Portcheck is a simple and small script for FreeBSD

which first updates the ports tree and then runs an
update and a security checkup of all the installed packages.
Portcheck depends on portsnap, portaudit and pkg_version.

WWW: http://www.usebsd.com/pub/portcheck/

PR:		ports/107418
Submitted by:	Kim Naim Lesmer <naim at usebsd.com>

5 files changed, 192 insertions, 0 deletions

diff --git a/sysutils/Makefile b/sysutils/Makefile
index 4aa302a2430f..d8547ecf2843 100644
--- a/sysutils/Makefile
+++ b/sysutils/Makefile
@@ -506,6 +506,7 @@
     SUBDIR += port-authoring-tools
     SUBDIR += port-maintenance-tools
     SUBDIR += portbrowser
+    SUBDIR += portcheck
     SUBDIR += portconf
     SUBDIR += portdowngrade
     SUBDIR += portmanager
diff --git a/sysutils/portcheck/Makefile b/sysutils/portcheck/Makefile
new file mode 100644
index 000000000000..ef45650db19c
--- /dev/null
+++ b/sysutils/portcheck/Makefile
@@ -0,0 +1,37 @@
+# New ports collection makefile for:   portcheck
+# Date created:        01 January 2007
+# Whom:                Kim Naim Lesmer <naim@usebsd.com>
+#
+# $FreeBSD$
+#
+
+PORTNAME=	portcheck
+PORTVERSION=	1.12
+CATEGORIES=	sysutils
+MASTER_SITES=	http://www.usebsd.com/pub/portcheck/files/ \
+		http://www.bitcare.dk/pub/portcheck/files/
+EXTRACT_SUFX=	.tbz
+
+MAINTAINER=	naim@usebsd.com
+COMMENT=	Maintains the ports tree and checks up the installed packages
+
+RUN_DEPENDS=	${LOCALBASE}/sbin/portaudit:${PORTSDIR}/security/portaudit
+
+PLIST_FILES=	bin/portcheck
+MAN1=		portcheck.1
+NO_WRKSUBDIR=	yes
+NO_BUILD=	yes
+
+do-install:
+	@${INSTALL_SCRIPT} ${WRKDIR}/portcheck ${PREFIX}/bin
+	@${INSTALL_MAN} ${WRKDIR}/portcheck.1 ${MAN8PREFIX}/man/man1
+	@${ECHO} ""
+	@${ECHO} "See 'man portcheck' for information about usage."
+	@${ECHO} ""
+
+.include <bsd.port.pre.mk>
+.if ${OSVERSION} < 504104
+IGNORE=	doesn't work on our sstem, it needs portsnap, please update your system to at least 5-STABLE
+.endif
+
+.include <bsd.port.post.mk>
diff --git a/sysutils/portcheck/distinfo b/sysutils/portcheck/distinfo
new file mode 100644
index 000000000000..aa6e108e3ab5
--- /dev/null
+++ b/sysutils/portcheck/distinfo
@@ -0,0 +1,3 @@
+MD5 (portcheck-1.12.tbz) = 6e557bb8d1cb8a36442bbf375faaeac5
+SHA256 (portcheck-1.12.tbz) = 2c7d177825a0380790d89f38cc0026a391705ec2344f0b5d4d2d14b9f1095039
+SIZE (portcheck-1.12.tbz) = 2379
diff --git a/sysutils/portcheck/pkg-descr b/sysutils/portcheck/pkg-descr
new file mode 100644
index 000000000000..fb807fc9e279
--- /dev/null
+++ b/sysutils/portcheck/pkg-descr
@@ -0,0 +1,6 @@
+Portcheck is a simple and small script for FreeBSD 
+which first updates the ports tree and then runs an 
+update and a security checkup of all the installed packages.
+Portcheck depends on portsnap, portaudit and pkg_version.
+
+WWW: http://www.usebsd.com/pub/portcheck/
diff --git a/sysutils/portcheck/portcheck b/sysutils/portcheck/portcheck
new file mode 100644
index 000000000000..7ab1fe3765a1
--- /dev/null
+++ b/sysutils/portcheck/portcheck
@@ -0,0 +1,145 @@
+#!/bin/sh
+#
+# Copyright (c) 2006, Kim Naim Lesmer
+# All rights reserved.
+#
+# Mail: naim@usebsd.com
+#
+# BSD Licens.
+# Redistribution and use in source and binary forms, with or without
+# modification, are permitted provided that the following conditions
+# are met:
+#
+# 1. Redistributions of source code must retain the above copyright
+#    notice, this list of conditions and the following disclaimer.
+# 2. Redistributions in binary form must reproduce the above copyright
+#    notice, this list of conditions and the following disclaimer in the
+#    documentation and/or other materials provided with the distribution.
+# 3. Neither the name of the developer nor the names of the software
+#    contributors may be used to endorse or promote products derived from
+#    this software without specific prior written permission.
+#
+# THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+# ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+# IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+# ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+# FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+# DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+# OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+# HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+# LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+# SUCH DAMAGE.
+#
+
+#
+# This is a simple and small script for FreeBSD which updates the portstree, 
+# runs a normal and security checkup of all the installed packages. The 
+# script uses portsnap, portaudit and pkg_version.
+# 
+# The script needs to be run as root.
+#
+
+/usr/bin/clear
+echo "Running Portcheck.."
+
+# Check if the user is root.
+if [ $(whoami) != "root" ]; then
+	echo ""
+    echo "You must be root to run this script!"
+    echo "Terminating portcheck.. done."
+    echo ""
+    exit 1
+fi
+
+# Using portsnap from the base system to fetch and install or update the ports.
+if [ -d /var/db/portsnap ]; then
+	echo ""
+	echo "Portcheck step [1/3] - Fetching and updating the ports tree."
+	echo ""
+	echo "Fetching and updating the ports.."
+	/usr/sbin/portsnap fetch update
+	if [ $? = "1" ]; then
+		echo ""
+		echo "Something went wrong! Portsnap has reported an error!"
+		echo "You need to have a working and functional Internet" 
+		echo "connection in order to use this script!"
+		echo ""
+	    echo "Terminating portcheck.. done."
+	    exit 1
+	else
+		echo "Done fetching and updating the ports."
+	fi
+else
+	echo ""
+	echo "Portcheck step [1/3] - Fetching and extracting the ports tree."
+	echo ""
+	echo "Fetching and extracting the ports.."
+	/usr/sbin/portsnap fetch extract
+	if [ $? = "1" ]; then
+		echo ""
+		echo "Something went wrong! Portsnap has reported an error!"
+		echo "You need to have a working and functional Internet" 
+		echo "connection in order to use this script!"
+		echo ""
+	    echo "Terminating portcheck.. done." 
+		echo ""
+	    exit 1
+	else
+		echo "Done fetching and extracting the ports."
+		echo ""
+	fi
+fi
+
+# Check if portaudit is installed.
+if [ ! -e /usr/local/sbin/portaudit ]; then
+	echo ""
+	echo "The program 'portaudit' is not installed!"
+ 	echo "Portcheck needs portaudit to check all your installed packages"
+	echo "for important security updates."
+	echo ""
+	echo "You can install portaudit using the command 'make install clean'"
+	echo "in /usr/ports/security/portaudit. Or if you want to use binary"
+ 	echo "installation by issuing the command 'pkg_add -r portaudit'."
+ 	echo ""
+ 	echo "Please install portaudit and re-run this script!" 
+	echo "Terminating portcheck.. done."
+	echo ""
+	exit 1
+fi
+
+# Check if any installed packages needs updating
+echo ""
+echo "Portcheck step [2/3] - Normal checkup."
+echo ""
+echo "Doing a normal checkup of all installed packages.."
+echo "This may take a while!"
+/usr/sbin/pkg_version -v -l '<' > /var/log/portcheck.log
+
+# Check if any installed packages has any security issues
+echo ""
+echo "Portcheck step [3/3] - Security checkup."
+echo ""
+echo "Doing a security checkup of all installed packages.."
+
+/usr/local/sbin/portaudit -Fda > /tmp/portcheck.txt 
+if [ $? = "1" ]; then
+	echo "" >> /var/log/portcheck.log 
+	echo "The following packages has security issues!" >> /var/log/portcheck.log
+	echo "" >> /var/log/portcheck.log
+	/bin/cat /tmp/portcheck.txt >> /var/log/portcheck.log
+	/bin/rm /tmp/portcheck.txt
+else
+	echo "" >> /var/log/portcheck.log 
+	echo "No security issues found." >> /var/log/portcheck.log
+fi
+
+echo ""
+echo "Portcheck result.."
+echo ""
+
+/bin/cat /var/log/portcheck.log
+echo ""
+echo "A copy of the above result is kept in /var/log/portcheck.log"
+echo "Portcheck.. done."
+echo ""