diff options
author | David Kalnischkies <david@kalnischkies.de> | 2015-04-28 23:42:03 +0200 |
---|---|---|
committer | David Kalnischkies <david@kalnischkies.de> | 2015-05-11 17:22:32 +0200 |
commit | 3f732aa6ad0a81b6a6942a61fd5ed26a26590e8e (patch) | |
tree | 09c15e827f7301710818afe828f7e2eae593fb6f /test/integration/test-policy-pinning | |
parent | f492283b4369ed0711f5f538b6d5fe61a8a75a0f (diff) |
a pin of 1000 always means downgrade allowed
The documentation says this, but the code only agreed while evaluating
specific packages, but not generics. These needed a pin above 1000 to
have the same effect.
The code causing this makes references to a 'second pesduo status file',
but nowhere is explained what this might stand for and/or what it was,
so we do the only reasonable thing: Remove all references and do as
documented.
Diffstat (limited to 'test/integration/test-policy-pinning')
-rwxr-xr-x | test/integration/test-policy-pinning | 92 |
1 files changed, 40 insertions, 52 deletions
diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning index 15bf300ac..2675b51bc 100755 --- a/test/integration/test-policy-pinning +++ b/test/integration/test-policy-pinning @@ -25,70 +25,58 @@ testequalpolicy() { Pinned packages:" aptcache policy $* } -aptgetupdate() { - # just to be sure that no old files are used - rm -rf rootdir/var/lib/apt - if aptget update --allow-insecure-repositories -qq 2>&1 | grep '^E: '; then - msgwarn 'apt-get update failed with an error' - fi -} +testglobalpolicy() { + aptgetupdate -### not signed archive + testequalpolicy 100 500 + testequalpolicy 990 500 -t now -aptgetupdate + sed -i aptarchive/Release -e 1i"NotAutomatic: yes" + aptgetupdate -testequalpolicy 100 500 -testequalpolicy 990 500 -t now + testequalpolicy 100 1 -o Test=NotAutomatic + testequalpolicy 990 1 -o Test=NotAutomatic -t now -sed -i aptarchive/Release -e 1i"NotAutomatic: yes" -aptgetupdate + sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes" + aptgetupdate -testequalpolicy 100 1 -o Test=NotAutomatic -testequalpolicy 990 1 -o Test=NotAutomatic -t now + testequalpolicy 100 100 -o Test=ButAutomaticUpgrades + testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now -sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes" -aptgetupdate + sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d' + aptgetupdate -testequalpolicy 100 100 -o Test=ButAutomaticUpgrades -testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now + testequalpolicy 100 500 -o Test=Automatic + testequalpolicy 990 500 -o Test=Automatic -t now -sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d' -aptgetupdate - -testequalpolicy 100 500 -o Test=Automatic -testequalpolicy 990 500 -o Test=Automatic -t now - -sed -i aptarchive/Release -e '/NotAutomatic: / d' -e '/ButAutomaticUpgrades: / d' - -### signed but no key in trusted - -signreleasefiles 'Marvin Paranoid' -aptgetupdate -testequalpolicy 100 500 -testequalpolicy 990 500 -t now - -sed -i aptarchive/Release -e 1i"NotAutomatic: yes" -signreleasefiles 'Marvin Paranoid' -aptgetupdate - -testequalpolicy 100 1 -o Test=NotAutomatic -testequalpolicy 990 1 -o Test=NotAutomatic -t now - -sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes" -signreleasefiles 'Marvin Paranoid' -aptgetupdate + sed -i aptarchive/Release -e '/NotAutomatic: / d' -e '/ButAutomaticUpgrades: / d' +} -testequalpolicy 100 100 -o Test=ButAutomaticUpgrades -testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now +msgmsg 'Test with not signed archive' +aptgetupdate() { + rm -rf rootdir/var/lib/apt + testwarning aptget update --allow-insecure-repositories +} +testglobalpolicy -sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d' -signreleasefiles 'Marvin Paranoid' -aptgetupdate +msgmsg 'Test with signed but no key in trusted' +aptgetupdate() { + rm -rf rootdir/var/lib/apt + signreleasefiles 'Marvin Paranoid' + testwarning aptget update --allow-insecure-repositories +} +testglobalpolicy -testequalpolicy 100 500 -o Test=Automatic -testequalpolicy 990 500 -o Test=Automatic -t now +# much the same tests will be executed below in more detail again for this one +msgmsg 'Test with signed and valid key' +aptgetupdate() { + rm -rf rootdir/var/lib/apt + signreleasefiles 'Joe Sixpack' + testsuccess aptget update +} +testglobalpolicy -### signed and valid key +msgmsg 'Test with specific packages' buildsimplenativepackage "coolstuff" "all" "1.0" "stable" buildsimplenativepackage "coolstuff" "all" "2.0~bpo1" "backports" |