favor of the PKG_DBDIR variable in /etc/pkg_install.conf. The purpose
of this is to only have to define the location of the packages database
in a single place and have all other system components pick it up.
pkgdb_dir is still honored if defined and the scripts will spit out a
warning in that case, asking the administrator to migrate to the
PKG_DBDIR setting. We can't remove this compatibility workaround until,
at least, after NetBSD 6 is released.
packages vulnerability database up to date. This will only fetch the
file from the server if it has changed since the last run.
Add the check_pkg_vulnerabilities and check_pkg_signatures options to the
security script to check that the installed packages are sane.
All of these options are enabled by default but they will only run if
there is, at least, one installed package.
We've handled 16 character logins for quite some time, and we even
have packages that create >8 character accounts. There is no point in
pretending the limit is 8 any more by default.
Discussed (very lightly -- there was little comment) on tech-userlevel
Default diff_options to -u, for unified-format context diffs,
because context is essential to a useful evaluation of differences.
This represents a behavior change.
Implements change-request PR security/17247 from
Takahiro Kambe <taca@sky.yamashina.kyoto.jp>.
check_passwd_nowarn_shells Don't warn about these non-/etc/shells shells
check_passwd_nowarn_users Don't warn about these users
check_passwd_permit_star Don't warn about "*" in the $2 field
Behavior change: check_passwd_nowarn_shells defaults to /sbin/nologin and
/usr/libexec/uucp/uucico, so that it will not warn about the default
master.passwd.
The rationale here is that an administrator who chooses to permit these
warnable conditions should not be warned about them day after day, yet
should not be forced to disable check_passwd entirely.
check_passwd_permit_star is primarily of interest to sites who use *'d
entries for Kerberos or ssh logins, despite the fact that we permit
"*ssh" (etc.) for this purpose (legacy).
of all installed pkgs and their +CONTENTS and +REQUIRED_BY files (if
they have one) and handling this file along with all the other
CHANGELIST stuff.
Greg Woods gets points for coming up with the idea.
Luke Mewburn asked me to do it, and provided lots of criticism along
the way.
directory from /var/backup (useful for those of us who have a separate /var
and would like to have our backup disklabels on the root filesystem).
Default behaviour unchanged. backup_dir being unset is taken as /var/backup.
consistent with what FreeBSD uses /etc/defaults for and since SVR4
uses /etc/default for another purpose. as discussed on tech-userlevel,
and no objections were made.
jmmv