diff options
Diffstat (limited to 'pkgtools/pkg_install/MESSAGE')
| -rw-r--r-- | pkgtools/pkg_install/MESSAGE | 29 |
1 files changed, 12 insertions, 17 deletions
diff --git a/pkgtools/pkg_install/MESSAGE b/pkgtools/pkg_install/MESSAGE index 07b3f544782..a178f676ba2 100644 --- a/pkgtools/pkg_install/MESSAGE +++ b/pkgtools/pkg_install/MESSAGE @@ -1,12 +1,12 @@ =========================================================================== -$NetBSD: MESSAGE,v 1.4 2008/01/13 22:31:25 rillig Exp $ +$NetBSD: MESSAGE,v 1.4.4.1 2009/02/02 11:55:15 joerg Exp $ You may wish to have the vulnerabilities file downloaded daily so that it remains current. This may be done by adding an appropriate entry to a user's crontab(5) entry. For example the entry # download vulnerabilities file -0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1 +0 3 * * * ${PREFIX}/sbin/pkg_admin fetch-pkg-vulnerabilities >/dev/null 2>&1 will update the vulnerability list every day at 3AM. You may wish to do this more often than once a day. @@ -15,28 +15,23 @@ In addition, you may wish to run the package audit from the daily security script. This may be accomplished by adding the following lines to /etc/security.local -if [ -x ${PREFIX}/sbin/audit-packages ]; then - ${PREFIX}/sbin/audit-packages +if [ -x ${PREFIX}/sbin/pkg_admin ]; then + ${PREFIX}/sbin/pkg_admin audit fi Alternatively this can also be acomplished by adding an entry to a user's crontab(5) file. e.g.: # run audit-packages -0 3 * * * ${PREFIX}/sbin/audit-packages +0 3 * * * ${PREFIX}/sbin/pkg_admin audit -audit-packages and/or download-vulnerability-list need not be run by -the root user. They will function as an unprivileged user, as long -as the user chosen has permission to write the pkg-vulnerabilites -to ${PKGVULNDIR}. +Both pkg_admin subcommands can be run as as an unprivileged user, +as long as the user chosen has permission to read the pkgdb and to write +the pkg-vulnerabilites to ${PKGVULNDIR}. -A sample audit-packages.conf has been installed to: +The behavior of pkg_admin and pkg_add can be customised with +pkg_install.conf. Please see pkg_install.conf(5) for details. - ${EGDIR}/audit-packages.conf - -You may want to customise this file and copy it to -${PKG_SYSCONFDIR}/audit-packages.conf. -If you want to use signature verification you will need to install GnuPG and -set the path for GPG appropriately in your audit-packages.conf. See -audit-packages.conf(5) and audit-packages(8) for further information. +If you want to use GPG signature verification you will need to install +GnuPG and set the path for GPG appropriately in your pkg_install.conf. =========================================================================== |