Merge pull request #135 from rhyven/patch-5

Accept apt-get as a package audit tool
2016-03-16 11:02:35 +01:00 · 2016-03-16 11:02:35 +01:00 · 2fe5fa2cc6
parent a629248048 a97bcb2142
commit 2fe5fa2cc6
1 changed files with 4 additions and 1 deletions
--- a/include/tests_ports_packages
+++ b/include/tests_ports_packages
@ -881,13 +881,16 @@
    if [ ${SKIPTEST} -eq 0 ]; then
        VULNERABLE_PACKAGES_FOUND=0
        SCAN_PERFORMED=0
+        # If apt-get is installed, then it's a reasonable option for a Package Audit tool
+        # If apt-check exists, it will be preferred and will overwrite the PACKAGE_AUDIT_TOOL setting
+        PACKAGE_AUDIT_TOOL="apt-get"
+        PACKAGE_AUDIT_TOOL_FOUND=1
        # Update the repository, outdated repositories don't give much information
        LogText "Action: updating repository with apt-get"
        /usr/bin/apt-get -q=2 update
        LogText "Result: apt-get finished"
        LogText "Test: Checking if /usr/lib/update-notifier/apt-check exists"
        if [ -x /usr/lib/update-notifier/apt-check ]; then
-          PACKAGE_AUDIT_TOOL_FOUND=1
          PACKAGE_AUDIT_TOOL="apt-check"
          LogText "Result: found /usr/lib/update-notifier/apt-check"
          LogText "Test: checking if any of the updates contain security updates"