Просмотр исходного кода

aborted reverify restores file owner and permission

If we get an IMS hit for an InRelease file we use the file we already
have and pass it into reverification, but this changes the permissions
and on abort of the transaction they weren't switched back.

This is now done, additionally, every file in partial which hasn't
failed gets permission and owner changed for root access as well, as it
is very well possible that the next invocation will (re)use these files.
David Kalnischkies лет назад: 11
Родитель
Сommit
de81b2e20f
3 измененных файлов с 94 добавлено и 31 удалено
  1. 5 1
      apt-pkg/acquire-item.cc
  2. 32 22
      test/integration/framework
  3. 57 8
      test/integration/test-apt-update-transactions

+ 5 - 1
apt-pkg/acquire-item.cc

@@ -246,7 +246,7 @@ void pkgAcquire::Item::QueueURI(ItemDesc &Item)				/*{{{*/
    if (RealFileExists(DestFile))
    {
       std::string SandboxUser = _config->Find("APT::Sandbox::User");
-      ChangeOwnerAndPermissionOfFile("GetPartialFileName", DestFile.c_str(),
+      ChangeOwnerAndPermissionOfFile("Item::QueueURI", DestFile.c_str(),
                                      SandboxUser.c_str(), "root", 0600);
    }
    Owner->Enqueue(Item);
@@ -1570,6 +1570,10 @@ void pkgAcqMetaBase::AbortTransaction()
          if(FileExists(PartialFile))
             Rename(PartialFile, PartialFile + ".FAILED");
       }
+      // fix permissions for existing files which were part of a reverify
+      // like InRelease files or files in partial we might work with next time
+      else if (FileExists((*I)->DestFile))
+	 ChangeOwnerAndPermissionOfFile("AbortTransaction", (*I)->DestFile.c_str(), "root", "root", 0644);
    }
    Transaction.clear();
 }

+ 32 - 22
test/integration/framework

@@ -23,25 +23,32 @@ if [ "$MSGCOLOR" != 'NO' ]; then
 	CCMD="\033[1;35m" # pink
 fi
 
-msgdie() { printf "${CERROR}E: $1${CNORMAL}\n" >&2; exit 1; }
-msgwarn() { printf "${CWARNING}W: $1${CNORMAL}\n" >&2; }
-msgmsg() { printf "${CMSG}$1${CNORMAL}\n"; }
-msginfo() { printf "${CINFO}I: $1${CNORMAL}\n"; }
-msgdebug() { printf "${CDEBUG}D: $1${CNORMAL}\n"; }
-msgdone() { printf "${CDONE}DONE${CNORMAL}\n"; }
-msgnwarn() { printf "${CWARNING}W: $1${CNORMAL}" >&2; }
-msgnmsg() { printf "${CMSG}$1${CNORMAL}"; }
-msgninfo() { printf "${CINFO}I: $1${CNORMAL}"; }
-msgndebug() { printf "${CDEBUG}D: $1${CNORMAL}"; }
-msgtest() {
-	while [ -n "$1" ]; do
-		printf "${CINFO}$1${CCMD} "
-		printf -- "$(echo "$2" | sed -e 's#^apt\([cgfs]\)#apt-\1#')${CINFO} "
+msgprintf() {
+	local START="$1"
+	local MIDDLE="$2"
+	local END="$3"
+	shift 3
+	if [ -n "$1" ]; then
+		printf "$START " "$1"
 		shift
-		if [ -n "$1" ]; then shift; else break; fi
-	done
-	printf "…${CNORMAL} "
+		while [ -n "$1" ]; do
+			printf "$MIDDLE " "$(echo "$1" | sed -e 's#^apt\([cgfs]\)#apt-\1#')"
+			shift
+		done
+	fi
+	printf "${END}"
 }
+msgdie() { msgprintf "${CERROR}E: %s" '%s' "${CNORMAL}\n" "$@" >&2; exit 1; }
+msgwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}\n" "$@" >&2; }
+msgmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}\n" "$@"; }
+msginfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}\n" "$@"; }
+msgdone() { msgprintf "${CDONE}DONE" '%s' "${CNORMAL}\n" "$@"; }
+msgnwarn() { msgprintf "${CWARNING}W: %s" '%s' "${CNORMAL}" "$@" >&2; }
+msgnmsg() { msgprintf "${CMSG}%s" '%s' "${CNORMAL}" "$@"; }
+msgninfo() { msgprintf "${CINFO}I: %s" '%s' "${CNORMAL}" "$@"; }
+msgndebug() { msgprintf "${CDEBUG}D: %s" '%s' "${CNORMAL}" "$@"; }
+msgtest() { msgprintf "${CINFO}%s" "${CCMD}%s${CINFO}" "…${CNORMAL} " "$@"; }
 msgpass() { printf "${CPASS}PASS${CNORMAL}\n"; }
 msgskip() {
 	if [ $# -gt 0 ]; then printf "${CWARNING}SKIP: $*${CNORMAL}\n" >&2;
@@ -1222,18 +1229,21 @@ testfailure() {
 	fi
 }
 
-testaccessrights() {
-	msgtest "Test that file $1 has access rights set to" "$2"
-	if [ "$2" = "$(stat --format '%a' "$1")" ]; then
+testfilestats() {
+	msgtest "Test that file $1 has $2 $3" "$4"
+	if [ "$4" "$3" "$(stat --format "$2" "$1")" ]; then
 		msgpass
 	else
 		echo >&2
 		ls -l >&2 "$1"
-		echo -n >&2 "stat(1) reports access rights: "
-		stat --format '%a' "$1"
+		echo -n >&2 "stat(1) reports for $2: "
+		stat --format "$2" "$1"
 		msgfail
 	fi
 }
+testaccessrights() {
+	testfilestats "$1" '%a' '=' "$2"
+}
 
 testwebserverlaststatuscode() {
 	local DOWNLOG='rootdir/tmp/webserverstatus-testfile.log'

+ 57 - 8
test/integration/test-apt-update-transactions

@@ -1,24 +1,73 @@
 #!/bin/sh
 set -e
 
+# ensure that an update will only succeed entirely or not at all
+
 TESTDIR=$(readlink -f $(dirname $0))
 . $TESTDIR/framework
 
 setupenvironment
-configarchitecture "i386"
+configarchitecture 'i386'
 
 insertpackage 'unstable' 'foo' 'all' '1.0'
+insertsource 'unstable' 'foo' 'all' '1.0'
 
 setupaptarchive --no-update
-changetowebserver
 
-# break package file
-cat > aptarchive/dists/unstable/main/binary-i386/Packages <<EOF
+breakfile() {
+	mv "$1" "${1}.bak"
+	cat > "$1" <<EOF
 Package: bar
 EOF
-compressfile aptarchive/dists/unstable/main/binary-i386/Packages '+1hour'
+	compressfile "$1"
+}
+restorefile() {
+	mv "${1}.bak" "$1"
+}
+
+listscheck() {
+	testequal "$(cat $1)" ls rootdir/var/lib/apt/lists
+	# all copied files are properly chmodded
+	find rootdir/var/lib/apt/lists -maxdepth 1 -type f | while read file; do
+		testaccessrights "$file" '644'
+		testfilestats "$file" '%U' '!=' '_apt'
+	done
+}
+
+testrun() {
+	# produce an unsigned repository
+	find aptarchive \( -name 'Release.gpg' -o -name 'InRelease' \) -delete
+	testfailure aptget update --no-allow-insecure-repositories
+	listscheck "$1"
+
+	# signed but broken
+	signreleasefiles
 
-# ensure that a update will only succeed entirely or not at all
-testfailure aptget update
-testequal "partial" ls rootdir/var/lib/apt/lists
+	breakfile aptarchive/dists/unstable/main/binary-i386/Packages
+	testfailure aptget update
+	listscheck "$1"
+	restorefile aptarchive/dists/unstable/main/binary-i386/Packages
+
+	breakfile aptarchive/dists/unstable/main/source/Sources
+	testfailure aptget update
+	listscheck "$1"
+	restorefile aptarchive/dists/unstable/main/source/Sources
+}
+
+testsetup() {
+	msgmsg 'Test with no initial data over' "$1"
+	rm -rf rootdir/var/lib/apt/lists
+	mkdir -p rootdir/var/lib/apt/lists/partial
+	ls rootdir/var/lib/apt/lists > listsdir.lst
+	testrun 'listsdir.lst'
+
+	msgmsg 'Test with initial data over' "$1"
+	testsuccess aptget update
+	ls rootdir/var/lib/apt/lists > listsdir.lst
+	testrun 'listsdir.lst'
+}
+
+testsetup 'file'
+changetowebserver
+testsetup 'http'