2020-03-04 10:35:06 +01:00
|
|
|
#!/usr/bin/env bash
|
2017-08-07 21:09:21 +02:00
|
|
|
set -e
|
2012-09-13 23:19:05 +02:00
|
|
|
TEST_DESCRIPTION="cryptsetup systemd setup"
|
2019-12-12 09:37:19 +01:00
|
|
|
IMAGE_NAME="cryptsetup"
|
2017-08-04 14:34:14 +02:00
|
|
|
TEST_NO_NSPAWN=1
|
2012-09-13 23:19:05 +02:00
|
|
|
|
2013-04-23 02:39:40 +02:00
|
|
|
. $TEST_BASE_DIR/test-functions
|
2012-09-13 23:19:05 +02:00
|
|
|
|
2013-11-05 23:32:56 +01:00
|
|
|
check_result_qemu() {
|
2012-09-13 23:19:05 +02:00
|
|
|
ret=1
|
2020-03-20 20:17:11 +01:00
|
|
|
mount_initdir
|
2019-08-15 15:39:31 +02:00
|
|
|
[[ -e $initdir/testok ]] && ret=0
|
|
|
|
[[ -f $initdir/failed ]] && cp -a $initdir/failed $TESTDIR
|
2012-09-13 23:19:05 +02:00
|
|
|
cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile
|
2019-08-15 15:39:31 +02:00
|
|
|
mount /dev/mapper/varcrypt $initdir/var
|
2020-03-30 16:39:31 +02:00
|
|
|
save_journal $initdir/var/log/journal
|
2020-03-20 20:17:11 +01:00
|
|
|
_umount_dir $initdir/var
|
|
|
|
_umount_dir $initdir
|
2012-09-13 23:19:05 +02:00
|
|
|
cryptsetup luksClose /dev/mapper/varcrypt
|
2013-11-05 23:32:56 +01:00
|
|
|
[[ -f $TESTDIR/failed ]] && cat $TESTDIR/failed
|
2020-03-30 16:39:31 +02:00
|
|
|
echo $JOURNAL_LIST
|
2012-09-13 23:19:05 +02:00
|
|
|
test -s $TESTDIR/failed && ret=$(($ret+1))
|
|
|
|
return $ret
|
|
|
|
}
|
|
|
|
|
2019-12-12 09:37:19 +01:00
|
|
|
test_create_image() {
|
2019-07-12 17:47:26 +02:00
|
|
|
create_empty_image_rootdir
|
2012-09-13 23:19:05 +02:00
|
|
|
echo -n test >$TESTDIR/keyfile
|
2019-03-15 10:05:33 +01:00
|
|
|
cryptsetup -q luksFormat --pbkdf pbkdf2 --pbkdf-force-iterations 1000 ${LOOPDEV}p2 $TESTDIR/keyfile
|
2012-09-13 23:19:05 +02:00
|
|
|
cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile
|
2017-11-07 15:51:30 +01:00
|
|
|
mkfs.ext4 -L var /dev/mapper/varcrypt
|
2019-08-15 15:39:31 +02:00
|
|
|
mkdir -p $initdir/var
|
|
|
|
mount /dev/mapper/varcrypt $initdir/var
|
2012-09-13 23:19:05 +02:00
|
|
|
|
|
|
|
# Create what will eventually be our root filesystem onto an overlay
|
|
|
|
(
|
|
|
|
LOG_LEVEL=5
|
|
|
|
eval $(udevadm info --export --query=env --name=/dev/mapper/varcrypt)
|
|
|
|
eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
|
|
|
|
|
2013-11-05 23:32:56 +01:00
|
|
|
setup_basic_environment
|
2019-10-08 09:10:12 +02:00
|
|
|
mask_supporting_services
|
2018-11-01 09:26:36 +01:00
|
|
|
|
2013-11-05 23:32:56 +01:00
|
|
|
install_dmevent
|
2013-12-08 00:30:16 +01:00
|
|
|
generate_module_dependencies
|
2013-11-05 23:32:56 +01:00
|
|
|
cat >$initdir/etc/crypttab <<EOF
|
|
|
|
$DM_NAME UUID=$ID_FS_UUID /etc/varkey
|
2012-09-13 23:19:05 +02:00
|
|
|
EOF
|
2019-12-12 09:59:53 +01:00
|
|
|
echo -n test >$initdir/etc/varkey
|
2013-11-05 23:32:56 +01:00
|
|
|
cat $initdir/etc/crypttab | ddebug
|
2012-09-13 23:19:05 +02:00
|
|
|
|
2013-11-05 23:32:56 +01:00
|
|
|
cat >>$initdir/etc/fstab <<EOF
|
2017-11-07 15:51:30 +01:00
|
|
|
/dev/mapper/varcrypt /var ext4 defaults 0 1
|
2013-11-05 23:32:56 +01:00
|
|
|
EOF
|
2020-06-09 16:51:55 +02:00
|
|
|
|
|
|
|
# Forward journal messages to the console, so we have something
|
|
|
|
# to investigate even if we fail to mount the encrypted /var
|
|
|
|
echo ForwardToConsole=yes >> $initdir/etc/systemd/journald.conf
|
2019-07-08 21:11:32 +02:00
|
|
|
)
|
2019-07-12 17:47:26 +02:00
|
|
|
}
|
2012-09-13 23:19:05 +02:00
|
|
|
|
2019-07-12 17:47:26 +02:00
|
|
|
cleanup_root_var() {
|
2019-08-15 15:39:31 +02:00
|
|
|
ddebug "umount $initdir/var"
|
|
|
|
mountpoint $initdir/var && umount $initdir/var
|
2019-07-12 17:47:26 +02:00
|
|
|
[[ -b /dev/mapper/varcrypt ]] && cryptsetup luksClose /dev/mapper/varcrypt
|
2012-09-13 23:19:05 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
test_cleanup() {
|
2019-07-12 20:09:48 +02:00
|
|
|
# ignore errors, so cleanup can continue
|
2019-07-19 02:34:57 +02:00
|
|
|
cleanup_root_var || :
|
2019-07-12 17:47:26 +02:00
|
|
|
_test_cleanup
|
|
|
|
}
|
|
|
|
|
|
|
|
test_setup_cleanup() {
|
2019-12-13 14:21:31 +01:00
|
|
|
cleanup_root_var || :
|
|
|
|
cleanup_initdir
|
2012-09-13 23:19:05 +02:00
|
|
|
}
|
|
|
|
|
2020-09-22 18:26:28 +02:00
|
|
|
do_test "$@" 24
|