[BACK]Return to MESSAGE CVS log [TXT][DIR] Up to [cvs.NetBSD.org] / pkgsrc / pkgtools / pkg_install

File: [cvs.NetBSD.org] / pkgsrc / pkgtools / pkg_install / Attic / MESSAGE (download)

Revision 1.3, Tue Oct 9 19:19:14 2007 UTC (15 years, 3 months ago) by martti
Branch: MAIN
CVS Tags: pkgsrc-2007Q4-base, pkgsrc-2007Q4, pkgsrc-2007Q3-base, pkgsrc-2007Q3
Changes since 1.2: +2 -2 lines

Remove trailing spaces.

$NetBSD: MESSAGE,v 1.3 2007/10/09 19:19:14 martti Exp $

You may wish to have the vulnerabilities file downloaded daily so that
it remains current.  This may be done by adding an appropriate entry
to a users crontab(5) entry.  For example the entry

# download vulnerabilities file
0 3 * * * ${PREFIX}/sbin/download-vulnerability-list >/dev/null 2>&1

will update the vulnerability list every day at 3AM. You may wish to do
this more often than once a day.

In addition, you may wish to run the package audit from the daily
security script.  This may be accomplished by adding the following
lines to /etc/security.local

if [ -x ${PREFIX}/sbin/audit-packages ]; then

Alternatively this can also be acomplished by adding an entry to a users
crontab(5) file. e.g.:

# run audit-packages
0 3 * * * ${PREFIX}/sbin/audit-packages

audit-packages and/or download-vulnerability-list need not be run by
the root user.  They will function as an unpriveleged user just so
long as the user chosen has permmission to write the pkg-vulnerabilites

A sample audit-packages.conf has been installed to:


You may want to customise this file and copy it to
If you want to use signature verification you will need to install GnuPG and
set the path for GPG appropriately in your audit-packages.conf.  See
audit-packages.conf(5) and audit-packages(8) for further information.