diff options
| author | David Kalnischkies <david@kalnischkies.de> | 2015-10-13 11:37:39 +0200 |
|---|---|---|
| committer | David Kalnischkies <david@kalnischkies.de> | 2015-11-04 18:04:01 +0100 |
| commit | f18f2338a17d3037ac0d6f81a7f1a37df6eaca01 (patch) | |
| tree | 238910fae9d19be36ba3f62903eb52f28d417606 /test/integration/test-bug-596498-trusted-unsigned-repo | |
| parent | bce8e59b81e5bdfa46501c25bc1b3fca60a69cb8 (diff) | |
rework errors and warnings around insecure repositories
Insecure (aka unsigned) repositories are bad, period. We want to get
right of them finally and as a first step we are printing scary
warnings. This is already done, this commit just changes the messages to
be more consistent and prevents them from being displayed if
authenticity is guaranteed some other way (as indicated with
trusted=yes).
The idea is to first print the pure fact like "repository isn't signed"
as a warning (and later as an error), while giving an explaination in a
immediately following notice (which is displayed only in quiet level 0:
so in interactive use, not in scripts and alike).
Closes: 796549
Diffstat (limited to 'test/integration/test-bug-596498-trusted-unsigned-repo')
| -rwxr-xr-x | test/integration/test-bug-596498-trusted-unsigned-repo | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/test/integration/test-bug-596498-trusted-unsigned-repo b/test/integration/test-bug-596498-trusted-unsigned-repo index 94f280b81..a9e894bc9 100755 --- a/test/integration/test-bug-596498-trusted-unsigned-repo +++ b/test/integration/test-bug-596498-trusted-unsigned-repo @@ -8,6 +8,7 @@ configarchitecture 'i386' buildsimplenativepackage 'cool' 'i386' '1.0' 'unstable' +msgmsg 'default setup' setupaptarchive aptgetupdate() { @@ -28,6 +29,7 @@ testsuccessequal "$PKGTEXT $DOWNLOG Download complete and in download only mode" aptget install cool --assume-no -d --allow-unauthenticated +msgmsg 'sources marked trusted=no' sed -i -e 's#\(deb\(-src\)\?\) #\1 [trusted=no] #' $DEBFILE aptgetupdate 'testsuccess' @@ -47,6 +49,7 @@ Download complete and in download only mode" aptget install cool:i386 --assume-n configarchitecture 'i386' find aptarchive/ \( -name 'Release.gpg' -o -name 'InRelease' \) -delete +msgmsg 'unsigned repo' sed -i -e 's#\(deb\(-src\)\?\) \[trusted=no\] #\1 #' $DEBFILE aptgetupdate @@ -63,8 +66,9 @@ Authentication warning overridden. $DOWNLOG Download complete and in download only mode" aptget install cool --assume-no -d --allow-unauthenticated +msgmsg 'sources marked trusted=yes' sed -i -e 's#\(deb\(-src\)\?\) #\1 [trusted=yes] #' $DEBFILE -aptgetupdate +aptgetupdate 'testsuccess' testsuccessequal "$PKGTEXT $DOWNLOG |