NAME
pkg_admin —
perform various
administrative tasks to the pkg system
SYNOPSIS
pkg_admin |
[-bqSVv]
[-C
config]
[-d lsdir]
[-K
pkg_dbdir]
[-s
sfx_pattern] command
[args ...] |
DESCRIPTION
This command performs various administrative tasks around the
NetBSD Packages System.
OPTIONS
The following command-line options are supported:
-
-
- -b
- Print only the base names when matching package names for
lsall and lsbest.
-
-
- -C
config
- Read the configuration file from
config instead of the system default.
-
-
- -d
lsdir
- Set lsdir as the path to the
directory in which to find matching package names for
lsall and lsbest.
-
-
- -K
pkg_dbdir
- Override the value of the
PKG_DBDIR
configuration option with the value pkg_dbdir.
-
-
- -q
- Perform checks in a quiet manner. In normal operation,
pkg_admin prints a ‘.’ to standard output to
indicate progress. This option suppresses this progress indicator.
-
-
- -S
- Set the shell glob pattern for package suffixes when
matching package names for lsall and
lsbest to be the null suffix.
-
-
- -s
sfx_pattern
- Set the shell glob pattern for package suffixes when
matching package names for lsall and
lsbest. The default pattern is ".t[bg]z".
-
-
- -V
- Print version number and exit.
-
-
- -v
- Be more verbose.
The following commands are supported:
-
-
- audit
[-eis]
[-t type]
[pkg] ...
- Check the listed installed packages for vulnerabilities. If
no package is given, check all installed packages. If -e
is given, override the
CHECK_END_OF_LIFE
option
from
pkg_install.conf(5)
with “yes
”. If -i is
given, any advisory ignored by IGNORE_URL
in
pkg_install.conf(5)
is included but flagged as “ignored”. If -s
is given, check the signature of the pkg-vulnerabilities file before using
it. -t restricts the reported vulnerabilities to type
type.
-
-
- audit-pkg
[-eis]
[-t type]
[pkg] ...
- Like audit, but check only the given
package names or patterns.
-
-
- audit-batch
[-eis]
[-t type]
[pkg-list] ...
- Like audit-pkg, but read the package
names or patterns one per line from the given files.
-
-
- audit-history
[-s]
[-t type]
[pkgbase] ...
- Print all vulnerabilities for the given base package
names.
-
-
- check
[pkg ...]
- Use this command to check the files belonging to some or
all of the packages installed on the local machine against the checksum
which was recorded in the +CONTENTS files at package
installation time. Symbolic links also have their integrity checked
against the recorded value at package installation time. If no additional
argument is given, the files of all installed packages are checked, else
only the named packages will be checked (wildcards can be used here, see
pkg_info(1)).
The packages' +CONTENTS files will be parsed and the
checksum will be checked for every file found. A warning message is
printed if the expected checksum differs from the checksum of the file on
disk. Symbolic links are also checked, ensuring that the targets on disk
are the same as the contents recorded at package installation time.
-
-
- check-license
condition
- Check if condition can be fulfilled
with the currently set of accepted licenses. Prints either yes or no to
stdout if the condition can be parsed, otherwise it exits with error.
-
-
- check-pkg-vulnerabilities
[-s]
file
- Check format and hashes in the pkg-vulnerabilities file
file. If -s is given, also check
the embedded signature.
-
-
- check-signature
file ...
- Reports if file is a correctly signed
package.
-
-
- check-single-license
license
- Check if license is a valid license
name and if it is in the set of acceptable licenses. Prints either yes or
no to stdout if the condition can be parsed, otherwise it exits with
error.
-
-
- config-var
variable
- Print the current value of variable
as used after parsing the configuration file.
-
-
- digest
file ...
- Compute a SHA256 message digest of
file.
-
-
- dump
- Dump the contents of the package database, similar to
pkg_info -F. Columns are printed for the key field used
in the pkgdb - the filename -, and the data field - the package the file
belongs to.
-
-
- fetch-pkg-vulnerabilities
[-su]
- Fetch a new pkg-vulnerabilities file, check the format and
if -s is given the signature. If all checks are passed,
write it to pkgdb. If -u is given, the fetch is
conditional and the file transfer is only done if the remote version is
newer than the one in pkgdb.
-
-
- findbest
pattern ...
- Search the entries of
PKG_PATH
for
packages matching pattern. Print the URL of the best
matching package to stdout for each pattern. If a pattern is not matched,
it is skipped and the command will return a failure.
-
-
- gpg-sign-package
pkg spkg
- Sign the binary package pkg using GPG
and write the result to spkg.
-
-
- lsall
/dir/pkgpattern
-
- lsbest
/dir/pkgpattern
- List all/best package matching pattern in the given
directory /dir. If the -d flag is
given, then that directory path overrides /dir. Can be
used to work around limitations of /bin/sh and other filename globbing
mechanisms. This option implements matching of pkg-wildcards against
arbitrary files and directories, useful mainly in the build system itself.
See pkg_info(1) for a
description of the pattern.
Example:
yui# cd /usr/pkgsrc/packages/i386ELF/All/
yui# ls unzip*
unzip-5.40.tgz unzip-5.41.tgz
yui# pkg_admin lsall 'unzip*'
/usr/pkgsrc/packages/i386ELF/All/unzip-5.40.tgz
/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz
yui# pkg_admin lsall 'unzip≥5.40'
/usr/pkgsrc/packages/i386ELF/All/unzip-5.40.tgz
/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz
yui# pkg_admin lsall 'unzip≥5.41'
/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz
yui# pkg_admin lsbest 'unzip≥5.40'
/usr/pkgsrc/packages/i386ELF/All/unzip-5.41.tgz
yui# pkg_admin lsall /usr/pkgsrc/packages/i386ELF/All/'{mit,unproven}-pthread*'
/usr/pkgsrc/packages/i386ELF/All/mit-pthreads-1.60b6.tgz
/usr/pkgsrc/packages/i386ELF/All/unproven-pthreads-0.15.tgz
-
-
- pmatch
pattern pkg
- Returns true if pkg matches
pattern, otherwise returns false.
-
-
- rebuild
- Rebuild the package database mapping from scratch, using
the +CONTENTS files of the installed packages. This
option is only intended for recovery after system crashes during package
installation and removal.
-
-
- rebuild-tree
- Rebuild the +REQUIRED_BY files from scratch by reresolving
all dependencies.
This option is intended to be used for fixing inconsistencies between the
records of depending and depended-on packages, such as can arise by the
use of pkg_delete -f.
-
-
- set
variable=value pkg ...
- Set variable with information about the installed package.
Use unset to remove a variable.
Packages that are not installed directly by the user but pulled in as
dependencies are marked by setting “automatic=YES”.
-
-
- x509-sign-package
pkg spkg key cert
- Sign the binary package pkg using the
key key and the certificate
cert, using spkg as output
file.
-
-
- unset
variable pkg ...
- Remove an installation variable.
ENVIRONMENT
See
pkg_install.conf(5)
for options, that can also be specified using the environment.
FILES
- @PREFIX@/pkgdb/pkgdb.byfile.db
-
- @PREFIX@/pkgdb/<pkg>/+CONTENTS
-
SEE ALSO
pkg_add(1),
pkg_create(1),
pkg_delete(1),
pkg_info(1),
pkg_install.conf(5),
pkgsrc(7)
HISTORY
The
pkg_admin command first appeared in
NetBSD 1.4.
AUTHORS
The
pkg_admin command was written by Hubert Feyrer.