1.\" $NetBSD: pkg_admin.1,v 1.1.1.8 2009/08/21 15:19:05 joerg Exp $ 2.\" 3.\" Copyright (c) 1999-2009 The NetBSD Foundation, Inc. 4.\" All rights reserved. 5.\" 6.\" This code is derived from software contributed to The NetBSD Foundation 7.\" by Hubert Feyrer <hubert@feyrer.de>. 8.\" 9.\" Redistribution and use in source and binary forms, with or without 10.\" modification, are permitted provided that the following conditions 11.\" are met: 12.\" 1. Redistributions of source code must retain the above copyright 13.\" notice, this list of conditions and the following disclaimer. 14.\" 2. Redistributions in binary form must reproduce the above copyright 15.\" notice, this list of conditions and the following disclaimer in the 16.\" documentation and/or other materials provided with the distribution. 17.\" 3. All advertising materials mentioning features or use of this software 18.\" must display the following acknowledgement: 19.\" This product includes software developed by the NetBSD 20.\" Foundation, Inc. and its contributors. 21.\" 4. Neither the name of The NetBSD Foundation nor the names of its 22.\" contributors may be used to endorse or promote products derived 23.\" from this software without specific prior written permission. 24.\" 25.\" THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 26.\" ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 27.\" TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 28.\" PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 29.\" BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 30.\" CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 31.\" SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 32.\" INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 33.\" CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 34.\" ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 35.\" POSSIBILITY OF SUCH DAMAGE. 36.\" 37.Dd August 16, 2009 38.Dt PKG_ADMIN 1 39.Os 40.Sh NAME 41.Nm pkg_admin 42.Nd perform various administrative tasks to the pkg system 43.Sh SYNOPSIS 44.Nm 45.Op Fl bqSVv 46.Op Fl C Ar config 47.Op Fl d Ar lsdir 48.Op Fl K Ar pkg_dbdir 49.Op Fl s Ar sfx_pattern 50.Ar command Op args ... 51.Sh DESCRIPTION 52This command performs various administrative tasks around the 53.Nx 54Packages System. 55.Sh OPTIONS 56The following command-line options are supported: 57.Bl -tag -width indent 58.It Fl b 59Print only the base names when matching package names for 60.Cm lsall 61and 62.Cm lsbest . 63.It Fl C Ar config 64Read the configuration file from 65.Ar config 66instead of the system default. 67.It Fl d Ar lsdir 68Set 69.Ar lsdir 70as the path to the directory in which to find matching package names for 71.Cm lsall 72and 73.Cm lsbest . 74.It Fl K Ar pkg_dbdir 75Set 76.Ar pkg_dbdir 77as the package database directory. 78If this option isn't specified, then the package database directory is 79taken from the value of the environment variable 80.Ev PKG_DBDIR 81if it's set, otherwise it defaults to 82.Pa /var/db/pkg . 83.It Fl q 84Perform checks in a quiet manner. 85In normal operation, 86.Nm 87prints a 88.Sq \&. 89to standard output to indicate progress. 90This option suppresses this progress indicator. 91.It Fl S 92Set the shell glob pattern for package suffixes when matching package 93names for 94.Cm lsall 95and 96.Cm lsbest 97to be the null suffix. 98.It Fl s Ar sfx_pattern 99Set the shell glob pattern for package suffixes when matching package 100names for 101.Cm lsall 102and 103.Cm lsbest . 104The default pattern is ".t[bg]z". 105.It Fl V 106Print version number and exit. 107.It Fl v 108Be more verbose. 109.El 110.Pp 111The following commands are supported: 112.Bl -tag -width indent 113.It Cm add Ar pkg ... 114For each listed package, write the absolute pathnames of the files listed in 115its 116.Pa +CONTENTS 117file together with the package they belong to into the package database. 118This should be used only by 119.Xr pkg_view 1 . 120.It Cm audit Oo Fl es Oc Oo Fl t Ar type Oc Oo Ar pkg Oc ... 121Check the listed installed packages for vulnerabilities. 122If no package is given, check all installed packages. 123If 124.Fl e 125is given, also include end-of-life information. 126If 127.Fl s 128is given, check the signature of the pkg-vulnerabilities file before using it. 129.Fl t 130restricts the reported vulnerabilities to type 131.Ar type . 132.It Cm audit-pkg Oo Fl es Oc Oo Fl t Ar type Oc Oo Ar pkg Oc ... 133Like 134.Cm audit , 135but check only the given package names or patterns. 136.It Cm audit-batch Oo Fl es Oc Oo Fl t Ar type Oc Oo Ar pkg-list Oc ... 137Like 138.Cm audit-pkg , 139but read the package names or patterns one per line from the given files. 140.It Cm audit-history Oo Fl s Oc Oo Fl t Ar type Oc Oo Ar pkgbase Oc ... 141Print all vulnerabilities for the given base package names. 142.It Cm check Op Ar pkg ... 143Use this command to check the files belonging to some or all of the 144packages installed on the local machine against the checksum 145which was recorded in the 146.Pa +CONTENTS 147files at package installation time. 148Symbolic links also have their integrity checked against the recorded 149value at package installation time. 150If no additional argument is given, the files of all installed packages 151are checked, else only the named packages will be checked (wildcards can 152be used here, see 153.Xr pkg_info 1 ) . 154.Pp 155The packages' 156.Pa +CONTENTS 157files will be parsed and the 158checksum will be checked for every file found. 159A warning message is printed if the expected checksum differs from the 160checksum of the file on disk. 161Symbolic links are also checked, ensuring that the targets on disk are 162the same as the contents recorded at package installation time. 163.It Cm check-license Ar condition 164Check if 165.Ar condition 166can be fulfilled with the currently set of accepted licenses. 167Prints either yes or no to stdout if the condition can be parsed, 168otherwise it exits with error. 169.It Cm check-pkg-vulnerabilities Oo Fl s Oc Ar file 170Check format and hashes in the pkg-vulnerabilities file 171.Ar file . 172If 173.Fl s 174is given, also check the embedded signature. 175.It Cm check-signature Ar file ... 176Reports if 177.Ar file 178is a correctly signed package. 179.It Cm check-single-license Ar license 180Check if 181.Ar license 182is a valid license name and if it is in the set of acceptable licenses. 183Prints either yes or no to stdout if the condition can be parsed, 184otherwise it exits with error. 185.It Cm config-var Ar variable 186Print the current value of 187.Ar variable 188as used after parsing the configuration file. 189.It Cm delete Ar pkg ... 190For each listed package, remove all file entries in the package database that 191belong to the package. 192This should be used only by 193.Xr pkg_view 1 . 194.It Cm dump 195Dump the contents of the package database, similar to 196.Cm pkg_info -F . 197Columns are printed for the key field used in the pkgdb - the filename -, 198and the data field - the package the file belongs to. 199.It Cm fetch-pkg-vulnerabilities Oo Fl su Oc 200Fetch a new pkg-vulnerabilities file, check the format and if 201.Fl s 202is given the signature. 203If all checks are passed, write it to pkgdb. 204If 205.Fl u 206is given, the fetch is conditional and the file transfer is only done if 207the remote version is newer than the one in pkgdb. 208.It Cm findbest Ar pattern ... 209Search the entries of 210.Ev PKG_PATH 211for packages matching 212.Ar pattern . 213Print the URL of the best matching package to stdout for each pattern. 214If a pattern is not matched, it is skipped and the command will return 215a failure. 216.It Cm lsall Ar /dir/pkgpattern 217.It Cm lsbest Ar /dir/pkgpattern 218List all/best package matching pattern in the given directory 219.Pa /dir . 220If the 221.Fl d 222flag is given, then that directory path overrides 223.Pa /dir . 224Can be used to work around limitations of /bin/sh and other 225filename globbing mechanisms. 226This option implements matching of 227pkg-wildcards against arbitrary files and directories, useful mainly in 228the build system itself. 229See 230.Xr pkg_info 1 231for a description of the pattern. 232.Pp 233Example: 234.Bd -literal 235yui# cd /usr/pkgsrc/packages/i386ELF/All/ 236yui# ls unzip* 237unzip-5.40.tgz unzip-5.41.tgz 238yui# pkg_admin lsall 'unzip*' 239/usr/pkgsrc/packages/i386ELF/All/unzip-5.40.tgz 240/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz 241yui# pkg_admin lsall 'unzip\*[Ge]5.40' 242/usr/pkgsrc/packages/i386ELF/All/unzip-5.40.tgz 243/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz 244yui# pkg_admin lsall 'unzip\*[Ge]5.41' 245/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz 246yui# pkg_admin lsbest 'unzip\*[Ge]5.40' 247/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz 248yui# pkg_admin lsall /usr/pkgsrc/packages/i386ELF/All/'{mit,unproven}-pthread*' 249/usr/pkgsrc/packages/i386ELF/All/mit-pthreads-1.60b6.tgz 250/usr/pkgsrc/packages/i386ELF/All/unproven-pthreads-0.15.tgz 251.Ed 252.It Cm pmatch Ar pattern Ar pkg 253Returns true if 254.Ar pkg 255matches 256.Ar pattern , 257otherwise returns false. 258.It Cm rebuild 259Rebuild the package database mapping from scratch, scanning 260subdirectories in 261.Pa /var/db/pkg 262for 263.Pa +CONTENTS 264files, parsing them and writing the resulting absolute pathnames 265together with the package they belong to into the package database. 266.Pp 267This option is intended to be used for upgrading from non-pkgdb-pkg_* 268tools to pkgdb-pkg_* tools, further manipulation of the pkgdb will be 269done by 270.Xr pkg_add 1 , 271.Xr pkg_delete 1 , 272and 273.Xr pkg_create 1 . 274.Pp 275Needs to be run as root. 276.It Cm rebuild-tree 277Rebuild the +REQUIRED_BY files from scratch by reresolving all dependencies. 278.Pp 279This option is intended to be used for fixing inconsistencies between 280the records of depending and depended-on packages, such as can arise 281by the use of 282.Cm pkg_delete -f . 283.It Cm set Ar variable=value pkg ... 284Set variable with information about the installed package. 285Use 286.Cm unset 287to remove a variable. 288.Pp 289Packages that are not installed directly by the user but pulled in as 290dependencies are marked by setting 291.Dq automatic=YES . 292.It Cm gpg-sign-package pkg 293Sign the binary package 294.Ar pkg 295using GPG. 296.It Cm x509-sign-package pkg spkg key cert 297Sign the binary package 298.Ar pkg 299using the key 300.Ar key 301and the certificate 302.Ar cert , 303using 304.Ar spkg 305as output file. 306.It Cm unset Ar variable pkg ... 307Remove an installation variable. 308.El 309.Sh ENVIRONMENT 310.Bl -tag -width indent -compact 311.It Ev PKG_DBDIR 312If the 313.Fl K 314flag isn't given, then 315.Ev PKG_DBDIR 316is the location of the package database directory. 317The default package database directory is 318.Pa /var/db/pkg . 319.El 320.Sh CONFIGURATION VARIABLES 321The following variables change the behavior of 322.Nm 323and are described in 324.Xr pkg_install.conf 5 : 325.Bl -tag -width CERTIFICATE_ANCHOR_PKGS 326.It Ev CERTIFICATE_ANCHOR_PKGS 327.It Ev CERTIFICATE_ANCHOR_PKGVULN 328.It Ev CERTIFICATE_CHAIN 329.It Ev GPG 330.It Ev PKGVULNDIR 331.It Ev PKGVULNURL 332.It Ev IGNORE_URL 333.El 334.Sh FILES 335.Bl -tag -width /var/db/pkg/pkgdb.byfile.db -compact 336.It Pa /var/db/pkg/pkgdb.byfile.db 337.It Pa /var/db/pkg/\*[Lt]pkg\*[Gt]/+CONTENTS 338.El 339.Sh SEE ALSO 340.Xr pkg_add 1 , 341.Xr pkg_create 1 , 342.Xr pkg_delete 1 , 343.Xr pkg_info 1 , 344.Xr pkg_view 1 , 345.Xr pkg_install.conf 5 , 346.Xr pkgsrc 7 347.Sh HISTORY 348The 349.Nm 350command first appeared in 351.Nx 1.4 . 352.Sh AUTHORS 353The 354.Nm 355command was written by Hubert Feyrer. 356