66425c3161
While reading a recent conversation about GPG checking at treecompose time, I had a sudden thought - were we actually doing verification client side? Turned out, we aren't. That happens as part of `dnf_transaction_commit()` which we don't use. That function verifies every package at one go, but for us I think it's better to do it before "importing". We shouldn't have untrusted bits that we've unpacked (they might have suid binaries, for one thing). This is an embarassing problem, but it's worth emphasizing that everyone should be retrieving repodata at a minimum over TLS, which sets a baseline. On RHEL, we already do pinned TLS, and there are discussions about extending that elsewhere. See: https://bugzilla.redhat.com/show_bug.cgi?id=1422157 Closes: #656 Approved by: jlebon |
||
|---|---|---|
| .. | ||
| check | ||
| common | ||
| compose-tests | ||
| composedata | ||
| gpghome | ||
| manual | ||
| utils | ||
| vmcheck | ||
| compose | ||
| README.md | ||
Tests are divided into three groups:
-
Tests in the
checkdirectory are non-destructive and uninstalled. Some of the tests require root privileges. Usemake checkto run these. -
The
composechecktests currently require uid 0 capabilities - the default in Docker, or you can run them via a user namespace. They are non-destructive, but are installed.To use them, you might do a
make && sudo make installinside a Docker container.Then invoke
./tests/compose. Alternatively of course, you can simply run the tests on a host system or in an existing container, without doing a build.Note: This is intentionally not a
Makefiletarget because it doesn't require building and doesn't use uninstalled binaries. -
Tests in the
vmcheckdirectory are oriented around using Vagrant. Usemake vmcheckto run them. See alsoHACKING.mdin the top directory.
The common directory contains files used by multiple
tests. The utils directory contains helper utilities
required to run the tests.