Book a Demo!
CoCalc Logo Icon
StoreFeaturesDocsShareSupportNewsAboutPoliciesSign UpSign In
freebsd
GitHub Repository: freebsd/freebsd-src
 Path: blob/main/tests/sys/geom/class/eli/delkey_test.sh
39636 views
1
#!/bin/sh

2


3
. $(atf_get_srcdir)/conf.sh

4


5
atf_test_case delkey cleanup

6
delkey_head()

7
{

8
	atf_set "descr" "geli delkey can destroy the master key"

9
	atf_set "require.user" "root"

10
}

11
delkey_body()

12
{

13
	geli_test_setup

14


15
	sectors=100

16
	attach_md md -t malloc -s `expr $sectors + 1`

17


18
	atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none

19
	atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none

20
	atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none

21
	atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none

22


23
	atf_check geli init -B none -P -K keyfile1 ${md}

24
	atf_check geli attach -p -k keyfile1 ${md}

25
	atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile2 ${md}

26


27
	# Remove key 0 for attached provider.

28
	atf_check geli delkey -n 0 ${md}

29
	atf_check geli detach ${md}

30


31
	# We cannot use keyfile1 anymore.

32
	atf_check -s not-exit:0 -e match:"Wrong key" \

33
		geli attach -p -k keyfile1 ${md}

34


35
	# Attach with key 1.

36
	atf_check geli attach -p -k keyfile2 ${md}

37


38
	# We cannot remove last key without -f option (for attached provider).

39
	atf_check -s not-exit:0 -e match:"This is the last Master Key" \

40
		geli delkey -n 1 ${md}

41


42
	# Remove last key for attached provider.

43
	atf_check geli delkey -f -n 1 ${md}

44


45
	# If there are no valid keys, but provider is attached, we can save situation.

46
	atf_check -s exit:0 -o ignore geli setkey -n 0 -P -K keyfile3 ${md}

47
	atf_check geli detach ${md}

48


49
	# We cannot use keyfile2 anymore.

50
	atf_check -s not-exit:0 -e match:"Wrong key" \

51
		geli attach -p -k keyfile2 ${md}

52


53
	# Attach with key 0.

54
	atf_check geli attach -p -k keyfile3 ${md}

55


56
	# Setup key 1.

57
	atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile4 ${md}

58
	atf_check geli detach ${md}

59


60
	# Remove key 1 for detached provider.

61
	atf_check geli delkey -n 1 ${md}

62


63
	# We cannot use keyfile4 anymore.

64
	atf_check -s not-exit:0 -e match:"Wrong key" \

65
		geli attach -p -k keyfile4 ${md}

66


67
	# We cannot remove last key without -f option (for detached provider).

68
	atf_check -s not-exit:0 -e match:"This is the last Master Key" \

69
		geli delkey -n 0 ${md}

70


71
	# Remove last key for detached provider.

72
	atf_check geli delkey -f -n 0 ${md}

73


74
	# We cannot use keyfile3 anymore.

75
	atf_check -s not-exit:0 -e match:"No valid keys" \

76
		geli attach -p -k keyfile3 ${md}

77
}

78
delkey_cleanup()

79
{

80
	geli_test_cleanup

81
}

82


83
atf_test_case delkey_readonly cleanup

84
delkey_readonly_head()

85
{

86
	atf_set "descr" "geli delkey cannot work on a read-only provider"

87
	atf_set "require.user" "root"

88
}

89
delkey_readonly_body()

90
{

91
	geli_test_setup

92


93
	sectors=100

94
	attach_md md -t malloc -s `expr $sectors + 1`

95
	atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none

96


97
	atf_check geli init -B none -P -K keyfile ${md}

98
	atf_check geli attach -r -p -k keyfile ${md}

99


100
	atf_check -s not-exit:0 -e match:"read-only" geli delkey -n 0 ${md}

101
	# Even with -f (force) it should still fail

102
	atf_check -s not-exit:0 -e match:"read-only" geli delkey -f -n 0 ${md}

103
}

104
delkey_readonly_cleanup()

105
{

106
	geli_test_cleanup

107
}

108


109
atf_init_test_cases()

110
{

111
	atf_add_test_case delkey

112
	atf_add_test_case delkey_readonly

113
}

114


115