]> git.saurik.com Git - apt.git/blobdiff - test/integration/framework
projects / apt.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
don't drop privileges if _apt has not enough rights
[apt.git] / test / integration / framework
diff --git a/test/integration/framework b/test/integration/framework
index e83606fae22a93c5c6a3039ac395157608936619..96b867788db9fffb71b98ca449d20d3d6fa05489 100644 (file)
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -47,6 +47,9 @@ msgskip() { printf "${CWARNING}SKIP${CNORMAL}\n" >&2; }
 msgfail() {
        if [ $# -gt 0 ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2;
        else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi
+        if [ -n "$APT_DEBUG_TESTS" ]; then
+            bash
+        fi
        EXIT_CODE=$((EXIT_CODE+1));
 }
 
@@ -164,9 +167,10 @@ addtrap() {
 
 setupenvironment() {
        TMPWORKINGDIRECTORY=$(mktemp -d)
-       TESTDIRECTORY=$(readlink -f $(dirname $0))
+       addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
        msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… "
 
+       TESTDIRECTORY=$(readlink -f $(dirname $0))
         # allow overriding the default BUILDDIR location
        BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"}
        LIBRARYPATH=${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}"}
@@ -177,7 +181,6 @@ setupenvironment() {
        test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first"
         # -----
 
-       addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
        cd $TMPWORKINGDIRECTORY
        mkdir rootdir aptarchive keys
        cd rootdir
@@ -210,7 +213,9 @@ setupenvironment() {
                cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources
        fi
        cp $(find $TESTDIRECTORY -name '*.pub' -o -name '*.sec') keys/
+       chmod 644 $(find keys -name '*.pub' -o -name '*.sec')
        ln -s ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+
        echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf
        echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf
        echo "Debug::NoLocking \"true\";" >> aptconfig.conf
@@ -228,10 +233,20 @@ setupenvironment() {
        echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf
        echo 'quiet::NoUpdate "true";' >> aptconfig.conf
        echo 'quiet::NoStatistic "true";' >> aptconfig.conf
+       # too distracting for users, but helpful to detect changes
+       echo 'Acquire::Progress::Ignore::ShowErrorText "true";' >> aptconfig.conf
+       # in testcases, it can appear as if localhost has a rotation setup,
+       # hide this as we can't really deal with it properly
+       echo 'Acquire::Failure::ShowIP "false";' >> aptconfig.conf
+
        echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https
-        echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
+       echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
        configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
 
+        # Acquire::AllowInsecureRepositories=false is not yet the default
+        # but we want it to be the default soon
+        configallowinsecurerepositories "false";
+
        # cleanup the environment a bit
         # prefer our apt binaries over the system apt binaries
        export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
@@ -306,6 +321,11 @@ configdpkg() {
        fi
 }
 
+configallowinsecurerepositories() {
+    echo "Acquire::AllowInsecureRepositories \"$1\";" >  rootdir/etc/apt/apt.conf.d/allow-insecure-repositories.conf
+
+}
+
 configcompression() {
        while [ -n "$1" ]; do
                case "$1" in
@@ -714,7 +734,7 @@ buildaptarchivefromincoming() {
        aptftparchive -qq generate ftparchive.conf
        cd - > /dev/null
        msgdone "info"
-       generatereleasefiles
+       generatereleasefiles "$@"
 }
 
 buildaptarchivefromfiles() {
@@ -829,22 +849,26 @@ setupflataptarchive() {
 }
 
 setupaptarchive() {
-       buildaptarchive
+       local NOUPDATE=0
+       if [ "$1" = '--no-update' ]; then
+               NOUPDATE=1
+               shift
+       fi
+       buildaptarchive "$@"
        if [ -e aptarchive/dists ]; then
                setupdistsaptarchive
        else
                setupflataptarchive
        fi
-       signreleasefiles
-       if [ "$1" != '--no-update' ]; then
-               msgninfo "\tSync APT's cache with the archive… "
-               aptget update -qq
-               msgdone "info"
+       signreleasefiles 'Joe Sixpack'
+       if [ "1" != "$NOUPDATE" ]; then
+               testsuccess aptget update -o Debug::pkgAcquire::Worker=true -o Debug::Acquire::gpgv=true
        fi
 }
 
 signreleasefiles() {
        local SIGNER="${1:-Joe Sixpack}"
+       local REPODIR="${2:-aptarchive}"
        local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
        local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
        msgninfo "\tSign archive with $SIGNER key $KEY… "
@@ -871,7 +895,7 @@ signreleasefiles() {
                        cp ${REXKEY}.pub $PUBUNEXPIRED
                fi
        fi
-       for RELEASE in $(find aptarchive/ -name Release); do
+       for RELEASE in $(find ${REPODIR}/ -name Release); do
                $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE}
                local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
                $GPG --default-key "$SIGNER" --clearsign --output $INRELEASE $RELEASE
@@ -1153,9 +1177,10 @@ testsuccess() {
        if $@ >${OUTPUT} 2>&1; then
                msgpass
        else
+               local EXITCODE=$?
                echo >&2
                cat >&2 $OUTPUT
-               msgfail
+               msgfail "exitcode $EXITCODE"
        fi
 }
 
@@ -1167,14 +1192,28 @@ testfailure() {
        fi
        local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testfailure.output"
        if $@ >${OUTPUT} 2>&1; then
+               local EXITCODE=$?
                echo >&2
                cat >&2 $OUTPUT
-               msgfail
+               msgfail "exitcode $EXITCODE"
        else
                msgpass
        fi
 }
 
+testaccessrights() {
+       msgtest "Test that file $1 has access rights set to" "$2"
+       if [ "$2" = "$(stat --format '%a' "$1")" ]; then
+               msgpass
+       else
+               echo >&2
+               ls -l >&2 "$1"
+               echo -n >&2 "stat(1) reports access rights: "
+               stat --format '%a' "$1"
+               msgfail
+       fi
+}
+
 testwebserverlaststatuscode() {
        local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log'
        local STATUS='rootdir/tmp/webserverstatus-statusfile.log'
APT (for Cydia)