diff options
| author | nork <nork@FreeBSD.org> | 2003-05-18 04:51:27 +0800 |
|---|---|---|
| committer | nork <nork@FreeBSD.org> | 2003-05-18 04:51:27 +0800 |
| commit | 006000f033bf33592daa90f54d5053c3fd15a6e3 (patch) | |
| tree | c6bda73c17e7dd2af0c34f3e88355c8456aab7c3 /security/freebsd-update | |
| parent | 5cd90d9d18e5bcc68f01ce6aefc46032fea29b6d (diff) | |
| download | freebsd-ports-gnome-006000f033bf33592daa90f54d5053c3fd15a6e3.tar.gz freebsd-ports-gnome-006000f033bf33592daa90f54d5053c3fd15a6e3.tar.zst freebsd-ports-gnome-006000f033bf33592daa90f54d5053c3fd15a6e3.zip | |
o Removes the original, out of date, README file.
o Adds (new, up to date) man pages.
o Puts the configuration file in $PREFIX/etc where it belongs.
PR: ports/52244
Submitted by: Colin Percival <cperciva@daemonology.net>
Diffstat (limited to 'security/freebsd-update')
| -rw-r--r-- | security/freebsd-update/Makefile | 21 | ||||
| -rw-r--r-- | security/freebsd-update/files/freebsd-update | 17 | ||||
| -rw-r--r-- | security/freebsd-update/files/freebsd-update.8 | 66 | ||||
| -rw-r--r-- | security/freebsd-update/files/freebsd-update.conf.5 | 36 | ||||
| -rw-r--r-- | security/freebsd-update/files/pkg-message | 16 | ||||
| -rw-r--r-- | security/freebsd-update/pkg-message | 11 | ||||
| -rw-r--r-- | security/freebsd-update/pkg-plist | 4 |
7 files changed, 149 insertions, 22 deletions
diff --git a/security/freebsd-update/Makefile b/security/freebsd-update/Makefile index c75d610967a1..8611ba5edb2c 100644 --- a/security/freebsd-update/Makefile +++ b/security/freebsd-update/Makefile @@ -7,6 +7,7 @@ PORTNAME= freebsd-update PORTVERSION= 1.2 +PORTREVISION= 1 CATEGORIES= security MASTER_SITES= http://www.daemonology.net/freebsd-update/ DISTNAME= freebsd-update-client-1_2 @@ -14,12 +15,21 @@ DISTNAME= freebsd-update-client-1_2 MAINTAINER= cperciva@daemonology.net COMMENT= Fetches and installs binary updates to FreeBSD +MAN5= freebsd-update.conf.5 +MAN8= freebsd-update.8 + NO_WRKSUBDIR= yes ALL_TARGET= verify +PKGMESSAGE= ${WRKDIR}/pkg-message + post-extract: @${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/freebsd-update \ > ${WRKSRC}/freebsd-update + @${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/pkg-message \ + > ${PKGMESSAGE} + cp ${FILESDIR}/freebsd-update.8 ${WRKSRC} + cp ${FILESDIR}/freebsd-update.conf.5 ${WRKSRC} do-install: @${MKDIR} ${PREFIX}/freebsd-update @@ -28,12 +38,15 @@ do-install: ${INSTALL_DATA} ${WRKSRC}/Makefile ${PREFIX}/freebsd-update ${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/freebsd-update ${INSTALL_DATA} ${WRKSRC}/LICENSE ${PREFIX}/freebsd-update - ${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/freebsd-update - ${INSTALL_DATA} ${WRKSRC}/VERSION ${PREFIX}/freebsd-update ${INSTALL_DATA} ${WRKSRC}/update.conf \ - ${PREFIX}/freebsd-update/update.conf.sample + ${PREFIX}/etc/freebsd-update.conf.sample +.if !defined(WITHOUT_MAN) + ${INSTALL_MAN} ${WRKSRC}/freebsd-update.conf.5 ${PREFIX}/man/man5/ + ${INSTALL_MAN} ${WRKSRC}/freebsd-update.8 ${PREFIX}/man/man8/ +.endif + post-install: - @${CAT} ${PKGDIR}/pkg-message + @${CAT} ${PKGMESSAGE} .include <bsd.port.mk> diff --git a/security/freebsd-update/files/freebsd-update b/security/freebsd-update/files/freebsd-update index 72e113db9ddc..f0673dbddc11 100644 --- a/security/freebsd-update/files/freebsd-update +++ b/security/freebsd-update/files/freebsd-update @@ -1,14 +1,23 @@ #!/bin/sh +if [ ! -r %%PREFIX%%/etc/freebsd-update.conf ] ; then + echo "%%PREFIX%%/etc/freebsd-update.conf not found" + exit 1 +fi + case "$1" in fetch) - cd %%PREFIX%%/freebsd-update && make fetch-update;; + cd %%PREFIX%%/freebsd-update && make \ + CONFFILE=%%PREFIX%%/etc/freebsd-update.conf fetch-update;; install) - cd %%PREFIX%%/freebsd-update && make install-update;; + cd %%PREFIX%%/freebsd-update && make \ + CONFFILE=%%PREFIX%%/etc/freebsd-update.conf install-update;; rollback) - cd %%PREFIX%%/freebsd-update && make rollback-update;; + cd %%PREFIX%%/freebsd-update && make \ + CONFFILE=%%PREFIX%%/etc/freebsd-update.conf rollback-update;; cron) - cd %%PREFIX%%/freebsd-update && make MAILTO=root QUIET=YES daily;; + cd %%PREFIX%%/freebsd-update && make MAILTO=root QUIET=YES \ + CONFFILE=%%PREFIX%%/etc/freebsd-update.conf daily;; *) echo "Usage: freebsd-update {fetch|install|rollback|cron}" >&2 echo " freebsd-update fetch: Fetches updates" >&2 diff --git a/security/freebsd-update/files/freebsd-update.8 b/security/freebsd-update/files/freebsd-update.8 new file mode 100644 index 000000000000..97a535342542 --- /dev/null +++ b/security/freebsd-update/files/freebsd-update.8 @@ -0,0 +1,66 @@ +.Dd May 7, 2003 +.Dt FREEBSD-UPDATE 8 +.Os FreeBSD +.Sh NAME +.Nm freebsd-update +.Nd fetch and install binary security updates to FreeBSD +.Sh SYNOPSIS +.Nm +.Cm command +.Sh DESCRIPTION +The +.Nm +tool is used to fetch, install, and rollback +binary security updates to the FreeBSD base system. +.Sh OPTIONS +The +.Cm command +can be any one of the following: +.Pp +.Bl -tag -width "rollback" -compact +.It fetch +Based on the currently installed world, fetch all available +binary updates. Any updates previously fetched but not +installed will be fetched again. +.Pp +.It install +Install the most recently fetched updates. +.Pp +.It rollback +Uninstall the most recently installed updates. +.Pp +.It cron +If any binary updates are available, fetch them and +send an email to root; otherwise, exit silently. As +the name suggests, this is intended for usage via +cron(8). +.Pp +.El +.Sh TIPS +.Bl -bullet +.It +If your clock is set to local time, adding the line +.Pp +.Dl 0 3 * * * root /usr/local/sbin/freebsd-update cron +.Pp +to /etc/crontab will check for updates every night. If your +clock is set to UTC, please pick a random time instead of +3AM, or the server hosting the updates will be very unhappy. +.It +.Nm +.Cm cron +waits a random amount of time, up to an hour, before contacting +the server in order to reduce the risk of "flash crowds" resulting +from cron jobs. +.El +.Sh FILES +.Bl -tag -width "$PREFIX/etc/freebsd-update.conf" +.It $PREFIX/freebsd-update/work +Location of downloaded updates and backups of files +which have been updated. +.It $PREFIX/etc/freebsd-update.conf +Location of the freebsd-update configuration file. +.Sh SEE ALSO +.Xr freebsd-update.conf 5 +.Sh AUTHORS +.An Colin Percival Aq cperciva@daemonology.net diff --git a/security/freebsd-update/files/freebsd-update.conf.5 b/security/freebsd-update/files/freebsd-update.conf.5 new file mode 100644 index 000000000000..01eadce61fca --- /dev/null +++ b/security/freebsd-update/files/freebsd-update.conf.5 @@ -0,0 +1,36 @@ +.Dd May 7, 2003 +.Dt FREEBSD-UPDATE.CONF 8 +.Os FreeBSD +.Sh NAME +.Nm freebsd-update.conf +.Nd configuration file for freebsd-update +.Sh DESCRIPTION +The +.Nm +file controls where freebsd-update(8) fetches updates from, and +which RSA key should be trusted to sign the updates. +.Pp +A line of the form +.Dl URL=foobar +specifies the source from which updates should be fetched. This +can be any type of URL suitable for fetch(1) -- in particular, HTTP, +FTP, and local paths are all permitted. +.Pp +A line of the form +.Dl KEYPRINT=0123456789ABCDEF0123456789ABCDEF +specifies the MD5 hash of the 2048 bit modulus belonging to an RSA +keypair which is trusted to sign updates. +.Pp +If more than one line of either of the above forms is included in +.Nm +then only the last one will take effect. Any lines not of the above +forms will be ignored. +.Sh FILES +.Bl -tag -width "$PREFIX/etc/freebsd-update.conf" +.It $PREFIX/etc/freebsd-update.conf +Location of the freebsd-update configuration file. +.Sh SEE ALSO +.Xr fetch 1 +.Xr freebsd-update 8 +.Sh AUTHORS +.An Colin Percival Aq cperciva@daemonology.net diff --git a/security/freebsd-update/files/pkg-message b/security/freebsd-update/files/pkg-message new file mode 100644 index 000000000000..21763ff48a6c --- /dev/null +++ b/security/freebsd-update/files/pkg-message @@ -0,0 +1,16 @@ + +Before you can use this, you will have to create an update configuration +file specifying the server to fetch updates from and the trusted public +key fingerprint. + +A sample configuration file has been installed in + + %%PREFIX%%/etc/freebsd-update.conf.sample + +which will fetch updates built by the author. If you trust the author +to securely build binary updates for you to blindly install on this +machine, copy that file to + + %%PREFIX%%/etc/freebsd-update.conf + +otherwise, create that file as appropriate. diff --git a/security/freebsd-update/pkg-message b/security/freebsd-update/pkg-message deleted file mode 100644 index 490e8af655b1..000000000000 --- a/security/freebsd-update/pkg-message +++ /dev/null @@ -1,11 +0,0 @@ - -Before you can use this, you will have to create an update configuration -file specifying the server to fetch updates from and the trusted public -key fingerprint. - -Assuming you haven't changed ${PREFIX}, a sample configuration file is -installed in /usr/local/freebsd-update/update.conf.sample which will -fetch updates built by the author. If you trust the author to securely -build binary updates for you to blindly install on this machine, copy -that file to /usr/local/freebsd-update/update.conf -- otherwise, create -/usr/local/freebsd-update/update.conf as appropriate. diff --git a/security/freebsd-update/pkg-plist b/security/freebsd-update/pkg-plist index de1d50769e9f..dadf0d224810 100644 --- a/security/freebsd-update/pkg-plist +++ b/security/freebsd-update/pkg-plist @@ -1,9 +1,7 @@ sbin/freebsd-update freebsd-update/Makefile -freebsd-update/README -freebsd-update/VERSION freebsd-update/CHANGELOG freebsd-update/LICENSE -freebsd-update/update.conf.sample +etc/freebsd-update.conf.sample freebsd-update/verify @dirrm freebsd-update |