How to Fix Port Audit showing ports not installed on a system
I have a system that I just recently setup port audit, after realizing I forgot to install it on the machine. The problem is that it is finding vulnerabilities in several ports that are not installed on the system. These may have been installed at one point and removed. Firefox is one of the ones listed, I know that it was on the system previously, but was removed a few months back. portmaster -l and pkg info don't list it as installed, but port audit shows: firefox-20.0,1. Where would portaudit be picking up these ports from? Is there anyway to reset its database? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to Fix Port Audit showing ports not installed on a system
On 06/08/2013 17:25, dweimer wrote: I have a system that I just recently setup port audit, after realizing I forgot to install it on the machine. The problem is that it is finding vulnerabilities in several ports that are not installed on the system. These may have been installed at one point and removed. Firefox is one of the ones listed, I know that it was on the system previously, but was removed a few months back. portmaster -l and pkg info don't list it as installed, but port audit shows: firefox-20.0,1. Where would portaudit be picking up these ports from? Is there anyway to reset its database? rm -R /var/db/portaudit/ then run portaudit -Fda -- - Paul Macdonald IFDNRG Ltd Web and video hosting - t: 0131 5548070 m: 07970339546 e: p...@ifdnrg.com w: http://www.ifdnrg.com - IFDNRG 40 Maritime Street Edinburgh EH6 6SA High Specification Dedicated Servers from £100.00pm ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to Fix Port Audit showing ports not installed on a system
On 08/06/2013 11:58 am, Paul Macdonald wrote: On 06/08/2013 17:25, dweimer wrote: I have a system that I just recently setup port audit, after realizing I forgot to install it on the machine. The problem is that it is finding vulnerabilities in several ports that are not installed on the system. These may have been installed at one point and removed. Firefox is one of the ones listed, I know that it was on the system previously, but was removed a few months back. portmaster -l and pkg info don't list it as installed, but port audit shows: firefox-20.0,1. Where would portaudit be picking up these ports from? Is there anyway to reset its database? rm -R /var/db/portaudit/ then run portaudit -Fda -- Already tried that, but that data only contains the list of known vulnerabilities, not the installed ports/packages. Perhaps, its not using pkgng I discovered if I do a pkg info command I get the correct list of installed ports and packages. If I do a pkg_info I get a much larger list showing everything as corrupted. ... pkg_info: the package info for package 'fftw3-3.3.3_1' is corrupt pkg_info: the package info for package 'filelight-4.10.1' is corrupt pkg_info: the package info for package 'firefox-20.0,1' is corrupt pkg_info: the package info for package 'fixesproto-5.0' is corrupt pkg_info: the package info for package 'flac-1.2.1_3' is corrupt pkg_info: the package info for package 'flex-2.5.37_1' is corrupt ... Of course I have WITH_PKGNG=YES in the make.conf, and I believe that has been there ever since the server was built. Is my best option to get the correct list from pkg info use rm -r /var/db/pkg/* to clear everything out and then reinstall all of the ports? -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
Re: How to Fix Port Audit showing ports not installed on a system
On 06/08/2013 19:23, dweimer wrote: Of course I have WITH_PKGNG=YES in the make.conf, and I believe that has been there ever since the server was built. Is my best option to get the correct list from pkg info use rm -r /var/db/pkg/* to clear everything out and then reinstall all of the ports? If you've had WITH_PKGNG=YES ever since the server was built then you shouldn't have any of the old-style pkg_tools entries in /var/db/pkg. Unless, that is, you've been using pkg_add(1) directly. Don't do that. You just end up with a complete mess. Remember folks -- pkgng is like getting married. Once you go with pkgng, you're not meant to dally with other package tools, but to stay faithful to pkgng from henceforth. I hope you've got the old-style pkg_tools per-package subdirectories in /var/db/pkg because either (i) you used to use pkg_tools and you ran pkg2ng to convert or (ii) you've been using portmaster, in which case those sub-directories only /look/ like the result of what pkg_tools generates, but are really just a place for portmaster to stash a few things. If those sub-directories contain files called thing like +CONTENTS or +COMMENT or other names beginning with '+' then you do have a messed up mixture of old pkg_tools and pkgng. First: remove all the subdirectories but *not* local.sqlite or repo.sqlite -- those are rather important bits of pkgng. Then you can force a reinstall of all packages by pkg upgrade -f Obviusly, you'll need pkg(8) configured to use a repo with all the appropriate packages available. Cheers, Matthew -- Dr Matthew J Seaman MA, D.Phil. PGP: http://www.infracaninophile.co.uk/pgpkey signature.asc Description: OpenPGP digital signature
Re: How to Fix Port Audit showing ports not installed on a system
On 08/06/2013 2:55 pm, Matthew Seaman wrote: On 06/08/2013 19:23, dweimer wrote: Of course I have WITH_PKGNG=YES in the make.conf, and I believe that has been there ever since the server was built. Is my best option to get the correct list from pkg info use rm -r /var/db/pkg/* to clear everything out and then reinstall all of the ports? If you've had WITH_PKGNG=YES ever since the server was built then you shouldn't have any of the old-style pkg_tools entries in /var/db/pkg. Unless, that is, you've been using pkg_add(1) directly. Don't do that. You just end up with a complete mess. Remember folks -- pkgng is like getting married. Once you go with pkgng, you're not meant to dally with other package tools, but to stay faithful to pkgng from henceforth. I hope you've got the old-style pkg_tools per-package subdirectories in /var/db/pkg because either (i) you used to use pkg_tools and you ran pkg2ng to convert or (ii) you've been using portmaster, in which case those sub-directories only /look/ like the result of what pkg_tools generates, but are really just a place for portmaster to stash a few things. If those sub-directories contain files called thing like +CONTENTS or +COMMENT or other names beginning with '+' then you do have a messed up mixture of old pkg_tools and pkgng. First: remove all the subdirectories but *not* local.sqlite or repo.sqlite -- those are rather important bits of pkgng. Then you can force a reinstall of all packages by pkg upgrade -f Obviusly, you'll need pkg(8) configured to use a repo with all the appropriate packages available. Cheers, Matthew Thanks for the info, I have never used pkg_add, everything has been installed via ports and portmaster, but it is possible that some ports were installed prior to having the with pkgng added in make.conf, and that something happened in the pk2ng conversion. I thought I had built this machine after I had been running with pkgng, but perhaps this one was built right as I was switching over to it. I had originally built this machine with Xorg and KDE to use virtual box GUI, and once I became comfortable with the commands, switched to vboxheadless and removed all the GUI components. Which is where all the extra ports that were removed came from. I have removed the sub directories, now portaudit doesn't show any vulnerabilities in non existent ports, pkg info displays the correct installed packages, and portmaster -l matches the installed ports that pkg info displays. -- Thanks, Dean E. Weimer http://www.dweimer.net/ ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to freebsd-questions-unsubscr...@freebsd.org
