aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOliver Eikemeier <eik@FreeBSD.org>2004-08-13 17:07:05 +0000
committerOliver Eikemeier <eik@FreeBSD.org>2004-08-13 17:07:05 +0000
commit40f8b91153c033f1eebb461da6f47e88de7c6b92 (patch)
tree583c667823c2a03b258ba1aeb92755b5c4ca73ff
parente7ffe66e0d15401a4bdbbbaec12aee86b1d9aedd (diff)
downloadports-40f8b91153c033f1eebb461da6f47e88de7c6b92.tar.gz
ports-40f8b91153c033f1eebb461da6f47e88de7c6b92.zip
Notes
-rw-r--r--ports-mgmt/portaudit/Makefile10
-rw-r--r--ports-mgmt/portaudit/files/portaudit-cmd.sh75
-rw-r--r--ports-mgmt/portaudit/files/portaudit.112
-rw-r--r--security/portaudit/Makefile10
-rw-r--r--security/portaudit/files/portaudit-cmd.sh75
-rw-r--r--security/portaudit/files/portaudit.112
6 files changed, 122 insertions, 72 deletions
diff --git a/ports-mgmt/portaudit/Makefile b/ports-mgmt/portaudit/Makefile
index 7dab2b326c63..f315e2b847c1 100644
--- a/ports-mgmt/portaudit/Makefile
+++ b/ports-mgmt/portaudit/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= portaudit
-PORTVERSION= 0.5.1
+PORTVERSION= 0.5.2
CATEGORIES= security
DISTFILES=
@@ -38,9 +38,15 @@ SED_SCRIPT= -e 's|%%PREFIX%%|${PREFIX}|g' \
.include <bsd.port.pre.mk>
-.if ${OSVERSION} < 492000 || ${OSVERSION} >= 500000 && ${OSVERSION} < 502120
+.if !defined(DFOSVERSION)
+.if ${OSVERSION} < 491101 || ${OSVERSION} >= 500000 && ${OSVERSION} < 502120
RUN_DEPENDS= ${LOCALBASE}/sbin/pkg_info:${PORTSDIR}/sysutils/pkg_install-devel
.endif
+.else
+.if ${DFOSVERSION} < 110000
+RUN_DEPENDS= ${LOCALBASE}/sbin/pkg_info:${PORTSDIR}/sysutils/pkg_install-devel
+.endif
+.endif
.if defined(BZIP2DEPENDS)
RUN_DEPENDS+= bzip2:${PORTSDIR}/archivers/bzip2
diff --git a/ports-mgmt/portaudit/files/portaudit-cmd.sh b/ports-mgmt/portaudit/files/portaudit-cmd.sh
index d482f0c0a646..b76be3fc2581 100644
--- a/ports-mgmt/portaudit/files/portaudit-cmd.sh
+++ b/ports-mgmt/portaudit/files/portaudit-cmd.sh
@@ -127,7 +127,7 @@ audit_installed()
{
local rc=0
- extract_auditfile | awk -F\| '
+ extract_auditfile | awk -F\| "$PRINTAFFECTED_AWK"'
BEGIN { vul=0 }
/^(#|\$)/ { next }
$2 !~ /'"$opt_restrict"'/ { next }
@@ -135,12 +135,7 @@ audit_installed()
cmd="'"$pkg_info"' -E \"" $1 "\""
while((cmd | getline pkg) > 0) {
vul++
- split($2, ref, / /)
- print "Affected package: " pkg
- print "Type of problem: " $3 "."
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
+ print_affected(pkg)
}
close(cmd)
}
@@ -182,7 +177,7 @@ audit_file()
;;
esac
- extract_auditfile | awk -F\| '
+ extract_auditfile | awk -F\| "$PRINTAFFECTED_AWK"'
BEGIN { vul=0 }
/^(#|\$)/ { next }
{
@@ -191,13 +186,7 @@ audit_file()
if ($2 !~ /'"$opt_restrict"'/)
next
vul++
- split($2, ref, / /)
- split(pkg, p)
- print "Affected package: " p[1]
- print "Type of problem: " $3 "."
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
+ print_affected(pkg)
}
close(cmd)
}
@@ -233,14 +222,9 @@ audit_args()
{ print }
' | $pkg_version -T "$1" -`; then
VULCNT=$(($VULCNT+1))
- echo "$VLIST" | awk -F\| '{
- print "Affected package: '$1' (matched by " $1 ")"
- print "Type of problem: " $3 "."
- split($2, ref, / /)
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
- }'
+ echo "$VLIST" | awk -F\| "$PRINTAFFECTED_AWK"'
+ { print_affected("'"$1"'") }
+ '
fi
;;
esac
@@ -271,14 +255,9 @@ audit_cwd()
$2 !~ /'"$opt_restrict"'/ { next }
{ print }
' | $pkg_version -T "$PKGNAME" -`; then
- echo "$VLIST" | awk -F\| '{
- print "Affected package: '$PKGNAME' (matched by " $1 ")"
- print "Type of problem: " $3 "."
- split($2, ref, / /)
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
- }'
+ echo "$VLIST" | awk -F\| "$PRINTAFFECTED_AWK"'
+ { print_affected("'"$PKGNAME"'") }
+ '
return 1
fi
}
@@ -375,7 +354,7 @@ while getopts aCdf:Fqr:vVX: opt; do
X)
opt_expiry="$OPTARG";;
?)
- echo "Usage: $0 -aCdF [-f file] [pkg-name ...]"
+ echo "Usage: $0 -aCdF [-X days] [-r pattern] [-f file] [pkg-name ...]"
exit 2;;
esac
done
@@ -419,6 +398,38 @@ fi
prerequisites_checked=false
+if $opt_quiet; then
+ PRINTAFFECTED_AWK='
+ function print_affected(apkg) {
+ print apkg
+ }
+ '
+elif $opt_verbose; then
+ PRINTAFFECTED_AWK='
+ function print_affected(apkg) {
+ split(apkg, thepkg)
+ print "Affected package: " thepkg[1] " (matched by " $1 ")"
+ print "Type of problem: " $3 "."
+ split($2, ref, / /)
+ for (r in ref)
+ print "Reference: <" ref[r] ">"
+ print ""
+ }
+ '
+else
+ PRINTAFFECTED_AWK='
+ function print_affected(apkg) {
+ split(apkg, thepkg)
+ print "Affected package: " thepkg[1]
+ print "Type of problem: " $3 "."
+ split($2, ref, / /)
+ for (r in ref)
+ print "Reference: <" ref[r] ">"
+ print ""
+ }
+ '
+fi
+
if $opt_audit; then
portaudit_prerequisites
audit_installed || ret=$?
diff --git a/ports-mgmt/portaudit/files/portaudit.1 b/ports-mgmt/portaudit/files/portaudit.1
index f834628f77a1..19531f4db1d2 100644
--- a/ports-mgmt/portaudit/files/portaudit.1
+++ b/ports-mgmt/portaudit/files/portaudit.1
@@ -28,7 +28,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd June 29, 2004
+.Dd August 12, 2004
.Os
.Dt PORTAUDIT \&1 "FreeBSD ports collection"
.
@@ -54,7 +54,7 @@
.Nm
checks installed packages for known vulnerabilities and generates reports
including references to security advisories.
-Its audience are system administrators or individual users.
+Its intended audience is system administrators and individual users.
.Pp
.Nm
uses a database maintained by port committers and the FreeBSD security team
@@ -103,6 +103,10 @@ Test whether
.Ar pkg-name
is listed in the audit database.
.El
+.Pp
+If no options are given,
+.Nm
+prints a vulnerability report for all installed packages.
.
.
.Sh EXAMPLES
@@ -117,6 +121,10 @@ Print a vulnerability report for all installed packages:
.Pp
.Dl "portaudit -a"
.It
+Print a vulnerability report for a remote machine:
+.Pp
+.Dl "ssh remote.example pkg_info | awk '{ print $1 }' | xargs portaudit"
+.It
Print a vulnerability report for the local INDEX:
.Pp
.Dl "portaudit -f %%PORTSDIR%%/%%INDEXFILE%%"
diff --git a/security/portaudit/Makefile b/security/portaudit/Makefile
index 7dab2b326c63..f315e2b847c1 100644
--- a/security/portaudit/Makefile
+++ b/security/portaudit/Makefile
@@ -6,7 +6,7 @@
#
PORTNAME= portaudit
-PORTVERSION= 0.5.1
+PORTVERSION= 0.5.2
CATEGORIES= security
DISTFILES=
@@ -38,9 +38,15 @@ SED_SCRIPT= -e 's|%%PREFIX%%|${PREFIX}|g' \
.include <bsd.port.pre.mk>
-.if ${OSVERSION} < 492000 || ${OSVERSION} >= 500000 && ${OSVERSION} < 502120
+.if !defined(DFOSVERSION)
+.if ${OSVERSION} < 491101 || ${OSVERSION} >= 500000 && ${OSVERSION} < 502120
RUN_DEPENDS= ${LOCALBASE}/sbin/pkg_info:${PORTSDIR}/sysutils/pkg_install-devel
.endif
+.else
+.if ${DFOSVERSION} < 110000
+RUN_DEPENDS= ${LOCALBASE}/sbin/pkg_info:${PORTSDIR}/sysutils/pkg_install-devel
+.endif
+.endif
.if defined(BZIP2DEPENDS)
RUN_DEPENDS+= bzip2:${PORTSDIR}/archivers/bzip2
diff --git a/security/portaudit/files/portaudit-cmd.sh b/security/portaudit/files/portaudit-cmd.sh
index d482f0c0a646..b76be3fc2581 100644
--- a/security/portaudit/files/portaudit-cmd.sh
+++ b/security/portaudit/files/portaudit-cmd.sh
@@ -127,7 +127,7 @@ audit_installed()
{
local rc=0
- extract_auditfile | awk -F\| '
+ extract_auditfile | awk -F\| "$PRINTAFFECTED_AWK"'
BEGIN { vul=0 }
/^(#|\$)/ { next }
$2 !~ /'"$opt_restrict"'/ { next }
@@ -135,12 +135,7 @@ audit_installed()
cmd="'"$pkg_info"' -E \"" $1 "\""
while((cmd | getline pkg) > 0) {
vul++
- split($2, ref, / /)
- print "Affected package: " pkg
- print "Type of problem: " $3 "."
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
+ print_affected(pkg)
}
close(cmd)
}
@@ -182,7 +177,7 @@ audit_file()
;;
esac
- extract_auditfile | awk -F\| '
+ extract_auditfile | awk -F\| "$PRINTAFFECTED_AWK"'
BEGIN { vul=0 }
/^(#|\$)/ { next }
{
@@ -191,13 +186,7 @@ audit_file()
if ($2 !~ /'"$opt_restrict"'/)
next
vul++
- split($2, ref, / /)
- split(pkg, p)
- print "Affected package: " p[1]
- print "Type of problem: " $3 "."
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
+ print_affected(pkg)
}
close(cmd)
}
@@ -233,14 +222,9 @@ audit_args()
{ print }
' | $pkg_version -T "$1" -`; then
VULCNT=$(($VULCNT+1))
- echo "$VLIST" | awk -F\| '{
- print "Affected package: '$1' (matched by " $1 ")"
- print "Type of problem: " $3 "."
- split($2, ref, / /)
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
- }'
+ echo "$VLIST" | awk -F\| "$PRINTAFFECTED_AWK"'
+ { print_affected("'"$1"'") }
+ '
fi
;;
esac
@@ -271,14 +255,9 @@ audit_cwd()
$2 !~ /'"$opt_restrict"'/ { next }
{ print }
' | $pkg_version -T "$PKGNAME" -`; then
- echo "$VLIST" | awk -F\| '{
- print "Affected package: '$PKGNAME' (matched by " $1 ")"
- print "Type of problem: " $3 "."
- split($2, ref, / /)
- for (r in ref)
- print "Reference: <" ref[r] ">"
- print ""
- }'
+ echo "$VLIST" | awk -F\| "$PRINTAFFECTED_AWK"'
+ { print_affected("'"$PKGNAME"'") }
+ '
return 1
fi
}
@@ -375,7 +354,7 @@ while getopts aCdf:Fqr:vVX: opt; do
X)
opt_expiry="$OPTARG";;
?)
- echo "Usage: $0 -aCdF [-f file] [pkg-name ...]"
+ echo "Usage: $0 -aCdF [-X days] [-r pattern] [-f file] [pkg-name ...]"
exit 2;;
esac
done
@@ -419,6 +398,38 @@ fi
prerequisites_checked=false
+if $opt_quiet; then
+ PRINTAFFECTED_AWK='
+ function print_affected(apkg) {
+ print apkg
+ }
+ '
+elif $opt_verbose; then
+ PRINTAFFECTED_AWK='
+ function print_affected(apkg) {
+ split(apkg, thepkg)
+ print "Affected package: " thepkg[1] " (matched by " $1 ")"
+ print "Type of problem: " $3 "."
+ split($2, ref, / /)
+ for (r in ref)
+ print "Reference: <" ref[r] ">"
+ print ""
+ }
+ '
+else
+ PRINTAFFECTED_AWK='
+ function print_affected(apkg) {
+ split(apkg, thepkg)
+ print "Affected package: " thepkg[1]
+ print "Type of problem: " $3 "."
+ split($2, ref, / /)
+ for (r in ref)
+ print "Reference: <" ref[r] ">"
+ print ""
+ }
+ '
+fi
+
if $opt_audit; then
portaudit_prerequisites
audit_installed || ret=$?
diff --git a/security/portaudit/files/portaudit.1 b/security/portaudit/files/portaudit.1
index f834628f77a1..19531f4db1d2 100644
--- a/security/portaudit/files/portaudit.1
+++ b/security/portaudit/files/portaudit.1
@@ -28,7 +28,7 @@
.\"
.\" $FreeBSD$
.\"
-.Dd June 29, 2004
+.Dd August 12, 2004
.Os
.Dt PORTAUDIT \&1 "FreeBSD ports collection"
.
@@ -54,7 +54,7 @@
.Nm
checks installed packages for known vulnerabilities and generates reports
including references to security advisories.
-Its audience are system administrators or individual users.
+Its intended audience is system administrators and individual users.
.Pp
.Nm
uses a database maintained by port committers and the FreeBSD security team
@@ -103,6 +103,10 @@ Test whether
.Ar pkg-name
is listed in the audit database.
.El
+.Pp
+If no options are given,
+.Nm
+prints a vulnerability report for all installed packages.
.
.
.Sh EXAMPLES
@@ -117,6 +121,10 @@ Print a vulnerability report for all installed packages:
.Pp
.Dl "portaudit -a"
.It
+Print a vulnerability report for a remote machine:
+.Pp
+.Dl "ssh remote.example pkg_info | awk '{ print $1 }' | xargs portaudit"
+.It
Print a vulnerability report for the local INDEX:
.Pp
.Dl "portaudit -f %%PORTSDIR%%/%%INDEXFILE%%"