test/integration/test-apt-update-rollback

   1 #!/bin/sh
   2 #
   3 # test that apt-get update is transactional
   4 #
   5 set -e
   6
   7 avoid_ims_hit() {
   8     touch -d '+1hour' aptarchive/dists/unstable/main/binary-i386/Packages*
   9     touch -d '+1hour' aptarchive/dists/unstable/main/source/Sources*
  10     touch -d '+1hour' aptarchive/dists/unstable/*Release*
  11
  12     touch -d '-1hour' rootdir/var/lib/apt/lists/*
  13 }
  14
  15 create_fresh_archive()
  16 {
  17     rm -rf aptarchive/*
  18     rm -f rootdir/var/lib/apt/lists/_* rootdir/var/lib/apt/lists/partial/*
  19
  20     insertpackage 'unstable' 'old' 'all' '1.0'
  21
  22     setupaptarchive
  23 }
  24
  25 add_new_package() {
  26     insertpackage "unstable" "new" "all" "1.0"
  27     insertsource "unstable" "new" "all" "1.0"
  28
  29     setupaptarchive --no-update
  30
  31     avoid_ims_hit
  32 }
  33
  34 break_repository_sources_index() {
  35     printf "xxx" > $APTARCHIVE/dists/unstable/main/source/Sources
  36     gzip -c $APTARCHIVE/dists/unstable/main/source/Sources > \
  37             $APTARCHIVE/dists/unstable/main/source/Sources.gz
  38     avoid_ims_hit
  39 }
  40
  41 test_inrelease_to_new_inrelease() {
  42     msgmsg "Test InRelease to new InRelease works fine"
  43     create_fresh_archive
  44     testequal "old/unstable 1.0 all" apt list -q
  45
  46     add_new_package
  47     testsuccess aptget update
  48
  49     testequal "new/unstable 1.0 all
  50 old/unstable 1.0 all" apt list -q
  51 }
  52
  53 test_inrelease_to_broken_hash_reverts_all() {
  54     msgmsg "Test InRelease to broken InRelease reverts everything"
  55     create_fresh_archive
  56     add_new_package
  57     # break the Sources file
  58     break_repository_sources_index
  59
  60     # test the error condition
  61     testequal "W: Failed to fetch file:${APTARCHIVE}/dists/unstable/InRelease
  62
  63 W: Failed to fetch copy:${APTARCHIVE}/dists/unstable/main/source/Sources  Hash Sum mismatch
  64
  65 W: Failed to fetch copy:${APTARCHIVE}/dists/unstable/main/binary-i386/Packages
  66
  67 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
  68     # ensure that the Packages file is also rolled back
  69     testequal "E: Unable to locate package new" aptget install new -s -qq
  70 }
  71
  72 test_inreleae_to_valid_release() {
  73     msgmsg "Test InRelease to valid Release"
  74     create_fresh_archive
  75     add_new_package
  76     # switch to a unsinged repo now
  77     rm $APTARCHIVE/dists/unstable/InRelease
  78     rm $APTARCHIVE/dists/unstable/Release.gpg
  79     avoid_ims_hit
  80
  81     # update works
  82     testsuccess aptget update -o Debug::Acquire::Transaction=1
  83
  84     # test that we can install the new packages but do no longer have a sig
  85     testsuccess aptget install old -s
  86     testsuccess aptget install new -s
  87     testfailure ls $ROOTDIR/var/lib/apt/lists/*_InRelease
  88     testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release.gpg
  89     testsuccess ls $ROOTDIR/var/lib/apt/lists/*_Release
  90 }
  91
  92 test_inreleae_to_release_reverts_all() {
  93     msgmsg "Test InRelease to broken Release reverts everything"
  94     create_fresh_archive
  95
  96     # switch to a unsinged repo now
  97     add_new_package
  98     rm $APTARCHIVE/dists/unstable/InRelease
  99     rm $APTARCHIVE/dists/unstable/Release.gpg
 100     # break it
 101     break_repository_sources_index
 102
 103     # ensure error
 104     testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease
 105
 106 W: Failed to fetch file:$APTARCHIVE/dists/unstable/Release
 107
 108 W: Failed to fetch file:$APTARCHIVE/dists/unstable/Release.gpg
 109
 110 W: Failed to fetch copy:$APTARCHIVE/dists/unstable/main/source/Sources  Hash Sum mismatch
 111
 112 W: Failed to fetch copy:$APTARCHIVE/dists/unstable/main/binary-i386/Packages
 113
 114 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq # -o Debug::acquire::transaction=1
 115
 116     # ensure that the Packages file is also rolled back
 117     testsuccess aptget install old -s
 118     testfailure aptget install new -s
 119     testsuccess ls $ROOTDIR/var/lib/apt/lists/*_InRelease
 120     testfailure ls $ROOTDIR/var/lib/apt/lists/*_Release
 121 }
 122
 123 test_unauthenticated_to_invalid_inrelease() {
 124     msgmsg "Test UnAuthenticated to invalid InRelease reverts everything"
 125     create_fresh_archive
 126     rm $APTARCHIVE/dists/unstable/InRelease
 127     rm $APTARCHIVE/dists/unstable/Release.gpg
 128     avoid_ims_hit
 129
 130     testsuccess aptget update -qq
 131     testequal "WARNING: The following packages cannot be authenticated!
 132   old
 133 E: There are problems and -y was used without --force-yes" aptget install -qq -y old
 134
 135     # go to authenticated but not correct
 136     add_new_package
 137     break_repository_sources_index
 138
 139     testequal "W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease
 140
 141 W: Failed to fetch copy:$APTARCHIVE/dists/unstable/main/source/Sources  Hash Sum mismatch
 142
 143 W: Failed to fetch copy:$APTARCHIVE/dists/unstable/main/binary-i386/Packages
 144
 145 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
 146
 147     testfailure ls rootdir/var/lib/apt/lists/*_InRelease
 148     testequal "WARNING: The following packages cannot be authenticated!
 149   old
 150 E: There are problems and -y was used without --force-yes" aptget install -qq -y old
 151 }
 152
 153 test_inrelease_to_unauth_inrelease() {
 154     msgmsg "Test InRelease to InRelease without sig"
 155     create_fresh_archive
 156     signreleasefiles 'Marvin Paranoid'
 157     avoid_ims_hit
 158
 159     testequal "W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file: unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
 160
 161 W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease
 162
 163 W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update -qq
 164
 165     testsuccess ls rootdir/var/lib/apt/lists/*_InRelease
 166 }
 167
 168 TESTDIR=$(readlink -f $(dirname $0))
 169 . $TESTDIR/framework
 170
 171 setupenvironment
 172 configarchitecture "i386"
 173
 174 # setup the archive and ensure we have a single package that installs fine
 175 setupaptarchive
 176 APTARCHIVE=$(readlink -f ./aptarchive)
 177 ROOTDIR=${TMPWORKINGDIRECTORY}/rootdir
 178 APTARCHIVE_LISTS="$(echo $APTARCHIVE | tr "/" "_" )"
 179
 180 # test the following cases:
 181 # - InRelease -> broken InRelease revert to previous state
 182 # - empty lists dir and broken remote leaves nothing on the system
 183 # - InRelease -> hashsum mismatch for one file reverts all files to previous state
 184 # - Release/Release.gpg -> hashsum mismatch
 185 # - InRelease -> Release with hashsum mismatch revert entire state and kills Release
 186 # - Release -> InRelease with broken Sig/Hash removes InRelease
 187 # going from Release/Release.gpg -> InRelease and vice versa
 188 # - unauthenticated -> invalid InRelease
 189
 190 test_inrelease_to_new_inrelease
 191 test_inrelease_to_broken_hash_reverts_all
 192
 193 test_inreleae_to_valid_release
 194 test_inreleae_to_release_reverts_all
 195
 196 test_unauthenticated_to_invalid_inrelease
 197
 198 test_inrelease_to_unauth_inrelease