3 # test that apt-get update is transactional
8 touch -d '+1hour' aptarchive
/dists
/unstable
/main
/binary
-i386/Packages
*
9 touch -d '+1hour' aptarchive
/dists
/unstable
/main
/source
/Sources
*
10 touch -d '+1hour' aptarchive
/dists
/unstable
/*Release
*
12 touch -d '-1hour' rootdir
/var
/lib
/apt
/lists
/*
15 create_fresh_archive
()
18 rm -f rootdir
/var
/lib
/apt
/lists
/_
* rootdir
/var
/lib
/apt
/lists
/partial
/*
20 insertpackage
'unstable' 'old' 'all' '1.0'
22 setupaptarchive
--no-update
26 insertpackage
'unstable' 'new' 'all' '1.0'
27 insertsource
'unstable' 'new' 'all' '1.0'
29 setupaptarchive
--no-update "$@"
32 break_repository_sources_index
() {
33 printf 'xxx' > "$APTARCHIVE/dists/unstable/main/source/Sources"
34 compressfile
"$APTARCHIVE/dists/unstable/main/source/Sources" "$@"
37 start_with_good_inrelease
() {
39 testsuccess aptget update
40 listcurrentlistsdirectory
> lists.before
41 testsuccessequal
'old/unstable 1.0 all' apt list
-qq
44 test_inrelease_to_new_inrelease
() {
45 msgmsg
'Test InRelease to new InRelease works fine'
46 start_with_good_inrelease
48 add_new_package
'+1hour'
49 testsuccess aptget update
-o Debug
::Acquire
::Transaction
=1
50 testsuccessequal
'new/unstable 1.0 all
51 old/unstable 1.0 all' apt list
-qq
54 test_inrelease_to_broken_hash_reverts_all
() {
55 msgmsg
'Test InRelease to broken InRelease reverts everything'
56 start_with_good_inrelease
58 add_new_package
'+1hour'
59 # break the Sources file
60 break_repository_sources_index
'+1hour'
62 # test the error condition
63 testfailureequal
"W: Failed to fetch file:${APTARCHIVE}/dists/unstable/main/source/Sources.gz Hash Sum mismatch
64 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
-qq
65 # ensure that the Packages file is also rolled back
66 testfileequal lists.before
"$(listcurrentlistsdirectory)"
67 testfailureequal
"E: Unable to locate package new" aptget
install new
-s -qq
70 test_inrelease_to_valid_release
() {
71 msgmsg
'Test InRelease to valid Release'
72 start_with_good_inrelease
74 add_new_package
'+1hour'
75 # switch to a unsigned repo now
76 rm "$APTARCHIVE/dists/unstable/InRelease"
77 rm "$APTARCHIVE/dists/unstable/Release.gpg"
80 testfailureequal
"E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update
-qq
82 # test that security downgrade was not successful
83 testfileequal lists.before
"$(listcurrentlistsdirectory)"
84 testsuccess aptget
install old
-s
85 testfailure aptget
install new
-s
86 testnotempty
find "${ROOTDIR}/var/lib/apt/lists" -name '*_InRelease'
87 testempty
find "${ROOTDIR}/var/lib/apt/lists" -name '*_Release'
90 test_inrelease_to_release_reverts_all
() {
91 msgmsg
'Test InRelease to broken Release reverts everything'
92 start_with_good_inrelease
94 # switch to a unsigned repo now
95 add_new_package
'+1hour'
96 rm "$APTARCHIVE/dists/unstable/InRelease"
97 rm "$APTARCHIVE/dists/unstable/Release.gpg"
100 break_repository_sources_index
'+1hour'
103 testfailureequal
"E: The repository 'file:${APTARCHIVE} unstable Release' is no longer signed." aptget update
-qq # -o Debug::acquire::transaction=1
105 # ensure that the Packages file is also rolled back
106 testfileequal lists.before
"$(listcurrentlistsdirectory)"
107 testsuccess aptget
install old
-s
108 testfailure aptget
install new
-s
109 testnotempty
find "${ROOTDIR}/var/lib/apt/lists" -name '*_InRelease'
110 testempty
find "${ROOTDIR}/var/lib/apt/lists" -name '*_Release'
113 test_unauthenticated_to_invalid_inrelease
() {
114 msgmsg
'Test UnAuthenticated to invalid InRelease reverts everything'
116 rm "$APTARCHIVE/dists/unstable/InRelease"
117 rm "$APTARCHIVE/dists/unstable/Release.gpg"
119 testwarning aptget update
--allow-insecure-repositories
120 listcurrentlistsdirectory
> lists.before
121 testfailureequal
"WARNING: The following packages cannot be authenticated!
123 E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget
install -qq -y old
125 # go to authenticated but not correct
126 add_new_package
'+1hour'
127 break_repository_sources_index
'+1hour'
129 testfailureequal
"W: Failed to fetch file:$APTARCHIVE/dists/unstable/main/source/Sources.gz Hash Sum mismatch
130 E: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
-qq
132 testfileequal lists.before
"$(listcurrentlistsdirectory)"
133 testempty
find "${ROOTDIR}/var/lib/apt/lists" -maxdepth 1 -name '*_InRelease'
134 testfailureequal
"WARNING: The following packages cannot be authenticated!
136 E: There were unauthenticated packages and -y was used without --allow-unauthenticated" aptget
install -qq -y old
139 test_inrelease_to_unauth_inrelease
() {
140 msgmsg
'Test InRelease to InRelease without good sig'
141 start_with_good_inrelease
143 signreleasefiles
'Marvin Paranoid'
145 testwarningequal
"W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: file:${APTARCHIVE} unstable InRelease: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
146 W: Failed to fetch file:$APTARCHIVE/dists/unstable/InRelease The following signatures couldn't be verified because the public key is not available: NO_PUBKEY E8525D47528144E2
147 W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
-qq
149 testfileequal lists.before
"$(listcurrentlistsdirectory)"
150 testnotempty
find "${ROOTDIR}/var/lib/apt/lists" -name '*_InRelease'
153 test_inrelease_to_broken_gzip
() {
154 msgmsg
"Test InRelease to broken gzip"
155 start_with_good_inrelease
157 break_repository_sources_index
'+1hour'
158 generatereleasefiles
'+2hours'
161 # append junk at the end of the compressed file
162 echo "lala" >> "$APTARCHIVE/dists/unstable/main/source/Sources.gz"
163 touch -d '+2min' "$APTARCHIVE/dists/unstable/main/source/Sources.gz"
164 # remove uncompressed file to avoid fallback
165 rm "$APTARCHIVE/dists/unstable/main/source/Sources"
167 testfailure aptget update
168 testsuccess
grep 'Hash Sum mismatch' rootdir
/tmp
/testfailure.output
169 testfileequal lists.before
"$(listcurrentlistsdirectory)"
172 TESTDIR
=$(readlink -f $(dirname $0))
176 configarchitecture
"i386"
178 # setup the archive and ensure we have a single package that installs fine
180 APTARCHIVE
="$(readlink -f ./aptarchive)"
181 ROOTDIR
="${TMPWORKINGDIRECTORY}/rootdir"
182 APTARCHIVE_LISTS
="$(echo "$APTARCHIVE" | tr "/" "_" )"
184 # test the following cases:
185 # - InRelease -> broken InRelease revert to previous state
186 # - empty lists dir and broken remote leaves nothing on the system
187 # - InRelease -> hashsum mismatch for one file reverts all files to previous state
188 # - Release/Release.gpg -> hashsum mismatch
189 # - InRelease -> Release with hashsum mismatch revert entire state and kills Release
190 # - Release -> InRelease with broken Sig/Hash removes InRelease
191 # going from Release/Release.gpg -> InRelease and vice versa
192 # - unauthenticated -> invalid InRelease
198 test_inrelease_to_new_inrelease
199 test_inrelease_to_broken_hash_reverts_all
200 test_inrelease_to_valid_release
201 test_inrelease_to_release_reverts_all
202 test_unauthenticated_to_invalid_inrelease
203 test_inrelease_to_unauth_inrelease
204 test_inrelease_to_broken_gzip