portupgrade regression?
Jon Noack
noackjr at alumni.rice.edu
Fri Apr 22 12:25:31 PDT 2005
On 4/22/2005 9:06 AM, Simon L. Nielsen wrote:
> On 2005.04.22 01:44:25 -0500, Jon Noack wrote:
>>Ever since the security fix for CAN-2005-0610, portupgrade and company
>>have been behaving oddly for me. The root cause of this seems to be
>>that the pkgdb is being updated needlessly with every operation:
>
> After the patch pkgdb.fixme is created in /var/db/pkg, which causes
> the portupgrade package database update check to always fail.
I get it now: portupgrade compares the /var/db/pkg timestamp to the
pkgdb.db timestamp to figure out when to update. Creating pkgdb.fixme
in /var/db/pkg will bump the /var/db/pkg timestamp and make it always
seem like pkgdb.db is old and needs to be updating.
>>Am I trying to do something that I shouldn't? What is the correct
>>behavior here?
>
> It is definitely a bug that the package database is rebuild every
> time, and portversion fails due to that problem. The solution is
> probably to create pkgdb.fixme in another directory, but I haven't yet
> found a secure and reliable fix. I am looking into it (and if anybody
> has good ideas, or patches, please contact me).
The following change (relative to the original source) leaves the
default as the @db_dir but allows one to override it with PKG_TMPDIR or
TMPDIR:
**********************************************************************
--- pkgdb.rb.orig Mon Oct 18 09:59:09 2004
+++ pkgdb.rb Fri Apr 22 13:25:20 2005
@@ -96,7 +96,7 @@
@db_dir = File.expand_path(new_db_dir || ENV['PKG_DBDIR'] ||
'/var/db/pkg')
@db_file = File.join(@db_dir, 'pkgdb.db')
- @tmp_dir = ENV['PKG_TMPDIR'] || ENV['TMPDIR'] || '/var/tmp'
+ @tmp_dir = ENV['PKG_TMPDIR'] || ENV['TMPDIR'] || @db_dir
@fixme_file = File.join(@tmp_dir, 'pkgdb.fixme')
@db_filebase = @db_file.sub(/\.db$/, '')
close_db
**********************************************************************
One would need to apply the same change to pkgsqldb.rb. That change
resolves the issue for me but preserves a secure default. Is that an
acceptable compromise?
Jon
More information about the freebsd-ports
mailing list