NAME
audit-packages.conf
- audit-packages and download-vulnerability-list configuration file.
DESCRIPTION
The
audit-packages.conf
file contains the configuration information for
download-vulnerability-list(8)
and
audit-packages(8).
These variables can be defined in the
audit-packages.conf(8)
file.
GPG-
The full path to the location of the binary used to verify the signature
on the downloaded
pkg-vulnerabilities
file. Currently only GnuPG is supported.
The default is "/usr/pkg/bin/gpg".
PKGVULNDIR-
Specifies the directory containing the
pkg-vulnerabilities
file.
The default is "/var/db/pkg".
COMPRESS_TYPE-
Specifies which type of compressed
pkg-vulnerabilities
file to download. You can also specify COMPRESS_TYPE="" to use
and uncompressed version of the file. If you change this from the
default you must specify a COMPRESS_TOOL. The
currently accepted options are gzip and bzip2.
COMPRESS_TOOL-
The full path to the location of the binary used to
decompress the downloaded
pkg-vulnerabilities
file.
The default is "/usr/bin/gzcat".
FETCH_CMD-
Specifies the client used to download the
pkg-vulnerabilities
file. Currently known tools include curl, ftp, wget and fetch.
The default is /usr/bin/ftp.
FETCH_PRE_ARGS-
Specifies optional arguments for the
download-vulnerability-list
client. These options appear before FETCH_CMD.
FETCH_ARGS-
Specifies optional arguments for the client used to download the
pkg-vulnerabilities
file.
FETCH_PROTO-
Specifies the protocol to use when fetching the
pkg-vulnerabilities
file.
Currently supports only http and ftp.
The default is "ftp".
IGNORE_URLS-
A list of vulnerability URLs to be ignored.
This allows for ignoring certain URLs that are attached to a
vulnerability.
FILES
/etc/audit-packages.conf
SEE ALSO
pkg_info(1),
mk.conf(5),
pkgsrc(7),
audit-packages(8)and
HISTORY
The
audit-packages
and
download-vulnerability-list
commands were originally implemented and added to
NetBSDAp s
pkgsrc by
Alistair Crooks
on September 19, 2000. During April 2007
audit-packages
was re-written by Adrian Portelli and support was added for compressed
files and checking signatures on downloaded files. The original idea
came from Roland Dowdeswell and Bill Sommerfeld.