# $NetBSD: audit-packages.conf,v 1.1 2007/07/14 19:53:52 adrianp Exp $ # # sample configuration file for audit-packages(8) and # download-vulnerability-list(8) # # GPG # # Specifies the full path to the gpg tool that will be used for verifying # the signature on the downloaded pkg-vulnerabilities file. # # Used by: audit-packages download-vulnerability-list # Supported: /path/to/gpg # Default: GPG="/usr/pkg/bin/gpg" # PKGVULNDIR # # Specifies the directory the pkg-vulnerabilities file is located in. # # Used by: audit-packages download-vulnerability-list # Supported: /path/to/pkg-vulnerabilities/ # Default: PKGVULNDIR="/var/db/pkg" # COMPRESS_TYPE # # Specifies which type of compressed pkg-vulnerabilities file to # download. You can also specify COMPRESS_TYPE="" to use # and uncompressed version of the file. # # If you change this from the default you must specify a COMPRESS_TOOL. # # Used by: download-vulnerability-list # Supported: gzip bzip2 (none) # Default: COMPRESS_TYPE="gzip" # COMPRESS_TOOL # # Specifies which tool will be used when dealing with the compressed # pkg-vulnerabilities file. # # Used by: download-vulnerability-list # Supported: Any local binary that can decompress the # pkg-vulnerabilities file to stdout # Default: COMPRESS_TOOL="/usr/bin/gzcat" # FETCH_CMD # # Specifies the tool that will be used to fetch the pkg-vulnerabilities # file. # # Used by: download-vulnerability-list # Supported: /path/to/curl /path/to/ftp /path/to/wget /path/to/fetch # Default: FETCH_CMD="/usr/bin/ftp" # FETCH_ARGS # # Specifies optional arguments for the download-vulnerability-list client. # # Used by: download-vulnerability-list # Supported: Any valid arguments for FETCH_CMD # Default: FETCH_ARGS= # FETCH_PROTO # # Specifies the protocol to use when fetching the pkg-vulnerabilities file. # # Used by: download-vulnerability-list # Supported: ftp http # Default: FETCH_PROTO="ftp" # IGNORE_URLS # # A list of vulnerability URLs to be ignored. # # Used by: audit-packages # Supported: Valid URL(s) from pkg-vulnerabilities # Default: IGNORE_URLS=