diff options
| author | erh <erh@pkgsrc.org> | 2005-11-16 22:13:42 +0000 |
|---|---|---|
| committer | erh <erh@pkgsrc.org> | 2005-11-16 22:13:42 +0000 |
| commit | 3baf66ff59e11d154c0b9edc107bf20358485e95 (patch) | |
| tree | 519fcbe90657a5f6269be465b9b18cf6bcadb966 /doc | |
| parent | bb3c9ec9a1b6a0888533d6614262897dacc21988 (diff) | |
| download | pkgsrc-3baf66ff59e11d154c0b9edc107bf20358485e95.tar.gz | |
re-generate
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/pkgsrc.html | 38 | ||||
| -rw-r--r-- | doc/pkgsrc.txt | 14 |
2 files changed, 52 insertions, 0 deletions
diff --git a/doc/pkgsrc.html b/doc/pkgsrc.html index 48a2c3074ab..4d5521c6397 100644 --- a/doc/pkgsrc.html +++ b/doc/pkgsrc.html @@ -3695,6 +3695,37 @@ alink="#0000FF"> progress with <span><strong class="command">set -x</strong></span> will be displayed.</p> </li> + + <li> + <p><code class= + "varname">ALLOW_VULNERABILITIES.<em class= + "replaceable"><code>pkgbase</code></em></code>: A + space separated list of vulnerability IDs that may + be ignored when performing the automated security + checks. These IDs are listed in the + pkg-vulnerabilities file and are displayed by + <span><strong class= + "command">audit-packages</strong></span> when it + finds a vulnerable package.</p> + </li> + + <li> + <p><code class= + "varname">SKIP_AUDIT_PACKAGES</code>: If this is + set to “<span class= + "quote">yes</span>”, the automated security + checks (which use the <a xmlns= + "http://www.w3.org/TR/xhtml1/transitional" href= + "ftp://ftp.NetBSD.org/pub/NetBSD/packages/pkgsrc/security/audit-packages/README.html" + target="_top"><code xmlns="" class= + "filename">security/audit-packages</code></a> + package) will be <span class= + "strong"><strong>entirely</strong></span> skipped + for <span class= + "strong"><strong>all</strong></span> packages + built. Normally you'll want to use + ALLOW_VULNERABILITIES instead of this.</p> + </li> </ul> </div> </div> @@ -5722,6 +5753,13 @@ nbftp% <strong class="userinput"><code>chmod 755 .</code></strong> read the package's message, which you can get by running <strong class="userinput"><code>pkg_info -D audit-package</code></strong>.</p> + + <p>If this package is installed, pkgsrc builds will use + it to perform a security check before building any + package. See <a href="#variables-affecting-build" title= + "5.2. Variables affecting the build process">Section 5.2, + “Variables affecting the build process”</a> + for way to control this check.</p> </div> </div> </div> diff --git a/doc/pkgsrc.txt b/doc/pkgsrc.txt index d13df6be3af..33d81374996 100644 --- a/doc/pkgsrc.txt +++ b/doc/pkgsrc.txt @@ -1355,6 +1355,16 @@ XXX their invocation, and their actual execution progress with set -x will be displayed. + * ALLOW_VULNERABILITIES.pkgbase: A space separated list of vulnerability IDs + that may be ignored when performing the automated security checks. These + IDs are listed in the pkg-vulnerabilities file and are displayed by + audit-packages when it finds a vulnerable package. + + * SKIP_AUDIT_PACKAGES: If this is set to "yes", the automated security checks + (which use the security/audit-packages package) will be entirely skipped + for all packages built. Normally you'll want to use ALLOW_VULNERABILITIES + instead of this. + 5.4. Selecting Build Options Some packages have build time options, usually to select between different @@ -2121,6 +2131,10 @@ Use of the security/audit-packages package is strongly recommended! After "audit-packages" is installed, please read the package's message, which you can get by running pkg_info -D audit-package. +If this package is installed, pkgsrc builds will use it to perform a security +check before building any package. See Section 5.2, "Variables affecting the +build process" for way to control this check. + Part II. The pkgsrc developer's guide Table of Contents |