drop privileges in copy:// method as we do for file://

Continueing on the track of dropping privileges in all methods, lets
drop it in copy, too, as the reasoning for it is very similar to file
and the interaction between the too quiet interesting as copy kinda
surfed as a fallback for file not being able to read the file. Both now
show a better error message as well as it was previously claiming to
have a hashsum mismatch, given that it couldn't read the file.

Git-Dch: Ignore

diff --git a/apt-private/private-download.cc b/apt-private/private-download.cc
index dcb604f2a526a7cc39d21922592ad7f9da34a944..40312d0c8c76f10da3198163ff1973cf29642b9c 100644 (file)
--- a/apt-private/private-download.cc
+++ b/apt-private/private-download.cc
@@ -27,6 +27,7 @@
 #include <fcntl.h>
 #include <sys/vfs.h>
 #include <sys/statvfs.h>
 #include <fcntl.h>
 #include <sys/vfs.h>
 #include <sys/statvfs.h>

+#include <sys/stat.h>

 #include <errno.h>
 
 #include <apti18n.h>
 #include <errno.h>
 
 #include <apti18n.h>


@@ -224,6 +225,7 @@ bool DoDownload(CommandLine &CmdL)
         std::ifstream src((*I)->DestFile.c_str(), std::ios::binary);
         std::ofstream dst(filename.c_str(), std::ios::binary);
         dst << src.rdbuf();
         std::ifstream src((*I)->DestFile.c_str(), std::ios::binary);
         std::ofstream dst(filename.c_str(), std::ios::binary);
         dst << src.rdbuf();

+        chmod(filename.c_str(), 0644);

       }
    }
    return Failed == false;
       }
    }
    return Failed == false;

diff --git a/methods/aptmethod.h b/methods/aptmethod.h
new file mode 100644 (file)
index 0000000..61d7b78
--- /dev/null
+++ b/methods/aptmethod.h
@@ -0,0 +1,37 @@
+#ifndef APT_APTMETHOD_H
+#define APT_APTMETHOD_H
+
+#include <apt-pkg/acquire-method.h>
+
+#include <string>
+
+class aptMethod : public pkgAcqMethod
+{
+   char const * const Binary;
+   public:
+   virtual bool Configuration(std::string Message) APT_OVERRIDE;
+
+   bool CalculateHashes(FetchItem const * const Itm, FetchResult &Res) const;
+
+   aptMethod(char const * const Binary, char const * const Ver, unsigned long const Flags) : pkgAcqMethod(Ver, Flags), Binary(Binary) {};
+};
+bool aptMethod::Configuration(std::string Message)
+{
+   if (pkgAcqMethod::Configuration(Message) == false)
+      return false;
+
+   DropPrivsOrDie();
+
+   return true;
+}
+bool aptMethod::CalculateHashes(FetchItem const * const Itm, FetchResult &Res) const
+{
+   Hashes Hash(Itm->ExpectedHashes);
+   FileFd Fd;
+   if (Fd.Open(Res.Filename, FileFd::ReadOnly) == false || Hash.AddFD(Fd) == false)
+      return false;
+   Res.TakeHashes(Hash);
+   return true;
+}
+
+#endif

diff --git a/methods/copy.cc b/methods/copy.cc
index 373ad3604b7d8b9cfd29687563ae13866fd73258..e515b2def10e1eed04abd89709915703470ec684 100644 (file)
--- a/methods/copy.cc
+++ b/methods/copy.cc
@@ -17,6 +17,7 @@
 #include <apt-pkg/error.h>
 #include <apt-pkg/hashes.h>
 #include <apt-pkg/configuration.h>
 #include <apt-pkg/error.h>
 #include <apt-pkg/hashes.h>
 #include <apt-pkg/configuration.h>

+#include "aptmethod.h"

 
 #include <string>
 #include <sys/stat.h>
 
 #include <string>
 #include <sys/stat.h>


@@ -25,23 +26,14 @@
 #include <apti18n.h>
                                                                        /*}}}*/
 
 #include <apti18n.h>
                                                                        /*}}}*/
 

-class CopyMethod : public pkgAcqMethod
+class CopyMethod : public aptMethod

 {
    virtual bool Fetch(FetchItem *Itm) APT_OVERRIDE;
 {
    virtual bool Fetch(FetchItem *Itm) APT_OVERRIDE;

-   void CalculateHashes(FetchItem const * const Itm, FetchResult &Res);
-   
+

    public:
    public:

-   
-   CopyMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig) {};
-};

 
 

-void CopyMethod::CalculateHashes(FetchItem const * const Itm, FetchResult &Res)
-{
-   Hashes Hash(Itm->ExpectedHashes);
-   FileFd Fd(Res.Filename, FileFd::ReadOnly);
-   Hash.AddFD(Fd);
-   Res.TakeHashes(Hash);
-}
+   CopyMethod() : aptMethod("copy", "1.0",SingleInstance | SendConfig) {};
+};

 
 // CopyMethod::Fetch - Fetch a file                                    /*{{{*/
 // ---------------------------------------------------------------------
 
 // CopyMethod::Fetch - Fetch a file                                    /*{{{*/
 // ---------------------------------------------------------------------


@@ -76,12 +68,7 @@ bool CopyMethod::Fetch(FetchItem *Itm)
    FileFd From(File,FileFd::ReadOnly);
    FileFd To(Itm->DestFile,FileFd::WriteAtomic);
    To.EraseOnFailure();
    FileFd From(File,FileFd::ReadOnly);
    FileFd To(Itm->DestFile,FileFd::WriteAtomic);
    To.EraseOnFailure();

-   if (_error->PendingError() == true)
-   {
-      To.OpFail();
-      return false;
-   }
-   
+

    // Copy the file
    if (CopyFile(From,To) == false)
    {
    // Copy the file
    if (CopyFile(From,To) == false)
    {


@@ -101,7 +88,6 @@ bool CopyMethod::Fetch(FetchItem *Itm)
       return _error->Errno("utimes",_("Failed to set modification time"));
 
    CalculateHashes(Itm, Res);
       return _error->Errno("utimes",_("Failed to set modification time"));
 
    CalculateHashes(Itm, Res);

-

    URIDone(Res);
    return true;
 }
    URIDone(Res);
    return true;
 }

diff --git a/methods/file.cc b/methods/file.cc
index 8a087c36dc8b24bc9c9692b6db46cddf1929c66b..4e3410078fd734ec3eca282e4f61692f3a801733 100644 (file)
--- a/methods/file.cc
+++ b/methods/file.cc
@@ -21,6 +21,7 @@
 #include <apt-pkg/hashes.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/strutl.h>
 #include <apt-pkg/hashes.h>
 #include <apt-pkg/fileutl.h>
 #include <apt-pkg/strutl.h>

+#include "aptmethod.h"

 
 #include <string>
 #include <sys/stat.h>
 
 #include <string>
 #include <sys/stat.h>


@@ -28,24 +29,13 @@
 #include <apti18n.h>
                                                                        /*}}}*/
 
 #include <apti18n.h>
                                                                        /*}}}*/
 

-class FileMethod : public pkgAcqMethod
+class FileMethod : public aptMethod

 {
    virtual bool Fetch(FetchItem *Itm) APT_OVERRIDE;
 {
    virtual bool Fetch(FetchItem *Itm) APT_OVERRIDE;

-   virtual bool Configuration(std::string Message) APT_OVERRIDE;

 
    public:
 
    public:

-
-   FileMethod() : pkgAcqMethod("1.0",SingleInstance | SendConfig | LocalOnly) {};
+   FileMethod() : aptMethod("file", "1.0", SingleInstance | SendConfig | LocalOnly) {};

 };
 };

-bool FileMethod::Configuration(std::string Message)
-{
-   if (pkgAcqMethod::Configuration(Message) == false)
-      return false;
-
-   DropPrivsOrDie();
-
-   return true;
-}

 
 // FileMethod::Fetch - Fetch a file                                    /*{{{*/
 // ---------------------------------------------------------------------
 
 // FileMethod::Fetch - Fetch a file                                    /*{{{*/
 // ---------------------------------------------------------------------


@@ -78,6 +68,7 @@ bool FileMethod::Fetch(FetchItem *Itm)
    if (Res.IMSHit != true)
       RemoveFile("file", Itm->DestFile);
 
    if (Res.IMSHit != true)
       RemoveFile("file", Itm->DestFile);
 

+   int olderrno = 0;

    // See if the file exists
    if (stat(File.c_str(),&Buf) == 0)
    {
    // See if the file exists
    if (stat(File.c_str(),&Buf) == 0)
    {


@@ -92,11 +83,10 @@ bool FileMethod::Fetch(FetchItem *Itm)
            Res.IMSHit = true;
       }
 
            Res.IMSHit = true;
       }
 

-      Hashes Hash(Itm->ExpectedHashes);
-      FileFd Fd(File, FileFd::ReadOnly);
-      Hash.AddFD(Fd);
-      Res.TakeHashes(Hash);
+      CalculateHashes(Itm, Res);

    }
    }

+   else
+      olderrno = errno;

    if (Res.IMSHit == false)
       URIStart(Res);
 
    if (Res.IMSHit == false)
       URIStart(Res);
 


@@ -128,7 +118,10 @@ bool FileMethod::Fetch(FetchItem *Itm)
    else if (Res.Filename.empty() == false)
       URIDone(Res);
    else
    else if (Res.Filename.empty() == false)
       URIDone(Res);
    else

-      return _error->Error(_("File not found"));
+   {
+      errno = olderrno;
+      return _error->Errno(File.c_str(), _("File not found"));
+   }

 
    return true;
 }
 
    return true;
 }

diff --git a/test/integration/test-apt-get-download b/test/integration/test-apt-get-download
index 25c8b7761fb0560a5a8005b7ad74878113550ec0..5c42c7e3cd2cc2efba9b0b531e9593e4838cf9b1 100755 (executable)
--- a/test/integration/test-apt-get-download
+++ b/test/integration/test-apt-get-download
@@ -12,10 +12,9 @@ buildsimplenativepackage 'apt' 'all' '1.0' 'stable'
 buildsimplenativepackage 'apt' 'all' '2.0' 'unstable'
 insertinstalledpackage 'vrms' 'all' '1.0'
 
 buildsimplenativepackage 'apt' 'all' '2.0' 'unstable'
 insertinstalledpackage 'vrms' 'all' '1.0'
 

-OLD_UMASK="$(umask)"
+addtrap 'prefix' "umask $(umask);"

 umask 0027
 setupaptarchive --no-update
 umask 0027
 setupaptarchive --no-update

-umask "$OLD_UMASK"

 
 # directories should be readable by everyone
 find aptarchive/dists -type d | while read dir; do
 
 # directories should be readable by everyone
 find aptarchive/dists -type d | while read dir; do


@@ -30,18 +29,34 @@ done
 find aptarchive/dists -name '*Release*' -type f | while read file; do
        testaccessrights "$file" '640'
 done
 find aptarchive/dists -name '*Release*' -type f | while read file; do
        testaccessrights "$file" '640'
 done

-
+if [ "$(id -u)" = '0' ]; then
+       # permission errors an everything
+       testfailure aptget update
+
+       find aptarchive/dists -name '*Packages*' -type f | while read file; do
+               chmod 777 "$file"
+       done
+       # permission errors on Release
+       testwarning aptget update
+fi
+
+#everything (too) permissive
+find aptarchive/ -type f | while read file; do
+       chmod 777 "$file"
+done
+find incoming/ -type f | while read file; do
+       chmod 777 "$file"
+done

 testsuccess aptget update
 
 testdownload() {
 testsuccess aptget update
 
 testdownload() {

-       local APT="$2"
-       if [ -n "$3" ]; then
-               APT="${APT}/${3}"
-       fi
-       msgtest "Test download of package file $1 with" "$APT"
-       testsuccess --nomsg aptget download ${APT} -o Debug::pkgAcquire::Worker=1 -o Debug::pkgAcquire::Auth=1
-       testsuccess test -f "$1"
-       rm -f "$1"
+       local DEB="$1"
+       shift
+       msgtest "Test download of package file $DEB with" "$@"
+       testsuccess --nomsg aptget download "$@" -o Debug::pkgAcquire::Worker=1 -o Debug::pkgAcquire::Auth=1
+       testsuccess test -f "$DEB"
+       testaccessrights "$DEB" '644'
+       rm -f "$DEB"

 }
 
 # normal case as "root"
 }
 
 # normal case as "root"


@@ -60,7 +75,7 @@ OLDPWD="$(pwd)"
 cd downloaded
 
 # normal case(es)
 cd downloaded
 
 # normal case(es)

-testdownload apt_1.0_all.deb apt stable
+testdownload apt_1.0_all.deb apt/stable

 testdownload apt_2.0_all.deb apt
 
 DEBFILE="$(readlink -f ../aptarchive)/pool/apt_2.0_all.deb"
 testdownload apt_2.0_all.deb apt
 
 DEBFILE="$(readlink -f ../aptarchive)/pool/apt_2.0_all.deb"


@@ -72,30 +87,33 @@ testequal "E: Can't find a source to download version '1.0' of 'vrms:i386'" aptg
 
 # deb:736962
 testsuccess aptget download apt
 
 # deb:736962
 testsuccess aptget download apt

+testsuccess test -s apt_2.0_all.deb
+testaccessrights 'apt_2.0_all.deb' '644'

 testsuccess aptget download apt
 testsuccess test -s apt_2.0_all.deb
 testsuccess aptget download apt
 testsuccess test -s apt_2.0_all.deb

+testaccessrights 'apt_2.0_all.deb' '644'

 
 rm -f apt_1.0_all.deb apt_2.0_all.deb
 
 # deb:738103
 
 rm -f apt_1.0_all.deb apt_2.0_all.deb
 
 # deb:738103

-testsuccess aptget download apt apt apt/unstable apt=2.0
-testsuccess test -s apt_2.0_all.deb
+testdownload apt_2.0_all.deb apt apt apt/unstable apt=2.0

 
 

+# FIXME: pick up already downloaded deb files for real

 # restore "root" rights
 # restore "root" rights

-cd "$OLDPWD"
-chmod -f -R +w "$PWD/rootdir/var/cache/apt/archives"
-rm -rf rootdir/var/cache/apt/archives/
+#cd "$OLDPWD"
+#chmod -f -R +w "$PWD/rootdir/var/cache/apt/archives"
+#rm -rf rootdir/var/cache/apt/archives/

 
 # file: debs aren't copied to archives, so change to http which obviously are
 
 # file: debs aren't copied to archives, so change to http which obviously are

-changetowebserver
-testsuccess aptget update
+#changetowebserver
+#testsuccess aptget update

 
 # test with already stored deb
 
 # test with already stored deb

-testsuccess aptget install -d apt
-testsuccess test -s rootdir/var/cache/apt/archives/apt_2.0_all.deb
-testaccessrights 'aptarchive/pool/apt_2.0_all.deb' '644'
-mv aptarchive/pool/apt_2.0_all.deb aptarchive/pool/apt_2.0_all.deb.gone
-cd downloaded
-testdownload apt_2.0_all.deb apt
-cd "$OLDPWD"
-mv aptarchive/pool/apt_2.0_all.deb.gone aptarchive/pool/apt_2.0_all.deb
+#testsuccess aptget install -d apt
+#testsuccess test -s rootdir/var/cache/apt/archives/apt_2.0_all.deb
+#testaccessrights 'rootdir/var/cache/apt/archives/apt_2.0_all.deb' '644'
+#mv aptarchive/pool/apt_2.0_all.deb aptarchive/pool/apt_2.0_all.deb.gone
+#cd downloaded
+#testdownload apt_2.0_all.deb apt
+#cd "$OLDPWD"
+#mv aptarchive/pool/apt_2.0_all.deb.gone aptarchive/pool/apt_2.0_all.deb

diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning
index 43582829250d8a189e1118badc260d915916a826..b247c1ba9b9b68914b4ddb2b6651bcb7da88d6cb 100755 (executable)
--- a/test/integration/test-apt-get-update-unauth-warning
+++ b/test/integration/test-apt-get-update-unauth-warning
@@ -19,13 +19,14 @@ setupaptarchive --no-update
 APTARCHIVE="$(readlink -f ./aptarchive)"
 find "$APTARCHIVE/dists/unstable" -name '*Release*' -delete
 
 APTARCHIVE="$(readlink -f ./aptarchive)"
 find "$APTARCHIVE/dists/unstable" -name '*Release*' -delete
 

+echo 'Acquire::Progress::Ignore::ShowErrorText "false";' > rootdir/etc/apt/apt.conf.d/99show-no-ignore-errors.conf
+

 # update without authenticated files leads to warning
 testfailureequal "Get:1 file:$APTARCHIVE unstable InRelease
 Ign:1 file:$APTARCHIVE unstable InRelease
 # update without authenticated files leads to warning
 testfailureequal "Get:1 file:$APTARCHIVE unstable InRelease
 Ign:1 file:$APTARCHIVE unstable InRelease

-  File not found

 Get:2 file:$APTARCHIVE unstable Release
 Err:2 file:$APTARCHIVE unstable Release
 Get:2 file:$APTARCHIVE unstable Release
 Err:2 file:$APTARCHIVE unstable Release

-  File not found
+  File not found - ${APTARCHIVE}/dists/unstable/Release (2: No such file or directory)

 Reading package lists...
 E: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file.
 N: Updating such a repository securily is impossible and therefore disabled by default.
 Reading package lists...
 E: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file.
 N: Updating such a repository securily is impossible and therefore disabled by default.


@@ -46,46 +47,32 @@ filesize() {
 #exit
 testwarningequal "Get:1 file:$APTARCHIVE unstable InRelease
 Ign:1 file:$APTARCHIVE unstable InRelease
 #exit
 testwarningequal "Get:1 file:$APTARCHIVE unstable InRelease
 Ign:1 file:$APTARCHIVE unstable InRelease

-  File not found

 Get:2 file:$APTARCHIVE unstable Release
 Ign:2 file:$APTARCHIVE unstable Release
 Get:2 file:$APTARCHIVE unstable Release
 Ign:2 file:$APTARCHIVE unstable Release

-  File not found

 Get:3 file:$APTARCHIVE unstable/main Sources
 Ign:3 file:$APTARCHIVE unstable/main Sources
 Get:3 file:$APTARCHIVE unstable/main Sources
 Ign:3 file:$APTARCHIVE unstable/main Sources

-  File not found

 Get:4 file:$APTARCHIVE unstable/main i386 Packages
 Ign:4 file:$APTARCHIVE unstable/main i386 Packages
 Get:4 file:$APTARCHIVE unstable/main i386 Packages
 Ign:4 file:$APTARCHIVE unstable/main i386 Packages

-  File not found

 Get:5 file:$APTARCHIVE unstable/main all Packages
 Ign:5 file:$APTARCHIVE unstable/main all Packages
 Get:5 file:$APTARCHIVE unstable/main all Packages
 Ign:5 file:$APTARCHIVE unstable/main all Packages

-  File not found

 Get:6 file:$APTARCHIVE unstable/main Translation-en
 Ign:6 file:$APTARCHIVE unstable/main Translation-en
 Get:6 file:$APTARCHIVE unstable/main Translation-en
 Ign:6 file:$APTARCHIVE unstable/main Translation-en

-  File not found

 Get:3 file:$APTARCHIVE unstable/main Sources
 Ign:3 file:$APTARCHIVE unstable/main Sources
 Get:3 file:$APTARCHIVE unstable/main Sources
 Ign:3 file:$APTARCHIVE unstable/main Sources

-  File not found

 Get:4 file:$APTARCHIVE unstable/main i386 Packages
 Ign:4 file:$APTARCHIVE unstable/main i386 Packages
 Get:4 file:$APTARCHIVE unstable/main i386 Packages
 Ign:4 file:$APTARCHIVE unstable/main i386 Packages

-  File not found

 Get:5 file:$APTARCHIVE unstable/main all Packages
 Ign:5 file:$APTARCHIVE unstable/main all Packages
 Get:5 file:$APTARCHIVE unstable/main all Packages
 Ign:5 file:$APTARCHIVE unstable/main all Packages

-  File not found

 Get:6 file:$APTARCHIVE unstable/main Translation-en
 Ign:6 file:$APTARCHIVE unstable/main Translation-en
 Get:6 file:$APTARCHIVE unstable/main Translation-en
 Ign:6 file:$APTARCHIVE unstable/main Translation-en

-  File not found

 Get:3 file:$APTARCHIVE unstable/main Sources
 Ign:3 file:$APTARCHIVE unstable/main Sources
 Get:3 file:$APTARCHIVE unstable/main Sources
 Ign:3 file:$APTARCHIVE unstable/main Sources

-  File not found

 Get:4 file:$APTARCHIVE unstable/main i386 Packages
 Ign:4 file:$APTARCHIVE unstable/main i386 Packages
 Get:4 file:$APTARCHIVE unstable/main i386 Packages
 Ign:4 file:$APTARCHIVE unstable/main i386 Packages

-  File not found

 Get:5 file:$APTARCHIVE unstable/main all Packages
 Ign:5 file:$APTARCHIVE unstable/main all Packages
 Get:5 file:$APTARCHIVE unstable/main all Packages
 Ign:5 file:$APTARCHIVE unstable/main all Packages

-  File not found

 Get:6 file:$APTARCHIVE unstable/main Translation-en
 Ign:6 file:$APTARCHIVE unstable/main Translation-en
 Get:6 file:$APTARCHIVE unstable/main Translation-en
 Ign:6 file:$APTARCHIVE unstable/main Translation-en

-  File not found

 Get:3 file:$APTARCHIVE unstable/main Sources [$(filesize 'Sources') B]
 Get:4 file:$APTARCHIVE unstable/main i386 Packages [$(filesize 'Packages' 'Architecture: i386') B]
 Get:5 file:$APTARCHIVE unstable/main all Packages [$(filesize 'Packages' 'Architecture: all') B]
 Get:3 file:$APTARCHIVE unstable/main Sources [$(filesize 'Sources') B]
 Get:4 file:$APTARCHIVE unstable/main i386 Packages [$(filesize 'Packages' 'Architecture: i386') B]
 Get:5 file:$APTARCHIVE unstable/main all Packages [$(filesize 'Packages' 'Architecture: all') B]

diff --git a/test/integration/test-apt-update-failure-propagation b/test/integration/test-apt-update-failure-propagation
index eda9cff9902cf48590e0fe9c1243374f253af6b1..f144e9968a06c7ddeec74e0aa5a379319dfc087d 100755 (executable)
--- a/test/integration/test-apt-update-failure-propagation
+++ b/test/integration/test-apt-update-failure-propagation
@@ -87,6 +87,8 @@ for FILE in rootdir/etc/apt/sources.list.d/*-stable-* ; do
        # lets see how many testservers run also Doom
        sed -i -e "s#:${APTHTTPSPORT}/#:666/#" "$FILE"
 done
        # lets see how many testservers run also Doom
        sed -i -e "s#:${APTHTTPSPORT}/#:666/#" "$FILE"
 done

-testwarningmsg "W: Failed to fetch https://localhost:666/dists/stable/InRelease  Failed to connect to localhost port 666: Connection refused
-W: Some index files failed to download. They have been ignored, or old ones used instead." aptget update
+testwarning aptget update
+testequalor2 "W: Failed to fetch https://localhost:666/dists/stable/InRelease  Failed to connect to localhost port 666: Connection refused
+W: Some index files failed to download. They have been ignored, or old ones used instead." "W: Failed to fetch https://localhost:666/dists/stable/InRelease  couldn't connect to host
+W: Some index files failed to download. They have been ignored, or old ones used instead." tail -n 2 rootdir/tmp/testwarning.output

 posttest
 posttest

diff --git a/test/integration/test-apt-update-file b/test/integration/test-apt-update-file
index c6e07f8b6b20613b7853d45579a58e0ba2fe98d2..04e26a8f4c1d3e0e557653489e8b856b5535a8a9 100755 (executable)
--- a/test/integration/test-apt-update-file
+++ b/test/integration/test-apt-update-file
@@ -19,9 +19,12 @@ insertsource 'unstable' 'foo' 'all' '1'
 setupaptarchive --no-update
 
 # ensure the archive is not writable
 setupaptarchive --no-update
 
 # ensure the archive is not writable

-addtrap 'prefix' 'chmod 750 aptarchive/dists/unstable/main/binary-all;'
-chmod 550 aptarchive/dists/unstable/main/binary-all
-
+addtrap 'prefix' 'chmod 755 aptarchive/dists/unstable/main/binary-all;'
+if [ "$(id -u)" = '0' ]; then
+       chmod 550 aptarchive/dists/unstable/main/binary-all
+       testfailure aptget update
+fi
+chmod 555 aptarchive/dists/unstable/main/binary-all

 testsuccess aptget update
 
 # the release files aren't an IMS-hit, but the indexes are
 testsuccess aptget update
 
 # the release files aren't an IMS-hit, but the indexes are