added or deleted.
The default
.Ar view
is the empty view but may be overridden by the
.Ev PKG_VIEW
environment variable.
.El
.Pp
The following commands are supported:
.Bl -tag -width indent
.It Cm add
Add the listed package instances into
.Ar view .
.It Cm check
Check whether the listed package instances are present in
.Ar view .
If they are not present, then return 0, otherwise return 1.
.It Cm delete
Delete the listed package instances from
.Ar view .
.El
.Sh ENVIRONMENT
.Bl -tag -width indent
.It Ev DEPOTBASE
This is the location of the
.Ar stowdir
directory inside which all depoted packages are kept.
The default
.Ar stowdir
is the
.Pa packages
directory under
.Ar viewbase .
.It Ev LOCALBASE
This is the location of the
.Ar viewbase
directory in which all the views are managed.
The default
.Ar viewbase
directory is
.Pa /usr/pkg .
.It Ev PKG_DBDIR
If the
.Fl k
flag isn't given, then the value of the environment variable
.Ev PKG_DBDIR
is the package database directory for the default view,
otherwise it defaults to
.Pa /var/db/pkg .
.It Ev PLIST_IGNORE_FILES
This can be used to specify files in
.Ar package
that should ignored when adding or removing the package instance from
.Ar view .
.Ev PLIST_IGNORE_FILES
is a space-separated list of shell glob patterns that match files relative
to the
.Ar package
depot directory, and it defaults to "info/dir *[~#] *.OLD *.orig *,v".
This is overridden by any
.Ev _PLIST_IGNORE_FILES
setting in a package's
.Ar build-info-file
(see
.Xr pkg_create 1 )
if it exists.
.It Ev PKG_VIEW
The default view can be specified in the
.Ev PKG_VIEW
environment variable.
.El
.Sh FILES
.Bl -tag -width indent
.It Pa \*[Lt]pkg-dbdir\*[Gt]/\*[Lt]package\*[Gt]/+INSTALL
If the package contains an
.Ar install
script (see
.Xr pkg_create 1 ) ,
then after the package instance is added into a view, the script is
executed with the following arguments:
.Bl -tag -width package
.It Ar package
The name of the package instance being added.
.It Cm VIEW-INSTALL
Keyword denoting that the script is to perform any actions needed after
the package instance is added to a view.
.El
.Pp
If the
.Ar install
script exits with a non-zero status code, the installation is terminated.
.It Pa \*[Lt]pkg-dbdir\*[Gt]/\*[Lt]package\*[Gt]/+DEINSTALL
If the package contains an
.Ar deinstall
script (see
.Xr pkg_create 1 ) ,
then before the package instance is deleted from a view, the script is
executed with the following arguments:
.Bl -tag -width package
.It Ar package
The name of the package instance being deleted.
.It Cm VIEW-DEINSTALL
Keyword denoting that the script is to perform any actions needed before
the package instance is deleted from a view.
.El
.Pp
If the
.Ar deinstall
script exits with a non-zero status code, the de-installation is terminated.
.El
.Pp
The
.Ar install
and
.Ar deinstall
scripts are called with the environment variable
.Ev PKG_PREFIX
set to the path to the
.Ar view
directory.
.Sh SEE ALSO
.Xr linkfarm 1 ,
.Xr pkg_delete 1
.Sh AUTHORS
The
.Nm
utility was written by
.An Alistair G. Crooks Aq agc@NetBSD.org .

276
external/bsd/pkg_install/dist/view/pkg_view.sh.in vendored
View File

@ -1,276 +0,0 @@
#! /bin/sh
# $NetBSD: pkg_view.sh.in,v 1.1.1.1 2008/09/30 19:00:27 joerg Exp $
#
# Copyright (c) 2001 Alistair G. Crooks. All rights reserved.
#
# Redistribution and use in source and binary forms, with or without
# modification, are permitted provided that the following conditions
# are met:
# 1. Redistributions of source code must retain the above copyright
# notice, this list of conditions and the following disclaimer.
# 2. Redistributions in binary form must reproduce the above copyright
# notice, this list of conditions and the following disclaimer in the
# documentation and/or other materials provided with the distribution.
# 3. All advertising materials mentioning features or use of this software
# must display the following acknowledgement:
# This product includes software developed by Alistair G. Crooks.
# 4. The name of the author may not be used to endorse or promote
# products derived from this software without specific prior written
# permission.
#
# THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS
# OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
# WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
# ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
# DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE
# GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
# INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
# NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
# SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
# set -x
prefix="@prefix@"
exec_prefix="@exec_prefix@"
sbindir="@sbindir@"
# set up program definitions
chmodprog="@CHMOD@"
cmpprog="@CMP@"
cpprog="@CP@"
envprog="@ENV@"
findprog="@FIND@"
grepprog="@GREP@"
linkfarmprog="@sbindir@/linkfarm"
lnprog="@LN@"
mkdirprog="@MKDIR@"
paxprog="@pax@"
pkgadminprog="@sbindir@/pkg_admin"
pkginfoprog="@sbindir@/pkg_info"
rmprog="@RM@"
rmdirprog="@RMDIR@"
sedprog="@SED@"
touchprog="@TOUCH@"
usage() {
echo 'Usage: pkg_view [-nVv] [-d stowdir] [-i ignore] [-k pkg_dbdir] [-W viewbase]'
echo ' [-w viewname] add|check|delete pkgname...'
exit 1
}
version() {
$pkginfoprog -V
exit 0
}
checkpkg() {
if [ ! -d "$2/$1" ]; then
echo "pkg_view: \`$1' doesn't exist in \`$2'" 1>&2
exit 1
fi
}
#########################################
# Initialization and Options Processing #
#########################################
doit=""
stowdir=""
viewbase=${LOCALBASE:-/usr/pkg}
view=${PKG_VIEW:-""}
dflt_ignorefiles=${PLIST_IGNORE_FILES:-"info/dir *[~#] *.OLD *.orig *,v"}
dflt_pkg_dbdir=${PKG_DBDIR:-/var/db/pkg}
ignorefiles=""
verbose=0
while [ $# -gt 0 ]; do
case "$1" in
-d) stowdir=$2; shift ;;
-d*) stowdir=`echo $1 | $sedprog -e 's|^-d||'` ;;
-i) ignorefiles="$ignorefiles $2"; shift ;;
-i*) ignorefiles="$ignorefiles `echo $1 | $sedprog -e 's|^-i||'`" ;;
-k) dflt_pkg_dbdir="$2"; shift ;;
-k*) dflt_pkg_dbdir=`echo $1 | $sedprog -e 's|^-k||'` ;;
-n) doit=":" ;;
-V) version ;;
-v) verbose=`expr $verbose + 1` ;;
-W) viewbase=$2; shift ;;
-W*) viewbase=`echo $1 | $sedprog -e 's|^-p||'` ;;
-w) view=$2; shift ;;
--view=*) view=`echo $1 | $sedprog -e 's|--view=||'` ;;
--) shift; break ;;
*) break ;;
esac
shift
done
if [ $# -lt 1 ]; then
usage
fi
# echoN will actually give output if ${verbose} > N.
echo1=":"
echo2=":"
if [ ${verbose} -gt 0 ]; then echo1=echo; fi
if [ ${verbose} -gt 1 ]; then echo2=echo; fi
action=""
case "$1" in
add) action=add ;;
check) action=check ;;
delete|rm) action=delete ;;
*) usage ;;
esac
shift
# if standard view, put package info into ${dflt_pkg_dbdir}
# if not standard view, put package info into view's pkgdb
case "$view" in
"")
pkg_dbdir=${dflt_pkg_dbdir}
targetdir=${viewbase}
viewstr="the standard view"
;;
*)
pkg_dbdir=${viewbase}/${view}/.pkgdb
targetdir=${viewbase}/${view}
viewstr="view \"${view}\""
;;
esac
# Use stowdir if it's given, else fall back to ${DEPOTBASE} or else
# default to ${viewbase}/packages.
#
depot_pkg_dbdir=${stowdir:-${DEPOTBASE:-${viewbase}/packages}}
case "${depot_pkg_dbdir}" in
${pkg_dbdir})
echo "pkg_view: the depot and the view package database directories are the same" 1>&2
exit 1
;;
esac
##########################
# Shell helper functions #
##########################
# symlinks check|add|delete <pkg>
#
# Calls linkfarm(1) to check, add or delete the symlink farm in
# ${targetdir}. We also ignore the right set of files when doing the
# linkfarm operations.
#
symlinks() {
pkg=$2
case "$1" in
add) linkfarmflags="" ;;
check) linkfarmflags="-c" ;;
delete) linkfarmflags="-D" ;;
esac
if [ -f ${depot_pkg_dbdir}/$pkg/+BUILD_INFO ]; then
ignore=`$grepprog "^_PLIST_IGNORE_FILES=" ${depot_pkg_dbdir}/$pkg/+BUILD_INFO | $sedprog -e 's|^_PLIST_IGNORE_FILES=[ ]*||'`
fi
case "$ignore" in
"") ignore="${dflt_ignorefiles}" ;;
esac
dbs=`(cd ${depot_pkg_dbdir}/$pkg; echo +*)`
ignore="${ignore} ${ignorefiles} $dbs"
$doit $envprog PLIST_IGNORE_FILES="${ignore}" $linkfarmprog $linkfarmflags --target=${targetdir} --dir=${depot_pkg_dbdir} $pkg
}
#############
# Main Loop #
#############
while [ $# -gt 0 ]; do
case $action in
add)
checkpkg $1 ${depot_pkg_dbdir}
if [ -f ${pkg_dbdir}/$1/+DEPOT ]; then
echo "pkg_view: \`$1' already exists in $viewstr" 1>&2
exit 1
fi
$echo1 "Adding $1 to ${targetdir}."
symlinks add $1
$doit $mkdirprog -p ${depot_pkg_dbdir}/$1
temp=${depot_pkg_dbdir}/$1/+VIEWS.$$
$doit $touchprog ${depot_pkg_dbdir}/$1/+VIEWS
$doit $cpprog ${depot_pkg_dbdir}/$1/+VIEWS ${temp}
case "$doit" in
"") ($grepprog -v '^'${pkg_dbdir}'$' ${temp} || true; echo ${pkg_dbdir}) > ${depot_pkg_dbdir}/$1/+VIEWS ;;
esac
$doit $rmprog ${temp}
$doit $mkdirprog -p ${pkg_dbdir}/$1
#
# Copy all of the metadata files except for +VIEWS,
# which is only for the depoted package, and
# +REQUIRED_BY, which is irrelevant for a package in
# a view.
#
case "$doit" in
"") (cd ${depot_pkg_dbdir}/$1; $paxprog -rwpe '-s|\./+VIEWS$||' '-s|\./+REQUIRED_BY$||' ./+* ${pkg_dbdir}/$1)
$sedprog -e 's|'${depot_pkg_dbdir}/$1'|'${targetdir}'|g' < ${depot_pkg_dbdir}/$1/+CONTENTS > ${pkg_dbdir}/$1/+CONTENTS
echo "${depot_pkg_dbdir}/$1" > ${pkg_dbdir}/$1/+DEPOT
;;
esac
$doit $pkgadminprog -K ${pkg_dbdir} add $1
if [ -f ${pkg_dbdir}/$1/+INSTALL ]; then
$doit $chmodprog +x ${pkg_dbdir}/$1/+INSTALL
$doit $envprog -i PKG_PREFIX=${targetdir} ${pkg_dbdir}/$1/+INSTALL $1 VIEW-INSTALL
ec=$?
if [ $ec != 0 ]; then
echo "pkg_view: install script returned an error." 1>&2
exit $ec
fi
fi
;;
check)
checkpkg $1 ${depot_pkg_dbdir}
$echo1 "Checking $1 in ${targetdir}."
symlinks check $1
exit $?
;;
delete)
checkpkg $1 ${depot_pkg_dbdir}
if [ ! -f ${pkg_dbdir}/$1/+DEPOT ]; then
echo "pkg_view: \`$1' doesn't exist in $viewstr" 1>&2
exit 1
fi
$echo1 "Deleting $1 from ${targetdir}."
if [ -f ${pkg_dbdir}/$1/+REQUIRED_BY ]; then
if $cmpprog -s ${pkg_dbdir}/$1/+REQUIRED_BY /dev/null; then
: # not really required by another pkg
else
(echo "pkg_view: \`$1' is required by other packages:"
$sedprog -e 's|^| |' ${pkg_dbdir}/$1/+REQUIRED_BY) 1>&2
exit 1
fi
fi
if [ -f ${pkg_dbdir}/$1/+DEINSTALL ]; then
$doit $chmodprog +x ${pkg_dbdir}/$1/+DEINSTALL
$doit $envprog -i PKG_PREFIX=${targetdir} ${pkg_dbdir}/$1/+DEINSTALL $1 VIEW-DEINSTALL
ec=$?
if [ $ec != 0 ]; then
echo "pkg_view: de-install script returned an error." 1>&2
exit $ec
fi
fi
symlinks delete $1
temp=${depot_pkg_dbdir}/$1/+VIEWS.$$
$doit $cpprog ${depot_pkg_dbdir}/$1/+VIEWS ${temp}
case "$doit" in
"") ($grepprog -v '^'${pkg_dbdir}'$' ${temp} || true) > ${depot_pkg_dbdir}/$1/+VIEWS ;;
esac
$doit $rmprog ${temp}
$doit $rmprog -rf ${pkg_dbdir}/$1
$doit $pkgadminprog -K ${pkg_dbdir} delete $1
;;
esac
shift
done
exit 0

11
external/bsd/pkg_install/lib/Makefile vendored
View File

@ -1,17 +1,16 @@
# $NetBSD: Makefile,v 1.1 2008/09/30 19:19:56 joerg Exp $
# $NetBSD: Makefile,v 1.2 2009/02/02 20:47:21 joerg Exp $
# Original from FreeBSD, no rcs id.
LIBISPRIVATE= yes
LIB= install
SRCS= automatic.c conflicts.c decompress.c dewey.c \
fexec.c file.c ftpio.c global.c iterate.c lpkg.c \
opattern.c path.c pexec.c pen.c pkgdb.c pkg_io.c plist.c \
str.c version.c var.c vulnerabilities-file.c
fexec.c file.c global.c gpgsig.c iterate.c lpkg.c \
opattern.c path.c parse-config.c pkcs7.c pkg_signature.c \
pkgdb.c pkg_io.c plist.c remove.c \
str.c version.c var.c vulnerabilities-file.c xwrapper.c
MAN= pkg_summary.5
CPPFLAGS+= -DNETBSD
version.o: version.h version.c
.include <bsd.init.mk>

4
external/bsd/pkg_install/prepare-import.sh vendored
View File

@ -1,5 +1,5 @@
#!/bin/sh
# $NetBSD: prepare-import.sh,v 1.2 2008/11/07 15:24:44 joerg Exp $
# $NetBSD: prepare-import.sh,v 1.3 2009/02/02 20:47:20 joerg Exp $
#
# Copy new pkgsrc/pkg_install/files to dist.
# Run this script and check for additional files and
@ -10,4 +10,4 @@ set -e
cd dist
rm -f Makefile.in README config* install-sh tkpkg
rm -f */Makefile.in */*.cat*
rm -rf CVS */CVS
rm -rf CVS */CVS view

6
external/bsd/pkg_install/sbin/Makefile vendored
View File

@ -1,6 +1,6 @@
# $NetBSD: Makefile,v 1.2 2008/10/01 07:53:27 joerg Exp $
# $NetBSD: Makefile,v 1.3 2009/02/02 20:47:21 joerg Exp $
SUBDIR= audit-packages bpm pkg_add pkg_admin pkg_create \
pkg_delete pkg_info pkg_view
SUBDIR= bpm pkg_add pkg_admin pkg_create \
pkg_delete pkg_info
.include <bsd.subdir.mk>

8
external/bsd/pkg_install/sbin/Makefile.inc vendored
View File

@ -1,4 +1,4 @@
# $NetBSD: Makefile.inc,v 1.1 2008/09/30 19:19:56 joerg Exp $
# $NetBSD: Makefile.inc,v 1.2 2009/02/02 20:47:21 joerg Exp $
.include <bsd.own.mk>
@ -12,17 +12,11 @@ CPPFLAGS+= -DBINDIR='"${BINDIR}"'
DPADD+= ${LIBINSTALL}/libinstall.a
LDADD+= -L${LIBINSTALL} -linstall -ltermcap
.if defined(LINK_PKGVUL) || defined(LINK_ARCHIVE)
DPADD+= ${LIBFETCH} ${LIBSSL} ${LIBCRYPTO}
LDADD+= -lfetch -lssl -lcrypto
.endif
.if defined(LINK_ARCHIVE)
DPADD+= ${LIBARCHIVE}
LDADD+= -larchive
.endif
.if defined(LINK_PKGVUL) || defined(LINK_ARCHIVE)
DPADD+= ${LIBZ} ${LIBBZ2}
LDADD+= -lz -lbz2
.endif

4
external/bsd/pkg_install/sbin/pkg_add/Makefile vendored
View File

@ -1,8 +1,8 @@
# $NetBSD: Makefile,v 1.1 2008/09/30 19:19:56 joerg Exp $
# $NetBSD: Makefile,v 1.2 2009/02/02 20:47:21 joerg Exp $
# Original from FreeBSD, no rcs id.
PROG= pkg_add
SRCS= main.c perform.c futil.c extract.c verify.c
SRCS= main.c perform.c
.include <bsd.init.mk>

15
external/bsd/pkg_install/sbin/pkg_admin/Makefile vendored
View File

@ -1,7 +1,18 @@
# $NetBSD: Makefile,v 1.1 2008/09/30 19:19:56 joerg Exp $
# $NetBSD: Makefile,v 1.2 2009/02/02 20:47:21 joerg Exp $
PROG= pkg_admin
SRCS= audit.c check.c config.c main.c
SRCS= audit.c check.c main.c
SCRIPTS= audit-packages.sh download-vulnerability-list.sh
CLEANFILES= audit-packages.sh download-vulnerability-list.sh
audit-packages.sh: audit-packages.sh.in
sed -e 's|@PKG_ADMIN@|/usr/sbin/pkg_admin|' \
${DIST}/admin/audit-packages.sh.in > $@
download-vulnerability-list.sh: download-vulnerability-list.sh.in
sed -e 's|@PKG_ADMIN@|/usr/sbin/pkg_admin|' \
${DIST}/admin/download-vulnerability-list.sh.in > $@
LINK_PKGVUL= yes

5
external/bsd/pkg_install/sbin/pkg_create/Makefile vendored
View File

@ -1,12 +1,9 @@
# $NetBSD: Makefile,v 1.1 2008/09/30 19:19:56 joerg Exp $
# $NetBSD: Makefile,v 1.2 2009/02/02 20:47:21 joerg Exp $
# Original from FreeBSD, no rcs id.
PROG= pkg_create
SRCS= main.c perform.c pl.c util.c build.c
DPADD= ${LIBARCHIVE} ${LIBZ} ${LIBBZ2}
LDADD= -larchive -lz -lbz2
.include <bsd.init.mk>
.PATH: ${DIST}/create

4
external/bsd/pkg_install/sbin/pkg_info/Makefile vendored
View File

@ -1,11 +1,9 @@
# $NetBSD: Makefile,v 1.1 2008/09/30 19:19:57 joerg Exp $
# $NetBSD: Makefile,v 1.2 2009/02/02 20:47:21 joerg Exp $
# Original from FreeBSD, no rcs id
PROG= pkg_info
SRCS= main.c perform.c show.c
LINK_ARCHIVE= yes
.include <bsd.init.mk>
.PATH: ${DIST}/info

36
external/bsd/pkg_install/sbin/pkg_view/Makefile vendored
View File

@ -1,36 +0,0 @@
# $NetBSD: Makefile,v 1.1 2008/09/30 19:19:57 joerg Exp $
SCRIPTS= linkfarm.sh pkg_view.sh
MAN= linkfarm.1 pkg_view.1
.include <bsd.init.mk>
.PATH: ${DIST}/view
SUBST_PATTERNS= \
-e 's|@prefix@|/usr|' \
-e 's|@exec_prefix@|/usr|' \
-e 's|@sbindir@|/usr/sbin|' \
-e 's|@CHMOD@|/bin/chmod|' \
-e 's|@CMP@|/usr/bin/cmp|' \
-e 's|@CP@|/bin/cp|' \
-e 's|@ENV@|/usr/bin/env|' \
-e 's|@FIND@|/usr/bin/find|' \
-e 's|@GREP@|/usr/bin/grep|' \
-e 's|@LN@|/bin/ln|' \
-e 's|@MKDIR@|/bin/mkdir|' \
-e 's|@pax@|/bin/pax|' \
-e 's|@RM@|/bin/rm|' \
-e 's|@RMDIR@|/bin/rmdir|' \
-e 's|@SED@|/usr/bin/sed|' \
-e 's|@SORT@|/usr/bin/sort|' \
-e 's|@TOUCH@|/usr/bin/touch|'
CLEANFILES+= linkfarm.sh pkg_view.sh
linkfarm.sh: ${DIST}/view/linkfarm.sh.in
${TOOL_SED} ${SUBST_PATTERNS} ${DIST}/view/linkfarm.sh.in > ${.TARGET}
pkg_view.sh: ${DIST}/view/pkg_view.sh.in
${TOOL_SED} ${SUBST_PATTERNS} ${DIST}/view/pkg_view.sh.in > ${.TARGET}
.include <bsd.prog.mk>