From 08fcf9628806af202e555bd02b3611e4e9a3d757 Mon Sep 17 00:00:00 2001
From: David Kalnischkies <david@kalnischkies.de>
Date: Fri, 1 Jul 2016 22:00:52 +0200
Subject: warn if apt-key is used in scripts/its output parsed
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

apt-key needs gnupg for most of its operations, but depending on it
isn't very efficient as apt-key is hardly used by users – and scripts
shouldn't use it to begin with as it is just a silly wrapper. To draw
more attention on the fact that e.g. 'apt-key add' should not be used in
favor of "just" dropping a keyring file into the trusted.gpg.d
directory this commit implements the display of warnings.
---
 test/integration/framework                             |  1 +
 test/integration/test-apt-key-used-in-maintainerscript | 12 ++++++++++--
 2 files changed, 11 insertions(+), 2 deletions(-)

(limited to 'test')

diff --git a/test/integration/framework b/test/integration/framework
index bebcbf342..8ca878148 100644
--- a/test/integration/framework
+++ b/test/integration/framework
@@ -403,6 +403,7 @@ EOF
 	fi
 	echo "Acquire::https::CaInfo \"${TMPWORKINGDIRECTORY}/rootdir/etc/webserver.pem\";" > rootdir/etc/apt/apt.conf.d/99https
 	echo "Apt::Cmd::Disable-Script-Warning \"1\";" > rootdir/etc/apt/apt.conf.d/apt-binary
+	export APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE=no
 	echo 'Acquire::Connect::AddrConfig "false";' > rootdir/etc/apt/apt.conf.d/connect-addrconfig
 
 	configcompression '.' 'gz' #'bz2' 'lzma' 'xz'
diff --git a/test/integration/test-apt-key-used-in-maintainerscript b/test/integration/test-apt-key-used-in-maintainerscript
index e5e96963f..9faae19de 100755
--- a/test/integration/test-apt-key-used-in-maintainerscript
+++ b/test/integration/test-apt-key-used-in-maintainerscript
@@ -5,6 +5,7 @@ TESTDIR="$(readlink -f "$(dirname "$0")")"
 . "$TESTDIR/framework"
 
 setupenvironment
+unset APT_KEY_DONT_WARN_ON_DANGEROUS_USAGE
 configarchitecture 'native'
 configdpkgnoopchroot
 
@@ -14,7 +15,7 @@ buildingpkg() {
 	setupsimplenativepackage "$PKG" 'native' '1' 'unstable' "$@"
 	BUILDDIR="incoming/${PKG}-1"
 	echo '#!/bin/sh
-apt-key list' > "${BUILDDIR}/debian/postinst"
+apt-key list >/dev/null' > "${BUILDDIR}/debian/postinst"
 	buildpackage "$BUILDDIR" 'unstable' 'main' 'native'
 	rm -rf "$BUILDDIR"
 }
@@ -27,8 +28,15 @@ insertinstalledpackage 'unrelated' 'native' '1'
 insertinstalledpackage 'gnupg' 'native' '1'
 
 testsuccess apt install aptkeyuser-depends -y
-testfailure grep '^Warning: This will BREAK' rootdir/tmp/testsuccess.output
+cp rootdir/tmp/testsuccess.output apt.output
+testfailure grep '^Warning: This will BREAK' apt.output
+testsuccess grep '^Warning: apt-key' apt.output
 
 testsuccess apt install aptkeyuser-nodepends -y
 cp rootdir/tmp/testsuccess.output apt.output
 testsuccess grep '^Warning: This will BREAK' apt.output
+testsuccess grep '^Warning: apt-key' apt.output
+
+testsuccess aptkey list
+cp rootdir/tmp/testsuccess.output aptkey.list
+testsuccess grep '^Warning: apt-key' aptkey.list
-- 
cgit v1.2.3