From f18f2338a17d3037ac0d6f81a7f1a37df6eaca01 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Tue, 13 Oct 2015 11:37:39 +0200 Subject: rework errors and warnings around insecure repositories Insecure (aka unsigned) repositories are bad, period. We want to get right of them finally and as a first step we are printing scary warnings. This is already done, this commit just changes the messages to be more consistent and prevents them from being displayed if authenticity is guaranteed some other way (as indicated with trusted=yes). The idea is to first print the pure fact like "repository isn't signed" as a warning (and later as an error), while giving an explaination in a immediately following notice (which is displayed only in quiet level 0: so in interactive use, not in scripts and alike). Closes: 796549 --- test/integration/test-apt-get-update-unauth-warning | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) (limited to 'test/integration/test-apt-get-update-unauth-warning') diff --git a/test/integration/test-apt-get-update-unauth-warning b/test/integration/test-apt-get-update-unauth-warning index b2d79eb2b..fad1cf627 100755 --- a/test/integration/test-apt-get-update-unauth-warning +++ b/test/integration/test-apt-get-update-unauth-warning @@ -27,8 +27,9 @@ Get:2 file:$APTARCHIVE unstable Release Err:2 file:$APTARCHIVE unstable Release File not found Reading package lists... -W: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository. -E: Use --allow-insecure-repositories to force the update" aptget update --no-allow-insecure-repositories +E: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file. +N: Updating such a repository securily is impossible and therefore disabled by default. +N: Use --allow-insecure-repositories to force an insecure update" aptget update --no-allow-insecure-repositories -q=0 # no package foo testsuccessequal 'Listing...' apt list foo @@ -78,7 +79,8 @@ Get:3 file:$APTARCHIVE unstable/main Sources [$(filesize 'Sources') B] Get:4 file:$APTARCHIVE unstable/main i386 Packages [$(filesize 'Packages') B] Get:5 file:$APTARCHIVE unstable/main Translation-en [$(filesize 'Translations') B] Reading package lists... -W: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file. This is deprecated, please contact the owner of the repository." aptget update --allow-insecure-repositories +W: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file. +N: Data from such a repository can not be authenticated and is therefore potentially dangerous to use." aptget update --allow-insecure-repositories -q=0 # ensure we can not install the package testfailureequal "WARNING: The following packages cannot be authenticated! foo -- cgit v1.2.3