]> git.saurik.com Git - apt.git/blobdiff - test/integration/framework
test if TMPDIR is accessible before using
[apt.git] / test / integration / framework
index bf6fa0218f132112406bbbc3141dad09615b4edb..d576712e511f047443353db2101d347625ec396a 100644 (file)
@@ -4,7 +4,7 @@ EXIT_CODE=0
 
 # we all like colorful messages
 if [ "$MSGCOLOR" != 'NO' ]; then
-       if ! expr match "$(readlink -f /proc/$$/fd/1)" '/dev/pts/[0-9]\+' > /dev/null; then
+       if [ ! -t 1 ]; then # but check that we output to a terminal
                export MSGCOLOR='NO'
        fi
 fi
@@ -23,30 +23,43 @@ if [ "$MSGCOLOR" != 'NO' ]; then
        CCMD="\033[1;35m" # pink
 fi
 
-msgdie() { echo "${CERROR}E: $1${CNORMAL}" >&2; exit 1; }
-msgwarn() { echo "${CWARNING}W: $1${CNORMAL}" >&2; }
-msgmsg() { echo "${CMSG}$1${CNORMAL}"; }
-msginfo() { echo "${CINFO}I: $1${CNORMAL}"; }
-msgdebug() { echo "${CDEBUG}D: $1${CNORMAL}"; }
-msgdone() { echo "${CDONE}DONE${CNORMAL}"; }
-msgnwarn() { echo -n "${CWARNING}W: $1${CNORMAL}" >&2; }
-msgnmsg() { echo -n "${CMSG}$1${CNORMAL}"; }
-msgninfo() { echo -n "${CINFO}I: $1${CNORMAL}"; }
-msgndebug() { echo -n "${CDEBUG}D: $1${CNORMAL}"; }
-msgtest() {
-       while [ -n "$1" ]; do
-               echo -n "${CINFO}$1${CCMD} "
-               echo -n "$(echo "$2" | sed -e 's/^aptc/apt-c/' -e 's/^aptg/apt-g/' -e 's/^aptf/apt-f/')${CINFO} "
+msgprintf() {
+       local START="$1"
+       local MIDDLE="$2"
+       local END="$3"
+       shift 3
+       if [ -n "$1" ]; then
+               printf "$START " "$1"
                shift
-               if [ -n "$1" ]; then shift; else break; fi
-       done
-       echo -n "…${CNORMAL} "
+               while [ -n "$1" ]; do
+                       printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cgfs]\)#apt-\1#')"
+                       shift
+               done
+       fi
+       printf "${END}"
+}
+msgdie() { msgprintf "${CERROR}E: %s" '%s' "${CNORMAL}\n" "$@" >&2; exit 1; }
+msgwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}\n" "$@" >&2; }
+msgmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}\n" "$@"; }
+msginfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdone() { msgprintf "${CDONE}DONE" '%s' "${CNORMAL}\n" "$@"; }
+msgnwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}" "$@" >&2; }
+msgnmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}" "$@"; }
+msgninfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}" "$@"; }
+msgndebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}" "$@"; }
+msgtest() { msgprintf "${CINFO}%s" "${CCMD}%s${CINFO}" "…${CNORMAL} " "$@"; }
+msgpass() { printf "${CPASS}PASS${CNORMAL}\n"; }
+msgskip() {
+       if [ $# -gt 0 ]; then printf "${CWARNING}SKIP: $*${CNORMAL}\n" >&2;
+       else printf "${CWARNING}SKIP${CNORMAL}\n" >&2; fi
 }
-msgpass() { echo "${CPASS}PASS${CNORMAL}"; }
-msgskip() { echo "${CWARNING}SKIP${CNORMAL}" >&2; }
 msgfail() {
-       if [ $# -gt 0 ]; then echo "${CFAIL}FAIL: $*${CNORMAL}" >&2;
-       else echo "${CFAIL}FAIL${CNORMAL}" >&2; fi
+       if [ $# -gt 0 ]; then printf "${CFAIL}FAIL: $*${CNORMAL}\n" >&2;
+       else printf "${CFAIL}FAIL${CNORMAL}\n" >&2; fi
+        if [ -n "$APT_DEBUG_TESTS" ]; then
+            bash
+        fi
        EXIT_CODE=$((EXIT_CODE+1));
 }
 
@@ -63,12 +76,12 @@ if [ $MSGLEVEL -le 2 ]; then
        msgmsg() { true; }
        msgnmsg() { true; }
        msgtest() { true; }
-       msgpass() { echo -n " ${CPASS}P${CNORMAL}"; }
-       msgskip() { echo -n " ${CWARNING}S${CNORMAL}" >&2; }
+       msgpass() { printf " ${CPASS}P${CNORMAL}"; }
+       msgskip() { printf " ${CWARNING}S${CNORMAL}" >&2; }
        if [ -n "$CFAIL" ]; then
-               msgfail() { echo -n " ${CFAIL}FAIL${CNORMAL}" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
+               msgfail() { printf " ${CFAIL}FAIL${CNORMAL}" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
        else
-               msgfail() { echo -n " ###FAILED###" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
+               msgfail() { printf " ###FAILED###" >&2; EXIT_CODE=$((EXIT_CODE+1)); }
        fi
 fi
 if [ $MSGLEVEL -le 3 ]; then
@@ -87,21 +100,25 @@ msgdone() {
           [ "$1" = "die" -a $MSGLEVEL -le 0 ]; then
                true;
        else
-               echo "${CDONE}DONE${CNORMAL}";
+               printf "${CDONE}DONE${CNORMAL}\n";
        fi
 }
-
+getaptconfig() {
+       if [ -f ./aptconfig.conf ]; then
+            echo "./aptconfig.conf"
+       elif [ -f ../aptconfig.conf ]; then
+            echo "../aptconfig.conf"
+        fi
+}
 runapt() {
        msgdebug "Executing: ${CCMD}$*${CDEBUG} "
        local CMD="$1"
        shift
-       if [ -f ./aptconfig.conf ]; then
-               MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/$CMD "$@"
-       elif [ -f ../aptconfig.conf ]; then
-               MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG=../aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/$CMD "$@"
-       else
-               MALLOC_PERTURB_=21 MALLOC_CHECK_=2 LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/$CMD "$@"
-       fi
+       case $CMD in
+       sh|aptitude|*/*|command) ;;
+       *) CMD="${BUILDDIRECTORY}/$CMD";;
+       esac
+       MALLOC_PERTURB_=21 MALLOC_CHECK_=2 APT_CONFIG="$(getaptconfig)" LD_LIBRARY_PATH=${LIBRARYPATH} $CMD "$@"
 }
 aptconfig() { runapt apt-config "$@"; }
 aptcache() { runapt apt-cache "$@"; }
@@ -110,41 +127,24 @@ aptget() { runapt apt-get "$@"; }
 aptftparchive() { runapt apt-ftparchive "$@"; }
 aptkey() { runapt apt-key "$@"; }
 aptmark() { runapt apt-mark "$@"; }
+aptsortpkgs() { runapt apt-sortpkgs "$@"; }
 apt() { runapt apt "$@"; }
-apthelper() { 
-  LD_LIBRARY_PATH=${APTHELPERBINDIR} ${APTHELPERBINDIR}/apt-helper "$@";
-}
-aptwebserver() {
-  LD_LIBRARY_PATH=${APTWEBSERVERBINDIR} ${APTWEBSERVERBINDIR}/aptwebserver "$@";
-}
+apthelper() { runapt "${APTHELPERBINDIR}/apt-helper" "$@"; }
+aptwebserver() { runapt "${APTWEBSERVERBINDIR}/aptwebserver" "$@"; }
+aptitude() { runapt aptitude "$@"; }
+aptextracttemplates() { runapt apt-extracttemplates "$@"; }
+aptinternalsolver() { runapt "${APTINTERNALSOLVER}" "$@"; }
+
 dpkg() {
        command dpkg --root=${TMPWORKINGDIRECTORY}/rootdir --force-not-root --force-bad-path --log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log "$@"
 }
 dpkgcheckbuilddeps() {
        command dpkg-checkbuilddeps --admindir=${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg "$@"
 }
-aptitude() {
-       if [ -f ./aptconfig.conf ]; then
-               APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY}  command aptitude "$@"
-       elif [ -f ../aptconfig.conf ]; then
-               APT_CONFIG=../aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} command aptitude "$@"
-       else
-               LD_LIBRARY_PATH=${BUILDDIRECTORY}  command aptitude "$@"
-       fi
-}
 gdb() {
-       echo "gdb: run »$*«"
-       APT_CONFIG=aptconfig.conf LD_LIBRARY_PATH=${BUILDDIRECTORY} command gdb ${BUILDDIRECTORY}/$1 --args "$@"
-}
-http() {
-       LD_LIBRARY_PATH=${BUILDDIRECTORY} ${BUILDDIRECTORY}/methods/http
-}
-gpg() {
-       # see apt-key for the whole trickery. Setup is done in setupenvironment
-       command gpg --ignore-time-conflict --no-options --no-default-keyring \
-               --homedir "${TMPWORKINGDIRECTORY}/gnupghome" \
-               --no-auto-check-trustdb --trust-model always \
-               "$@"
+       local CMD="$1"
+       shift
+       runapt command gdb --quiet -ex run "${BUILDDIRECTORY}/$CMD" --args "${BUILDDIRECTORY}/$CMD" "$@"
 }
 
 exitwithstatus() {
@@ -159,7 +159,7 @@ exitwithstatus() {
 shellsetedetector() {
        local exit_status=$?
        if [ "$exit_status" != '0' ]; then
-               echo >&2 "${CERROR}E: Looks like the testcases ended prematurely with exitcode: ${exit_status}${CNORMAL}"
+               printf >&2 "${CERROR}E: Looks like the testcases ended prematurely with exitcode: ${exit_status}${CNORMAL}\n"
                if [ "$EXIT_CODE" = '0' ]; then
                        EXIT_CODE="$exit_status"
                fi
@@ -176,28 +176,53 @@ addtrap() {
 }
 
 setupenvironment() {
+       # privilege dropping and testing doesn't work if /tmp isn't world-writeable (as e.g. with libpam-tmpdir)
+       if [ -n "$TMPDIR" ] && [ "$(id -u)" = '0' ] && [ "$(stat --format '%a' "$TMPDIR")" != '1777' ]; then
+               unset TMPDIR
+       fi
        TMPWORKINGDIRECTORY=$(mktemp -d)
-       TESTDIRECTORY=$(readlink -f $(dirname $0))
+       addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
        msgninfo "Preparing environment for ${CCMD}$(basename $0)${CINFO} in ${TMPWORKINGDIRECTORY}… "
 
+       if [ "$(id -u)" = '0' ]; then
+               # relax permissions so that running as root with user switching works
+               umask 022
+               chmod o+rx "$TMPWORKINGDIRECTORY"
+       fi
+
+       TESTDIRECTORY=$(readlink -f $(dirname $0))
         # allow overriding the default BUILDDIR location
        BUILDDIRECTORY=${APT_INTEGRATION_TESTS_BUILD_DIR:-"${TESTDIRECTORY}/../../build/bin"}
+       LIBRARYPATH=${APT_INTEGRATION_TESTS_LIBRARY_PATH:-"${BUILDDIRECTORY}"}
         METHODSDIR=${APT_INTEGRATION_TESTS_METHODS_DIR:-"${BUILDDIRECTORY}/methods"}
         APTHELPERBINDIR=${APT_INTEGRATION_TESTS_LIBEXEC_DIR:-"${BUILDDIRECTORY}"}
         APTWEBSERVERBINDIR=${APT_INTEGRATION_TESTS_WEBSERVER_BIN_DIR:-"${BUILDDIRECTORY}"}
+        APTINTERNALSOLVER=${APT_INTEGRATION_TESTS_INTERNAL_SOLVER:-"${BUILDDIRECTORY}/apt-internal-solver"}
        test -x "${BUILDDIRECTORY}/apt-get" || msgdie "You need to build tree first"
         # -----
 
-       addtrap "cd /; rm -rf $TMPWORKINGDIRECTORY;"
        cd $TMPWORKINGDIRECTORY
        mkdir rootdir aptarchive keys
        cd rootdir
        mkdir -p etc/apt/apt.conf.d etc/apt/sources.list.d etc/apt/trusted.gpg.d etc/apt/preferences.d
-       mkdir -p var/cache var/lib var/log tmp
+       mkdir -p usr/bin var/cache var/lib/apt var/log tmp
        mkdir -p var/lib/dpkg/info var/lib/dpkg/updates var/lib/dpkg/triggers
        touch var/lib/dpkg/available
        mkdir -p usr/lib/apt
        ln -s ${METHODSDIR} usr/lib/apt/methods
+       if [ "$BUILDDIRECTORY" = "$LIBRARYPATH" ]; then
+               mkdir -p usr/lib/apt/solvers
+               ln -s "${BUILDDIRECTORY}/apt-dump-solver" usr/lib/apt/solvers/dump
+               ln -s "${BUILDDIRECTORY}/apt-internal-solver" usr/lib/apt/solvers/apt
+               echo "Dir::Bin::Solvers \"${TMPWORKINGDIRECTORY}/rootdir/usr/lib/apt/solvers\";" > etc/apt/apt.conf.d/externalsolver.conf
+       fi
+        # use the autoremove from the BUILDDIRECTORY if its there, otherwise
+        # system
+        if [ -e ${BUILDDIRECTORY}/../../debian/apt.conf.autoremove ]; then
+           ln -s ${BUILDDIRECTORY}/../../debian/apt.conf.autoremove etc/apt/apt.conf.d/01autoremove
+        else
+           ln -s /etc/apt/apt.conf.d/01autoremove etc/apt/apt.conf.d/01autoremove
+        fi
        cd ..
        local PACKAGESFILE=$(echo "$(basename $0)" | sed -e 's/^test-/Packages-/' -e 's/^skip-/Packages-/')
        if [ -f "${TESTDIRECTORY}/${PACKAGESFILE}" ]; then
@@ -208,12 +233,23 @@ setupenvironment() {
                cp "${TESTDIRECTORY}/${SOURCESSFILE}" aptarchive/Sources
        fi
        cp $(find $TESTDIRECTORY -name '*.pub' -o -name '*.sec') keys/
+       chmod 644 $(find keys -name '*.pub' -o -name '*.sec')
        ln -s ${TMPWORKINGDIRECTORY}/keys/joesixpack.pub rootdir/etc/apt/trusted.gpg.d/joesixpack.gpg
+
        echo "Dir \"${TMPWORKINGDIRECTORY}/rootdir\";" > aptconfig.conf
        echo "Dir::state::status \"${TMPWORKINGDIRECTORY}/rootdir/var/lib/dpkg/status\";" >> aptconfig.conf
        echo "Debug::NoLocking \"true\";" >> aptconfig.conf
        echo "APT::Get::Show-User-Simulation-Note \"false\";" >> aptconfig.conf
        echo "Dir::Bin::Methods \"${METHODSDIR}\";" >> aptconfig.conf
+       # store apt-key were we can access it, even if we run it as a different user
+       # destroys coverage reporting though, so just do it for root for now
+       if [ "$(id -u)" = '0' ]; then
+               cp "${BUILDDIRECTORY}/apt-key" "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/"
+               chmod o+rx "${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key"
+               echo "Dir::Bin::apt-key \"${TMPWORKINGDIRECTORY}/rootdir/usr/bin/apt-key\";" >> aptconfig.conf
+       else
+               echo "Dir::Bin::apt-key \"${BUILDDIRECTORY}/apt-key\";" >> aptconfig.conf
+       fi
        echo "Dir::Bin::dpkg \"fakeroot\";" >> aptconfig.conf
        echo "DPKG::options:: \"dpkg\";" >> aptconfig.conf
        echo "DPKG::options:: \"--root=${TMPWORKINGDIRECTORY}/rootdir\";" >> aptconfig.conf
@@ -224,27 +260,30 @@ setupenvironment() {
        fi
        echo "DPKG::options:: \"--log=${TMPWORKINGDIRECTORY}/rootdir/var/log/dpkg.log\";" >> aptconfig.conf
        echo 'quiet::NoUpdate "true";' >> aptconfig.conf
-       echo "Acquire::https::CaInfo \"${TESTDIR}/apt.pem\";" > rootdir/etc/apt/apt.conf.d/99https
-        echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
+       echo 'quiet::NoStatistic "true";' >> aptconfig.conf
+       # too distracting for users, but helpful to detect changes
+       echo 'Acquire::Progress::Ignore::ShowErrorText "true";' >> aptconfig.conf
+       # in testcases, it can appear as if localhost has a rotation setup,
+       # hide this as we can't really deal with it properly
+       echo 'Acquire::Failure::ShowIP "false";' >> aptconfig.conf
+
+       cp "${TESTDIRECTORY}/apt.pem" "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
+       if [ "$(id -u)" = '0' ]; then
+               chown _apt:root "${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem"
+       fi
+       echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
+       echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
        configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
 
-       # gpg needs a trustdb to function, but it can't be invalid (not even empty)
-       # see also apt-key where this trickery comes from:
-       local TRUSTDBDIR="${TMPWORKINGDIRECTORY}/gnupghome"
-       mkdir "$TRUSTDBDIR"
-       chmod 700 "$TRUSTDBDIR"
-       # We also don't use a secret keyring, of course, but gpg panics and
-       # implodes if there isn't one available - and writeable for imports
-       local SECRETKEYRING="${TRUSTDBDIR}/secring.gpg"
-       touch $SECRETKEYRING
-       # now create the trustdb with an (empty) dummy keyring
-       # newer gpg versions are fine without it, but play it safe for now
-       gpg --quiet --check-trustdb --secret-keyring $SECRETKEYRING --keyring $SECRETKEYRING >/dev/null 2>&1
+        # Acquire::AllowInsecureRepositories=false is not yet the default
+        # but we want it to be the default soon
+        configallowinsecurerepositories "false";
 
        # cleanup the environment a bit
-       export PATH="${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
+        # prefer our apt binaries over the system apt binaries
+       export PATH="${BUILDDIRECTORY}:${PATH}:/usr/local/sbin:/usr/sbin:/sbin"
        export LC_ALL=C.UTF-8
-       unset LANGUAGE
+       unset LANGUAGE APT_CONFIG
        unset GREP_OPTIONS DEB_BUILD_PROFILES
 
        msgdone "info"
@@ -267,6 +306,10 @@ getarchitectures() {
        echo "$(aptconfig dump | grep APT::Architecture | cut -d'"' -f 2 | sed '/^$/ d' | sort | uniq | tr '\n' ' ')"
 }
 
+getarchitecturesfromcommalist() {
+       echo "$1" | sed -e 's#,#\n#g' | sed -e "s/^native\$/$(getarchitecture 'native')/"
+}
+
 configarchitecture() {
        {
                echo "APT::Architecture \"$(getarchitecture $1)\";"
@@ -310,20 +353,55 @@ configdpkg() {
        fi
 }
 
+configallowinsecurerepositories() {
+    echo "Acquire::AllowInsecureRepositories \"$1\";" >  rootdir/etc/apt/apt.conf.d/allow-insecure-repositories.conf
+
+}
+
 configcompression() {
        while [ -n "$1" ]; do
                case "$1" in
-               '.') echo ".\t.\tcat";;
-               'gz') echo "gzip\tgz\tgzip";;
-               'bz2') echo "bzip2\tbz2\tbzip2";;
-               'lzma') echo "lzma\tlzma\txz --format=lzma";;
-               'xz') echo "xz\txz\txz";;
-               *) echo "$1\t$1\t$1";;
+               '.') printf ".\t.\tcat\n";;
+               'gz') printf "gzip\tgz\tgzip\n";;
+               'bz2') printf "bzip2\tbz2\tbzip2\n";;
+               'lzma') printf "lzma\tlzma\txz --format=lzma\n";;
+               'xz') printf "xz\txz\txz\n";;
+               *) printf "$1\t$1\t$1\n";;
                esac
                shift
        done > ${TMPWORKINGDIRECTORY}/rootdir/etc/testcase-compressor.conf
 }
 
+forcecompressor() {
+       COMPRESSOR="$1"
+       COMPRESSOR_CMD="$1"
+       case $COMPRESSOR in
+       gzip) COMPRESS='gz';;
+       bzip2) COMPRESS='bz2';;
+       lzma) COMPRESS='lzma';;
+       xz) COMPRESS='xz';;
+       *) msgdie "Compressor $COMPRESSOR is unknown to framework, so can't be forced by forcecompressor!";;
+       esac
+       local CONFFILE="${TMPWORKINGDIRECTORY}/rootdir/etc/apt/apt.conf.d/00force-compressor"
+       echo "Acquire::CompressionTypes::Order { \"${COMPRESS}\"; };
+Dir::Bin::uncompressed \"/does/not/exist\";
+Dir::Bin::gzip \"/does/not/exist\";
+Dir::Bin::bzip2 \"/does/not/exist\";
+Dir::Bin::lzma \"/does/not/exist\";
+Dir::Bin::xz \"/does/not/exist\";" > "$CONFFILE"
+       if [ -e "/bin/${COMPRESSOR}" ]; then
+               echo "Dir::Bin::${COMPRESSOR} \"/bin/${COMPRESSOR}\";" >> "$CONFFILE"
+       elif [ -e "/usr/bin/${COMPRESSOR}" ]; then
+               echo "Dir::Bin::${COMPRESSOR} \"/usr/bin/${COMPRESSOR}\";" >> "$CONFFILE"
+       elif [ "${COMPRESSOR}" = 'lzma' ]; then
+               echo 'Dir::Bin::xz "/usr/bin/xz";' >> "$CONFFILE"
+               COMPRESSOR_CMD='xz --format=lzma'
+       else
+               msgtest 'Test for availability of compressor' "${COMPRESSOR}"
+               msgfail
+       fi
+}
+
 setupsimplenativepackage() {
        local NAME="$1"
        local ARCH="$2"
@@ -433,14 +511,14 @@ Package: $NAME" >> ${BUILDDIR}/debian/control
                | while read SRC; do
                echo "pool/${SRC}" >> ${BUILDDIR}/../${RELEASE}.${DISTSECTION}.srclist
 #              if expr match "${SRC}" '.*\.dsc' >/dev/null 2>&1; then
-#                      gpg --yes --secret-keyring ./keys/joesixpack.sec \
-#                              --keyring ./keys/joesixpack.pub --default-key 'Joe Sixpack' \
+#                      aptkey --keyring ./keys/joesixpack.pub --secret-keyring ./keys/joesixpack.sec --quiet --readonly \
+#                              adv --yes --default-key 'Joe Sixpack' \
 #                              --clearsign -o "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #                      mv "${BUILDDIR}/../${SRC}.sign" "${BUILDDIR}/../$SRC"
 #              fi
        done
 
-       for arch in $(echo "$ARCH" | sed -e 's#,#\n#g' | sed -e "s#^native\$#$(getarchitecture 'native')#"); do
+       for arch in $(getarchitecturesfromcommalist "$ARCH"); do
                rm -rf ${BUILDDIR}/debian/tmp
                mkdir -p ${BUILDDIR}/debian/tmp/DEBIAN ${BUILDDIR}/debian/tmp/usr/share/doc/${NAME} ${BUILDDIR}/debian/tmp/usr/bin
                cp ${BUILDDIR}/debian/copyright ${BUILDDIR}/debian/changelog ${BUILDDIR}/FEATURES ${BUILDDIR}/debian/tmp/usr/share/doc/${NAME}
@@ -595,7 +673,7 @@ insertpackage() {
  something went horribly wrong! They are autogenerated
  und used only by testcases and surf no other propose…"}"
        local ARCHS=""
-       for arch in $(echo "$ARCH" | sed -e 's#,#\n#g' | sed -e "s#^native\$#$(getarchitecture 'native')#"); do
+       for arch in $(getarchitecturesfromcommalist "$ARCH"); do
                if [ "$arch" = 'all' -o "$arch" = 'none' ]; then
                        ARCHS="$(getarchitectures)"
                else
@@ -657,7 +735,7 @@ insertinstalledpackage() {
 
        local FILE='rootdir/var/lib/dpkg/status'
        local INFO='rootdir/var/lib/dpkg/info'
-       for arch in $(echo "$ARCH" | sed -e 's#,#\n#g' | sed -e "s#^native\$#$(getarchitecture 'native')#"); do
+       for arch in $(getarchitecturesfromcommalist "$ARCH"); do
                echo "Package: $NAME
 Status: $STATUS
 Priority: $PRIORITY
@@ -688,7 +766,7 @@ buildaptarchivefromincoming() {
        aptftparchive -qq generate ftparchive.conf
        cd - > /dev/null
        msgdone "info"
-       generatereleasefiles
+       generatereleasefiles "$@"
 }
 
 buildaptarchivefromfiles() {
@@ -803,24 +881,29 @@ setupflataptarchive() {
 }
 
 setupaptarchive() {
-       buildaptarchive
+       local NOUPDATE=0
+       if [ "$1" = '--no-update' ]; then
+               NOUPDATE=1
+               shift
+       fi
+       buildaptarchive "$@"
        if [ -e aptarchive/dists ]; then
                setupdistsaptarchive
        else
                setupflataptarchive
        fi
-       signreleasefiles
-       if [ "$1" != '--no-update' ]; then
-               msgninfo "\tSync APT's cache with the archive… "
-               aptget update -qq
-               msgdone "info"
+       signreleasefiles 'Joe Sixpack'
+       if [ "1" != "$NOUPDATE" ]; then
+               testsuccess aptget update -o Debug::pkgAcquire::Worker=true -o Debug::Acquire::gpgv=true
        fi
 }
 
 signreleasefiles() {
        local SIGNER="${1:-Joe Sixpack}"
-       local GPG="gpg --batch --yes"
-       msgninfo "\tSign archive with $SIGNER key… "
+       local REPODIR="${2:-aptarchive}"
+       local KEY="keys/$(echo "$SIGNER" | tr 'A-Z' 'a-z' | sed 's# ##g')"
+       local GPG="aptkey --quiet --keyring ${KEY}.pub --secret-keyring ${KEY}.sec --readonly adv --batch --yes"
+       msgninfo "\tSign archive with $SIGNER key $KEY… "
        local REXKEY='keys/rexexpired'
        local SECEXPIREBAK="${REXKEY}.sec.bak"
        local PUBEXPIREBAK="${REXKEY}.pub.bak"
@@ -836,18 +919,15 @@ signreleasefiles() {
                        cp $SECUNEXPIRED ${REXKEY}.sec
                        cp $PUBUNEXPIRED ${REXKEY}.pub
                else
-                       printf "expire\n1w\nsave\n" | $GPG --keyring ${REXKEY}.pub --secret-keyring ${REXKEY}.sec --command-fd 0 --edit-key "${SIGNER}" >/dev/null 2>&1 || true
+                       if ! printf "expire\n1w\nsave\n" | $GPG --default-key "$SIGNER" --command-fd 0 --edit-key "${SIGNER}" >setexpire.gpg 2>&1; then
+                               cat setexpire.gpg
+                               exit 1
+                       fi
                        cp ${REXKEY}.sec $SECUNEXPIRED
                        cp ${REXKEY}.pub $PUBUNEXPIRED
                fi
        fi
-       for KEY in $(find keys/ -name '*.sec'); do
-               GPG="$GPG --secret-keyring $KEY"
-       done
-       for KEY in $(find keys/ -name '*.pub'); do
-               GPG="$GPG --keyring $KEY"
-       done
-       for RELEASE in $(find aptarchive/ -name Release); do
+       for RELEASE in $(find ${REPODIR}/ -name Release); do
                $GPG --default-key "$SIGNER" --armor --detach-sign --sign --output ${RELEASE}.gpg ${RELEASE}
                local INRELEASE="$(echo "${RELEASE}" | sed 's#/Release$#/InRelease#')"
                $GPG --default-key "$SIGNER" --clearsign --output $INRELEASE $RELEASE
@@ -863,18 +943,16 @@ signreleasefiles() {
 
 webserverconfig() {
        msgtest "Set webserver config option '${1}' to" "$2"
-       downloadfile "http://localhost:8080/_config/set/${1}/${2}" '/dev/null' >/dev/null
-       local DOWNLOG='download-testfile.log'
-       rm -f "$DOWNLOG"
-       local STATUS="${TMPWORKINGDIRECTORY}/rootdir/tmp/webserverconfig.status"
-       downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG"
-       if [ "$(cat "$STATUS")" = '200' ]; then
+       local DOWNLOG='rootdir/tmp/download-testfile.log'
+       local STATUS='rootdir/tmp/webserverconfig.status'
+       rm -f "$STATUS" "$DOWNLOG"
+       if downloadfile "http://localhost:8080/_config/set/${1}/${2}" "$STATUS" > "$DOWNLOG"; then
                msgpass
        else
-               cat >&2 "$DOWNLOG"
-               msgfail "Statuscode was $(cat "$STATUS")"
+               cat "$DOWNLOG" "$STATUS"
+               msgfail
        fi
-       rm "$STATUS"
+       testwebserverlaststatuscode '200'
 }
 
 rewritesourceslist() {
@@ -884,6 +962,20 @@ rewritesourceslist() {
        done
 }
 
+# wait for up to 10s for a pid file to appear to avoid possible race
+# when a helper is started and dosn't write the PID quick enough
+waitforpidfile() {
+        local PIDFILE="$1"
+        for i in $(seq 10); do
+                if test -s "$PIDFILE"; then
+                        return 0
+                fi
+                sleep 1
+        done
+        msgdie "waiting for $PIDFILE failed"
+        return 1
+}
+
 changetowebserver() {
        if [ "$1" != '--no-rewrite' ]; then
                rewritesourceslist 'http://localhost:8080/'
@@ -897,6 +989,7 @@ changetowebserver() {
                        cat $LOG
                        false
                fi
+                waitforpidfile aptwebserver.pid
                local PID="$(cat aptwebserver.pid)"
                if [ -z "$PID" ]; then
                        msgdie 'Could not fork aptwebserver successfully'
@@ -916,7 +1009,7 @@ changetohttpswebserver() {
                changetowebserver --no-rewrite "$@"
        fi
        echo "pid = ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid
-cert = ${TESTDIRECTORY}/apt.pem
+cert = ${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem
 output = /dev/null
 
 [https]
@@ -924,7 +1017,11 @@ accept = 4433
 connect = 8080
 " > ${TMPWORKINGDIRECTORY}/stunnel.conf
        stunnel4 "${TMPWORKINGDIRECTORY}/stunnel.conf"
+        waitforpidfile "${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid"
        local PID="$(cat ${TMPWORKINGDIRECTORY}/aptarchive/stunnel.pid)"
+        if [ -z "$PID" ]; then
+               msgdie 'Could not fork stunnel4 successfully'
+       fi
        addtrap 'prefix' "kill ${PID};"
        rewritesourceslist 'https://localhost:4433/'
 }
@@ -952,10 +1049,9 @@ acquire::cdrom::autodetect 0;" > rootdir/etc/apt/apt.conf.d/00cdrom
 }
 
 downloadfile() {
-        PROTO="$(echo "$1" | cut -d':' -f 1)"
-        apthelper -o Acquire::https::CaInfo=${TESTDIR}/apt.pem \
-                  -o Debug::Acquire::${PROTO}=1 \
-                  download-file "$1" "$2" 2>&1
+       local PROTO="$(echo "$1" | cut -d':' -f 1 )"
+       apthelper -o Debug::Acquire::${PROTO}=1 \
+               download-file "$1" "$2" 2>&1 || true
        # only if the file exists the download was successful
        if [ -e "$2" ]; then
                return 0
@@ -967,8 +1063,8 @@ downloadfile() {
 checkdiff() {
        local DIFFTEXT="$(command diff -u "$@" | sed -e '/^---/ d' -e '/^+++/ d' -e '/^@@/ d')"
        if [ -n "$DIFFTEXT" ]; then
-               echo
-               echo "$DIFFTEXT"
+               echo >&2
+               echo >&2 "$DIFFTEXT"
                return 1
        else
                return 0
@@ -988,7 +1084,14 @@ testfileequal() {
 
 testempty() {
        msgtest "Test for no output of" "$*"
-       test -z "$($* 2>&1)" && msgpass || msgfail
+       local COMPAREFILE="${TMPWORKINGDIRECTORY}/rootdir/tmp/testempty.comparefile"
+       if "$@" >$COMPAREFILE 2>&1 && test ! -s $COMPAREFILE; then
+               msgpass
+       else
+               cat $COMPAREFILE
+               msgfail
+       fi
+       aptautotest 'testempty' "$@"
 }
 
 testequal() {
@@ -1005,7 +1108,8 @@ testequal() {
        if [ -n "$MSG" ]; then
                msgtest "$MSG" "$*"
        fi
-       $* 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail
+       "$@" 2>&1 | checkdiff $COMPAREFILE - && msgpass || msgfail
+       aptautotest 'testequal' "$@"
 }
 
 testequalor2() {
@@ -1016,8 +1120,10 @@ testequalor2() {
        echo "$2" > $COMPAREFILE2
        shift 2
        msgtest "Test for equality OR of" "$*"
-       $* >$COMPAREAGAINST 2>&1 || true
-       if checkdiff $COMPAREFILE1 $COMPAREAGAINST 1> /dev/null || checkdiff $COMPAREFILE2 $COMPAREAGAINST 1> /dev/null; then
+       "$@" >$COMPAREAGAINST 2>&1 || true
+       if checkdiff $COMPAREFILE1 $COMPAREAGAINST >/dev/null 2>&1 || \
+               checkdiff $COMPAREFILE2 $COMPAREAGAINST >/dev/null 2>&1
+       then
                msgpass
        else
                echo -n "\n${CINFO}Diff against OR 1${CNORMAL}"
@@ -1026,6 +1132,7 @@ testequalor2() {
                checkdiff $COMPAREFILE2 $COMPAREAGAINST || true
                msgfail
        fi
+       aptautotest 'testequalor2' "$@"
 }
 
 testshowvirtual() {
@@ -1051,24 +1158,24 @@ testnopackage() {
        msgtest "Test for non-existent packages" "apt-cache show $*"
        local SHOWPKG="$(aptcache show "$@" 2>&1 | grep '^Package: ')"
        if [ -n "$SHOWPKG" ]; then
-               echo
-               echo "$SHOWPKG"
+               echo >&2
+               echo >&2 "$SHOWPKG"
                msgfail
-               return 1
+       else
+               msgpass
        fi
-       msgpass
 }
 
 testdpkginstalled() {
        msgtest "Test for correctly installed package(s) with" "dpkg -l $*"
        local PKGS="$(dpkg -l "$@" 2>/dev/null | grep '^i' | wc -l)"
        if [ "$PKGS" != $# ]; then
-               echo $PKGS
-               dpkg -l "$@" | grep '^[a-z]'
+               echo >&2 $PKGS
+               dpkg -l "$@" | grep '^[a-z]' >&2
                msgfail
-               return 1
+       else
+               msgpass
        fi
-       msgpass
 }
 
 testdpkgnotinstalled() {
@@ -1076,11 +1183,11 @@ testdpkgnotinstalled() {
        local PKGS="$(dpkg -l "$@" 2> /dev/null | grep '^i' | wc -l)"
        if [ "$PKGS" != 0 ]; then
                echo
-               dpkg -l "$@" | grep '^[a-z]'
+               dpkg -l "$@" | grep '^[a-z]' >&2
                msgfail
-               return 1
+       else
+               msgpass
        fi
-       msgpass
 }
 
 testmarkedauto() {
@@ -1102,15 +1209,57 @@ testsuccess() {
                msgtest 'Test for successful execution of' "$*"
        fi
        local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output"
-       if $@ >${OUTPUT} 2>&1; then
-               msgpass
+       if "$@" >${OUTPUT} 2>&1; then
+               if expr match "$1" '^apt.*' >/dev/null; then
+                       if grep -q -E '^[WE]: ' "$OUTPUT"; then
+                               echo >&2
+                               cat >&2 $OUTPUT
+                               msgfail 'successful run, but output contains warnings/errors'
+                       else
+                               msgpass
+                       fi
+               else
+                       msgpass
+               fi
        else
-               echo
-               cat $OUTPUT
-               msgfail
+               local EXITCODE=$?
+               echo >&2
+               cat >&2 $OUTPUT
+               msgfail "exitcode $EXITCODE"
        fi
+       aptautotest 'testsuccess' "$@"
+}
+testwarning() {
+       if [ "$1" = '--nomsg' ]; then
+               shift
+       else
+               msgtest 'Test for successful execution with warnings of' "$*"
+       fi
+       local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testsuccess.output"
+       if "$@" >${OUTPUT} 2>&1; then
+               if expr match "$1" '^apt.*' >/dev/null; then
+                       if grep -q -E '^E: ' "$OUTPUT"; then
+                               echo >&2
+                               cat >&2 $OUTPUT
+                               msgfail 'successful run, but output contains errors'
+                       elif ! grep -q -E '^W: ' "$OUTPUT"; then
+                               echo >&2
+                               cat >&2 $OUTPUT
+                               msgfail 'successful run, but output contains no warnings'
+                       else
+                               msgpass
+                       fi
+               else
+                       msgpass
+               fi
+       else
+               local EXITCODE=$?
+               echo >&2
+               cat >&2 $OUTPUT
+               msgfail "exitcode $EXITCODE"
+       fi
+       aptautotest 'testwarning' "$@"
 }
-
 testfailure() {
        if [ "$1" = '--nomsg' ]; then
                shift
@@ -1118,12 +1267,62 @@ testfailure() {
                msgtest 'Test for failure in execution of' "$*"
        fi
        local OUTPUT="${TMPWORKINGDIRECTORY}/rootdir/tmp/testfailure.output"
-       if $@ >${OUTPUT} 2>&1; then
-               echo
-               cat $OUTPUT
-               msgfail
+       if "$@" >${OUTPUT} 2>&1; then
+               local EXITCODE=$?
+               echo >&2
+               cat >&2 $OUTPUT
+               msgfail "exitcode $EXITCODE"
        else
+               local EXITCODE=$?
+               if expr match "$1" '^apt.*' >/dev/null; then
+                       if ! grep -q -E '^E: ' "$OUTPUT"; then
+                               echo >&2
+                               cat >&2 $OUTPUT
+                               msgfail "run failed with exitcode ${EXITCODE}, but with no errors"
+                       else
+                               msgpass
+                       fi
+               else
+                       msgpass
+               fi
+       fi
+       aptautotest 'testfailure' "$@"
+}
+
+testfilestats() {
+       msgtest "Test that file $1 has $2 $3" "$4"
+       if [ "$4" "$3" "$(stat --format "$2" "$1")" ]; then
                msgpass
+       else
+               echo >&2
+               ls -l >&2 "$1"
+               echo -n >&2 "stat(1) reports for $2: "
+               stat --format "$2" "$1"
+               msgfail
+       fi
+}
+testaccessrights() {
+       testfilestats "$1" '%a' '=' "$2"
+}
+
+testwebserverlaststatuscode() {
+       local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log'
+       local STATUS='rootdir/tmp/webserverstatus-statusfile.log'
+       rm -f "$DOWNLOG" "$STATUS"
+       msgtest 'Test last status code from the webserver was' "$1"
+       downloadfile "http://localhost:8080/_config/find/aptwebserver::last-status-code" "$STATUS" > "$DOWNLOG"
+       if [ "$(cat "$STATUS")" = "$1" ]; then
+               msgpass
+       else
+               echo >&2
+               if [ -n "$2" ]; then
+                       shift
+                       echo >&2 '#### Additionally provided output files contain:'
+                       cat >&2 "$@"
+               fi
+               echo >&2 '#### Download log of the status code:'
+               cat >&2 "$DOWNLOG"
+               msgfail "Status was $(cat "$STATUS")"
        fi
 }
 
@@ -1132,3 +1331,43 @@ pause() {
        local IGNORE
        read IGNORE
 }
+
+listcurrentlistsdirectory() {
+       find rootdir/var/lib/apt/lists -maxdepth 1 -type d | while read line; do
+               stat --format '%U:%G:%a:%n' "$line"
+       done
+       find rootdir/var/lib/apt/lists -maxdepth 1 \! -type d | while read line; do
+               stat --format '%U:%G:%a:%s:%y:%n' "$line"
+       done
+}
+
+### The following tests are run by most test methods automatically to check
+### general things about commands executed without writing the test every time.
+
+aptautotest() {
+       local TESTCALL="$1"
+       local CMD="$2"
+       local FIRSTOPT="$3"
+       local AUTOTEST="aptautotest_$(basename "$CMD" | tr -d '-')_$(echo "$FIRSTOPT" | tr -d '-')"
+       if command -v $AUTOTEST >/dev/null; then
+               shift 3
+               # save and restore the *.output files from other tests
+               # as we might otherwise override them in these automatic tests
+               rm -rf rootdir/tmp-before
+               mv rootdir/tmp rootdir/tmp-before
+               mkdir rootdir/tmp
+               $AUTOTEST "$TESTCALL" "$@"
+               rm -rf rootdir/tmp-aptautotest
+               mv rootdir/tmp rootdir/tmp-aptautotest
+               mv rootdir/tmp-before rootdir/tmp
+       fi
+}
+
+aptautotest_aptget_update() {
+       if ! test -d "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists"; then return; fi
+       # all copied files are properly chmodded
+       find "${TMPWORKINGDIRECTORY}/rootdir/var/lib/apt/lists" -maxdepth 1 -type f | while read file; do
+               testfilestats "$file" '%U:%G:%a' '=' "${USER}:${USER}:644"
+       done
+}
+aptautotest_apt_update() { aptautotest_aptget_update "$@"; }