3 # test that apt-get update is transactional
8 touch -d '+1hour' aptarchive
/dists
/unstable
/main
/binary
-i386/Packages
*
9 touch -d '+1hour' aptarchive
/dists
/unstable
/main
/source
/Sources
*
10 touch -d '+1hour' aptarchive
/dists
/unstable
/*Release
*
12 touch -d '-1hour' rootdir
/var
/lib
/apt
/lists
/*
15 create_fresh_archive
()
18 rm -f rootdir
/var
/lib
/apt
/lists
/_
* rootdir
/var
/lib
/apt
/lists
/partial
/*
20 insertpackage
'unstable' 'old' 'all' '1.0'
22 setupaptarchive
--no-update
26 insertpackage
"unstable" "new" "all" "1.0"
27 insertsource
"unstable" "new" "all" "1.0"
29 setupaptarchive
--no-update "$@"
32 break_repository_sources_index
() {
33 printf 'xxx' > $APTARCHIVE/dists
/unstable
/main
/source
/Sources
34 compressfile
"$APTARCHIVE/dists/unstable/main/source/Sources" "$@"
37 start_with_good_inrelease
() {
39 testsuccess aptget update
40 listcurrentlistsdirectory
> lists.before
41 testsuccessequal
"old/unstable 1.0 all" apt list
-q
44 test_inrelease_to_new_inrelease
() {
45 msgmsg
'Test InRelease to new InRelease works fine'
46 start_with_good_inrelease
48 add_new_package
'+1hour'
49 testsuccess aptget update
-o Debug
::Acquire
::Transaction
=1
50 testsuccessequal
"new/unstable 1.0 all
51 old/unstable 1.0 all" apt list
-q
54 test_inrelease_to_broken_hash_reverts_all
() {
55 msgmsg
'Test InRelease to broken InRelease reverts everything'
56 start_with_good_inrelease
58 add_new_package
'+1hour'
59 # break the Sources file
60 break_repository_sources_index
'+1hour'
62 # test the error condition
63 testfailureequal
"W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources.gz Hash Sum mismatch
65 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
-qq
66 # ensure that the Packages file is also rolled back
67 testfileequal lists.before
"$(listcurrentlistsdirectory)"
68 testfailureequal
"E: Unable to locate package new" aptget
install new
-s -qq
71 test_inrelease_to_valid_release
() {
72 msgmsg
'Test InRelease to valid Release'
73 start_with_good_inrelease
75 add_new_package
'+1hour'
76 # switch to a unsigned repo now
77 rm $APTARCHIVE/dists
/unstable
/InRelease
78 rm $APTARCHIVE/dists
/unstable
/Release.gpg
81 testfailureequal
"E: The repository 'file: unstable Release' is no longer signed." aptget update
-qq
83 # test that security downgrade was not successful
84 testfileequal lists.before
"$(listcurrentlistsdirectory)"
85 testsuccess aptget
install old
-s
86 testfailure aptget
install new
-s
87 testsuccess
ls $ROOTDIR/var
/lib
/apt
/lists
/*_InRelease
88 testfailure
ls $ROOTDIR/var
/lib
/apt
/lists
/*_Release
91 test_inrelease_to_release_reverts_all
() {
92 msgmsg
'Test InRelease to broken Release reverts everything'
93 start_with_good_inrelease
95 # switch to a unsigned repo now
96 add_new_package
'+1hour'
97 rm $APTARCHIVE/dists
/unstable
/InRelease
98 rm $APTARCHIVE/dists
/unstable
/Release.gpg
101 break_repository_sources_index
'+1hour'
104 testfailureequal
"E: The repository 'file: unstable Release' is no longer signed." aptget update
-qq # -o Debug::acquire::transaction=1
106 # ensure that the Packages file is also rolled back
107 testfileequal lists.before
"$(listcurrentlistsdirectory)"
108 testsuccess aptget
install old
-s
109 testfailure aptget
install new
-s
110 testsuccess
ls $ROOTDIR/var
/lib
/apt
/lists
/*_InRelease
111 testfailure
ls $ROOTDIR/var
/lib
/apt
/lists
/*_Release
114 test_unauthenticated_to_invalid_inrelease
() {
115 msgmsg
'Test UnAuthenticated to invalid InRelease reverts everything'
117 rm $APTARCHIVE/dists
/unstable
/InRelease
118 rm $APTARCHIVE/dists
/unstable
/Release.gpg
120 testwarning aptget update
--allow-insecure-repositories
121 listcurrentlistsdirectory
> lists.before
122 testfailureequal
"WARNING: The following packages cannot be authenticated!
124 E: There are problems and -y was used without --force-yes" aptget
install -qq -y old
126 # go to authenticated but not correct
127 add_new_package
'+1hour'
128 break_repository_sources_index
'+1hour'
130 testfailureequal
"W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources.gz Hash Sum mismatch
132 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
-qq
134 testfileequal lists.before
"$(listcurrentlistsdirectory)"
135 testfailure
ls rootdir
/var
/lib
/apt
/lists
/*_InRelease
136 testfailureequal
"WARNING: The following packages cannot be authenticated!
138 E: There are problems and -y was used without --force-yes" aptget
install -qq -y old
141 test_inrelease_to_unauth_inrelease
() {
142 msgmsg
'Test InRelease to InRelease without good sig'
143 start_with_good_inrelease
145 signreleasefiles
'Marvin Paranoid'
147 testwarningequal
"W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
149 W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
151 W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
-qq
153 testfileequal lists.before
"$(listcurrentlistsdirectory)"
154 testsuccess
ls rootdir
/var
/lib
/apt
/lists
/*_InRelease
157 test_inrelease_to_broken_gzip
() {
158 msgmsg
"Test InRelease to broken gzip"
159 start_with_good_inrelease
161 break_repository_sources_index
'+1hour'
162 generatereleasefiles
'+2hours'
165 # append junk at the end of the compressed file
166 echo "lala" >> $APTARCHIVE/dists
/unstable
/main
/source
/Sources.gz
167 touch -d '+2min' $APTARCHIVE/dists
/unstable
/main
/source
/Sources.gz
168 # remove uncompressed file to avoid fallback
169 rm $APTARCHIVE/dists
/unstable
/main
/source
/Sources
171 testfailure aptget update
172 testsuccess
grep 'Hash Sum mismatch' rootdir
/tmp
/testfailure.output
173 testfileequal lists.before
"$(listcurrentlistsdirectory)"
176 TESTDIR
=$(readlink -f $(dirname $0))
180 configarchitecture
"i386"
182 # setup the archive and ensure we have a single package that installs fine
184 APTARCHIVE
=$(readlink -f ./aptarchive)
185 ROOTDIR
=${TMPWORKINGDIRECTORY}/rootdir
186 APTARCHIVE_LISTS
="$(echo $APTARCHIVE | tr "/" "_" )"
188 # test the following cases:
189 # - InRelease -> broken InRelease revert to previous state
190 # - empty lists dir and broken remote leaves nothing on the system
191 # - InRelease -> hashsum mismatch for one file reverts all files to previous state
192 # - Release/Release.gpg -> hashsum mismatch
193 # - InRelease -> Release with hashsum mismatch revert entire state and kills Release
194 # - Release -> InRelease with broken Sig/Hash removes InRelease
195 # going from Release/Release.gpg -> InRelease and vice versa
196 # - unauthenticated -> invalid InRelease
202 test_inrelease_to_new_inrelease
203 test_inrelease_to_broken_hash_reverts_all
204 test_inrelease_to_valid_release
205 test_inrelease_to_release_reverts_all
206 test_unauthenticated_to_invalid_inrelease
207 test_inrelease_to_unauth_inrelease
208 test_inrelease_to_broken_gzip