On December 11, 2009
portaudit turned up a problem in a package called libtool-2.2.6a_1. So, as usual, I figured I'd go to whatever port that is, and do a
whereis libtool turned up no such port. What's the rookie accidental admin to do?
Take good notes, for one. While dabbling in an unrelated topic -- I was investigating how to enable wake-on-LAN for this machine -- I found a reference to a command I never knew existed:
psearch. It's a port and I didn't have it installed, but
whereis psearch led me to it quickly enough, and then it was just a matter of
make install clean. Now, back to the portaudit problem:
psearch libtool found the buggy port immediately: devel/libtool22.
I wasn't sure that this quick note was worth a post, so I left it in the drafts folder. But today's
portaudit revealed multiple vulnerabilities in php5. Fixing that is in progress. Meanwhile I thought I'd post this thing after all, so I'll have a quick way to jog my memory next time I go looking for a well-hidden port.
One annoying thing is that I'm still unclear on when to use portupgrade -r, portupgrade -R, or portupgrade -rR. My default is the latter because I find it comforting that these recursive upgrades take care of all sorts of dependencies for me, both up and down stream. But man does it take a long time. That Pentium III is showing its age. It'd be good if I could safely cut some corners. So, dear readers, please comment away. I am curious.