diff options
Diffstat (limited to '')
| -rw-r--r-- | tests/keyring | 18 | ||||
| -rw-r--r-- | tests/keyring-overwrites | 15 |
2 files changed, 33 insertions, 0 deletions
diff --git a/tests/keyring b/tests/keyring new file mode 100644 index 0000000..7308f0d --- /dev/null +++ b/tests/keyring @@ -0,0 +1,18 @@ +#!/bin/sh +set -eu +export LC_ALL=C.UTF-8 +if [ ! -e /mmdebstrap-testenv ]; then + echo "this test modifies the system and should only be run inside a container" >&2 + exit 1 +fi +for f in /etc/apt/trusted.gpg.d/*.gpg /etc/apt/trusted.gpg.d/*.asc; do + [ -e "$f" ] || continue + rm "$f" +done +rmdir /etc/apt/trusted.gpg.d +mkdir /etc/apt/trusted.gpg.d +{{ CMD }} --mode=root --variant=apt --keyring=/usr/share/keyrings/debian-archive-keyring.gpg --keyring=/usr/share/keyrings/ {{ DIST }} /tmp/debian-chroot "deb {{ MIRROR }} {{ DIST }} main" +# make sure that no [signedby=...] managed to make it into the sources.list +echo "deb {{ MIRROR }} {{ DIST }} main" | cmp /tmp/debian-chroot/etc/apt/sources.list - +tar -C /tmp/debian-chroot --one-file-system -c . | tar -t | sort | diff -u tar1.txt - +rm -r /tmp/debian-chroot diff --git a/tests/keyring-overwrites b/tests/keyring-overwrites new file mode 100644 index 0000000..f070654 --- /dev/null +++ b/tests/keyring-overwrites @@ -0,0 +1,15 @@ +#!/bin/sh +set -eu +export LC_ALL=C.UTF-8 +trap "rm -rf /tmp/debian-chroot; rmdir /tmp/emptydir; rm -f /tmp/emptyfile" EXIT INT TERM +mkdir -p /tmp/emptydir +touch /tmp/emptyfile +# this overwrites the apt keyring options and should fail +ret=0 +{{ CMD }} --mode=root --variant=apt --keyring=/tmp/emptydir --keyring=/tmp/emptyfile {{ DIST }} /tmp/debian-chroot "deb {{ MIRROR }} {{ DIST }} main" || ret=$? +# make sure that no [signedby=...] managed to make it into the sources.list +echo "deb {{ MIRROR }} {{ DIST }} main" | cmp /tmp/debian-chroot/etc/apt/sources.list - +if [ "$ret" = 0 ]; then + echo expected failure but got exit $ret >&2 + exit 1 +fi |