Default fetch_pkg_vulnerabilities to NO and complain if it is set to that trunk
authorjmmv <jmmv@NetBSD.org>
Wed, 20 Jan 2010 22:19:20 +0000
branchtrunk
changeset 187325 3865bd7585cd
parent 187324 6777dfddb23c
child 187326 eabb23b60442
Default fetch_pkg_vulnerabilities to NO and complain if it is set to that value when packages are found (so that the user knows he is not getting the vulnerability checks). Why? People is complaining. (And somehow, the argument that NetBSD doesn't do any network operation by default convinces me that it should continue to do so.) But still, I will be adding a question to sysinst to enable/disable this.
etc/daily
etc/defaults/daily.conf
--- a/etc/daily	Wed Jan 20 19:54:07 2010 +0000
+++ b/etc/daily	Wed Jan 20 22:19:20 2010 +0000
@@ -1,6 +1,6 @@
 #!/bin/sh -
 #
-#	$NetBSD: daily,v 1.73 2010/01/19 22:08:11 jmmv Exp $
+#	$NetBSD: daily,v 1.74 2010/01/20 22:19:20 jmmv Exp $
 #	@(#)daily	8.2 (Berkeley) 1/25/94
 #
 
@@ -245,10 +245,13 @@
 : ${pkgdb_dir:=/var/db/pkg}
 
 if pkg_info -K ${pkgdb_dir} -q -E '*'; then
+	echo ""
+	echo "Fetching package vulnerabilities database:"
 	if checkyesno fetch_pkg_vulnerabilities; then
-		echo ""
-		echo "Fetching package vulnerabilities database:"
 		pkg_admin -K ${pkgdb_dir} fetch-pkg-vulnerabilities -u
+	else
+		echo "fetch_pkg_vulnerabilities is set to NO in daily.conf(5)."
+		echo "You should set it to YES to enable vulnerability checks."
 	fi
 fi
 
--- a/etc/defaults/daily.conf	Wed Jan 20 19:54:07 2010 +0000
+++ b/etc/defaults/daily.conf	Wed Jan 20 22:19:20 2010 +0000
@@ -1,4 +1,4 @@
-#	$NetBSD: daily.conf,v 1.12 2010/01/19 22:08:11 jmmv Exp $
+#	$NetBSD: daily.conf,v 1.13 2010/01/20 22:19:20 jmmv Exp $
 #
 # /etc/defaults/daily.conf --
 #	default configuration of /etc/daily.conf
@@ -29,6 +29,6 @@
 run_security=YES
 run_skeyaudit=YES
 pkgdb_dir=/var/db/pkg
-fetch_pkg_vulnerabilities=YES
+fetch_pkg_vulnerabilities=NO
 
 send_empty_security=NO