Mel, good day. Mon, Oct 06, 2008 at 11:24:54AM +0200, Mel wrote: > On Monday 06 October 2008 07:23:37 Eygene Ryabinkin wrote: > > But downloading the INDEX file from the central server seemed to be the > > best way, since it almost always gives one the latest port versions, so > > I had implemented this in a first place. > > I've been following this, but I don't agree that (port|pkg_)audit should do > this, from the very perspective you're writing this program from:
The download is done not by the portaudit itself, but by the helper
script, portaudit-checknew.
> On Sunday 28 September 2008 11:49:18 Eygene Ryabinkin wrote:
> > 4. I feel that it is Unix-way to do the things: create small utilities
> > that do their (small) job in a proper fashion.
>
> Instead, it can provide installed-pkgname<seperator>pkgorigin output. Then,
> any utility can check whether a new version is available, using what ever
> source it finds relevant.
>
> For example, it is completely irrelevant if a new version is available on the
> FreeBSD servers, when your machine uses a buildserver in a local network. For
> those machines it's relevant whether their build server has a new version and
> one can automatically upgrade if one so desires.
> Similarly, if your /usr/ports is ahead of the FreeBSD's INDEX.bz2, you're
> again reporting false information.
I hear you, but it seems to me that I should just equip
portaudit-checknew with the other sources of a new ports information and
provide tunables for their location (on-disk path, URL, etc). I am
planning to do this, but first I want to know if these patches will be
viable for the project: feeding these into the /dev/null or just using
them locally, but equipping with a lot of functionality, is not what I
really want ;))
> It's also quite trivial to provide this availibility information in a daily
> security script, for the "majority of cases"
Didn't get it, sorry. Could you, please, elaborate a bit?
> and it's better to have tunables
> like _use_remote_portindex, _use_portsdir=/bigdisk/usr/ports in a script.
Yes, it was what I had talked about above in this mail.
Thanks for the input!
--
Eygene
_ ___ _.--. #
\`.|\..----...-'` `-._.-'_.-'` # Remember that it is hard
/ ' ` , __.--' # to read the on-line manual
)/' _/ \ `-_, / # while single-stepping the kernel.
`-'" `"\_ ,_.-;_.-\_ ', fsc/as #
_.-'_./ {_.' ; / # -- FreeBSD Developers handbook
{_.-``-' {_/ #
pgpLvYTrbprI1.pgp
Description: PGP signature
