summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2014-10-18 17:48:55 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2014-10-20 10:37:46 +0200
commitde81b2e20f80bb5f42034863a9a974c815a45da5 (patch)
tree4c601ca61dcdd8090adf198fba2191c18d9c87d4
parent12796fa241ad6b0e8ccd1025a3723e18324e17b0 (diff)
aborted reverify restores file owner and permission
If we get an IMS hit for an InRelease file we use the file we already have and pass it into reverification, but this changes the permissions and on abort of the transaction they weren't switched back. This is now done, additionally, every file in partial which hasn't failed gets permission and owner changed for root access as well, as it is very well possible that the next invocation will (re)use these files.
-rw-r--r--apt-pkg/acquire-item.cc6
-rw-r--r--test/integration/framework54
-rwxr-xr-xtest/integration/test-apt-update-transactions65
3 files changed, 94 insertions, 31 deletions
diff --git a/apt-pkg/acquire-item.cc b/apt-pkg/acquire-item.cc
index 78402249c..9a6e0af01 100644
--- a/apt-pkg/acquire-item.cc
+++ b/apt-pkg/acquire-item.cc
@@ -246,7 +246,7 @@ void pkgAcquire::Item::QueueURI(ItemDesc &Item) /*{{{*/
if (RealFileExists(DestFile))
{
std::string SandboxUser = _config->Find("APT::Sandbox::User");
- ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(),
+ ChangeOwnerAndPermissionOfFile("Item::QueueURI", DestFile.c_str(),
SandboxUser.c_str(), "root", 0600);
}
Owner->Enqueue(Item);
@@ -1570,6 +1570,10 @@ void pkgAcqMetaBase::AbortTransaction()
if(FileExists(PartialFile))
Rename(PartialFile, PartialFile + ".FAILED");
}
+ // fix permissions for existing files which were part of a reverify
+ // like InRelease files or files in partial we might work with next time
+ else if (FileExists((*I)->DestFile))
+ ChangeOwnerAndPermissionOfFile("AbortTransaction", (*I)->DestFile.c_str(), "root", "root", 0644);
}
Transaction.clear();
}
diff --git a/test/integration/framework b/test/integration/framework
index a8d6bf3d0..d692f62a9 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -23,25 +23,32 @@ if [ "$MSGCOLOR" != 'NO' ]; then
CCMD="\033[1;35m" # pink
fi
-msgdie() { printf "${CERROR}E: $1${CNORMAL}\n" >&2; exit 1; }
-msgwarn() { printf "${CWARNING}W: $1${CNORMAL}\n" >&2; }
-msgmsg() { printf "${CMSG}$1${CNORMAL}\n"; }
-msginfo() { printf "${CINFO}I: $1${CNORMAL}\n"; }
-msgdebug() { printf "${CDEBUG}D: $1${CNORMAL}\n"; }
-msgdone() { printf "${CDONE}DONE${CNORMAL}\n"; }
-msgnwarn() { printf "${CWARNING}W: $1${CNORMAL}" >&2; }
-msgnmsg() { printf "${CMSG}$1${CNORMAL}"; }
-msgninfo() { printf "${CINFO}I: $1${CNORMAL}"; }
-msgndebug() { printf "${CDEBUG}D: $1${CNORMAL}"; }
-msgtest() {
- while [ -n "$1" ]; do
- printf "${CINFO}$1${CCMD} "
- printf -- "$(echo "$2" | sed -e 's#^apt\([cgfs]\)#apt-\1#')${CINFO} "
+msgprintf() {
+ local START="$1"
+ local MIDDLE="$2"
+ local END="$3"
+ shift 3
+ if [ -n "$1" ]; then
+ printf "$START " "$1"
shift
- if [ -n "$1" ]; then shift; else break; fi
- done
- printf "…${CNORMAL} "
+ while [ -n "$1" ]; do
+ printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cgfs]\)#apt-\1#')"
+ shift
+ done
+ fi
+ printf "${END}"
}
+msgdie() { msgprintf "${CERROR}E: %s" '%s' "${CNORMAL}\n" "$@" >&2; exit 1; }
+msgwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}\n" "$@" >&2; }
+msgmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}\n" "$@"; }
+msginfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdone() { msgprintf "${CDONE}DONE" '%s' "${CNORMAL}\n" "$@"; }
+msgnwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}" "$@" >&2; }
+msgnmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}" "$@"; }
+msgninfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}" "$@"; }
+msgndebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}" "$@"; }
+msgtest() { msgprintf "${CINFO}%s" "${CCMD}%s${CINFO}" "…${CNORMAL} " "$@"; }
msgpass() { printf "${CPASS}PASS${CNORMAL}\n"; }
msgskip() {
if [ $# -gt 0 ]; then printf "${CWARNING}SKIP: $*${CNORMAL}\n" >&2;
@@ -1222,18 +1229,21 @@ testfailure() {
fi
}
-testaccessrights() {
- msgtest "Test that file $1 has access rights set to" "$2"
- if [ "$2" = "$(stat --format '%a' "$1")" ]; then
+testfilestats() {
+ msgtest "Test that file $1 has $2 $3" "$4"
+ if [ "$4" "$3" "$(stat --format "$2" "$1")" ]; then
msgpass
else
echo >&2
ls -l >&2 "$1"
- echo -n >&2 "stat(1) reports access rights: "
- stat --format '%a' "$1"
+ echo -n >&2 "stat(1) reports for $2: "
+ stat --format "$2" "$1"
msgfail
fi
}
+testaccessrights() {
+ testfilestats "$1" '%a' '=' "$2"
+}
testwebserverlaststatuscode() {
local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log'
diff --git a/test/integration/test-apt-update-transactions b/test/integration/test-apt-update-transactions
index 247334991..2d5d9e721 100755
--- a/test/integration/test-apt-update-transactions
+++ b/test/integration/test-apt-update-transactions
@@ -1,24 +1,73 @@
#!/bin/sh
set -e
+# ensure that an update will only succeed entirely or not at all
+
TESTDIR=$(readlink -f $(dirname $0))
. $TESTDIR/framework
setupenvironment
-configarchitecture "i386"
+configarchitecture 'i386'
insertpackage 'unstable' 'foo' 'all' '1.0'
+insertsource 'unstable' 'foo' 'all' '1.0'
setupaptarchive --no-update
-changetowebserver
-# break package file
-cat > aptarchive/dists/unstable/main/binary-i386/Packages <<EOF
+breakfile() {
+ mv "$1" "${1}.bak"
+ cat > "$1" <<EOF
Package: bar
EOF
-compressfile aptarchive/dists/unstable/main/binary-i386/Packages '+1hour'
+ compressfile "$1"
+}
+restorefile() {
+ mv "${1}.bak" "$1"
+}
+
+listscheck() {
+ testequal "$(cat $1)" ls rootdir/var/lib/apt/lists
+ # all copied files are properly chmodded
+ find rootdir/var/lib/apt/lists -maxdepth 1 -type f | while read file; do
+ testaccessrights "$file" '644'
+ testfilestats "$file" '%U' '!=' '_apt'
+ done
+}
+
+testrun() {
+ # produce an unsigned repository
+ find aptarchive \( -name 'Release.gpg' -o -name 'InRelease' \) -delete
+ testfailure aptget update --no-allow-insecure-repositories
+ listscheck "$1"
+
+ # signed but broken
+ signreleasefiles
-# ensure that a update will only succeed entirely or not at all
-testfailure aptget update
-testequal "partial" ls rootdir/var/lib/apt/lists
+ breakfile aptarchive/dists/unstable/main/binary-i386/Packages
+ testfailure aptget update
+ listscheck "$1"
+ restorefile aptarchive/dists/unstable/main/binary-i386/Packages
+
+ breakfile aptarchive/dists/unstable/main/source/Sources
+ testfailure aptget update
+ listscheck "$1"
+ restorefile aptarchive/dists/unstable/main/source/Sources
+}
+
+testsetup() {
+ msgmsg 'Test with no initial data over' "$1"
+ rm -rf rootdir/var/lib/apt/lists
+ mkdir -p rootdir/var/lib/apt/lists/partial
+ ls rootdir/var/lib/apt/lists > listsdir.lst
+ testrun 'listsdir.lst'
+
+ msgmsg 'Test with initial data over' "$1"
+ testsuccess aptget update
+ ls rootdir/var/lib/apt/lists > listsdir.lst
+ testrun 'listsdir.lst'
+}
+
+testsetup 'file'
+changetowebserver
+testsetup 'http'