diff options
| author | Daichi GOTO <daichi@FreeBSD.org> | 2003-10-15 07:20:24 +0000 |
|---|---|---|
| committer | Daichi GOTO <daichi@FreeBSD.org> | 2003-10-15 07:20:24 +0000 |
| commit | 9f548f5ea5e4d5751a3b3af57f72d782dbcafdea (patch) | |
| tree | b04912e9867211e86a6fd4388b3d1e28f55fece1 /security/freebsd-update/files | |
| parent | Mark as broken. The last release of this package seems to have (diff) | |
update security/freebsd-update: 1.3 -> 1.4
- Much cleaner code (FreeBSD Update is now a shell script, rather than a
huge ugly makefile),
- Better performance,
- Reduced bandwidth usage when no updates are available,
- Warnings about files which have been affected by security updates, but
cannot be updated because they have been modified locally,
- An "intrusion detection" mode which compares every file which can be
installed as part of a RELEASE against a (signed) database of known good
hashes.
PR: 58028
Submitted by: Colin Percival <cperciva@daemonology.net> (maintainer)
Notes
Notes:
svn path=/head/; revision=91292
Diffstat (limited to 'security/freebsd-update/files')
| -rw-r--r-- | security/freebsd-update/files/freebsd-update | 32 | ||||
| -rw-r--r-- | security/freebsd-update/files/freebsd-update.8 | 66 | ||||
| -rw-r--r-- | security/freebsd-update/files/freebsd-update.conf.5 | 36 | ||||
| -rw-r--r-- | security/freebsd-update/files/patch-aa-rmverify | 11 | ||||
| -rw-r--r-- | security/freebsd-update/files/patch-ab-path | 20 |
5 files changed, 0 insertions, 165 deletions
diff --git a/security/freebsd-update/files/freebsd-update b/security/freebsd-update/files/freebsd-update deleted file mode 100644 index f0673dbddc11..000000000000 --- a/security/freebsd-update/files/freebsd-update +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh - -if [ ! -r %%PREFIX%%/etc/freebsd-update.conf ] ; then - echo "%%PREFIX%%/etc/freebsd-update.conf not found" - exit 1 -fi - -case "$1" in -fetch) - cd %%PREFIX%%/freebsd-update && make \ - CONFFILE=%%PREFIX%%/etc/freebsd-update.conf fetch-update;; -install) - cd %%PREFIX%%/freebsd-update && make \ - CONFFILE=%%PREFIX%%/etc/freebsd-update.conf install-update;; -rollback) - cd %%PREFIX%%/freebsd-update && make \ - CONFFILE=%%PREFIX%%/etc/freebsd-update.conf rollback-update;; -cron) - cd %%PREFIX%%/freebsd-update && make MAILTO=root QUIET=YES \ - CONFFILE=%%PREFIX%%/etc/freebsd-update.conf daily;; -*) - echo "Usage: freebsd-update {fetch|install|rollback|cron}" >&2 - echo " freebsd-update fetch: Fetches updates" >&2 - echo " freebsd-update install: Installs fetched updates" >&2 - echo " freebsd-update rollback: Rolls back installed updates" >&2 - echo " freebsd-update cron: Suitable for use in cron(8)," >&2 - echo " fetches updates and sends an" >&2 - echo " email to root if any exist." >&2 - ;; -esac - -exit 0 diff --git a/security/freebsd-update/files/freebsd-update.8 b/security/freebsd-update/files/freebsd-update.8 deleted file mode 100644 index 97a535342542..000000000000 --- a/security/freebsd-update/files/freebsd-update.8 +++ /dev/null @@ -1,66 +0,0 @@ -.Dd May 7, 2003 -.Dt FREEBSD-UPDATE 8 -.Os FreeBSD -.Sh NAME -.Nm freebsd-update -.Nd fetch and install binary security updates to FreeBSD -.Sh SYNOPSIS -.Nm -.Cm command -.Sh DESCRIPTION -The -.Nm -tool is used to fetch, install, and rollback -binary security updates to the FreeBSD base system. -.Sh OPTIONS -The -.Cm command -can be any one of the following: -.Pp -.Bl -tag -width "rollback" -compact -.It fetch -Based on the currently installed world, fetch all available -binary updates. Any updates previously fetched but not -installed will be fetched again. -.Pp -.It install -Install the most recently fetched updates. -.Pp -.It rollback -Uninstall the most recently installed updates. -.Pp -.It cron -If any binary updates are available, fetch them and -send an email to root; otherwise, exit silently. As -the name suggests, this is intended for usage via -cron(8). -.Pp -.El -.Sh TIPS -.Bl -bullet -.It -If your clock is set to local time, adding the line -.Pp -.Dl 0 3 * * * root /usr/local/sbin/freebsd-update cron -.Pp -to /etc/crontab will check for updates every night. If your -clock is set to UTC, please pick a random time instead of -3AM, or the server hosting the updates will be very unhappy. -.It -.Nm -.Cm cron -waits a random amount of time, up to an hour, before contacting -the server in order to reduce the risk of "flash crowds" resulting -from cron jobs. -.El -.Sh FILES -.Bl -tag -width "$PREFIX/etc/freebsd-update.conf" -.It $PREFIX/freebsd-update/work -Location of downloaded updates and backups of files -which have been updated. -.It $PREFIX/etc/freebsd-update.conf -Location of the freebsd-update configuration file. -.Sh SEE ALSO -.Xr freebsd-update.conf 5 -.Sh AUTHORS -.An Colin Percival Aq cperciva@daemonology.net diff --git a/security/freebsd-update/files/freebsd-update.conf.5 b/security/freebsd-update/files/freebsd-update.conf.5 deleted file mode 100644 index 01eadce61fca..000000000000 --- a/security/freebsd-update/files/freebsd-update.conf.5 +++ /dev/null @@ -1,36 +0,0 @@ -.Dd May 7, 2003 -.Dt FREEBSD-UPDATE.CONF 8 -.Os FreeBSD -.Sh NAME -.Nm freebsd-update.conf -.Nd configuration file for freebsd-update -.Sh DESCRIPTION -The -.Nm -file controls where freebsd-update(8) fetches updates from, and -which RSA key should be trusted to sign the updates. -.Pp -A line of the form -.Dl URL=foobar -specifies the source from which updates should be fetched. This -can be any type of URL suitable for fetch(1) -- in particular, HTTP, -FTP, and local paths are all permitted. -.Pp -A line of the form -.Dl KEYPRINT=0123456789ABCDEF0123456789ABCDEF -specifies the MD5 hash of the 2048 bit modulus belonging to an RSA -keypair which is trusted to sign updates. -.Pp -If more than one line of either of the above forms is included in -.Nm -then only the last one will take effect. Any lines not of the above -forms will be ignored. -.Sh FILES -.Bl -tag -width "$PREFIX/etc/freebsd-update.conf" -.It $PREFIX/etc/freebsd-update.conf -Location of the freebsd-update configuration file. -.Sh SEE ALSO -.Xr fetch 1 -.Xr freebsd-update 8 -.Sh AUTHORS -.An Colin Percival Aq cperciva@daemonology.net diff --git a/security/freebsd-update/files/patch-aa-rmverify b/security/freebsd-update/files/patch-aa-rmverify deleted file mode 100644 index d258ec1d42a2..000000000000 --- a/security/freebsd-update/files/patch-aa-rmverify +++ /dev/null @@ -1,11 +0,0 @@ ---- Makefile.orig Sat Mar 8 00:44:19 2003 -+++ Makefile Sat Mar 22 15:44:03 2003 -@@ -40,7 +40,7 @@ - NUM!=( [ -f ${WORKDIR}/num ] && expr `cat ${WORKDIR}/num` + 1 ) || echo 1 - .endif - --fetch-update: verify -+fetch-update: - @[ ! -z "${FETCHROOT}" ] || ( \ - echo "Base URL not specified in ${CONFFILE}." && \ - false ) diff --git a/security/freebsd-update/files/patch-ab-path b/security/freebsd-update/files/patch-ab-path deleted file mode 100644 index 73281e505ea3..000000000000 --- a/security/freebsd-update/files/patch-ab-path +++ /dev/null @@ -1,20 +0,0 @@ ---- Makefile.orig Sat Mar 22 15:44:03 2003 -+++ Makefile Fri Aug 22 15:58:45 2003 -@@ -14,6 +14,7 @@ - uname -r | cut -f 1 -d '-' ) | lam - - - WORKDIR?=${.CURDIR}/work - MAILTO?=root -+BSPATCH!=which bspatch || echo /usr/local/bin/bspatch - - daily: - @sleep `jot -r 1 0 3600` -@@ -78,7 +79,8 @@ - rmdir ${WORKDIR}/${NUM}/install$$f; \ - ( fetch -qo ${WORKDIR}/${NUM}/$$z-$$y \ - ${FETCHROOT}/$$z-$$y && \ -- bspatch $$f ${WORKDIR}/${NUM}/install$$f.tmp \ -+ ${BSPATCH} $$f \ -+ ${WORKDIR}/${NUM}/install$$f.tmp \ - ${WORKDIR}/${NUM}/$$z-$$y && \ - rm ${WORKDIR}/${NUM}/$$z-$$y ) || \ - touch ${WORKDIR}/${NUM}/install$$f.tmp; \ |