Annotation of pkgsrc/pkgtools/pkg_install/MESSAGE, Revision 1.4
1.1 adrianp 1: ===========================================================================
1.4 ! rillig 2: $NetBSD: MESSAGE,v 1.3 2007/10/09 19:19:14 martti Exp $
1.1 adrianp 3:
4: You may wish to have the vulnerabilities file downloaded daily so that
5: it remains current. This may be done by adding an appropriate entry
1.4 ! rillig 6: to a user's crontab(5) entry. For example the entry
1.1 adrianp 7:
8: # download vulnerabilities file
9: 0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1
10:
11: will update the vulnerability list every day at 3AM. You may wish to do
12: this more often than once a day.
13:
14: In addition, you may wish to run the package audit from the daily
15: security script. This may be accomplished by adding the following
16: lines to /etc/security.local
17:
18: if [ -x ${PREFIX}/sbin/audit-packages ]; then
19: ${PREFIX}/sbin/audit-packages
20: fi
21:
1.4 ! rillig 22: Alternatively this can also be acomplished by adding an entry to a user's
1.1 adrianp 23: crontab(5) file. e.g.:
24:
25: # run audit-packages
26: 0 3 * * * ${PREFIX}/sbin/audit-packages
27:
28: audit-packages and/or download-vulnerability-list need not be run by
1.4 ! rillig 29: the root user. They will function as an unprivileged user, as long
! 30: as the user chosen has permission to write the pkg-vulnerabilites
1.1 adrianp 31: to ${PKGVULNDIR}.
32:
33: A sample audit-packages.conf has been installed to:
34:
35: ${EGDIR}/audit-packages.conf
36:
1.3 martti 37: You may want to customise this file and copy it to
1.2 adrianp 38: ${PKG_SYSCONFDIR}/audit-packages.conf.
1.1 adrianp 39: If you want to use signature verification you will need to install GnuPG and
40: set the path for GPG appropriately in your audit-packages.conf. See
41: audit-packages.conf(5) and audit-packages(8) for further information.
42: ===========================================================================
CVSweb <webmaster@jp.NetBSD.org>