]> git.saurik.com Git - apt.git/blob - test/integration/test-no-fds-leaked-to-maintainer-scripts
projects / apt.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
generalize secure->insecure downgrade protection
[apt.git] / test / integration / test-no-fds-leaked-to-maintainer-scripts
1 #!/bin/sh
2 set -e
3
4 TESTDIR="$(readlink -f "$(dirname "$0")")"
5 . "$TESTDIR/framework"
6
7 setupenvironment
8 configarchitecture 'amd64' 'i386'
9 configdpkgnoopchroot
10
11 setupsimplenativepackage "fdleaks" 'all' '1.0' 'unstable'
12 BUILDDIR="incoming/fdleaks-1.0"
13 for script in 'preinst' 'postinst' 'prerm' 'postrm'; do
14 cat > ${BUILDDIR}/debian/$script << EOF
15 #!/bin/sh
16 if [ -e '$(pwd)/rootdir/tmp/read_stdin' ]; then
17 read line;
18 echo "STDIN: -\$line-"
19 fi
20 ls -l /proc/self/fd/
21 EOF
22 done
23 buildpackage "$BUILDDIR" 'unstable' 'main' 'native'
24 rm -rf "$BUILDDIR"
25
26 PKGNAME='fdleaks:all'
27 if ! dpkg-checkbuilddeps -d 'dpkg (>= 1.16.2)' /dev/null >/dev/null 2>&1; then
28 PKGNAME='fdleaks'
29 fi
30
31 setupaptarchive
32
33 rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log
34 testsuccess aptget install -y fdleaks -qq < /dev/null
35
36 checkfdleak() {
37 msgtest 'Check if fds were not' 'leaked'
38 if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = "$1" ]; then
39 msgpass
40 else
41 echo
42 cat rootdir/tmp/testsuccess.output
43 msgfail
44 fi
45 }
46 checkinstall() {
47 checkfdleak 8
48
49 cp rootdir/tmp/testsuccess.output terminal.output
50 tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log
51 testfileequal 'terminal.log' "$(cat terminal.output)"
52
53 testequal "startup archives unpack
54 install $PKGNAME <none> 1.0
55 status half-installed $PKGNAME 1.0
56 status unpacked $PKGNAME 1.0
57 status unpacked $PKGNAME 1.0
58 startup packages configure
59 configure $PKGNAME 1.0 <none>
60 status unpacked $PKGNAME 1.0
61 status half-configured $PKGNAME 1.0
62 status installed $PKGNAME 1.0" cut -f 3- -d' ' rootdir/var/log/dpkg.log
63 }
64 checkinstall
65
66 rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log
67 testsuccess aptget purge -y fdleaks -qq
68 checkpurge() {
69 checkfdleak 12
70
71 cp rootdir/tmp/testsuccess.output terminal.output
72 tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log
73 testfileequal 'terminal.log' "$(cat terminal.output)"
74
75 testequal "startup packages purge
76 status installed $PKGNAME 1.0
77 remove $PKGNAME 1.0 <none>
78 status half-configured $PKGNAME 1.0
79 status half-installed $PKGNAME 1.0
80 status config-files $PKGNAME 1.0
81 purge $PKGNAME 1.0 <none>
82 status config-files $PKGNAME 1.0
83 status config-files $PKGNAME 1.0
84 status config-files $PKGNAME 1.0
85 status config-files $PKGNAME 1.0
86 status config-files $PKGNAME 1.0
87 status not-installed $PKGNAME <none>
88 startup packages configure" cut -f 3- -d' ' rootdir/var/log/dpkg.log
89 }
90 checkpurge
91
92 msgtest 'setsid provided is new enough to support' '-w'
93 if dpkg-checkbuilddeps -d 'util-linux (>= 2.24.2-1)' /dev/null >/dev/null 2>&1; then
94 msgpass
95 else
96 msgskip "$(command dpkg -l util-linux)"
97 exit
98 fi
99
100 rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log
101 testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" install -y fdleaks -qq < /dev/null
102 checkinstall
103
104 rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log
105 testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" purge -y fdleaks -qq
106 checkpurge
107
108 touch rootdir/tmp/read_stdin
109
110 rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log
111 for i in $(seq 1 10); do echo "$i"; done | testsuccess aptget install -y fdleaks -qq
112 checkinstall
113 testequal '2' grep -c '^STDIN: ' rootdir/var/log/apt/term.log
114
115 rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log
116 yes '' | testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" purge -y fdleaks -qq
117 checkpurge
118 testequal '3' grep -c '^STDIN: ' rootdir/var/log/apt/term.log
APT (for Cydia)