From 5f93331d66b44736078fceaa42d1a01ccf1efdb0 Mon Sep 17 00:00:00 2001 From: wiz Date: Sat, 10 Apr 2010 21:44:44 +0000 Subject: Get rid of support for vulnerable/ directory. --- mk/bulk/sort-packages | 24 +++--------------------- mk/bulk/upload | 49 ++++++------------------------------------------- 2 files changed, 9 insertions(+), 64 deletions(-) (limited to 'mk') diff --git a/mk/bulk/sort-packages b/mk/bulk/sort-packages index 881c994ca10..2312dc5cc02 100644 --- a/mk/bulk/sort-packages +++ b/mk/bulk/sort-packages @@ -1,16 +1,13 @@ #! /bin/sh -# $NetBSD: sort-packages,v 1.14 2010/03/21 15:31:41 wiz Exp $ +# $NetBSD: sort-packages,v 1.15 2010/04/10 21:44:44 wiz Exp $ # This program scans all binary packages in the current directory and -# creates three lists of files in OUTDIR: +# creates two lists of files in OUTDIR: # # restricted_packages # contains all packages that must not be published on the FTP # server, for whatever reason # -# vulnerable_packages -# contains all packages that are not restricted, but vulnerable -# # regular_packages # contains all the other ("good") packages. # @@ -19,19 +16,16 @@ set -eu : ${OUTDIR="/tmp"} : ${PKG_SUFX=".tgz"} -: ${AUDIT_PACKAGES="audit-packages"} : ${PKG_ADMIN="pkg_admin"} : ${PKG_INFO="pkg_info"} regular_packages="${OUTDIR}/regular_packages" restricted_packages="${OUTDIR}/restricted_packages" -vulnerable_packages="${OUTDIR}/vulnerable_packages" newline=" " : > "${regular_packages}" : > "${restricted_packages}" -: > "${vulnerable_packages}" for pkg in *${PKG_SUFX}; do build_info=`${PKG_INFO} -B "${pkg}"` @@ -64,16 +58,7 @@ for pkg in *${PKG_SUFX}; do ;; esac - if [ "${restricted}" = "no" ] && [ "${no_bin_on_ftp}" = "no" ]; then - # Check whether the package is vulnerable or not. - pkg_prefix="${pkg%%-*}" - category="regular" - _INFO_VER=`${PKG_INFO} -V`; - vuln=`${AUDIT_PACKAGES} ${AUDIT_PACKAGES_FLAGS} -p "${pkg}"` - if [ -n "${vuln}" ]; then - category="vulnerable" - fi - elif [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then + if [ "${restricted}" != "unknown" ] && [ "${no_bin_on_ftp}" != "unknown" ]; then category="restricted" else category="unknown" @@ -85,9 +70,6 @@ for pkg in *${PKG_SUFX}; do "regular") echo "${pkg}" >> "${regular_packages}" ;; - "vulnerable") - echo "${pkg}" >> "${vulnerable_packages}" - ;; "restricted") echo "${pkg}" >> "${restricted_packages}" ;; diff --git a/mk/bulk/upload b/mk/bulk/upload index 1d1e867916d..81ab685a9ea 100644 --- a/mk/bulk/upload +++ b/mk/bulk/upload @@ -1,5 +1,5 @@ #!/bin/sh -# $NetBSD: upload,v 1.47 2010/03/21 15:31:42 wiz Exp $ +# $NetBSD: upload,v 1.48 2010/04/10 21:44:44 wiz Exp $ # # Upload non-restricted binary pkgs to ftp server @@ -218,14 +218,12 @@ TMP="${TMPDIR}"/pkg_upload.$$ exit 1 } -vulnerable_packages="$TMP/vulnerable_packages" restricted_packages="$TMP/restricted_packages" old_packages="$TMP/old_packages" good_packages="$TMP/regular_packages" all_good_packages="$TMP/all_regular_packages" upload_general="$TMP"/upload_general -upload_vulnerable="$TMP"/upload_vulnerable # May be different than $USR_PKGSRC: echo "upload> Running ${BMAKE} to get the pkgsrc variables" @@ -241,19 +239,6 @@ for pkg in ${REQUIRED_PACKAGES}; do install_required $pkg done -echo "upload> Making sure vulnerability-list is up-to-date:" -if [ -z "$UPDATE_VULNERABILITY_LIST" -o "$UPDATE_VULNERABILITY_LIST" = "yes" ] -then - _PKGVULNDIR=`audit-packages ${AUDIT_PACKAGES_FLAGS} -Q PKGVULNDIR` - download-vulnerability-list ${DOWNLOAD_VULNERABILITY_LIST_FLAGS} - if [ "x${_PKGVULNDIR}" != "x${distdir}" ]; then - cp ${_PKGVULNDIR}/pkg-vulnerabilities ${distdir} - fi - echo " done." -else - echo " (skipped)" -fi - case $LINTPKGSRC_CACHE in yes|YES) lintpkgsrc_cache="-I `cd pkgtools/lintpkgsrc ; ${BMAKE} show-var VARNAME=LINTPKGSRC_DB`" @@ -273,10 +258,8 @@ RSFLAGS="-vap --progress $RSYNC_OPTS" failed=no cd $packages -echo "upload> Checking for restricted and vulnerable packages" -(cd All && env PKG_INFO="${pkg_info}" OUTDIR="${TMP}" PKGVULNDIR="${distdir}" \ - AUDIT_PACKAGES_FLAGS="${AUDIT_PACKAGES_FLAGS}" \ - DOWNLOAD_VULNERABILITY_LIST_FLAGS="${DOWNLOAD_VULNERABILITY_LIST_FLAGS}" \ +echo "upload> Checking for restricted packages" +(cd All && env PKG_INFO="${pkg_info}" OUTDIR="${TMP}" \ ${shell} "${pkgsrcdir}/mk/bulk/sort-packages") # Add the name of the package file, including all its symlinks to the @@ -308,7 +291,7 @@ if [ "${MKSUMS}" = "yes" -o "${MKSUMS}" = "YES" ]; then [ -z "${CKSUM}" ] && CKSUM="echo" [ -z "${SYSVSUM}" ] && SYSVSUM="echo" - for pkg in `cat "${good_packages}" "${vulnerable_packages}"`; do + for pkg in `cat "${good_packages}"`; do pkg="All/$pkg" ${BSDSUM} "$pkg" >> BSDSUM ${CKSUM} "$pkg" >> CKSUM @@ -350,37 +333,17 @@ EOF chmod +x "$upload_general" if [ "$do_upload" = "yes" ]; then - echo "upload> Uploading non-vulnerable packages" + echo "upload> Uploading packages" ${shell} "$upload_general" \ || { echo "upload> ERROR: rsync failed. To retry later, you can run $upload_general" 1>&2 failed=yes } else - echo "upload> Skipping upload of non-vulnerable packages." + echo "upload> Skipping upload of packages." echo " Run \"$upload_general\" to upload them later." fi -cat < "$upload_vulnerable" -#! /bin/sh -set -e -cd "$packages/All" -rsync $RSFLAGS --files-from="${vulnerable_packages}" --exclude-from="${old_packages}" . "$RSYNC_DST/All/" -EOF -chmod +x "$upload_vulnerable" - -if [ "$do_upload" = "yes" ]; then - echo "upload> Uploading vulnerable packages" - ${shell} "$upload_vulnerable" \ - || { - echo "upload> ERROR: rsync failed. To retry later, you can run $upload_vulnerable" 1>&2 - failed=yes - } -else - echo "upload> Skipping upload of vulnerable packages." - echo " Run \"$upload_vulnerable\" to upload them later." -fi - # clean up temp files if [ "$failed,$debug,$do_upload" = "no,no,yes" ]; then rm -fr "$TMP" -- cgit v1.2.3