- update to version 0.5

*** NOTE ***

The preferences file format has changed, as have the periodic.conf(5) names.
Normally the default settings should be adequate, except when you need to
configure a proxy. Use $PREFIX/etc/portaudit.conf.sample as an example.

- moved portaudit to sbin
- clean up, merging stuff into the portaudit script
- better return codes and errors to stderr
- -f can check stdin now
- dropped ports tree auditing
- merged the periodic(8) scripts into one
- run daily auditing as `nobody'

1 files changed, 47 insertions, 41 deletions

diff --git a/security/portaudit/files/portaudit.1 b/security/portaudit/files/portaudit.1
index 4e6dfde7d673..60acb2a65c0a 100644
--- a/security/portaudit/files/portaudit.1
+++ b/security/portaudit/files/portaudit.1
@@ -4,8 +4,8 @@
 .\" modification, are permitted provided that the following conditions are
 .\" met:
 .\"
-.\"  1. Redistributions of source code must retain the above copyright notice
-.\"     this list of conditions and the following disclaimer.
+.\" 1. Redistributions of source code must retain the above copyright notice
+.\"    this list of conditions and the following disclaimer.
 .\"
 .\" 2. Redistributions in binary form must reproduce the above copyright
 .\"    notice, this list of conditions and the following disclaimer in the
@@ -28,8 +28,8 @@
 .\"
 .\" $FreeBSD$
 .\"
-.Dd March 11, 2004
-.Os FreeBSD
+.Dd June 29, 2004
+.Os
 .Dt PORTAUDIT \&1 "FreeBSD ports collection"
 .
 .
@@ -42,29 +42,28 @@
 .Sh SYNOPSIS
 .
 .Nm
-.Op Fl a
-.Op Fl A
-.Op Fl C
-.Op Fl V
-.Op Fl d
-.Op Fl F
+.Op Fl aCdF
+.Op Fl X Ar days
+.Op Fl f Ar file
+.Op Ar pkg-name ...
 .
 .
 .Sh DESCRIPTION
 .
 .Nm
 checks installed packages for known vulnerabilities and generates reports
-including references to security advisories. Its audience are system
-administrators or individual users.
+including references to security advisories.
+Its audience are system administrators or individual users.
 .Pp
-It uses a database maintained by port committers and the FreeBSD security team
-to check if security advisories for any installed packages exist. Note that a
-current ports tree (or any local copy of the ports tree) is not required for
-operation.
+.Nm
+uses a database maintained by port committers and the FreeBSD security team
+to check if security advisories for any installed packages exist.
+Note that a current ports tree (or any local copy of the ports tree) is not
+required for operation.
 .Pp
-This package also installs two scripts into %%PREFIX%%/etc/periodic that
-regularly update this database and include the report of vulnerable packages
-in the daily security report.
+This package also installs a script into %%PREFIX%%/etc/periodic/security
+that regularly updates this database and includes a report of vulnerable
+packages in the daily security report.
 .Pp
 If you have a vulnerable package installed, you are advised to update or
 deinstall it immediately.
@@ -75,20 +74,27 @@ deinstall it immediately.
 The following options are supported:
 .Bl -tag -width ".Fl X"
 .It Fl a
-Print a vulnerability report for all installed packages
-.It Fl A
-Print a vulnerability report for all ports in PORTSDIR (slow).
+Print a vulnerability report for all installed packages.
 .It Fl C
 Print a vulnerability report for the port in the current working directory.
-Mostly useful for committers.
+Mostly useful for port developers.
 .It Fl F
 Fetch the current database from the
-.Fx servers
+.Fx servers.
 .It Fl d
-Print the creation date of the database
-.It Fl V
-Print the version of
-.Nm .
+Print the creation date of the database.
+.It Fl X Ar days
+Download a fresh database when the local is at least
+.Ar days
+old.
+.It Fl f Ar file
+Check the packages listed in
+.Ar file
+for known vulnerabilities.
+.It Ar pkg-name ...
+Test whether
+.Ar pkg-name
+is listed in the audit database.
 .El
 .
 .
@@ -98,11 +104,19 @@ Print the version of
 .It
 Fetch the current database and print its creation date:
 .Pp
-.Dl "portaudit -F -d"
+.Dl "portaudit -Fd"
 .It
 Print a vulnerability report for all installed packages:
 .Pp
-.Dl "portaudit"
+.Dl "portaudit -a"
+.It
+Print a vulnerability report for the local INDEX:
+.Pp
+.Dl "portaudit -f %%PORTSDIR%%/%%INDEXFILE%%"
+.It
+Print a vulnerability report for the current set of prebuild packages:
+.Pp
+.Dl "curl -l ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-5-current/All/ | sed -n -e 's/\.t[bg]z[[:cntrl:]]*$//p' | portaudit -f -"
 .El
 .
 .
@@ -115,18 +129,10 @@ Print a vulnerability report for all installed packages:
 .Sh SEE ALSO
 .
 .Xr ports 7 ,
-.Xr periodic 8 ,
 .Xr periodic.conf 5 ,
-.Li Aq http://people.freebsd.org/~eik/portaudit/ ,
-.Li Aq http://www.freebsd.org/security/#adv ,
-.Li Aq http://www.vuxml.org/ .
-.
-.
-.Sh CAVEATS
-.
-The format of
-.Pa %%PREFIX%%/etc/portaudit.conf
-might change.
+.Li Aq http://www.FreeBSD.org/ports/portaudit/ ,
+.Li Aq http://www.FreeBSD.org/security/#adv ,
+.Li Aq http://FreeBSD.VuXML.org/ .
 .
 .
 .Sh BUGS