pkg-audit leaks a tmp file if interrupted/killed

Open leres opened this issue 4 years ago • 0 comments

It doesn't seem to be possible to kill "pkg audit -F" without leaving a /tmp/vuln.xml.* file behind. For example:

zinc 29 % rm -v /tmp/vuln.xml*
rm: No match.
zinc 30 % setenv VULNXML_SITE http://10.10.10.10/freebsd/vuln.xml.xz
zinc 31 % pkg audit -F /tmp/vuln.xml
^C
zinc 32 % rm -v /tmp/vuln.xml*
/tmp/vuln.xml.lRzlBhbtey

In my case I have a script that doesn't want to wait more than 30 seconds for pkg to fetch the vuln.xml and it doesn't look like there is any signal handling in pkg_fetch_file_tmp() or pkg_fetch_file_to_fd().

Sep 16 '21 21:09 leres