NetBSD Problem Report #46757
From ef@math.uni-bonn.de Mon Jul 30 15:27:27 2012
Return-Path: <ef@math.uni-bonn.de>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
by www.NetBSD.org (Postfix) with ESMTP id 10E6263B85F
for <gnats-bugs@gnats.NetBSD.org>; Mon, 30 Jul 2012 15:27:27 +0000 (UTC)
Message-Id: <20120730152723.E820D1BD42@trave.math.uni-bonn.de>
Date: Mon, 30 Jul 2012 17:27:23 +0200 (CEST)
From: ef@math.uni-bonn.de
Reply-To: ef@math.uni-bonn.de
To: gnats-bugs@gnats.NetBSD.org
Subject:
X-Send-Pr-Version: 3.95
>Number: 46757
>Category: misc
>Synopsis:
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: misc-bug-people
>State: closed
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Mon Jul 30 15:30:00 +0000 2012
>Closed-Date: Mon Jul 30 17:30:12 +0000 2012
>Last-Modified: Wed Aug 08 14:40:02 +0000 2012
>Originator: Edgar Fuß
>Release: NetBSD 6.0_BETA2
>Organization:
Mathematisches Institut der Uni Bonn
>Environment:
System: NetBSD trave.math.uni-bonn.de 6.0_BETA2 NetBSD 6.0_BETA2 (MI12serv) #5: Mon Jul 30 12:13:14 CEST 2012 support@trave.math.uni-bonn.de:/usr/obj/sys/arch/amd64/compile/mi12serv amd64
Architecture: x86_64
Machine: amd64
>Description:
It's somewhat annoying that NetBSD, as shipped by NetBSD, by default,
sets fetch_pkg_vulnerabilities=NO in /etc/defaults/daily.conf, while, by default.
on a daily basis, lets /etc/daily urge me to change that default.
>How-To-Repeat:
Code inspection. Read daily mails.
See also discussion on tech-userlevel.
>Fix:
Warn only fetch_pkg_vulnerabilities is unset/empty and make that
the default in /etc/defaults/daily.conf.
Perhaps some native speaker should adjust my wording in the echo/comment.
--- daily.orig 2012-07-30 17:15:38.000000000 +0200
+++ daily 2012-07-30 17:20:27.000000000 +0200
@@ -254,9 +254,10 @@
if checkyesno fetch_pkg_vulnerabilities; then
( umask 022 && pkg_admin ${_compat_K_flag} \
fetch-pkg-vulnerabilities -u )
- else
- echo "fetch_pkg_vulnerabilities is set to NO in daily.conf(5)."
- echo "You should set it to YES to enable vulnerability checks."
+ elif [ -z "$fetch_pkg_vulnerabilities" ]; then
+ echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)."
+ echo "You should set it to YES to enable vulnerability checks"
+ echo "or set it to NO to get rid of this warning."
fi
fi
--- daily.conf.orig 2012-07-30 17:15:48.000000000 +0200
+++ daily.conf 2012-07-30 17:17:27.000000000 +0200
@@ -30,6 +30,6 @@
run_security=YES
separate_security_email=YES
run_skeyaudit=YES
-fetch_pkg_vulnerabilities=NO
+fetch_pkg_vulnerabilities="" # set to NO to disable and not be warned about
send_empty_security=NO
>Release-Note:
>Audit-Trail:
From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/46757 CVS commit: src/etc
Date: Mon, 30 Jul 2012 13:09:34 -0400
Module Name: src
Committed By: christos
Date: Mon Jul 30 17:09:34 UTC 2012
Modified Files:
src/etc: daily
src/etc/defaults: daily.conf
Log Message:
PR/46757: Edgar Fuß: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).
To generate a diff of this commit:
cvs rdiff -u -r1.82 -r1.83 src/etc/daily
cvs rdiff -u -r1.17 -r1.18 src/etc/defaults/daily.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->closed
State-Changed-By: wiz@NetBSD.org
State-Changed-When: Mon, 30 Jul 2012 17:30:12 +0000
State-Changed-Why:
Committed by christos, thanks!
From: Julian Djamil Fagir <gnrp@komkon2.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: misc/46757:
Date: Tue, 31 Jul 2012 00:11:10 +0200
--Sig_/rpDXbkkX0wuLJZx.0PmW41a
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: quoted-printable
Hi,
> It's somewhat annoying that NetBSD, as shipped by NetBSD, by
> default, sets fetch_pkg_vulnerabilities=3DNO in /etc/defaults/daily.conf,
> while, by default. on a daily basis, lets /etc/daily urge me to change th=
at
> default.
> >How-To-Repeat:
> Code inspection. Read daily mails.
> See also discussion on tech-userlevel.
> >Fix:
> Warn only fetch_pkg_vulnerabilities is unset/empty and make that
> the default in /etc/defaults/daily.conf.
> Perhaps some native speaker should adjust my wording in the
> echo/comment.
though I was the one proposing this way, it doesn't work.=20
You'll get a warning about $fetch_pkg_vulnerabilities not being set, which =
in
turn annoys even more - people are not getting recommendations what to do,
but actual warnings.
I don't see this problem can be solved with the way checkyesno currently
works.
I would prefer another way of checkyesno anyway: It will return 1 and 0 as
before for NO/YES/* (and print a warning for the latter one), but for unset
variables, it returns a 2.
Grepping through src/etc shows no script that would break from this
behaviour, and I assume there's no script which evaluates the return value =
of
checkyesno to something else than true/false.
But in any case, it would make rc more flexible (as in this case).
Regards, Julian
--Sig_/rpDXbkkX0wuLJZx.0PmW41a
Content-Type: application/pgp-signature; name=signature.asc
Content-Disposition: attachment; filename=signature.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAlAXBn4ACgkQc7h7cu1Hpp6mtACeP5q2mRCw426A6rvfTlwPb7JR
OqIAnj9Wuk0zJ5hmwjvlaQaUIECFZnza
=URFT
-----END PGP SIGNATURE-----
--Sig_/rpDXbkkX0wuLJZx.0PmW41a--
From: Edgar =?iso-8859-1?B?RnXf?= <ef@math.uni-bonn.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: misc/46757:
Date: Tue, 31 Jul 2012 00:52:30 +0200
On Mon, Jul 30, 2012 at 10:15:06PM +0000, Julian Djamil Fagir wrote:
> though I was the one proposing this way, it doesn't work.
Sorry, I was in a hurry and didn't test what I wrote.
> I don't see this problem can be solved with the way checkyesno
> currently works.
I think it can. Quite simply (tested, this time) by reversing the order
of the tests (I also corrected the placement of two 'echo ""' statements
and the "Fetching..." message while there):
--- daily.orig 2012-07-30 17:15:38.000000000 +0200
+++ daily 2012-07-31 00:46:20.000000000 +0200
@@ -237,8 +237,8 @@
fsck -n -f ${run_fsck_flags} | grep -v '^\*\* Phase'
fi
-echo ""
if checkyesno run_rdist && [ -f /etc/Distfile ]; then
+ echo ""
echo "Running rdist:"
if [ -d /var/log/rdist ]; then
logf="$(date +%Y.%b.%d)"
@@ -249,14 +249,15 @@
fi
if pkg_info ${_compat_K_flag} -q -E '*'; then
- echo ""
- echo "Fetching package vulnerabilities database:"
- if checkyesno fetch_pkg_vulnerabilities; then
+ if [ -z "$fetch_pkg_vulnerabilities" ]; then
+ echo "fetch_pkg_vulnerabilities is not set in daily.conf(5)."
+ echo "You should set it to YES to enable vulnerability checks"
+ echo "or set it to NO to get rid of this warning."
+ elif checkyesno fetch_pkg_vulnerabilities; then
+ echo ""
+ echo "Fetching package vulnerabilities database:"
( umask 022 && pkg_admin ${_compat_K_flag} \
fetch-pkg-vulnerabilities -u )
- else
- echo "fetch_pkg_vulnerabilities is set to NO in daily.conf(5)."
- echo "You should set it to YES to enable vulnerability checks."
fi
fi
Sorry for the non-working first patch.
From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/46757 CVS commit: src/etc
Date: Tue, 31 Jul 2012 05:23:10 -0400
Module Name: src
Committed By: christos
Date: Tue Jul 31 09:23:10 UTC 2012
Modified Files:
src/etc: daily
Log Message:
PR/46757: Check for fetch_pkg_vulnerabilities unset first.
To generate a diff of this commit:
cvs rdiff -u -r1.84 -r1.85 src/etc/daily
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Martin Husemann" <martin@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/46757 CVS commit: [netbsd-6] src/etc
Date: Wed, 8 Aug 2012 14:31:34 +0000
Module Name: src
Committed By: martin
Date: Wed Aug 8 14:31:33 UTC 2012
Modified Files:
src/etc [netbsd-6]: daily
src/etc/defaults [netbsd-6]: daily.conf
Log Message:
Pull up following revision(s) (requested by christos in ticket #457):
etc/daily: revision 1.83
etc/defaults/daily.conf: revision 1.18
PR/46757: Edgar Fuß: Change default to pkg_vulnerabilities from NO to unset,
and make unset insted of NO to produce warnings, so that setting it to NO does
produce warnings (if it is inappropriate for the machine to warn about this).
To generate a diff of this commit:
cvs rdiff -u -r1.80.2.2 -r1.80.2.3 src/etc/daily
cvs rdiff -u -r1.16.2.1 -r1.16.2.2 src/etc/defaults/daily.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: =?iso-8859-1?Q?Edgar_Fu=DF?= <ef@math.uni-bonn.de>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: PR/46757 CVS commit: [netbsd-6] src/etc
Date: Wed, 8 Aug 2012 16:37:31 +0200
> Pull up following revision(s) (requested by christos in ticket #457):
Thanks.
The later fix that makes the "Fetching" message be printed only if the =
fetch is actually done should probably be pulled up, too.=
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.