Suggestions have been made that I track down Colin Percival at BSDCan 2014, which starts in few days. However, I know at least four people have already arrived, two days before any official event, the first of which is the inaugural goatBOF. That’s one of the great things about attending a tech conference, especially a small event such as BSDCan or PGCon; you can talk face-to-face with the people who created the tools you love/hate and ask them about how to fix something. If you purchase their favourite beverage, you are very much on the road to success.
The original problem was freebsd-update, which started to annoy me greatly. I have only a handful of servers. I can imagine what it’s like for people with many more than I have. I posted to Twitter about this and a suggestion was made to replace email-monitoring with real monitoring. Putting aside the politics of which you prefer, I remembered an older problem I was trying to solve: pkg audit.
The new problem
Yes, this isn’t about fixing freebsd-update.
Bonus: it works!
Profit: it works for both jails and hosts.
Check out the screen shot which shows both a host and a jail with vulnerabilities.
I have removed both portaudit and jailaudit from all of my hosts. One less thing to read in email.
I hope this helps you as well.