A small problem after switching from portmaster to synth

Kevin Oberman rkoberman at gmail.com
Tue Dec 19 04:58:59 UTC 2017


PGP Fingerprint: D03FB98AFA78E3B78C1694B318AB39EF1B055683

On Mon, Dec 18, 2017 at 4:50 PM, Kurt Buff <kurt.buff at gmail.com> wrote:

> On Mon, Dec 18, 2017 at 2:11 PM, Jonathan Chen <jonc at chen.org.nz> wrote:
> > On 19 December 2017 at 08:52, Kurt Buff <kurt.buff at gmail.com> wrote:
> >> I'm seeing a lot of this in the daily security email after switching:
> >>
> >>      Checking for packages with mismatched checksums:
> >>      db5-5.3.28_6:
> >> /usr/local/share/doc/db5/api_reference/C/BDB-C_APIReference.pdf
> >>
> >> On one of my machines, it goes on for hundreds of lines, mostly for
> postgresql.
> >
> > This is not a synth issue, but possibly a security issue. The security
> > check is correctly flagging possibly hi-jacked files. You should
> > forcibly reinstall the port to ensure that the artifacts that the port
> > builds is what you've got installed on your host. I have to say that
> > the only lines that have been flagged for me are due to the port
> > binary altering files configuration files, which should have been
> > located in /var instead of /usr/local.
> >
> > Cheers.
> > --
> > Jonathan Chen <jonc at chen.org.nz>
> I have a file called ports.txt, which I used for portmaster. It
> contains the master list of ports for this machine, and has the
> following lines in it:
>    benchmarks/iperf
>    ftp/curl
>    ftp/wget
>    mail/postfix
>    ports-mgmt/pkg
>    ports-mgmt/portmaster
>    security/ike-scan
>    security/nmap
>    security/sslscan
>    www/lynx
>    net/mosh
>    dns/bind-tools
>    security/metasploit
>    sysutils/tmux
>
>
> I tried this, with the following result:
>    root at fbsd01p:~ # synth force /root/ports.txt
>    Regenerating flavor index: this may take a while ...
>    Scanning entire ports tree.
>     progress: 100.00%
>
>    raised ADA.IO_EXCEPTIONS.NAME_ERROR : file
> "/var/synth/live_packages/All/" does not exist
>
> These are the lines that have me scratching my head on this machine
> from the daily security email:
>    Checking negative group permissions:
>    find: /usr/ports/devel/pijul/Makefile: No such file or directory
>    find: /usr/ports/devel/pijul/distinfo: No such file or directory
>    find: /usr/ports/devel/pijul/pkg-descr: No such file or directory
>    find: /usr/ports/devel/pijul: No such file or directory
>    find: /usr/ports/devel/ppl/Makefile: No such file or directory
>    find: /usr/ports/devel/ppl/distinfo: No such file or directory
>    find: /usr/ports/devel/ppl/pkg-descr: No such file or directory
>    find: /usr/ports/devel/ppl/pkg-plist: No such file or directory
>    find: /usr/ports/devel/ppl: No such file or directory
>    find: /usr/ports/devel/py-pyopencl/Makefile: No such file or directory
>    find: /usr/ports/devel/py-pyopencl/distinfo: No such file or directory
>    find: /usr/ports/devel/py-pyopencl/files: No such file or directory
>    find: /usr/ports/devel/py-pyopencl/pkg-descr: No such file or directory
>    find: /usr/ports/devel/py-pyopencl: No such file or directory
>    find: /usr/ports/devel/pylint/Makefile: No such file or directory
>    find: /usr/ports/devel/pylint/distinfo: No such file or directory
>    find: /usr/ports/devel/pylint/pkg-descr: No such file or directory
>    find: /usr/ports/devel/pylint/pkg-plist: No such file or directory
>    find: /usr/ports/devel/pylint: No such file or directory
>    find: /usr/ports/devel/rubygem-aws-sdk/Makefile: No such file or
> directory
>    find: /usr/ports/devel/rubygem-aws-sdk/distinfo: No such file or
> directory
>    find: /usr/ports/devel/rubygem-aws-sdk/pkg-descr: No such file or
> directory
>    find: /usr/ports/devel/rubygem-aws-sdk: No such file or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-core/Makefile: No such file
> or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-core/distinfo: No such file
> or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-core/pkg-descr: No such file
> or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-core: No such file or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-resources/Makefile: No such
> file or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-resources/distinfo: No such
> file or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-resources/pkg-descr: No such
> file or directory
>    find: /usr/ports/devel/rubygem-aws-sdk-resources: No such file or
> directory
>
>    Checking for packages with mismatched checksums:
>    p5-XML-SAX-0.99_2: /usr/local/lib/perl5/site_perl
> /XML/SAX/ParserDetails.ini
>
> On another machine, it looks like "synth force" is working, but I'm
> sure it's going to take a while.
>
> Kurt


I also see this with
Checking for packages with mismatched checksums:
urwfonts-ttf-1.0.7b18_6: /usr/local/share/fonts/urwfonts-ttf/fonts.dir
urwfonts-ttf-1.0.7b18_6: /usr/local/share/fonts/urwfonts-ttf/fonts.scale

I tried re-installing the port, but the messages have not changed. I really
should have dome more to trackit down as it is potentially serious, but
have not gotten around to it.
--
Kevin Oberman, Part time kid herder and retired Network Engineer
E-mail: rkoberman at gmail.com


More information about the freebsd-ports mailing list