summaryrefslogtreecommitdiff
path: root/test/integration
diff options
context:
space:
mode:
authorDavid Kalnischkies <david@kalnischkies.de>2016-08-25 12:42:36 +0200
committerDavid Kalnischkies <david@kalnischkies.de>2016-08-25 12:42:36 +0200
commit105503b4b470c124bc0c271bd8a50e25ecbe9133 (patch)
tree49e22d13d56a4555150214e59542160af2cc4f03 /test/integration
parent70ff288b98a7aae2c2808112015d34f76f2d5114 (diff)
apt-key: warn instead of fail on unreadable keyrings
apt-key has inconsistent behaviour if it can't read a keyring file: Commands like 'list' skipped silently over such keyrings while 'verify' failed hard resulting in apt to report cconfusing gpg errors (#834973). As a first step we teach apt-key to be more consistent here skipping in all commands over unreadable keyrings, but issuing a warning in the process, which is as usual for apt commands displayed at the end of the run.
Diffstat (limited to 'test/integration')
-rwxr-xr-xtest/integration/test-apt-key24
1 files changed, 24 insertions, 0 deletions
diff --git a/test/integration/test-apt-key b/test/integration/test-apt-key
index 759ce1487..96cfe41fa 100755
--- a/test/integration/test-apt-key
+++ b/test/integration/test-apt-key
@@ -81,6 +81,20 @@ gpg: unchanged: 1' aptkey --fakeroot update
testsuccess --nomsg aptkey --fakeroot del d141dbac8dae
testempty aptkey list
+ if [ "$(id -u)" != '0' ]; then
+ msgtest 'Test key removal with' 'unreadable key'
+ cleanplate
+ cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
+ echo 'foobar' > "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ chmod 000 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ testwarning --nomsg aptkey --fakeroot del d141dbac8dae
+ testwarning aptkey list
+ chmod 644 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ rm -f "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ grep -v '^W: ' "${ROOTDIR}/tmp/testwarning.output" > "${ROOTDIR}/aptkeylist.output" || true
+ testempty cat "${ROOTDIR}/aptkeylist.output"
+ fi
+
msgtest 'Test key removal with' 'single key in real file'
cleanplate
cp -a "${KEYDIR}/joesixpack.pub" "${ROOTDIR}/etc/apt/trusted.gpg.d/joesixpack.gpg"
@@ -202,6 +216,16 @@ gpg: unchanged: 1' aptkey --fakeroot update
msgtest 'Test verify a file' 'with all keys'
testsuccess --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
+ if [ "$(id -u)" != '0' ]; then
+ msgtest 'Test verify a file' 'with unreadable key'
+ echo 'foobar' > "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ chmod 000 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ testwarning --nomsg aptkey --quiet --readonly verify "${SIGNATURE}.gpg" "${SIGNATURE}"
+ testwarning aptkey list
+ chmod 644 "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ rm -f "${ROOTDIR}/etc/apt/trusted.gpg.d/unreadablekey.gpg"
+ fi
+
msgtest 'Test verify a file' 'with good keyring'
testsuccess --nomsg aptkey --quiet --readonly --keyring "${KEYDIR}/testcase-multikey.pub" verify "${SIGNATURE}.gpg" "${SIGNATURE}"