[thirdparty/systemd.git] / test / TEST-24-CRYPTSETUP / test.sh

#!/usr/bin/env bash
set -e
TEST_DESCRIPTION="cryptsetup systemd setup"
IMAGE_NAME="cryptsetup"
TEST_NO_NSPAWN=1

. $TEST_BASE_DIR/test-functions

check_result_qemu() {
    ret=1
    mount_initdir
    [[ -e $initdir/testok ]] && ret=0
    [[ -f $initdir/failed ]] && cp -a $initdir/failed $TESTDIR
    cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile
    mount /dev/mapper/varcrypt $initdir/var
    save_journal $initdir/var/log/journal
    _umount_dir $initdir/var
    _umount_dir $initdir
    cryptsetup luksClose /dev/mapper/varcrypt
    [[ -f $TESTDIR/failed ]] && cat $TESTDIR/failed
    echo $JOURNAL_LIST
    test -s $TESTDIR/failed && ret=$(($ret+1))
    return $ret
}

test_create_image() {
    create_empty_image_rootdir
    echo -n test >$TESTDIR/keyfile
    cryptsetup -q luksFormat --pbkdf pbkdf2 --pbkdf-force-iterations 1000 ${LOOPDEV}p2 $TESTDIR/keyfile
    cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile
    mkfs.ext4 -L var /dev/mapper/varcrypt
    mkdir -p $initdir/var
    mount /dev/mapper/varcrypt $initdir/var

    # Create what will eventually be our root filesystem onto an overlay
    (
        LOG_LEVEL=5
        eval $(udevadm info --export --query=env --name=/dev/mapper/varcrypt)
        eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)

        setup_basic_environment
        mask_supporting_services

        install_dmevent
        generate_module_dependencies
        cat >$initdir/etc/crypttab <<EOF
$DM_NAME UUID=$ID_FS_UUID /etc/varkey
EOF
        echo -n test >$initdir/etc/varkey
        cat $initdir/etc/crypttab | ddebug

        cat >>$initdir/etc/fstab <<EOF
/dev/mapper/varcrypt    /var    ext4    defaults 0 1
EOF

        # Forward journal messages to the console, so we have something
        # to investigate even if we fail to mount the encrypted /var
        echo ForwardToConsole=yes >> $initdir/etc/systemd/journald.conf
    )
}

cleanup_root_var() {
    ddebug "umount $initdir/var"
    mountpoint $initdir/var && umount $initdir/var
    [[ -b /dev/mapper/varcrypt ]] && cryptsetup luksClose /dev/mapper/varcrypt
}

test_cleanup() {
    # ignore errors, so cleanup can continue
    cleanup_root_var || :
    _test_cleanup
}

test_setup_cleanup() {
    cleanup_root_var || :
    cleanup_initdir
}

do_test "$@" 24
Commit	Line	Data
ff12a795	1	#!/usr/bin/env bash
818567fc	2	set -e
71dc3ed1	3	TEST_DESCRIPTION="cryptsetup systemd setup"
8c3534b5	4	IMAGE_NAME="cryptsetup"
054ee249	5	TEST_NO_NSPAWN=1
71dc3ed1	6
fff87a35	7	. $TEST_BASE_DIR/test-functions
71dc3ed1	8
889a9042	9	check_result_qemu() {
71dc3ed1	10	ret=1
1506edca	11	mount_initdir
0036ce06 DS	12	[[ -e $initdir/testok ]] && ret=0
0036ce06 DS	13	[[ -f $initdir/failed ]] && cp -a $initdir/failed $TESTDIR
71dc3ed1	14	cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile
0036ce06	15	mount /dev/mapper/varcrypt $initdir/var
8943daf8	16	save_journal $initdir/var/log/journal
1506edca ZJS	17	_umount_dir $initdir/var
1506edca ZJS	18	_umount_dir $initdir
71dc3ed1	19	cryptsetup luksClose /dev/mapper/varcrypt
889a9042	20	[[ -f $TESTDIR/failed ]] && cat $TESTDIR/failed
8943daf8	21	echo $JOURNAL_LIST
71dc3ed1 LP	22	test -s $TESTDIR/failed && ret=$(($ret+1))
	23	return $ret
	24	}
	25
8c3534b5	26	test_create_image() {
ec4cab49	27	create_empty_image_rootdir
71dc3ed1	28	echo -n test >$TESTDIR/keyfile
5b69d297	29	cryptsetup -q luksFormat --pbkdf pbkdf2 --pbkdf-force-iterations 1000 ${LOOPDEV}p2 $TESTDIR/keyfile
71dc3ed1	30	cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile
4b742c8a	31	mkfs.ext4 -L var /dev/mapper/varcrypt
0036ce06 DS	32	mkdir -p $initdir/var
0036ce06 DS	33	mount /dev/mapper/varcrypt $initdir/var
71dc3ed1 LP	34
	35	# Create what will eventually be our root filesystem onto an overlay
	36	(
	37	LOG_LEVEL=5
71dc3ed1 LP	38	eval $(udevadm info --export --query=env --name=/dev/mapper/varcrypt)
	39	eval $(udevadm info --export --query=env --name=${LOOPDEV}p2)
	40
889a9042	41	setup_basic_environment
51fa8591	42	mask_supporting_services
056ae881	43
889a9042	44	install_dmevent
1a6dc653	45	generate_module_dependencies
889a9042 RC	46	cat >$initdir/etc/crypttab <<EOF
889a9042 RC	47	$DM_NAME UUID=$ID_FS_UUID /etc/varkey
71dc3ed1	48	EOF
5964e39a	49	echo -n test >$initdir/etc/varkey
889a9042	50	cat $initdir/etc/crypttab \| ddebug
71dc3ed1	51
889a9042	52	cat >>$initdir/etc/fstab <<EOF
4b742c8a	53	/dev/mapper/varcrypt /var ext4 defaults 0 1
889a9042	54	EOF
e47add9e FS	55
	56	# Forward journal messages to the console, so we have something
	57	# to investigate even if we fail to mount the encrypted /var
	58	echo ForwardToConsole=yes >> $initdir/etc/systemd/journald.conf
cc469c3d	59	)
ec4cab49	60	}
71dc3ed1	61
ec4cab49	62	cleanup_root_var() {
0036ce06 DS	63	ddebug "umount $initdir/var"
0036ce06 DS	64	mountpoint $initdir/var && umount $initdir/var
ec4cab49	65	[[ -b /dev/mapper/varcrypt ]] && cryptsetup luksClose /dev/mapper/varcrypt
71dc3ed1 LP	66	}
	67
	68	test_cleanup() {
f85bc044	69	# ignore errors, so cleanup can continue
65dd488f	70	cleanup_root_var \|\| :
ec4cab49 DS	71	_test_cleanup
	72	}
	73
	74	test_setup_cleanup() {
ec43f686 ZJS	75	cleanup_root_var \|\| :
ec43f686 ZJS	76	cleanup_initdir
71dc3ed1 LP	77	}
71dc3ed1 LP	78
9309a23b	79	do_test "$@" 24