summaryrefslogtreecommitdiff
path: root/test/integration/test-policy-pinning
diff options
context:
space:
mode:
Diffstat (limited to 'test/integration/test-policy-pinning')
-rwxr-xr-xtest/integration/test-policy-pinning361
1 files changed, 361 insertions, 0 deletions
diff --git a/test/integration/test-policy-pinning b/test/integration/test-policy-pinning
new file mode 100755
index 000000000..30238bd87
--- /dev/null
+++ b/test/integration/test-policy-pinning
@@ -0,0 +1,361 @@
+#!/bin/sh
+set -e
+
+TESTDIR="$(readlink -f "$(dirname "$0")")"
+. "$TESTDIR/framework"
+
+setupenvironment
+configarchitecture "i386"
+
+buildaptarchive
+setupflataptarchive
+
+STATUS=$(readlink -f rootdir/var/lib/dpkg/status)
+APTARCHIVE=$(readlink -f aptarchive)
+
+testequalpolicy() {
+ local SP="$1"
+ local AP="$2"
+ shift 2
+ testsuccessequal "Package files:
+ $(echo "$SP" | awk '{ printf("%3s\n",$0) }') ${STATUS}
+ release a=now
+ $(echo "$AP" | awk '{ printf("%3s\n",$0) }') file:${APTARCHIVE} Packages
+ release c=
+Pinned packages:" aptcache policy "$@"
+}
+
+testglobalpolicy() {
+ aptgetupdate
+
+ testequalpolicy 100 500
+ testequalpolicy 990 500 -t now
+
+ sed -i aptarchive/Release -e 1i"NotAutomatic: yes"
+ aptgetupdate
+
+ testequalpolicy 100 1 -o Test=NotAutomatic
+ testequalpolicy 990 1 -o Test=NotAutomatic -t now
+
+ sed -i aptarchive/Release -e 1i"ButAutomaticUpgrades: yes"
+ aptgetupdate
+
+ testequalpolicy 100 100 -o Test=ButAutomaticUpgrades
+ testequalpolicy 990 100 -o Test=ButAutomaticUpgrades -t now
+
+ sed -i aptarchive/Release -e 's#NotAutomatic: yes#NotAutomatic: no#' -e '/ButAutomaticUpgrades: / d'
+ aptgetupdate
+
+ testequalpolicy 100 500 -o Test=Automatic
+ testequalpolicy 990 500 -o Test=Automatic -t now
+
+ sed -i aptarchive/Release -e '/NotAutomatic: / d' -e '/ButAutomaticUpgrades: / d'
+}
+
+msgmsg 'Test with not signed archive'
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt
+ testwarning aptget update --allow-insecure-repositories
+}
+testglobalpolicy
+
+msgmsg 'Test with signed but no key in trusted'
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt
+ signreleasefiles 'Marvin Paranoid'
+ testwarning aptget update --allow-insecure-repositories
+}
+testglobalpolicy
+
+# much the same tests will be executed below in more detail again for this one
+msgmsg 'Test with signed and valid key'
+aptgetupdate() {
+ rm -rf rootdir/var/lib/apt
+ signreleasefiles 'Joe Sixpack'
+ testsuccess aptget update
+}
+testglobalpolicy
+
+msgmsg 'Test with specific packages'
+
+buildsimplenativepackage "coolstuff" "all" "1.0" "stable"
+buildsimplenativepackage "coolstuff" "all" "2.0~bpo1" "backports"
+
+setupaptarchive
+
+testsuccessequal "coolstuff:
+ Installed: (none)
+ Candidate: 2.0~bpo1
+ Version table:
+ 2.0~bpo1 500
+ 500 file:${APTARCHIVE} backports/main all Packages
+ 1.0 500
+ 500 file:${APTARCHIVE} stable/main all Packages" apt policy '^cool.*'
+
+testequalpolicycoolstuff() {
+ local INSTALLED="${1:-(none)}"
+ local CANDIDATE="${2:-(none)}"
+ local AB="$3"
+ local AS="$4"
+ local PB="$5"
+ local IS=""
+ local IB=""
+ local SB=""
+ local SS=""
+ [ "$1" = "2.0~bpo1" ] && IB="***" && SB="
+ 100 $STATUS" || IB=" "
+ [ "$1" = "1.0" ] && IS="***" && SS="
+ 100 $STATUS" || IS=" "
+ local BPO1ARCHIVE=""
+ local BPO2ARCHIVE=""
+ if [ ! "$7" = "2.0~bpo2" ]; then
+ BPO1PIN="$AB"
+ BPO1ARCHIVE=" $(echo "$AB" | awk '{ printf("%3s\n",$0) }') file:${APTARCHIVE} backports/main all Packages"
+ else
+ BPO2ARCHIVE="
+ 2.0~bpo2 $AB
+ $(echo "$AB" | awk '{ printf("%3s\n",$0) }') file:${APTARCHIVE} backports/main all Packages"
+ SB="$(echo "$SB" | tail -n 1)"
+ shift
+ fi
+ shift 6
+ testsuccessequal "coolstuff:
+ Installed: $INSTALLED
+ Candidate: $CANDIDATE
+ Version table:${BPO2ARCHIVE}
+ $IB 2.0~bpo1 $PB
+${BPO1ARCHIVE}$SB
+ $IS 1.0 $AS
+ $(echo "$AS" | awk '{ printf("%3s\n",$0) }') file:${APTARCHIVE} stable/main all Packages$SS" \
+ aptcache policy coolstuff -o Policy=${INSTALLED}-${CANDIDATE}-${AB}-${AS}-${PB} $*
+}
+
+testequalpolicycoolstuff "" "2.0~bpo1" 500 500 500 ""
+testequalpolicycoolstuff "" "1.0" 500 990 500 "" -t stable
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 990 "" -t backports
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: 200" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "1.0" 200 500 200 "" -o Test=GlobalPin
+testequalpolicycoolstuff "" "1.0" 200 990 200 "" -o Test=GlobalPin -t stable
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 990 "" -o Test=GlobalPin -t backports
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: 600" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "2.0~bpo1" 600 500 600 "" -o Test=GlobalPin
+testequalpolicycoolstuff "" "1.0" 600 990 600 "" -o Test=GlobalPin -t stable
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 200" > rootdir/etc/apt/preferences
+#FIXME: policy can't differentiate between two sources where one has a package specific pin in place
+# testequalpolicycoolstuff "" "1.0" 500 500 200 "2.0~bpo1" -o Test=PackagePin
+# testequalpolicycoolstuff "" "1.0" 990 500 200 "2.0~bpo1" -o Test=PackagePin -t backports
+testequalpolicycoolstuff "" "1.0" 500 990 200 "2.0~bpo1" -o Test=PackagePin -t stable
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 600" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "2.0~bpo1" 500 500 600 "2.0~bpo1" -o Test=PackagePin
+testequalpolicycoolstuff "" "1.0" 500 990 600 "2.0~bpo1" -o Test=PackagePin -t stable
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 600 "2.0~bpo1" -o Test=PackagePin -t backports
+
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: -1" > rootdir/etc/apt/preferences
+# testequalpolicycoolstuff "" "1.0" 500 500 -1 "2.0~bpo1" -o Test=PackagePin
+# testequalpolicycoolstuff "" "1.0" 990 500 -1 "2.0~bpo1" -o Test=PackagePin -t backports
+# testequalpolicycoolstuff "" "1.0" 500 990 -1 "2.0~bpo1" -o Test=PackagePin -t stable
+
+rm rootdir/etc/apt/preferences
+sed -i aptarchive/dists/backports/Release -e 1i"NotAutomatic: yes"
+signreleasefiles
+aptgetupdate
+
+testequalpolicycoolstuff "" "1.0" 1 500 1 "" -o Test=NotAutomatic
+testequalpolicycoolstuff "" "1.0" 1 990 1 "" -o Test=NotAutomatic -t stable
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 990 "" -o Test=NotAutomatic -t backports
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: 200" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "1.0" 200 500 200 "" -o Test=NotAutomatic
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: 600" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "2.0~bpo1" 600 500 600 "" -o Test=NotAutomatic
+testequalpolicycoolstuff "" "1.0" 600 990 600 "" -o Test=NotAutomatic -t stable
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 200" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "1.0" 1 500 200 "2.0~bpo1" -o Test=NotAutomatic
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 600" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "2.0~bpo1" 1 500 600 "2.0~bpo1" -o Test=NotAutomatic
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 600 "2.0~bpo1" -o Test=NotAutomatic -t backports
+testequalpolicycoolstuff "" "1.0" 1 990 600 "2.0~bpo1" -o Test=NotAutomatic -t stable
+
+rm rootdir/etc/apt/preferences
+sed -i aptarchive/dists/backports/Release -e 1i"ButAutomaticUpgrades: yes"
+signreleasefiles
+aptgetupdate
+
+testequalpolicycoolstuff "" "1.0" 100 500 100 "" -o Test=ButAutomaticUpgrades
+testequalpolicycoolstuff "" "1.0" 100 990 100 "" -o Test=ButAutomaticUpgrades -t stable
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 990 "" -o Test=ButAutomaticUpgrades -t backports
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: 200" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "1.0" 200 500 200 "" -o Test=ButAutomaticUpgrades
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: 600" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "2.0~bpo1" 600 500 600 "" -o Test=ButAutomaticUpgrades
+testequalpolicycoolstuff "" "1.0" 600 990 600 "" -o Test=ButAutomaticUpgrades -t stable
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 200" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "1.0" 100 500 200 "2.0~bpo1" -o Test=ButAutomaticUpgrades
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 600" > rootdir/etc/apt/preferences
+testequalpolicycoolstuff "" "2.0~bpo1" 100 500 600 "2.0~bpo1" -o Test=ButAutomaticUpgrades
+testequalpolicycoolstuff "" "2.0~bpo1" 990 500 600 "2.0~bpo1" -o Test=ButAutomaticUpgrades -t backports
+testequalpolicycoolstuff "" "1.0" 100 990 600 "2.0~bpo1" -o Test=ButAutomaticUpgrades -t stable
+
+rm rootdir/etc/apt/preferences
+testsuccess aptget install coolstuff -y
+testequalpolicycoolstuff "1.0" "1.0" 100 500 100 "" -o Test=ButAutomaticUpgrades
+testsuccess aptget dist-upgrade -y
+testequalpolicycoolstuff "1.0" "1.0" 100 500 100 "" -o Test=ButAutomaticUpgrades
+testequalpolicycoolstuff "1.0" "1.0" 100 990 100 "" -o Test=ButAutomaticUpgrades -t stable
+testequalpolicycoolstuff "1.0" "2.0~bpo1" 990 500 990 "" -o Test=ButAutomaticUpgrades -t backports
+
+testsuccess aptget install coolstuff -t backports -y
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo1" 100 500 100 "" -o Test=ButAutomaticUpgrades
+testsuccess aptget dist-upgrade -y
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo1" 100 500 100 "" -o Test=ButAutomaticUpgrades
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo1" 100 990 100 "" -o Test=ButAutomaticUpgrades -t stable
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo1" 990 500 990 "" -o Test=ButAutomaticUpgrades -t backports
+
+rm incoming/backports.main.pkglist incoming/backports.main.srclist
+buildsimplenativepackage "coolstuff" "all" "2.0~bpo2" "backports"
+setupaptarchive
+
+sed -i aptarchive/dists/backports/Release -e 1i"NotAutomatic: yes"
+signreleasefiles
+aptgetupdate
+
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo1" 1 500 100 "" "2.0~bpo2" -o Test=NotAutomatic
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo1" 1 990 100 "" "2.0~bpo2" -o Test=NotAutomatic -t stable
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo2" 990 500 100 "" "2.0~bpo2" -o Test=NotAutomatic -t backports
+
+sed -i aptarchive/dists/backports/Release -e 1i"ButAutomaticUpgrades: yes"
+signreleasefiles
+aptgetupdate
+
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo2" 100 500 100 "" "2.0~bpo2" -o Test=ButAutomaticUpgrades
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo2" 100 990 100 "" "2.0~bpo2" -o Test=ButAutomaticUpgrades -t stable
+testequalpolicycoolstuff "2.0~bpo1" "2.0~bpo2" 990 500 100 "" "2.0~bpo2" -o Test=ButAutomaticUpgrades -t backports
+
+
+tmppath=$(readlink -f .)
+
+# Check 16-bit integers
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 32767
+" > rootdir/etc/apt/preferences
+
+testsuccess aptget install -s coolstuff -o PinPriority=32767
+
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: -32768
+" > rootdir/etc/apt/preferences
+testsuccess aptget install -s coolstuff -o PinPriority=-32768
+
+# Check for 32-bit integers
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 32768
+" > rootdir/etc/apt/preferences
+
+testfailureequal "Reading package lists...
+E: ${tmppath}/rootdir/etc/apt/preferences: Value 32768 is outside the range of valid pin priorities (-32768 to 32767)" \
+ aptget install -s coolstuff -o PinPriority=32768
+
+
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: -32769
+" > rootdir/etc/apt/preferences
+
+testfailureequal "Reading package lists...
+E: ${tmppath}/rootdir/etc/apt/preferences: Value -32769 is outside the range of valid pin priorities (-32768 to 32767)" \
+ aptget install -s coolstuff -o PinPriority=-32769
+
+# Check for 64-bit integers
+
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 2147483648
+" > rootdir/etc/apt/preferences
+
+testfailureequal "Reading package lists...
+E: Cannot convert 2147483648 to integer: out of range
+E: ${tmppath}/rootdir/etc/apt/preferences: Value 2147483648 is outside the range of valid pin priorities (-32768 to 32767)" \
+ aptget install -s coolstuff -o PinPriority=2147483648
+
+# Check that short-max/min is a valid pin
+currentpin() {
+echo "Package: *
+Pin: release n=backports
+Pin-Priority: $1
+" > rootdir/etc/apt/preferences
+testsuccessequal "coolstuff:
+ Installed: 2.0~bpo1
+ Candidate: $2
+ Version table:
+ 2.0~bpo2 $1
+ $1 file:${tmppath}/aptarchive backports/main all Packages
+ *** 2.0~bpo1 100
+ 100 ${tmppath}/rootdir/var/lib/dpkg/status
+ 1.0 500
+ 500 file:${tmppath}/aptarchive stable/main all Packages" apt policy coolstuff
+}
+currentpin '32767' '2.0~bpo2'
+currentpin '-32768' '2.0~bpo1'
+
+# Check for 0
+echo "Package: coolstuff
+Pin: release n=backports
+Pin-Priority: 0
+" > rootdir/etc/apt/preferences
+
+testfailureequal "Reading package lists...
+E: No priority (or zero) specified for pin" \
+ aptget install -s coolstuff -o PinPriority=0
+
+# Check with comments
+echo "#Package: coolstuff
+#Pin: release n=backports
+#Pin-Priority: 0
+
+# Test
+
+Package: coolstuff
+Pin: release n=backports
+#Pin: release n=unstable
+#Pin-Priority: 999
+Pin-Priority: 999
+#Pin-Priority: 999" > rootdir/etc/apt/preferences
+
+testsuccessequal "coolstuff:
+ Installed: 2.0~bpo1
+ Candidate: 2.0~bpo2
+ Version table:
+ 2.0~bpo2 999
+ 100 file:${tmppath}/aptarchive backports/main all Packages
+ *** 2.0~bpo1 100
+ 100 ${tmppath}/rootdir/var/lib/dpkg/status
+ 1.0 500
+ 500 file:${tmppath}/aptarchive stable/main all Packages" aptcache policy coolstuff