| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
| |
We don't really care about solver progress messages in testing;
hide them when comparing output, and hide them better than before.
Previously testsuccessequal ... --solver 3.0 behaved differently
than tests run with globally forced on 3.0 solver.
Stop cleaning up autoremovals, but do clean up "Calculating upgrade"
as well.
|
| |
|
|
|
|
| |
Warn about the missing field there and suggest the transition
to deb822 .sources files if we found any non-deb822 source
without signed-by.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Streamlining the rules around the Section field and especially what
happens if its isn't present are a good idea in general, but for testing
proposes we want a package without a section ~ something dpkg and co do
not want us to have for good reasons (outside of tests).
While a real nosection package would interact with more of our code, for
this test we don't really need a real one and so we can adopt to the new
reality of encountering such packages only if they are already
installed instead of trying to build a sectionless package by hand.
The other failure is a simple and trivial string change around the
formatting of the version number in dpkg error message about file
overrides, which we can resolve by just not looking at the version to
sidestep dealing with the formatting difference.
References: https://lists.debian.org/debian-dpkg/2024/12/msg00010.html
Closes: #1092090
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Remove the test case for MD5 and expired signatures, as we can't
create them (can't set signing digest, and can't set signature
expiry).
Tests for them have been added to test-method-gpgv instead.
We override sq in a function with cert-store and key-store
set to none.
This supports both sq 0.40 and sq 1.0.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Automatically show the output of `show`, `policy`, `list`,
`search`, `showsrc` in a pager.
The pager setup is inspired by git's pager setup. Notably,
the pager is found using APT_PAGER and PAGER variables.
We wait for the pager to be setup somewhat correctly by
using a notify pipe to figure out whether execvp() was
succesful - then the pipe will read EOF as the other end
got closed by CLOEXEC during exec - or not, then the pipe
will contain an errno.
We set up the correct handlers for signals and exit to close
the fds and wait for the pager. Notably inside the signal
handler we cannot flush our streams, only close them, so
there is some duplication.
We call the InitOutputPager() function from inside the
various Do...() functions rather than setting it up
generally in InitOutput(). Doing so allows us to first
render the progress without a pager, and then setup
the pager for the content only which improves user
experience.
When we setup a pager we also take care to disable
standard input, as we should not be prompting users
while a pager is running (the pager will be reading
from the tty directly). We do this by dup2-ing() a
/dev/null over it; if we just close()d the fd, another
open() might reuse the fd number and problems could
occur.
|
| | |
|
| | |
|
| |
|
|
|
| |
Our internal code always generates ENODATA for empty output and
this is checked by the previous commit, so this is entirely safe.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The command -v check inadvertently exited 0 because it confusingly
also considers functions and aliases. Check if we are able to run
a valgrind binary instead by querying its version.
Then, the msgdebug in the alternative code path was included in the
output that we are asserting so that was causing failures too and
needs removing.
Everything is horrible :D
|
| | |
|
| |
|
|
|
|
| |
Add support for testing apt-ftparchive, set valgrind to quiet such
that we can check program output, and pass --error-exitcode=7 to get
an (should be unused) magic error code if it detects errors.
|
| |
|
|
|
| |
We do not show them yet, so let's ignore them so we can focus
on getting the rest of the tests to work.
|
| |
|
|
|
| |
Implement --solver, --only, -skip flags for the test suite, and
run the test suite with the broken tests skipped against solver3.
|
| |
|
|
|
|
| |
This is mostly going to be useful for the test suite for now,
implement a function there to set it up so we can use it to
improve test suite correctness.
|
| |
|
|
|
| |
Ignore the Solving dependencies... line in the testing framework
for compatibility with the existing test cases.
|
| |
|
|
|
|
|
|
|
|
| |
Removing every line with at least three characters at the end makes
comparisons for output differences rather easy to pass. The intend
was to match for '\.\.\.' but given we have to adapt the strings to
include autoremove remarks we can also include the string that appeared
now that state information is provided (in the form of autobits).
Regession-Of: 734eb9ac3f65e38ac3ba7f2d50ea206743a6f611
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If dpkg-gencontrol was involved in the creation of a package we will not
usually encounter empty or otherwise useless fields, but apparently not
everyone is using it.
It isn't recommended to have these empty lines, but it isn't too hard to
ignore for Provides as we did for dependencies already and apt-ftparchive
can be convinced to produce empty files (if you feed it such a package)
as well, so lets be nice and provide users with a more accepting parser.
Closes: #1069874
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Our autoremoval-advertisment is modified by SUDO_USER as if the current
apt call was made with sudo it seems a good idea to show the ad with
sudo as well. That is annoying for our tests through as normally the
tests are run locally or by autopkgtest without sudo, but in Gitlab CI
we use it (to run our tests as user… as we are already root) and so
individual tests had to deal with this.
That is annoying and really not needed as we can have our autoremove
test check that this ad gets displayed the right way and ignore it the
rest of the time.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The key talking points here are:
1. Instead of long sentences, we use short concise messages,
e.g. "The following NEW packages will be installed" becomes
"Installing".
2. Dependencies are only listed once. We removed the
"The following additional packages will be installed" section
in favor of splitting up the "Installing" section into
"Installing" and "Installing dependencies" (like dnf)
3. The order of the output is different:
1. Packages to be installed manually
2. Packages to be installed automatically
4. Weak dependencies of new packages not installed
3. Packages to be upgraded
4. Packages to be downgraded
5. Packages that have been kept back / are on hold
6. Removals
7. Essential removals
i.e. we logically show you the action that is being
done, followed by lists related to the action.
4. As requested by popey, we have colorful UI, with green for
packages being installed and red for packages being removed.
Caveats:
- The list of recommends and suggests has not been updated yet,
it should move to after the packages being installed (as they
are what triggers them)
This also introduces output format versioning, configured by the
APT::Output-Format option. The default value is 0, except for the
apt(8) binary where it is 30 - which enables the new style.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change makes it a bit easier to quickly grasp the changes
about to be performed by apt.
It displays package lists in a columnar format by default,
similar to what `ls` produces for files.
A new long option `--no-list-columns` and an associated
`APT::Get::List-Columns` config setting control the behavior.
Usage example, with 60 column wide terminal:
```
$ sudo apt upgrade |
Reading package lists... Done |
Building dependency tree... Done |
Reading state information... Done |
Calculating upgrade... Done |
The following packages were automatically installed and are |
no longer required: |
libappindicator1 libindicator7 |
libdbusmenu-gtk4 linux-image-5.14.0-4-amd64 |
Use 'sudo apt autoremove' to remove them. |
The following packages have been kept back: |
criu linux-headers-amd64 nvidia-settings |
libxnvctrl0 nvidia-modprobe xwayland |
0 upgraded, 0 newly installed, 0 to remove and 6 not upgrade|
d. |
```
The effect becomes more pronounced with more packages (e.g. when
doing a dist-upgrade).
|
| |
|
|
|
|
| |
We remove the working directory from the found file names as these paths
could contain a lot of funny characters confusing the for loop like
spaces… we just readd it later in the actual calls to be safe.
|
| |
|
|
|
|
|
|
| |
Corrected 'und' -> 'and' in the fake package's description.
As a result, the MD5 checksum of this string is changed from
36ef2ec58c83bc4fdbe9fe958dd9c107 to 5022766cbc9bf07d1abea2c41a72646f
which in turn reduced the size of the resulting Packages.gz by one.
Therefore the accepted answer in the test case is updated too.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
If we know both SHA256, and they're different, the packages are. This
approach stores the SHA256 only at runtime, avoiding the overhead of
storing it on-disk, because when we update repositories we update all
of them anyhow.
Note that pkgCacheGenerator is hidden, so we can just modify its
ABI, hooray.
Closes: #931175
LP: #2029268
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A source marked with trusted=yes can still fail verification of the
Release file, mostly for Date related issues, like being too new or too
old, which have other options to force them in.
The update code was not using the Release file (which was a InRelease
file but failed verification – which was overridden by trusted=yes) as
intended, but it marked it for storage, so that this "bad" Release file
would end up being moved into lists/, which is bad as the indexes it
refers to aren't updated while the next update run assumes that the
indexes are in the state the Release file claims them to be in.
Fixed simply by making the storage conditional on the usage as intended,
which also resolves a second issue: The verification can also detect that
a Release file we got is older than what we already have to avoid down-
grade attacks. The more likely explanation is a slightly outdated mirror
in a rotation/CDN through, so this gets the silent treatment to avoid
scaring users by handling it as if we had got the same Release file we
already have stored locally, removing the freshly received older file
in the process alongside setting some variables. Those variables were
already modified in the trusted=yes case though resulting in the stored
Release file being removed instead. Not modifying the variables too early
resolves this problem as well.
Both seem to exist since at least 2015 as traces are visible in 448c38bdcd
already, which shuffled lots of code around including the bad ones, but
as we are in trusted=yes land, security is of no concern here, this
"just" leads to failed pinning, hashsum mismatches and other strange
problems in follow-up calls depending on how out of sync the Release
file (if its still present) is with the rest of the trusted data.
Reported-By: Dima Kogan <dkogan@debian.org> on IRC
Tested-By: Dima Kogan <dkogan@debian.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Not having a dpkg/status file used to be a hard error which from a
boostrap perspective is suspect as in the beginning, there is no
status so you would need to touch it into existence.
We make a difference between factual non-existence and inaccessibility
to catch mistakes in which the file is not readable for some reason,
the testcase test-bug-254770-segfault-if-cache-not-buildable is an
example of this.
Note that apt has already figured out at this point that this is a
Debian-like system which should have a dpkg/status file. This change
does not effect the auto-detection and is not supposed to.
|
| |
|
|
|
|
|
|
| |
We needed a fake dpkg in our status file for dpkg --assert-multi-arch to
work in the past, but recent dpkg versions do not require this anymore,
so we can remove this somewhat surprising hackery in favour of better
hidden hackery we only use if we work with an older dpkg (e.g. on
current Debian stable).
|
| |
|
|
|
|
| |
Building the library just so we can build the helpers against it is not
only wasteful but as we are supposed to test the system we can use that
as an additional simple smoke test before the real testing starts.
|
| |\
| |
| |
| |
| | |
Fix file:/// vs file:/ hang & https-proxy for http
See merge request apt-team/apt!187
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We allow file (and other file-based methods) URIs to either be given
as file:///path or as file:/path, but in various places of the acquire
system we perform string comparisons on URIs which do not handle this
expecting the canonical representation produced by our URI code.
That used to be hidden by us quoting and dequoting the URIs in the
system, but as we don't do this anymore we have to be a bit more careful
on input.
Ideally we would do less of these comparisons, but for now lets be
content with inserting a canonicalisation early on to prevent hangs in
the acquire system.
|
| |\ \
| |/
|/|
| |
| | |
Streamline access to barbarian architecture functionality
See merge request apt-team/apt!184
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
APTs ad hoc testing framework for integration tests is not intending to
be a general propose framework, but it is relatively easy to abuse it
for other projects anyhow with some refactoring even if that is neither
recommend nor officially supported.
Gbp-Dch: Ignore
|
| | |
| |
| |
| | |
Gbp-Dch: Ignore
|
| |/
|
|
|
|
|
|
| |
If the system tells us that a core dump was created we should try to
display the contained info as that system might not be easily available
when we see the error (like C-I or autopkgtest).
Gbp-Dch: Ignore
|
| |
|
|
|
|
|
|
| |
Temporary hacks should be temporary, especially if they hide bugs. After
fixing one in the previous commit this is just busy work to add download
information to the places which check that output.
Gbp-Dch: Ignore
|
| |
|
|
|
|
|
|
|
|
| |
If a source is not copying files to the destination the download code
forces the copy – which in practice are local repositories accessed
via file:/ – but in that process takes the filename the local repo used
rather than the filename it e.g. advertised via --print-uris.
A local repository could hence override a file in the current directory
if you use 'apt download', which is a rather weak ability, but still.
|
| |
|
|
|
|
|
|
|
| |
Repositories without Size information for packages are not
proper and need fixing. This ensures people see an error in
CI, and get notifications and hence the ability to fix it.
It can be turned off by setting Acquire::AllowUnsizedPackages
to true.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
The rred method expects the patches to have a certain name, which we
have to rename the file to before calling the method, but by delaying
the rename we ensure that if the download of one of them fails and a
successful fallback occurs they are all properly cleaned up as no longer
useful while in the error case the next apt run can potentially pick
them up as already downloaded.
Our test-pdiff-usage test was encountering this every other run, but did
not fail as the check for unaccounted files in partial/ was wrapped
in a subshell so that the failure produced failing output, but did not
change the exit code.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds support for Phased-Update-Percentage by pinning
upgrades that are not to be installed down to 1.
The output of policy has been changed to add the level of
phasing, and documentation has been improved to document
how phased updates work.
The patch detects if it is running in a chroot, and if so, always
includes phased updates, restoring classic apt behavior to avoid
behavioral changes on buildd chroots.
Various options are added to control this all:
* APT::Get::{Always,Never}-Include-Phased-Updates and their legacy
update-manager equivalents to always or never include phased updates
* APT::Machine-ID can be set to a UUID string to have all machines in a
fleet phase the same
* Dir::Etc::Machine-ID is weird in that it's default is sort of like
../machine-id, but not really, as ../machine-id would look up
$PWD/../machine-id and not relative to Dir::Etc; but it allows you to
override the path to machine-id (as opposed to the value)
* Dir::Bin::ischroot is the path to the ischroot(1) binary which is used
to detect whether we are running in a chroot.
|
| |
|
|
|
|
| |
On many distributions, /bin/sh is Bash. Bash’s `echo` builtin doesn’t
interpret escape sequences, so most tests fail. Fix this by removing
the escape sequence.
|
| |
|
|
|
|
| |
Our http method encodes the URI again which results in the double
encoding we have unwrap in the webserver (we did already, but we skip
the filename handling now which does the first decode).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dpkg (>= 1.20.3) has better support for its own DPKG_ROOT resulting in
architectures for the root being reported rather than the host system.
Sadly the hookscript from pkg-config is not prepared for this resulting
in our `dpkg --add-architecture` calls failing in the hook after dpkg
has successfully added the architecture internally. The failure
triggered fallback handling in the tests to work with an older version
of dpkg with a different multi-arch implementation.
So instead of doing the fallback, we ignore the failure if it seems like
pkg-config-dpkghook is involved only producing a bunch of warnings
to hint at this problem, but otherwise make the tests work again as it
is a post-invoke script.
References: #824774
|
| |
|
|
|
|
| |
Unfortunately for us, apt update with Acquire::Queue-Mode=access
does not always crash on a real system, so run the whole thing
in valgrind.
|
| |
|
|
|
|
|
|
|
| |
This avoids a lot of problems from local installations of
scripting languages and other stuff in /usr/local for which
maintainer scripts are not prepared.
[v3: Inherit PATH during tests, check overrides work]
[v2: Add testing]
|
| |
|
|
|
|
|
|
| |
If we limit a file to be signed by a certain key it should usually
accept also being signed by any of this keys subkeys instead of
requiring each subkey to be listed explicitly. If the later is really
wanted we support now also the same syntax as gpg does with appending an
exclamation mark at the end of the fingerprint to force no mapping.
|
| |
|
|
|
|
|
|
|
| |
It is an uphill battle to "reset" the environment to a clean state
without making it needlessly hard to use 'good' environment variables,
so we just try a little harder here without really trying for
completeness.
Gbp-Dch: Ignore
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit d7c92411dc1f4c6be098d1425f9c1c075e0c2154 introduced a warning for
non-existent files from components not mentioned in Components to hint
users at a mispelling or the disappearance of a component.
The debian-installer subcomponent isn't actively advertised in the
Release file through, so if apt ends up in acquiring a file which
doesn't exist for this component (like Translation files) apt would
produce a warning:
W: Skipping acquire of configured file
'main/debian-installer/i18n/Translation-en' as repository
'http://deb.debian.org/debian buster InRelease' doesn't have the
component 'main/debian-installer' (component misspelt in sources.list?)
We prevent this in the future by checking if any file exists from this
component which results in the warning to be produced still for the
intended cases and silence it on the d-i case.
This could potentially cause the warning not to be produced in cases it
should be if some marginal file remains, but as this message is just a
hint and the setup a bit pathological lets ignore it for now.
There is also the possibility of having no file present as they would
all be 0-length files and being a "hidden" component, but that would be
easy to workaround from the repository side and isn't really actively used
at the moment in the wild.
Closes: #879591
|
| |
|
|
|
|
|
|
| |
Hardcoding the IPv4 address 127.0.0.1 stops stunnel4 from also binding
on IPv6 as well which not only binds on another port but confuses our
crude port extraction by splitting on ':' with ::1.
Gbp-Dch: Ignore
|
| |
|
|
|
| |
Reported-By: codespell & spellintian
Gbp-Dch: Ignore
|
| |\
| |
| |
| |
| | |
pu/zstd
See merge request apt-team/apt!8
|