2 # SPDX-License-Identifier: LGPL-2.1-or-later
5 TEST_DESCRIPTION
="cryptsetup systemd setup"
6 IMAGE_NAME
="cryptsetup"
10 # shellcheck source=test/test-functions
11 .
"${TEST_BASE_DIR:?}/test-functions"
17 [[ -e "${initdir:?}/testok" ]] && ret
=0
18 [[ -f "$initdir/failed" ]] && cp -a "$initdir/failed" "${TESTDIR:?}"
20 cryptsetup luksOpen
"${LOOPDEV:?}p2" varcrypt
<"$TESTDIR/keyfile"
21 mount
/dev
/mapper
/varcrypt
"$initdir/var"
22 save_journal
"$initdir/var/log/journal"
23 _umount_dir
"$initdir/var"
24 _umount_dir
"$initdir"
25 cryptsetup luksClose
/dev
/mapper
/varcrypt
27 [[ -f "$TESTDIR/failed" ]] && cat "$TESTDIR/failed"
28 echo "${JOURNAL_LIST:-No journals were saved}"
30 test -s "$TESTDIR/failed" && ret
=1
35 create_empty_image_rootdir
37 echo -n test >"${TESTDIR:?}/keyfile"
38 cryptsetup
-q luksFormat
--pbkdf pbkdf2
--pbkdf-force-iterations 1000 "${LOOPDEV:?}p2" "$TESTDIR/keyfile"
39 cryptsetup luksOpen
"${LOOPDEV}p2" varcrypt
<"$TESTDIR/keyfile"
40 mkfs.ext4
-L var
/dev
/mapper
/varcrypt
41 mkdir
-p "${initdir:?}/var"
42 mount
/dev
/mapper
/varcrypt
"$initdir/var"
44 # Create what will eventually be our root filesystem onto an overlay
47 # shellcheck source=/dev/null
48 source <(udevadm info
--export --query=env
--name=/dev
/mapper
/varcrypt
)
49 # shellcheck source=/dev/null
50 source <(udevadm info
--export --query=env
--name="${LOOPDEV}p2")
52 setup_basic_environment
53 mask_supporting_services
56 generate_module_dependencies
57 cat >"$initdir/etc/crypttab" <<EOF
58 $DM_NAME UUID=$ID_FS_UUID /etc/varkey
60 echo -n test >"$initdir/etc/varkey"
61 ddebug
<"$initdir/etc/crypttab"
63 cat >>"$initdir/etc/fstab" <<EOF
64 /dev/mapper/varcrypt /var ext4 defaults 0 1
67 # Forward journal messages to the console, so we have something
68 # to investigate even if we fail to mount the encrypted /var
69 echo ForwardToConsole
=yes >> "$initdir/etc/systemd/journald.conf"
74 ddebug
"umount ${initdir:?}/var"
75 mountpoint
"$initdir/var" && umount
"$initdir/var"
76 [[ -b /dev
/mapper
/varcrypt
]] && cryptsetup luksClose
/dev
/mapper
/varcrypt
80 # ignore errors, so cleanup can continue
85 test_setup_cleanup
() {