]>
Commit | Line | Data |
---|---|---|
ff12a795 | 1 | #!/usr/bin/env bash |
7b3cec95 | 2 | # SPDX-License-Identifier: LGPL-2.1-or-later |
818567fc | 3 | set -e |
3f161ba9 | 4 | |
71dc3ed1 | 5 | TEST_DESCRIPTION="cryptsetup systemd setup" |
8c3534b5 | 6 | IMAGE_NAME="cryptsetup" |
054ee249 | 7 | TEST_NO_NSPAWN=1 |
d9e606e8 | 8 | TEST_FORCE_NEWIMAGE=1 |
71dc3ed1 | 9 | |
3f161ba9 FS |
10 | # shellcheck source=test/test-functions |
11 | . "${TEST_BASE_DIR:?}/test-functions" | |
71dc3ed1 | 12 | |
889a9042 | 13 | check_result_qemu() { |
3f161ba9 FS |
14 | local ret=1 |
15 | ||
1506edca | 16 | mount_initdir |
3f161ba9 FS |
17 | [[ -e "${initdir:?}/testok" ]] && ret=0 |
18 | [[ -f "$initdir/failed" ]] && cp -a "$initdir/failed" "${TESTDIR:?}" | |
19 | ||
20 | cryptsetup luksOpen "${LOOPDEV:?}p2" varcrypt <"$TESTDIR/keyfile" | |
21 | mount /dev/mapper/varcrypt "$initdir/var" | |
22 | save_journal "$initdir/var/log/journal" | |
23 | _umount_dir "$initdir/var" | |
24 | _umount_dir "$initdir" | |
71dc3ed1 | 25 | cryptsetup luksClose /dev/mapper/varcrypt |
3f161ba9 FS |
26 | |
27 | [[ -f "$TESTDIR/failed" ]] && cat "$TESTDIR/failed" | |
28 | echo "${JOURNAL_LIST:-No journals were saved}" | |
29 | ||
7bf20e48 | 30 | test -s "$TESTDIR/failed" && ret=1 |
0b5fe54f | 31 | check_coverage_reports "${initdir:?}" || ret=5 |
71dc3ed1 LP |
32 | return $ret |
33 | } | |
34 | ||
8c3534b5 | 35 | test_create_image() { |
ec4cab49 | 36 | create_empty_image_rootdir |
3f161ba9 FS |
37 | |
38 | echo -n test >"${TESTDIR:?}/keyfile" | |
39 | cryptsetup -q luksFormat --pbkdf pbkdf2 --pbkdf-force-iterations 1000 "${LOOPDEV:?}p2" "$TESTDIR/keyfile" | |
40 | cryptsetup luksOpen "${LOOPDEV}p2" varcrypt <"$TESTDIR/keyfile" | |
4b742c8a | 41 | mkfs.ext4 -L var /dev/mapper/varcrypt |
3f161ba9 FS |
42 | mkdir -p "${initdir:?}/var" |
43 | mount /dev/mapper/varcrypt "$initdir/var" | |
71dc3ed1 LP |
44 | |
45 | # Create what will eventually be our root filesystem onto an overlay | |
46 | ( | |
47 | LOG_LEVEL=5 | |
3f161ba9 FS |
48 | # shellcheck source=/dev/null |
49 | source <(udevadm info --export --query=env --name=/dev/mapper/varcrypt) | |
50 | # shellcheck source=/dev/null | |
51 | source <(udevadm info --export --query=env --name="${LOOPDEV}p2") | |
71dc3ed1 | 52 | |
889a9042 | 53 | setup_basic_environment |
51fa8591 | 54 | mask_supporting_services |
056ae881 | 55 | |
889a9042 | 56 | install_dmevent |
1a6dc653 | 57 | generate_module_dependencies |
3f161ba9 | 58 | cat >"$initdir/etc/crypttab" <<EOF |
889a9042 | 59 | $DM_NAME UUID=$ID_FS_UUID /etc/varkey |
71dc3ed1 | 60 | EOF |
3f161ba9 FS |
61 | echo -n test >"$initdir/etc/varkey" |
62 | ddebug <"$initdir/etc/crypttab" | |
71dc3ed1 | 63 | |
3f161ba9 | 64 | cat >>"$initdir/etc/fstab" <<EOF |
4b742c8a | 65 | /dev/mapper/varcrypt /var ext4 defaults 0 1 |
889a9042 | 66 | EOF |
e47add9e FS |
67 | |
68 | # Forward journal messages to the console, so we have something | |
69 | # to investigate even if we fail to mount the encrypted /var | |
3f161ba9 | 70 | echo ForwardToConsole=yes >> "$initdir/etc/systemd/journald.conf" |
cc469c3d | 71 | ) |
ec4cab49 | 72 | } |
71dc3ed1 | 73 | |
ec4cab49 | 74 | cleanup_root_var() { |
3f161ba9 FS |
75 | ddebug "umount ${initdir:?}/var" |
76 | mountpoint "$initdir/var" && umount "$initdir/var" | |
ec4cab49 | 77 | [[ -b /dev/mapper/varcrypt ]] && cryptsetup luksClose /dev/mapper/varcrypt |
71dc3ed1 LP |
78 | } |
79 | ||
80 | test_cleanup() { | |
f85bc044 | 81 | # ignore errors, so cleanup can continue |
65dd488f | 82 | cleanup_root_var || : |
ec4cab49 DS |
83 | _test_cleanup |
84 | } | |
85 | ||
86 | test_setup_cleanup() { | |
ec43f686 ZJS |
87 | cleanup_root_var || : |
88 | cleanup_initdir | |
71dc3ed1 LP |
89 | } |
90 | ||
c4cd6205 | 91 | do_test "$@" |