Browse Source

fail instead of warn on insecure repositories in apt-get

The exception was made to give (script) users a one-release grace period
to adapt their setup to deal with apt enforcing signing of repositories.
As we are now at the start of a new release cycle its as good a time as
any to lift it now.

Removes-Exception: 952ee63b0a
tags/debian/1.5_alpha1
David Kalnischkies 4 years ago
parent
commit
cbaf353ead
6 changed files with 23 additions and 19 deletions
  1. +0
    -4
      apt-private/private-cmndline.cc
  2. +14
    -0
      debian/NEWS
  3. +0
    -10
      doc/apt-secure.8.xml
  4. +3
    -2
      test/integration/test-apt-get-update-unauth-warning
  5. +4
    -2
      test/integration/test-bug-838779-untrusted-to-trusted-Release-hit
  6. +2
    -1
      test/integration/test-handle-redirect-as-used-mirror-change

+ 0
- 4
apt-private/private-cmndline.cc View File

@@ -463,8 +463,6 @@ static void BinarySpecificConfiguration(char const * const Binary) /*{{{*/
_config->CndSet("Binary::apt::DPkg::Progress-Fancy", true);
_config->CndSet("Binary::apt::APT::Keep-Downloaded-Packages", false);
}
if (binary == "apt-config")
_config->CndSet("Binary::apt-get::Acquire::AllowInsecureRepositories", true);

_config->Set("Binary", binary);
}
@@ -472,8 +470,6 @@ static void BinarySpecificConfiguration(char const * const Binary) /*{{{*/
static void BinaryCommandSpecificConfiguration(char const * const Binary, char const * const Cmd)/*{{{*/
{
std::string const binary = flNotDir(Binary);
if (binary == "apt-get" && CmdMatches("update"))
_config->CndSet("Binary::apt-get::Acquire::AllowInsecureRepositories", true);
if ((binary == "apt" || binary == "apt-get") && CmdMatches("upgrade", "dist-upgrade", "full-upgrade"))
{
//FIXME: the option is documented to apply only for install/remove, so


+ 14
- 0
debian/NEWS View File

@@ -1,3 +1,17 @@
apt (1.5~) UNRELEASED; urgency=medium

The security exception for apt-get to only raise warnings if it encounters
unauthenticated repositories in the "update" command is gone now, so that it
will raise errors just like apt and all other apt-based front-ends do since
at least apt version 1.3.

It is possible (but STRONGLY ADVISED AGAINST) to revert to the previous
behaviour of apt-get by setting the option
Binary::apt-get::Acquire::AllowInsecureRepositories "true";
See apt-secure(8) manpage for configuration details.

-- David Kalnischkies <donkult@debian.org> Wed, 28 Jun 2017 12:37:12 +0200

apt (1.4.2) unstable; urgency=medium

If periodic updates and unattended upgrades are enabled, the start of


+ 0
- 10
doc/apt-secure.8.xml View File

@@ -62,16 +62,6 @@
archive.
</para>

<para>
As a temporary exception &apt-get; (not &apt;!) raises warnings only if it
encounters unauthenticated archives to give a slightly longer grace period
on this backward compatibility effecting change. This exception will be removed
in future releases and you can opt-out of this grace period by setting the
configuration option <option>Binary::apt-get::Acquire::AllowInsecureRepositories</option>
to <literal>false</literal> or <option>--no-allow-insecure-repositories</option>
on the command line.
</para>

<para>
You can force all APT clients to raise only warnings by setting the
configuration option <option>Acquire::AllowInsecureRepositories</option> to


+ 3
- 2
test/integration/test-apt-get-update-unauth-warning View File

@@ -21,7 +21,8 @@ setupaptarchive --no-update
APTARCHIVE="$(readlink -f ./aptarchive)"
find "$APTARCHIVE/dists/unstable" \( -name 'InRelease' -o -name 'Release.gpg' \) -delete
sed -i -n '/^SHA1:$/q;p' "${APTARCHIVE}/dists/unstable/Release"
testwarning aptget update
testfailure aptget update
testwarning aptget update --allow-insecure-repositories


rm -rf rootdir/var/lib/apt/lists
@@ -35,7 +36,7 @@ Err:2 file:$APTARCHIVE unstable Release
Reading package lists...
E: The repository 'file:$APTARCHIVE unstable Release' does not have a Release file.
N: Updating from such a repository can't be done securely, and is therefore disabled by default.
N: See apt-secure(8) manpage for repository creation and user configuration details." aptget update --no-allow-insecure-repositories
N: See apt-secure(8) manpage for repository creation and user configuration details." aptget update

# no package foo
testsuccessequal 'Listing...' apt list foo


+ 4
- 2
test/integration/test-bug-838779-untrusted-to-trusted-Release-hit View File

@@ -23,7 +23,8 @@ testdpkgnotinstalled 'foo'
msgmsg 'Untrusted to trusted hit' 'InRelease'
rm -rf rootdir/var/lib/apt/lists rootdir/var/cache/apt/archives
mv rootdir/etc/apt/trusted.gpg.d rootdir/etc/apt/trusted.gpg.d-bak
testwarning aptget update
testfailure aptget update
testwarning aptget update --allow-insecure-repositories
testfailure apt install foo -y
testdpkgnotinstalled 'foo'
mv rootdir/etc/apt/trusted.gpg.d-bak rootdir/etc/apt/trusted.gpg.d
@@ -37,7 +38,8 @@ msgmsg 'Untrusted to trusted hit' 'Release.gpg'
find aptarchive -name 'InRelease' -delete
rm -rf rootdir/var/lib/apt/lists rootdir/var/cache/apt/archives
mv rootdir/etc/apt/trusted.gpg.d rootdir/etc/apt/trusted.gpg.d-bak
testwarning aptget update
testfailure aptget update
testwarning aptget update --allow-insecure-repositories
testfailure apt install foo -y
testdpkgnotinstalled 'foo'
mv rootdir/etc/apt/trusted.gpg.d-bak rootdir/etc/apt/trusted.gpg.d


+ 2
- 1
test/integration/test-handle-redirect-as-used-mirror-change View File

@@ -89,5 +89,6 @@ Reading package lists..." aptget update
rm -rf rootdir/var/lib/apt/lists
find aptarchive -name 'Release.gpg' -delete
find aptarchive -name 'Release' -delete
testwarning aptget update
testfailure aptget update
testwarning aptget update --allow-insecure-repositories
testsuccess grep 'does not have a Release file' rootdir/tmp/testwarning.output

Loading…
Cancel
Save