]>
Commit | Line | Data |
---|---|---|
ff12a795 | 1 | #!/usr/bin/env bash |
818567fc | 2 | set -e |
71dc3ed1 | 3 | TEST_DESCRIPTION="cryptsetup systemd setup" |
8c3534b5 | 4 | IMAGE_NAME="cryptsetup" |
054ee249 | 5 | TEST_NO_NSPAWN=1 |
71dc3ed1 | 6 | |
fff87a35 | 7 | . $TEST_BASE_DIR/test-functions |
71dc3ed1 | 8 | |
889a9042 | 9 | check_result_qemu() { |
71dc3ed1 | 10 | ret=1 |
1506edca | 11 | mount_initdir |
0036ce06 DS |
12 | [[ -e $initdir/testok ]] && ret=0 |
13 | [[ -f $initdir/failed ]] && cp -a $initdir/failed $TESTDIR | |
71dc3ed1 | 14 | cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile |
0036ce06 | 15 | mount /dev/mapper/varcrypt $initdir/var |
8943daf8 | 16 | save_journal $initdir/var/log/journal |
1506edca ZJS |
17 | _umount_dir $initdir/var |
18 | _umount_dir $initdir | |
71dc3ed1 | 19 | cryptsetup luksClose /dev/mapper/varcrypt |
889a9042 | 20 | [[ -f $TESTDIR/failed ]] && cat $TESTDIR/failed |
8943daf8 | 21 | echo $JOURNAL_LIST |
71dc3ed1 LP |
22 | test -s $TESTDIR/failed && ret=$(($ret+1)) |
23 | return $ret | |
24 | } | |
25 | ||
8c3534b5 | 26 | test_create_image() { |
ec4cab49 | 27 | create_empty_image_rootdir |
71dc3ed1 | 28 | echo -n test >$TESTDIR/keyfile |
5b69d297 | 29 | cryptsetup -q luksFormat --pbkdf pbkdf2 --pbkdf-force-iterations 1000 ${LOOPDEV}p2 $TESTDIR/keyfile |
71dc3ed1 | 30 | cryptsetup luksOpen ${LOOPDEV}p2 varcrypt <$TESTDIR/keyfile |
4b742c8a | 31 | mkfs.ext4 -L var /dev/mapper/varcrypt |
0036ce06 DS |
32 | mkdir -p $initdir/var |
33 | mount /dev/mapper/varcrypt $initdir/var | |
71dc3ed1 LP |
34 | |
35 | # Create what will eventually be our root filesystem onto an overlay | |
36 | ( | |
37 | LOG_LEVEL=5 | |
71dc3ed1 LP |
38 | eval $(udevadm info --export --query=env --name=/dev/mapper/varcrypt) |
39 | eval $(udevadm info --export --query=env --name=${LOOPDEV}p2) | |
40 | ||
889a9042 | 41 | setup_basic_environment |
51fa8591 | 42 | mask_supporting_services |
056ae881 | 43 | |
889a9042 | 44 | install_dmevent |
1a6dc653 | 45 | generate_module_dependencies |
889a9042 RC |
46 | cat >$initdir/etc/crypttab <<EOF |
47 | $DM_NAME UUID=$ID_FS_UUID /etc/varkey | |
71dc3ed1 | 48 | EOF |
5964e39a | 49 | echo -n test >$initdir/etc/varkey |
889a9042 | 50 | cat $initdir/etc/crypttab | ddebug |
71dc3ed1 | 51 | |
889a9042 | 52 | cat >>$initdir/etc/fstab <<EOF |
4b742c8a | 53 | /dev/mapper/varcrypt /var ext4 defaults 0 1 |
889a9042 | 54 | EOF |
e47add9e FS |
55 | |
56 | # Forward journal messages to the console, so we have something | |
57 | # to investigate even if we fail to mount the encrypted /var | |
58 | echo ForwardToConsole=yes >> $initdir/etc/systemd/journald.conf | |
cc469c3d | 59 | ) |
ec4cab49 | 60 | } |
71dc3ed1 | 61 | |
ec4cab49 | 62 | cleanup_root_var() { |
0036ce06 DS |
63 | ddebug "umount $initdir/var" |
64 | mountpoint $initdir/var && umount $initdir/var | |
ec4cab49 | 65 | [[ -b /dev/mapper/varcrypt ]] && cryptsetup luksClose /dev/mapper/varcrypt |
71dc3ed1 LP |
66 | } |
67 | ||
68 | test_cleanup() { | |
f85bc044 | 69 | # ignore errors, so cleanup can continue |
65dd488f | 70 | cleanup_root_var || : |
ec4cab49 DS |
71 | _test_cleanup |
72 | } | |
73 | ||
74 | test_setup_cleanup() { | |
ec43f686 ZJS |
75 | cleanup_root_var || : |
76 | cleanup_initdir | |
71dc3ed1 LP |
77 | } |
78 | ||
9309a23b | 79 | do_test "$@" 24 |