diff options
-rw-r--r-- | bin/glsa-check | 7 | ||||
-rw-r--r-- | man/glsa-check.1 | 8 | ||||
-rw-r--r-- | pym/gentoolkit/glsa/__init__.py | 14 |
3 files changed, 18 insertions, 11 deletions
diff --git a/bin/glsa-check b/bin/glsa-check index d5ac4e1..3c91d5e 100644 --- a/bin/glsa-check +++ b/bin/glsa-check @@ -29,7 +29,7 @@ optionmap = [ ["-t", "--test", "test if this system is affected by the given GLSA"], ["-p", "--pretend", "show the necessary commands to apply this GLSA"], ["-f", "--fix", "try to auto-apply this GLSA (experimental)"], -["-i", "--inject", "inject the given GLSA into the checkfile"], +["-i", "--inject", "inject the given GLSA into the glsa_injected file"], ["-n", "--nocolor", "disable colors (option)"], ["-e", "--emergelike", "do not use a least-change algorithm (option)"], ["-h", "--help", "show this help message"], @@ -204,7 +204,7 @@ def summarylist(myglsalist, fd1=sys.stdout, fd2=sys.stderr, encoding="utf-8"): fd1 = codecs.getwriter(encoding)(fd1) fd2 = codecs.getwriter(encoding)(fd2) if not quiet: - fd2.write(white("[A]")+" means this GLSA was already applied,\n") + fd2.write(white("[A]")+" means this GLSA was marked as applied (injected),\n") fd2.write(green("[U]")+" means the system is not affected and\n") fd2.write(red("[N]")+" indicates that the system might be affected.\n\n") @@ -216,7 +216,7 @@ def summarylist(myglsalist, fd1=sys.stdout, fd2=sys.stderr, encoding="utf-8"): if verbose: fd2.write(("invalid GLSA: %s (error message was: %s)\n" % (myid, e))) continue - if myglsa.isApplied(): + if myglsa.isInjected(): status = "[A]" color = white elif myglsa.isVulnerable(): @@ -289,7 +289,6 @@ if mode in ["dump", "fix", "inject", "pretend"]: sys.exit(exitcode) if len(mergelist): sys.stdout.write("\n") - myglsa.inject() elif mode == "pretend": sys.stdout.write("Checking GLSA "+myid+"\n") if not myglsa.isVulnerable(): diff --git a/man/glsa-check.1 b/man/glsa-check.1 index 3cfca23..e31e339 100644 --- a/man/glsa-check.1 +++ b/man/glsa-check.1 @@ -36,7 +36,7 @@ show the necessary commands to apply this GLSA try to auto\-apply this GLSA (experimental) .TP .B \-i, \-\-inject -inject the given GLSA into the checkfile +inject the given GLSA into the glsa_injected file .TP .B \-n, \-\-nocolor disable colors (option) @@ -58,3 +58,9 @@ be less verbose and do not send empty mail (option) .TP .B \-m, \-\-mail send a mail with the given GLSAs to the administrator +.SH "FILES" +.LP +.TP +.B /var/lib/portage/glsa_injected +List of GLSA ids that have been injected and will never show up as 'affected' on this system. +The file must contain one GLSA id (e.g. '200804-02') per line. diff --git a/pym/gentoolkit/glsa/__init__.py b/pym/gentoolkit/glsa/__init__.py index 2ee294f..d283835 100644 --- a/pym/gentoolkit/glsa/__init__.py +++ b/pym/gentoolkit/glsa/__init__.py @@ -117,7 +117,7 @@ def checkconfig(myconfig): "GLSA_DIR": portage.settings["PORTDIR"]+"/metadata/glsa/", "GLSA_PREFIX": "glsa-", "GLSA_SUFFIX": ".xml", - "CHECKFILE": "/var/cache/edb/glsa", + "CHECKFILE": "/var/lib/portage/glsa_injected", "GLSA_SERVER": "www.gentoo.org/security/en/glsa/", # not completely implemented yet "CHECKMODE": "local", # not completely implemented yet "PRINTWIDTH": "76" @@ -669,14 +669,16 @@ class Glsa: or (None != getMinUpgrade([v,], path["unaff_atoms"])) return rValue - def isApplied(self): + def isInjected(self): """ - Looks if the GLSA IDis in the GLSA checkfile to check if this - GLSA was already applied. + Looks if the GLSA ID is in the GLSA checkfile to check if this + GLSA should be marked as applied. @rtype: Boolean - @returns: True if the GLSA was applied, False if not + @returns: True if the GLSA is in the inject file, False if not """ + if not os.access(self.config["CHECKFILE"], os.R_OK): + return False aList = portage.grabfile(self.config["CHECKFILE"]) return (self.nr in aList) @@ -689,7 +691,7 @@ class Glsa: @rtype: None @returns: None """ - if not self.isApplied(): + if not self.isInjected(): checkfile = open(self.config["CHECKFILE"], "a+") checkfile.write(self.nr+"\n") checkfile.close() |