From 9fc0b435593839de47098212f0ae5f15b6263099 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 17 Nov 2014 15:06:35 +0100 Subject: close leaking slave fd after setting up pty magic The fd moves out of scope here anyway, so we should close it properly instead of leaking it which will tickle down to dpkg maintainer scripts. Closes: 767774 --- .../test-no-fds-leaked-to-maintainer-scripts | 40 ++++++++++++++++++++++ 1 file changed, 40 insertions(+) create mode 100755 test/integration/test-no-fds-leaked-to-maintainer-scripts (limited to 'test/integration/test-no-fds-leaked-to-maintainer-scripts') diff --git a/test/integration/test-no-fds-leaked-to-maintainer-scripts b/test/integration/test-no-fds-leaked-to-maintainer-scripts new file mode 100755 index 000000000..6ed120090 --- /dev/null +++ b/test/integration/test-no-fds-leaked-to-maintainer-scripts @@ -0,0 +1,40 @@ +#!/bin/sh +set -e + +TESTDIR=$(readlink -f $(dirname $0)) +. $TESTDIR/framework + +setupenvironment +configarchitecture 'native' +configdpkgnoopchroot + +setupsimplenativepackage "fdleaks" 'native' '1.0' 'unstable' +BUILDDIR="incoming/fdleaks-1.0" +for script in 'preinst' 'postinst' 'prerm' 'postrm'; do + echo '#!/bin/sh +ls -l /proc/self/fd/' > ${BUILDDIR}/debian/$script +done +buildpackage "$BUILDDIR" 'unstable' 'main' 'native' +rm -rf "$BUILDDIR" + +setupaptarchive + +testsuccess aptget install -y fdleaks +msgtest 'Check if fds were not' 'leaked' +if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = '8' ]; then + msgpass +else + echo + cat rootdir/tmp/testsuccess.output + msgfail +fi + +testsuccess aptget purge -y fdleaks +msgtest 'Check if fds were not' 'leaked' +if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = '12' ]; then + msgpass +else + echo + cat rootdir/tmp/testsuccess.output + msgfail +fi -- cgit v1.2.3 From 299aea924ccef428219ed6f1a026c122678429e6 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Tue, 18 Nov 2014 00:59:39 +0100 Subject: fix PTY interaction on linux and kfreebsd MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit We run dpkg on its own pty, so we can log its output and have our own output around it (like the progress bar), while also allowing debconf and configfile prompts to happen. In commit 223ae57d468fdcac451209a095047a07a5698212 we changed to constantly reopening the slave for kfreebsd. This has the sideeffect though that in some cases slave and master will lose their connection on linux, so that no output is passed along anymore. We fix this by having always an fd referencing the slave open (linux), but we don't use it (kfreebsd). Failing to get our PTY up and running has many (bad) consequences including (not limited to, nor all at ones or in any case) garbled ouput, no output, no logging, a (partial) mixture of the previous items, … This commit is therefore also reshuffling quiet a bit of the creation code to get especially the output part up and running on linux and the logging for kfreebsd. Note that the testcase tries to cover some cases, but this is an interactivity issue so only interactive usage can really be a good test. Closes: 765687 --- .../test-no-fds-leaked-to-maintainer-scripts | 40 ++++++++++++++++++++-- 1 file changed, 37 insertions(+), 3 deletions(-) (limited to 'test/integration/test-no-fds-leaked-to-maintainer-scripts') diff --git a/test/integration/test-no-fds-leaked-to-maintainer-scripts b/test/integration/test-no-fds-leaked-to-maintainer-scripts index 6ed120090..3c6457cab 100755 --- a/test/integration/test-no-fds-leaked-to-maintainer-scripts +++ b/test/integration/test-no-fds-leaked-to-maintainer-scripts @@ -8,7 +8,7 @@ setupenvironment configarchitecture 'native' configdpkgnoopchroot -setupsimplenativepackage "fdleaks" 'native' '1.0' 'unstable' +setupsimplenativepackage "fdleaks" 'all' '1.0' 'unstable' BUILDDIR="incoming/fdleaks-1.0" for script in 'preinst' 'postinst' 'prerm' 'postrm'; do echo '#!/bin/sh @@ -19,7 +19,8 @@ rm -rf "$BUILDDIR" setupaptarchive -testsuccess aptget install -y fdleaks +rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log +testsuccess aptget install -y fdleaks -qq < /dev/null msgtest 'Check if fds were not' 'leaked' if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = '8' ]; then msgpass @@ -29,7 +30,23 @@ else msgfail fi -testsuccess aptget purge -y fdleaks +cp rootdir/tmp/testsuccess.output terminal.output +tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log +testfileequal 'terminal.log' "$(cat terminal.output)" + +testequal 'startup archives unpack +install fdleaks:all 1.0 +status half-installed fdleaks:all 1.0 +status unpacked fdleaks:all 1.0 +status unpacked fdleaks:all 1.0 +startup packages configure +configure fdleaks:all 1.0 +status unpacked fdleaks:all 1.0 +status half-configured fdleaks:all 1.0 +status installed fdleaks:all 1.0' cut -f 3- -d' ' rootdir/var/log/dpkg.log + +rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log +testsuccess aptget purge -y fdleaks -qq msgtest 'Check if fds were not' 'leaked' if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = '12' ]; then msgpass @@ -38,3 +55,20 @@ else cat rootdir/tmp/testsuccess.output msgfail fi +cp rootdir/tmp/testsuccess.output terminal.output +tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log +testfileequal 'terminal.log' "$(cat terminal.output)" + +testequal 'startup packages purge +status installed fdleaks:all 1.0 +remove fdleaks:all 1.0 +status half-configured fdleaks:all 1.0 +status half-installed fdleaks:all 1.0 +status config-files fdleaks:all 1.0 +purge fdleaks:all 1.0 +status config-files fdleaks:all 1.0 +status config-files fdleaks:all 1.0 +status config-files fdleaks:all 1.0 +status config-files fdleaks:all 1.0 +status config-files fdleaks:all 1.0 +status not-installed fdleaks:all ' cut -f 3- -d' ' rootdir/var/log/dpkg.log -- cgit v1.2.3 From e18f6133b254db9e1dc7b202366b067b15a68123 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Wed, 10 Dec 2014 22:26:59 +0100 Subject: do not make PTY slave the controlling terminal MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit If we have no controlling terminal opening a terminal will make this terminal our controller, which is a serious problem if this happens to be the pseudo terminal we created to run dpkg in as we will close this terminal at the end hanging ourself up in the process… The offending open is the one we do to have at least one slave fd open all the time, but for good measure, we apply the flag also to the slave fd opening in the child process as we set the controlling terminal explicitely here. This is a regression from 150bdc9ca5d656f9fba94d37c5f4f183b02bd746 with the slight twist that this usecase was silently broken before in that it wasn't logging the output in term.log (as a pseudo terminal wasn't created). Closes: 772641 --- .../test-no-fds-leaked-to-maintainer-scripts | 109 +++++++++++++-------- 1 file changed, 67 insertions(+), 42 deletions(-) (limited to 'test/integration/test-no-fds-leaked-to-maintainer-scripts') diff --git a/test/integration/test-no-fds-leaked-to-maintainer-scripts b/test/integration/test-no-fds-leaked-to-maintainer-scripts index 3c6457cab..6eb033055 100755 --- a/test/integration/test-no-fds-leaked-to-maintainer-scripts +++ b/test/integration/test-no-fds-leaked-to-maintainer-scripts @@ -5,7 +5,7 @@ TESTDIR=$(readlink -f $(dirname $0)) . $TESTDIR/framework setupenvironment -configarchitecture 'native' +configarchitecture 'amd64' 'i386' configdpkgnoopchroot setupsimplenativepackage "fdleaks" 'all' '1.0' 'unstable' @@ -17,58 +17,83 @@ done buildpackage "$BUILDDIR" 'unstable' 'main' 'native' rm -rf "$BUILDDIR" +PKGNAME='fdleaks:all' +if ! dpkg-checkbuilddeps -d 'dpkg (>= 1.16.2)' /dev/null >/dev/null 2>&1; then + PKGNAME='fdleaks' +fi + setupaptarchive rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log testsuccess aptget install -y fdleaks -qq < /dev/null -msgtest 'Check if fds were not' 'leaked' -if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = '8' ]; then - msgpass -else - echo - cat rootdir/tmp/testsuccess.output - msgfail -fi -cp rootdir/tmp/testsuccess.output terminal.output -tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log -testfileequal 'terminal.log' "$(cat terminal.output)" +checkfdleak() { + msgtest 'Check if fds were not' 'leaked' + if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = "$1" ]; then + msgpass + else + echo + cat rootdir/tmp/testsuccess.output + msgfail + fi +} +checkinstall() { + checkfdleak 8 + + cp rootdir/tmp/testsuccess.output terminal.output + tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log + testfileequal 'terminal.log' "$(cat terminal.output)" -testequal 'startup archives unpack -install fdleaks:all 1.0 -status half-installed fdleaks:all 1.0 -status unpacked fdleaks:all 1.0 -status unpacked fdleaks:all 1.0 + testequal "startup archives unpack +install $PKGNAME 1.0 +status half-installed $PKGNAME 1.0 +status unpacked $PKGNAME 1.0 +status unpacked $PKGNAME 1.0 startup packages configure -configure fdleaks:all 1.0 -status unpacked fdleaks:all 1.0 -status half-configured fdleaks:all 1.0 -status installed fdleaks:all 1.0' cut -f 3- -d' ' rootdir/var/log/dpkg.log +configure $PKGNAME 1.0 +status unpacked $PKGNAME 1.0 +status half-configured $PKGNAME 1.0 +status installed $PKGNAME 1.0" cut -f 3- -d' ' rootdir/var/log/dpkg.log +} +checkinstall rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log testsuccess aptget purge -y fdleaks -qq -msgtest 'Check if fds were not' 'leaked' -if [ "$(grep 'root root' rootdir/tmp/testsuccess.output | wc -l)" = '12' ]; then +checkpurge() { + checkfdleak 12 + + cp rootdir/tmp/testsuccess.output terminal.output + tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log + testfileequal 'terminal.log' "$(cat terminal.output)" + + testequal "startup packages purge +status installed $PKGNAME 1.0 +remove $PKGNAME 1.0 +status half-configured $PKGNAME 1.0 +status half-installed $PKGNAME 1.0 +status config-files $PKGNAME 1.0 +purge $PKGNAME 1.0 +status config-files $PKGNAME 1.0 +status config-files $PKGNAME 1.0 +status config-files $PKGNAME 1.0 +status config-files $PKGNAME 1.0 +status config-files $PKGNAME 1.0 +status not-installed $PKGNAME " cut -f 3- -d' ' rootdir/var/log/dpkg.log +} +checkpurge + +msgtest 'setsid provided is new enough to support' '-w' +if dpkg-checkbuilddeps -d 'util-linux (>= 2.24.2-1)' /dev/null >/dev/null 2>&1; then msgpass else - echo - cat rootdir/tmp/testsuccess.output - msgfail + msgskip "$(command dpkg -l util-linux)" + exit fi -cp rootdir/tmp/testsuccess.output terminal.output -tail -n +3 rootdir/var/log/apt/term.log | head -n -1 > terminal.log -testfileequal 'terminal.log' "$(cat terminal.output)" -testequal 'startup packages purge -status installed fdleaks:all 1.0 -remove fdleaks:all 1.0 -status half-configured fdleaks:all 1.0 -status half-installed fdleaks:all 1.0 -status config-files fdleaks:all 1.0 -purge fdleaks:all 1.0 -status config-files fdleaks:all 1.0 -status config-files fdleaks:all 1.0 -status config-files fdleaks:all 1.0 -status config-files fdleaks:all 1.0 -status config-files fdleaks:all 1.0 -status not-installed fdleaks:all ' cut -f 3- -d' ' rootdir/var/log/dpkg.log +rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log +testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" install -y fdleaks -qq < /dev/null +checkinstall + +rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log +testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" purge -y fdleaks -qq +checkpurge -- cgit v1.2.3 From a2a75ff4516f7609f4c55b42270abb8d08943c60 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Tue, 18 Nov 2014 19:53:56 +0100 Subject: always run 'dpkg --configure -a' at the end of our dpkg callings dpkg checks now for dependencies before running triggers, so that packages can now end up in trigger states (especially those we are not touching at all with our calls) after apt is done running. The solution to this is trivial: Just tell dpkg to configure everything after we have (supposely) configured everything already. In the worst case this means dpkg will have to run a bunch of triggers, usually it will just do nothing though. The code to make this happen was already available, so we just flip a config option here to cause it to be run. This way we can keep pretending that triggers are an implementation detail of dpkg. --triggers-only would supposely work as well, but --configure is more robust in regards to future changes to dpkg and something we will hopefully make use of in future versions anyway (as it was planed at the time this and related options were implemented). Note that dpkg currently has a workaround implemented to allow upgrades to jessie to be clean, so that the test works before and after. Also note that test (compared to the one in the bug) drops the await test as its is considered a loop by dpkg now. Closes: 769609 --- test/integration/test-no-fds-leaked-to-maintainer-scripts | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'test/integration/test-no-fds-leaked-to-maintainer-scripts') diff --git a/test/integration/test-no-fds-leaked-to-maintainer-scripts b/test/integration/test-no-fds-leaked-to-maintainer-scripts index 6eb033055..7d0c1c6c1 100755 --- a/test/integration/test-no-fds-leaked-to-maintainer-scripts +++ b/test/integration/test-no-fds-leaked-to-maintainer-scripts @@ -53,7 +53,8 @@ startup packages configure configure $PKGNAME 1.0 status unpacked $PKGNAME 1.0 status half-configured $PKGNAME 1.0 -status installed $PKGNAME 1.0" cut -f 3- -d' ' rootdir/var/log/dpkg.log +status installed $PKGNAME 1.0 +startup packages configure" cut -f 3- -d' ' rootdir/var/log/dpkg.log } checkinstall @@ -78,7 +79,8 @@ status config-files $PKGNAME 1.0 status config-files $PKGNAME 1.0 status config-files $PKGNAME 1.0 status config-files $PKGNAME 1.0 -status not-installed $PKGNAME " cut -f 3- -d' ' rootdir/var/log/dpkg.log +status not-installed $PKGNAME +startup packages configure" cut -f 3- -d' ' rootdir/var/log/dpkg.log } checkpurge -- cgit v1.2.3 From 748a2177dcf8ff72bca90f5c7d516559ddd67352 Mon Sep 17 00:00:00 2001 From: David Kalnischkies Date: Mon, 22 Dec 2014 23:14:08 +0100 Subject: pass-through stdin fd instead of content if not a terminal Commit 299aea924ccef428219ed6f1a026c122678429e6 fixes the problem of not logging terminal in case stdin & stdout are not a terminal. The problem is that we are then trying to pass-through stdin content by reading from the apt-process stdin and writing it to the stdin of the child (dpkg), which works great for users who can control themselves, but pipes and co are a bit less forgiving causing us to pass everything to the first child process, which if the sending part of the pipe is e.g. 'yes' we will never see the end of it (as the pipe is full at some point and further writing blocks). There is a simple solution for that of course: If stdin isn't a terminal, we us the apt-process stdin as stdin for the child directly (We don't do this if it is a terminal to be able to save the typed input in the log). Closes: 773061 --- .../test-no-fds-leaked-to-maintainer-scripts | 22 ++++++++++++++++++++-- 1 file changed, 20 insertions(+), 2 deletions(-) (limited to 'test/integration/test-no-fds-leaked-to-maintainer-scripts') diff --git a/test/integration/test-no-fds-leaked-to-maintainer-scripts b/test/integration/test-no-fds-leaked-to-maintainer-scripts index 7d0c1c6c1..41c057042 100755 --- a/test/integration/test-no-fds-leaked-to-maintainer-scripts +++ b/test/integration/test-no-fds-leaked-to-maintainer-scripts @@ -11,8 +11,14 @@ configdpkgnoopchroot setupsimplenativepackage "fdleaks" 'all' '1.0' 'unstable' BUILDDIR="incoming/fdleaks-1.0" for script in 'preinst' 'postinst' 'prerm' 'postrm'; do - echo '#!/bin/sh -ls -l /proc/self/fd/' > ${BUILDDIR}/debian/$script + cat > ${BUILDDIR}/debian/$script << EOF +#!/bin/sh +if [ -e "$(pwd)/rootdir/tmp/read_stdin" ]; then + read line; + echo "STDIN: -\$line-" +fi +ls -l /proc/self/fd/ +EOF done buildpackage "$BUILDDIR" 'unstable' 'main' 'native' rm -rf "$BUILDDIR" @@ -99,3 +105,15 @@ checkinstall rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" purge -y fdleaks -qq checkpurge + +touch rootdir/tmp/read_stdin + +rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log +for i in $(seq 1 10); do echo "$i"; done | testsuccess aptget install -y fdleaks -qq +checkinstall +testequal '2' grep -c '^STDIN: ' rootdir/var/log/apt/term.log + +rm -f rootdir/var/log/dpkg.log rootdir/var/log/apt/term.log +yes '' | testsuccess runapt command setsid -w "${BUILDDIRECTORY}/apt-get" purge -y fdleaks -qq +checkpurge +testequal '3' grep -c '^STDIN: ' rootdir/var/log/apt/term.log -- cgit v1.2.3