Re: pkg audit: security problems only

On 19/11/2021 10:47, Baptiste Daroussin wrote:
> On Fri, Nov 19, 2021 at 10:31:37AM +0200, Andriy Gapon wrote:
>>
>> Is there an option to limit pkg audit to report security problems only?
>>
>> Right now the corresponding periodic script reports a lot of (what I
>> consider to be) noise every night.  It's about deprecated packages, mostly
>> depending on python 2.7.  And I consider those reports to be noise because
>> 90% of reported packages are not actually going to be removed (e.g., kmail,
>> korganizer, etc).
>>
>> So, I would like to be getting a security focused report useful for end users.
>> Is that possible?
>> Thank you!
>>
> 
>  From the periodic script here are all the parameters:
> 
> : ${security_status_pkgaudit_enable:=YES}
> : ${security_status_pkgaudit_period:=daily}
> : ${security_status_pkgaudit_quiet:=YES}
> : ${security_status_pkgaudit_chroots=$pkg_chroots}
> : ${security_status_pkgaudit_jails=$pkg_jails}
> : ${security_status_pkgaudit_jails_ignore+=""}
> : ${security_status_pkgaudit_expiry:=2}
> : ${security_status_pkgaudit_expiration:=YES}
> : ${security_status_pkgaudit_deprecation:=YES}

Thank you!

Before asking I checked two places, pkg help audit and /etc/periodic, and I came 
up empty.
I didn't think of checking /usr/local/etc/periodic/ or pkg annotate.


-- 
Andriy Gapon