ports/52244: [MAINTAINER UPDATE] security/freebsd-update documentation

Colin Percival cperciva at daemonology.net
Wed May 14 17:30:11 UTC 2003 

>Number:         52244
>Category:       ports
>Synopsis:       [MAINTAINER UPDATE] security/freebsd-update documentation
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-ports-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          maintainer-update
>Submitter-Id:   current-users
>Arrival-Date:   Wed May 14 10:30:08 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator:     Colin Percival
>Release:        FreeBSD 4.7-SECURITY i386
>Organization:
>Environment:
n/a
>Description:
The original freebsd-update port contained out of date and confusing
documentation.
>How-To-Repeat:
Look at the original README and become very confused.
>Fix:
The included patch:
1. Removes the original, out of date, README file,
2. Adds (new, up to date) man pages, and
3. Puts the configuration file in $PREFIX/etc where it belongs.

--- freebsd-update.diff begins here ---
--- /usr/ports/security/freebsd-update/Makefile	Fri Apr 11 21:52:02 2003
+++ /usr/ports/security/freebsd-update/Makefile	Wed May  7 22:09:13 2003
@@ -7,6 +7,7 @@
 
 PORTNAME=	freebsd-update
 PORTVERSION=	1.2
+PORTREVISION=	1
 CATEGORIES=	security
 MASTER_SITES=	http://www.daemonology.net/freebsd-update/
 DISTNAME=	freebsd-update-client-1_2
@@ -14,12 +15,21 @@
 MAINTAINER=	cperciva at daemonology.net
 COMMENT=	Fetches and installs binary updates to FreeBSD
 
+MAN5=		freebsd-update.conf.5
+MAN8=		freebsd-update.8
+
 NO_WRKSUBDIR=	yes
 ALL_TARGET=	verify
 
+PKGMESSAGE=	${WRKDIR}/pkg-message
+
 post-extract:
 	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/freebsd-update \
 		> ${WRKSRC}/freebsd-update
+	@${SED} -e "s=%%PREFIX%%=${PREFIX}=g" ${FILESDIR}/pkg-message \
+		> ${PKGMESSAGE}
+	cp ${FILESDIR}/freebsd-update.8 ${WRKSRC}
+	cp ${FILESDIR}/freebsd-update.conf.5 ${WRKSRC}
 
 do-install:
 	@${MKDIR} ${PREFIX}/freebsd-update
@@ -28,12 +38,15 @@
 	${INSTALL_DATA} ${WRKSRC}/Makefile ${PREFIX}/freebsd-update
 	${INSTALL_DATA} ${WRKSRC}/CHANGELOG ${PREFIX}/freebsd-update
 	${INSTALL_DATA} ${WRKSRC}/LICENSE ${PREFIX}/freebsd-update
-	${INSTALL_DATA} ${WRKSRC}/README ${PREFIX}/freebsd-update
-	${INSTALL_DATA} ${WRKSRC}/VERSION ${PREFIX}/freebsd-update
 	${INSTALL_DATA} ${WRKSRC}/update.conf \
-		${PREFIX}/freebsd-update/update.conf.sample
+		${PREFIX}/etc/freebsd-update.conf.sample
+.if !defined(WITHOUT_MAN)
+	${INSTALL_MAN} ${WRKSRC}/freebsd-update.conf.5 ${PREFIX}/man/man5/
+	${INSTALL_MAN} ${WRKSRC}/freebsd-update.8 ${PREFIX}/man/man8/
+.endif
+
 
 post-install:
-	@${CAT} ${PKGDIR}/pkg-message
+	@${CAT} ${PKGMESSAGE}
 
 .include <bsd.port.mk>
--- /usr/ports/security/freebsd-update/files/freebsd-update	Fri Apr 11 21:52:02 2003
+++ /usr/ports/security/freebsd-update/files/freebsd-update	Wed May  7 21:44:52 2003
@@ -1,14 +1,23 @@
 #!/bin/sh
 
+if [ ! -r %%PREFIX%%/etc/freebsd-update.conf ] ; then
+	echo "%%PREFIX%%/etc/freebsd-update.conf not found"
+	exit 1
+fi
+
 case "$1" in
 fetch)
-	cd %%PREFIX%%/freebsd-update && make fetch-update;;
+	cd %%PREFIX%%/freebsd-update && make 				\
+		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf fetch-update;;
 install)
-	cd %%PREFIX%%/freebsd-update && make install-update;;
+	cd %%PREFIX%%/freebsd-update && make 				\
+		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf install-update;;
 rollback)
-	cd %%PREFIX%%/freebsd-update && make rollback-update;;
+	cd %%PREFIX%%/freebsd-update && make 				\
+		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf rollback-update;;
 cron)
-	cd %%PREFIX%%/freebsd-update && make MAILTO=root QUIET=YES daily;;
+	cd %%PREFIX%%/freebsd-update && make MAILTO=root QUIET=YES 	\
+		CONFFILE=%%PREFIX%%/etc/freebsd-update.conf daily;;
 *)
 	echo "Usage: freebsd-update {fetch|install|rollback|cron}" >&2
 	echo "  freebsd-update fetch:    Fetches updates" >&2
--- /usr/ports/security/freebsd-update/files/freebsd-update.8	Thu Jan  1 01:00:00 1970
+++ /usr/ports/security/freebsd-update/files/freebsd-update.8	Wed May  7 20:39:00 2003
@@ -0,0 +1,66 @@
+.Dd May 7, 2003
+.Dt FREEBSD-UPDATE 8
+.Os FreeBSD
+.Sh NAME
+.Nm freebsd-update
+.Nd fetch and install binary security updates to FreeBSD
+.Sh SYNOPSIS
+.Nm
+.Cm command
+.Sh DESCRIPTION
+The
+.Nm
+tool is used to fetch, install, and rollback
+binary security updates to the FreeBSD base system.
+.Sh OPTIONS
+The
+.Cm command
+can be any one of the following:
+.Pp
+.Bl -tag -width "rollback" -compact
+.It fetch
+Based on the currently installed world, fetch all available
+binary updates.  Any updates previously fetched but not
+installed will be fetched again.
+.Pp
+.It install
+Install the most recently fetched updates.
+.Pp
+.It rollback
+Uninstall the most recently installed updates.
+.Pp
+.It cron
+If any binary updates are available, fetch them and
+send an email to root; otherwise, exit silently. As
+the name suggests, this is intended for usage via
+cron(8).
+.Pp
+.El
+.Sh TIPS
+.Bl -bullet
+.It
+If your clock is set to local time, adding the line
+.Pp
+.Dl 0 3 * * * root /usr/local/sbin/freebsd-update cron
+.Pp
+to /etc/crontab will check for updates every night.  If your
+clock is set to UTC, please pick a random time instead of
+3AM, or the server hosting the updates will be very unhappy.
+.It
+.Nm
+.Cm cron
+waits a random amount of time, up to an hour, before contacting
+the server in order to reduce the risk of "flash crowds" resulting
+from cron jobs.
+.El
+.Sh FILES
+.Bl -tag -width "$PREFIX/etc/freebsd-update.conf"
+.It $PREFIX/freebsd-update/work
+Location of downloaded updates and backups of files
+which have been updated.
+.It $PREFIX/etc/freebsd-update.conf
+Location of the freebsd-update configuration file.
+.Sh SEE ALSO
+.Xr freebsd-update.conf 5
+.Sh AUTHORS
+.An Colin Percival Aq cperciva at daemonology.net
--- /usr/ports/security/freebsd-update/files/freebsd-update.conf.5	Thu Jan  1 01:00:00 1970
+++ /usr/ports/security/freebsd-update/files/freebsd-update.conf.5	Wed May  7 20:40:15 2003
@@ -0,0 +1,36 @@
+.Dd May 7, 2003
+.Dt FREEBSD-UPDATE.CONF 8
+.Os FreeBSD
+.Sh NAME
+.Nm freebsd-update.conf
+.Nd configuration file for freebsd-update
+.Sh DESCRIPTION
+The
+.Nm
+file controls where freebsd-update(8) fetches updates from, and
+which RSA key should be trusted to sign the updates.
+.Pp
+A line of the form
+.Dl URL=foobar
+specifies the source from which updates should be fetched.  This
+can be any type of URL suitable for fetch(1) -- in particular, HTTP,
+FTP, and local paths are all permitted.
+.Pp
+A line of the form
+.Dl KEYPRINT=0123456789ABCDEF0123456789ABCDEF
+specifies the MD5 hash of the 2048 bit modulus belonging to an RSA
+keypair which is trusted to sign updates.
+.Pp
+If more than one line of either of the above forms is included in
+.Nm
+then only the last one will take effect.  Any lines not of the above
+forms will be ignored.
+.Sh FILES
+.Bl -tag -width "$PREFIX/etc/freebsd-update.conf"
+.It $PREFIX/etc/freebsd-update.conf
+Location of the freebsd-update configuration file.
+.Sh SEE ALSO
+.Xr fetch 1
+.Xr freebsd-update 8
+.Sh AUTHORS
+.An Colin Percival Aq cperciva at daemonology.net
--- /usr/ports/security/freebsd-update/files/pkg-message	Thu Jan  1 01:00:00 1970
+++ /usr/ports/security/freebsd-update/files/pkg-message	Wed May  7 20:59:01 2003
@@ -0,0 +1,16 @@
+
+Before you can use this, you will have to create an update configuration
+file specifying the server to fetch updates from and the trusted public
+key fingerprint.
+
+A sample configuration file has been installed in
+
+       %%PREFIX%%/etc/freebsd-update.conf.sample
+
+which will fetch updates built by the author.  If you trust the author
+to securely build binary updates for you to blindly install on this
+machine, copy that file to
+
+       %%PREFIX%%/etc/freebsd-update.conf
+
+otherwise, create that file as appropriate.
--- /usr/ports/security/freebsd-update/pkg-message	Fri Apr 11 21:52:02 2003
+++ /usr/ports/security/freebsd-update/pkg-message	Thu Jan  1 01:00:00 1970
@@ -1,11 +0,0 @@
-
-Before you can use this, you will have to create an update configuration
-file specifying the server to fetch updates from and the trusted public
-key fingerprint.
-
-Assuming you haven't changed ${PREFIX}, a sample configuration file is
-installed in /usr/local/freebsd-update/update.conf.sample which will
-fetch updates built by the author.  If you trust the author to securely
-build binary updates for you to blindly install on this machine, copy
-that file to /usr/local/freebsd-update/update.conf -- otherwise, create
-/usr/local/freebsd-update/update.conf as appropriate.
--- /usr/ports/security/freebsd-update/pkg-plist	Fri Apr 11 21:52:02 2003
+++ /usr/ports/security/freebsd-update/pkg-plist	Wed May  7 21:20:19 2003
@@ -1,9 +1,7 @@
 sbin/freebsd-update
 freebsd-update/Makefile
-freebsd-update/README
-freebsd-update/VERSION
 freebsd-update/CHANGELOG
 freebsd-update/LICENSE
-freebsd-update/update.conf.sample
+etc/freebsd-update.conf.sample
 freebsd-update/verify
 @dirrm freebsd-update
--- freebsd-update.diff ends here ---


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-ports-bugs mailing list