summaryrefslogtreecommitdiff
path: root/test/integration/test-policy-pinning
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2015-04-28 23:42:03 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2015-05-11 17:22:32 +0200
commit3f732aa6ad0a81b6a6942a61fd5ed26a26590e8e (patch)
tree09c15e827f7301710818afe828f7e2eae593fb6f /test/integration/test-policy-pinning
parentf492283b4369ed0711f5f538b6d5fe61a8a75a0f (diff)
a pin of 1000 always means downgrade allowed
The documentation says this, but the code only agreed while evaluating specific packages, but not generics. These needed a pin above 1000 to have the same effect. The code causing this makes references to a 'second pesduo status file', but nowhere is explained what this might stand for and/or what it was, so we do the only reasonable thing: Remove all references and do as documented.
Diffstat (limited to 'test/integration/test-policy-pinning')
-rwxr-xr-xtest/integration/test-policy-pinning92
1 files changed, 40 insertions, 52 deletions
diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning
index 15bf300ac..2675b51bc 100755
--- a/test/integration/test-policy-pinning
+++ b/test/integration/test-policy-pinning
@@ -25,70 +25,58 @@ testequalpolicy() {
Pinned packages:" aptcache policy $*
}
-aptgetupdate() {
- # just to be sure that no old files are used
- rm -rf rootdir/var/lib/apt
- if aptget update --allow-insecure-repositories -qq 2>&1 | grep '^E: '; then
- msgwarn 'apt-get update failed with an error'
- fi
-}
+testglobalpolicy() {
+ aptgetupdate
-### not signed archive
+ testequalpolicy 100 500
+ testequalpolicy 990 500 -t now
-aptgetupdate
+ sed -i aptarchive/Release -e 1i"NotAutomatic: yes"
+ aptgetupdate
-testequalpolicy 100 500
-testequalpolicy 990 500 -t now
+ testequalpolicy 100 1 -o Test=NotAutomatic
+ testequalpolicy 990 1 -o Test=NotAutomatic -t now
-sed -i aptarchive/Release -e 1i"NotAutomatic: yes"
-aptgetupdate
+ sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes"
+ aptgetupdate
-testequalpolicy 100 1 -o Test=NotAutomatic
-testequalpolicy 990 1 -o Test=NotAutomatic -t now
+ testequalpolicy 100 100 -o Test=ButAutomaticUpgrades
+ testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now
-sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes"
-aptgetupdate
+ sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d'
+ aptgetupdate
-testequalpolicy 100 100 -o Test=ButAutomaticUpgrades
-testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now
+ testequalpolicy 100 500 -o Test=Automatic
+ testequalpolicy 990 500 -o Test=Automatic -t now
-sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d'
-aptgetupdate
-
-testequalpolicy 100 500 -o Test=Automatic
-testequalpolicy 990 500 -o Test=Automatic -t now
-
-sed -i aptarchive/Release -e '/NotAutomatic: / d' -e '/ButAutomaticUpgrades: / d'
-
-### signed but no key in trusted
-
-signreleasefiles 'Marvin Paranoid'
-aptgetupdate
-testequalpolicy 100 500
-testequalpolicy 990 500 -t now
-
-sed -i aptarchive/Release -e 1i"NotAutomatic: yes"
-signreleasefiles 'Marvin Paranoid'
-aptgetupdate
-
-testequalpolicy 100 1 -o Test=NotAutomatic
-testequalpolicy 990 1 -o Test=NotAutomatic -t now
-
-sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes"
-signreleasefiles 'Marvin Paranoid'
-aptgetupdate
+ sed -i aptarchive/Release -e '/NotAutomatic: / d' -e '/ButAutomaticUpgrades: / d'
+}
-testequalpolicy 100 100 -o Test=ButAutomaticUpgrades
-testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now
+msgmsg 'Test with not signed archive'
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt
+ testwarning aptget update --allow-insecure-repositories
+}
+testglobalpolicy
-sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d'
-signreleasefiles 'Marvin Paranoid'
-aptgetupdate
+msgmsg 'Test with signed but no key in trusted'
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt
+ signreleasefiles 'Marvin Paranoid'
+ testwarning aptget update --allow-insecure-repositories
+}
+testglobalpolicy
-testequalpolicy 100 500 -o Test=Automatic
-testequalpolicy 990 500 -o Test=Automatic -t now
+# much the same tests will be executed below in more detail again for this one
+msgmsg 'Test with signed and valid key'
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt
+ signreleasefiles 'Joe Sixpack'
+ testsuccess aptget update
+}
+testglobalpolicy
-### signed and valid key
+msgmsg 'Test with specific packages'
buildsimplenativepackage "coolstuff" "all" "1.0" "stable"
buildsimplenativepackage "coolstuff" "all" "2.0~bpo1" "backports"