horok/apt
1
0
Fork 0
Code Activity
apt/test/integration/test-sourceslist-trusted-options
Daniel Baumann 1af95933dd
Adding upstream version 3.0.3. 
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
2025-06-30 17:53:03 +02:00

218 lines
7.6 KiB
Bash
Executable file
Raw Permalink Blame History

#!/bin/sh
set -e
TESTDIR="$(readlink -f "$(dirname "$0")")"
. "$TESTDIR/framework"
setupenvironment
configarchitecture 'amd64'
buildsimplenativepackage 'foo' 'amd64' '1' 'stable'
buildsimplenativepackage 'foo' 'amd64' '2' 'testing'
setupaptarchive --no-update
APTARCHIVE=$(readlink -f ./aptarchive)
everythingsucceeds() {
testsuccessequal 'Listing...
foo/testing 2 amd64
foo/stable 1 amd64
' apt list foo -a
cd downloaded
rm -f foo_1_amd64.deb foo_2_amd64.deb
testsuccess aptget download foo "$@"
testsuccess test -s foo_1_amd64.deb -o -s foo_2_amd64.deb
rm -f foo_1.dsc foo_2.dsc
testsuccess aptget source foo --dsc-only "$@"
testsuccess test -s foo_1.dsc -o -s foo_2.dsc
cd - >/dev/null
}
everythingfails() {
testsuccessequal 'Listing...
foo/testing 2 amd64
foo/stable 1 amd64
' apt list foo -a
local WARNING='WARNING: The following packages cannot be authenticated!
foo
E: Some packages could not be authenticated'
cd downloaded
rm -f foo_1_amd64.deb foo_2_amd64.deb
testfailure aptget download foo "$@"
testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output
testfailure test -s foo_1_amd64.deb -o -s foo_2_amd64.deb
rm -f foo_1.dsc foo_2.dsc
testfailure aptget source foo --dsc-only "$@"
testequal "$WARNING" tail -n 3 ../rootdir/tmp/testfailure.output
testfailure test -s foo_1.dsc -o -s foo_2.dsc
cd - >/dev/null
}
cp -a rootdir/etc/apt/sources.list.d/ rootdir/etc/apt/sources.list.d.bak/
echo 'Debug::Acquire::Transaction "true";
Debug::pkgAcquire::Worker "true";' > rootdir/etc/apt/apt.conf.d/00debugging
aptgetupdate() {
rm -rf rootdir/var/lib/apt/lists
# note that insecure with trusted=yes are allowed
# as the trusted=yes indicates that security is provided by
# something above the understanding of apt
${1:-testsuccess} aptget update --no-allow-insecure-repositories
}
insecureaptgetupdate() {
rm -rf rootdir/var/lib/apt/lists
testfailure aptget update --no-allow-insecure-repositories
rm -rf rootdir/var/lib/apt/lists
testwarning aptget update --allow-insecure-repositories
}
msgmsg 'Test without trusted option and good sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
aptgetupdate
everythingsucceeds
everythingsucceeds -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=yes option and good sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
aptgetupdate
everythingsucceeds
everythingsucceeds -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=no option and good sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
# we want the warnings on the actions, but for 'update' everything is fine
aptgetupdate
everythingfails
everythingfails -t stable
everythingfails -t testing
find aptarchive/dists/stable \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
msgmsg 'Test without trusted option and good and unsigned sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
insecureaptgetupdate
everythingsucceeds
everythingfails -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=yes option and good and unsigned sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
aptgetupdate
everythingsucceeds
everythingsucceeds -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=no option and good and unsigned sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
insecureaptgetupdate
everythingfails
everythingfails -t stable
everythingfails -t testing
signreleasefiles 'Marvin Paranoid' 'aptarchive/dists/stable'
msgmsg 'Test without trusted option and good and unknown sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
insecureaptgetupdate
everythingsucceeds
everythingfails -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=yes option and good and unknown sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
aptgetupdate 'testwarning'
everythingsucceeds
everythingsucceeds -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=no option and good and unknown sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
insecureaptgetupdate
everythingfails
everythingfails -t stable
everythingfails -t testing
signreleasefiles 'Rex Expired' 'aptarchive/dists/stable'
cp -a keys/rexexpired.pub rootdir/etc/apt/trusted.gpg.d/rexexpired.gpg
msgmsg 'Test without trusted option and good and expired sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
insecureaptgetupdate
everythingsucceeds
everythingfails -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=yes option and good and expired sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
aptgetupdate 'testwarning'
everythingsucceeds
everythingsucceeds -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=no option and good and expired sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
insecureaptgetupdate
everythingfails
everythingfails -t stable
everythingfails -t testing
# same as the one further above, but this time testing is unsigned
find aptarchive/ \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
signreleasefiles 'Joe Sixpack' 'aptarchive/dists/stable'
msgmsg 'Test without trusted option and unsigned and good sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
insecureaptgetupdate
everythingfails
everythingsucceeds -t stable
everythingfails -t testing
msgmsg 'Test with trusted=yes option and unsigned and good sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=yes] #' rootdir/etc/apt/sources.list.d/*
aptgetupdate
everythingsucceeds
everythingsucceeds -t stable
everythingsucceeds -t testing
msgmsg 'Test with trusted=no option and unsigned and good sources'
cp -a rootdir/etc/apt/sources.list.d.bak/* rootdir/etc/apt/sources.list.d/
sed -i 's#^deb\(-src\)\? #deb\1 [trusted=no] #' rootdir/etc/apt/sources.list.d/*
insecureaptgetupdate
everythingfails
everythingfails -t stable
everythingfails -t testing
msgmsg 'Test conflicting trusted options are refused'
testsource() {
echo "$@" > rootdir/etc/apt/sources.list.d/example.list
testfailuremsg 'E: Conflicting values set for option Trusted regarding source http://example.org/bad/ unstable
E: The list of sources could not be read.' aptget update --print-uris
}
for VAL in 'yes' 'no'; do
testsource "deb http://example.org/bad unstable main
deb [trusted=${VAL}] http://example.org/bad unstable non-free"
testsource "deb [trusted=${VAL}] http://example.org/bad unstable main
deb http://example.org/bad unstable non-free"
done
testsource 'deb [trusted=yes] http://example.org/bad unstable main
deb [trusted=no] http://example.org/bad unstable non-free'
testsource 'deb [trusted=no] http://example.org/bad unstable main
deb [trusted=yes] http://example.org/bad unstable non-free'
View git blame Copy permalink