summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--pkgtools/pkg_install/files/add/pkg_add.157
-rw-r--r--pkgtools/pkg_install/files/add/pkg_add.cat129
2 files changed, 65 insertions, 21 deletions
diff --git a/pkgtools/pkg_install/files/add/pkg_add.1 b/pkgtools/pkg_install/files/add/pkg_add.1
index b8538f9aa97..4e34115a579 100644
--- a/pkgtools/pkg_install/files/add/pkg_add.1
+++ b/pkgtools/pkg_install/files/add/pkg_add.1
@@ -1,4 +1,4 @@
-.\" $NetBSD: pkg_add.1,v 1.13 2005/02/05 00:28:58 jlam Exp $
+.\" $NetBSD: pkg_add.1,v 1.14 2005/05/06 23:03:41 wiz Exp $
.\"
.\" FreeBSD install - a package for the installation and maintenance
.\" of non-core utilities.
@@ -17,7 +17,7 @@
.\"
.\" @(#)pkg_add.1
.\"
-.Dd February 4, 2005
+.Dd May 7, 2005
.Dt PKG_ADD 1
.Os
.Sh NAME
@@ -62,7 +62,9 @@ depends on or requires from both local disk and via FTP or HTTP.
Since the
.Nm
command may execute scripts or programs contained within a package file,
-your system may be susceptible to ``Trojan horses'' or other subtle
+your system may be susceptible to
+.Dq Trojan horses
+or other subtle
attacks from miscreants who create dangerous package files.
.Pp
You are advised to verify the competence and identity of those who
@@ -228,14 +230,17 @@ Use
.Ar template
as the input to
.Xr mktemp 3
-when creating a ``staging area.''
+when creating a
+.Dq staging area .
By default, this is the string
.Pa /var/tmp/instmp.XXXXXX ,
but it may be necessary to override it in the situation where
space in your
.Pa /var/tmp
directory is limited.
-Be sure to leave some number of `X' characters for
+Be sure to leave some number of
+.Sq X
+characters for
.Xr mktemp 3
to fill in with a unique ID.
.Pp
@@ -281,7 +286,9 @@ environment variable.
One or more
.Ar pkg-name
arguments may be specified, each being either a file containing the
-package (these usually ending with the ``.tgz'' suffix) or a
+package (these usually ending with the
+.Dq .tgz
+suffix) or a
URL pointing at a file available on an ftp or web site.
Thus you may extract files directly from their anonymous ftp or WWW
locations (e.g.,
@@ -310,7 +317,8 @@ passive mode
ftp.
.Sh TECHNICAL DETAILS
.Nm
-extracts each package's "packing list"
+extracts each package's
+.Dq packing list
into a special staging directory in /var/tmp (or $PKG_TMPDIR if set)
and then runs through the following sequence to fully extract the contents
of the package:
@@ -573,7 +581,7 @@ will try to install binary packages listed in dependencies list.
.Pp
You can specify a compiled binary package explicitly on the command line.
.Bd -literal
-# pkg_add /usr/pkgsrc/packages/All/tcsh-6.10.00.tgz
+# pkg_add /usr/pkgsrc/packages/All/tcsh-6.14.00.tgz
.Ed
.Pp
If you omit the version number,
@@ -587,16 +595,41 @@ emits more messages to terminal.
# pkg_add -v /usr/pkgsrc/packages/All/unzip
.Ed
.Pp
-You can grab a compiled binary package from remote location, by specifying
+You can grab a compiled binary package from remote location by specifying
a URL.
The URL can be put into an environment variable,
.Ev PKG_PATH .
.Bd -literal
-# pkg_add -v ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All/mozilla-1.7.3nb2.tgz
+# pkg_add -v ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All/firefox-1.0.3.tgz
# export PKG_PATH=ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All
-# pkg_add -v mozilla
+# pkg_add -v firefox
.Ed
+.Pp
+Over time, as problems are found in packages, they will be moved
+from the
+.Pa All
+subdirectory into the
+.Pa vulnerable
+subdirectory.
+If you want to accept vulnerable packages by default
+(and know what you are doing),
+you can add the
+.Pa vulnerable
+directory to your
+.Ev PKG_PATH
+like this:
+.Bd -literal
+# export PKG_PATH="ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All;ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/vulnerable"
+.Ed
+.Pp
+(The quotes are needed because semicolon
+.Pq Sq \&;
+is a shell meta-character.)
+If you do this, consider installing and using the
+.Pa security/audit-packages
+package and running it after every
+.Nm .
.Sh SEE ALSO
.Xr pkg_admin 1 ,
.Xr pkg_create 1 ,
@@ -633,6 +666,6 @@ invocations due to exec argument-space limitations--this depends on the
value returned by
.Fn sysconf _SC_ARG_MAX ) .
.Pp
-Pkg upgrading needs a lot more work to be really universal.
+Package upgrading needs a lot more work to be really universal.
.Pp
Sure to be others.
diff --git a/pkgtools/pkg_install/files/add/pkg_add.cat1 b/pkgtools/pkg_install/files/add/pkg_add.cat1
index e7325ccf26b..5745786212e 100644
--- a/pkgtools/pkg_install/files/add/pkg_add.cat1
+++ b/pkgtools/pkg_install/files/add/pkg_add.cat1
@@ -119,7 +119,7 @@ OOPPTTIIOONNSS
--tt _t_e_m_p_l_a_t_e
Use _t_e_m_p_l_a_t_e as the input to mktemp(3) when creating a ``staging
- area.'' By default, this is the string _/_v_a_r_/_t_m_p_/_i_n_s_t_m_p_._X_X_X_X_X_X,
+ area''. By default, this is the string _/_v_a_r_/_t_m_p_/_i_n_s_t_m_p_._X_X_X_X_X_X,
but it may be necessary to override it in the situation where
space in your _/_v_a_r_/_t_m_p directory is limited. Be sure to leave
some number of `X' characters for mktemp(3) to fill in with a
@@ -163,7 +163,7 @@ OOPPTTIIOONNSS
that demands the usage of _p_a_s_s_i_v_e _m_o_d_e ftp.
TTEECCHHNNIICCAALL DDEETTAAIILLSS
- ppkkgg__aadddd extracts each package's "packing list" into a special staging
+ ppkkgg__aadddd extracts each package's ``packing list'' into a special staging
directory in /var/tmp (or $PKG_TMPDIR if set) and then runs through the
following sequence to fully extract the contents of the package:
@@ -327,20 +327,31 @@ EEXXAAMMPPLLEESS
You can specify a compiled binary package explicitly on the command line.
- # pkg_add /usr/pkgsrc/packages/All/tcsh-6.10.00.tgz
+ # pkg_add /usr/pkgsrc/packages/All/tcsh-6.14.00.tgz
If you omit the version number, ppkkgg__aadddd will install the latest version
available. With --vv, ppkkgg__aadddd emits more messages to terminal.
# pkg_add -v /usr/pkgsrc/packages/All/unzip
- You can grab a compiled binary package from remote location, by specify-
- ing a URL. The URL can be put into an environment variable, PKG_PATH.
+ You can grab a compiled binary package from remote location by specifying
+ a URL. The URL can be put into an environment variable, PKG_PATH.
- # pkg_add -v ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All/mozilla-1.7.3nb2.tgz
+ # pkg_add -v ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All/firefox-1.0.3.tgz
# export PKG_PATH=ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All
- # pkg_add -v mozilla
+ # pkg_add -v firefox
+
+ Over time, as problems are found in packages, they will be moved from the
+ _A_l_l subdirectory into the _v_u_l_n_e_r_a_b_l_e subdirectory. If you want to accept
+ vulnerable packages by default (and know what you are doing), you can add
+ the _v_u_l_n_e_r_a_b_l_e directory to your PKG_PATH like this:
+
+ # export PKG_PATH="ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/All;ftp://ftp.NetBSD.org/pub/NetBSD/packages/2.0/i386/vulnerable"
+
+ (The quotes are needed because semicolon (`;') is a shell meta-charac-
+ ter.) If you do this, consider installing and using the
+ _s_e_c_u_r_i_t_y_/_a_u_d_i_t_-_p_a_c_k_a_g_e_s package and running it after every ppkkgg__aadddd.
SSEEEE AALLSSOO
pkg_admin(1), pkg_create(1), pkg_delete(1), pkg_info(1), mktemp(3),
@@ -365,8 +376,8 @@ BBUUGGSS
exec argument-space limitations--this depends on the value returned by
ssyyssccoonnff(___S_C___A_R_G___M_A_X)).
- Pkg upgrading needs a lot more work to be really universal.
+ Package upgrading needs a lot more work to be really universal.
Sure to be others.
-NetBSD 2.0 February 4, 2005 NetBSD 2.0
+NetBSD 2.0 May 7, 2005 NetBSD 2.0
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-12 07:51:06 +0000