diff options
| author | erh <erh@pkgsrc.org> | 2005-11-16 22:07:04 +0000 |
|---|---|---|
| committer | erh <erh@pkgsrc.org> | 2005-11-16 22:07:04 +0000 |
| commit | fedba22fbe83efa580ea77520fb4b68805b26983 (patch) | |
| tree | 414a9761b3c05e815844b1df53d14726356fbabc /doc/guide | |
| parent | 612308e31e4dfa36c5d02f58f85b0af0a8e9d7ac (diff) | |
| download | pkgsrc-fedba22fbe83efa580ea77520fb4b68805b26983.tar.gz | |
Mention the new ALLOW_VULNERABILITIES and SKIP_AUDIT_PACKAGES variables.
Diffstat (limited to 'doc/guide')
| -rw-r--r-- | doc/guide/files/configuring.xml | 19 | ||||
| -rw-r--r-- | doc/guide/files/faq.xml | 7 |
2 files changed, 23 insertions, 3 deletions
diff --git a/doc/guide/files/configuring.xml b/doc/guide/files/configuring.xml index f1dff8656c7..bfc9ea19c74 100644 --- a/doc/guide/files/configuring.xml +++ b/doc/guide/files/configuring.xml @@ -1,4 +1,4 @@ -<!-- $NetBSD: configuring.xml,v 1.7 2005/10/23 11:25:58 rillig Exp $ --> +<!-- $NetBSD: configuring.xml,v 1.8 2005/11/16 22:07:04 erh Exp $ --> <chapter id="configuring"> <title>Configuring pkgsrc</title> @@ -101,7 +101,6 @@ <!-- PKG_SYSCONFDIR.foobar --> <!-- Security --> - <!-- ALLOW_VULNERABLE_PACKAGES --> <!-- PKGVULNDIR --> <sect1 id="developer-advanced-settings"> @@ -131,6 +130,22 @@ the shell commands before their invocation, and their actual execution progress with <command>set -x</command> will be displayed.</para></listitem> + <listitem><para><varname>ALLOW_VULNERABILITIES.<replaceable>pkgbase</replaceable></varname>: + A space separated list of vulnerability IDs that may be ignored when + performing the automated security checks. These IDs are listed in the + pkg-vulnerabilities file and are displayed by + <command>audit-packages</command> when + it finds a vulnerable package. + </para> + </listitem> + <listitem><para><varname>SKIP_AUDIT_PACKAGES</varname>: + If this is set to <quote>yes</quote>, the automated security checks + (which use the <filename role="pkg">security/audit-packages</filename> + package) will be <emphasis role="strong">entirely</emphasis> skipped + for <emphasis role="strong">all</emphasis> packages built. Normally + you'll want to use ALLOW_VULNERABILITIES instead of this. + </para> + </listitem> </itemizedlist> </para> </sect1> diff --git a/doc/guide/files/faq.xml b/doc/guide/files/faq.xml index d40aff4092a..2b48ac9074a 100644 --- a/doc/guide/files/faq.xml +++ b/doc/guide/files/faq.xml @@ -1,4 +1,4 @@ -<!-- $NetBSD: faq.xml,v 1.16 2005/10/23 11:25:58 rillig Exp $ --> +<!-- $NetBSD: faq.xml,v 1.17 2005/11/16 22:07:04 erh Exp $ --> <chapter id="faq"> <?dbhtml filename="faq.html"?> <title>Frequently Asked Questions</title> @@ -542,6 +542,11 @@ package is strongly recommended! After the package's message, which you can get by running <userinput>pkg_info -D audit-package</userinput>.</para> +<para>If this package is installed, pkgsrc builds will use it to perform +a security check before building any package. See +<xref linkend="variables-affecting-build"/> for way to control this check. +</para> + </sect1> </chapter> |