109d98641SEnji Cooper#!/bin/sh 209d98641SEnji Cooper 3cf551b8aSAlan Somers. $(atf_get_srcdir)/conf.sh 4cf551b8aSAlan Somers 5f397a004SAlan Somersatf_test_case delkey cleanup 6f397a004SAlan Somersdelkey_head() 7f397a004SAlan Somers{ 8f397a004SAlan Somers atf_set "descr" "geli delkey can destroy the master key" 9f397a004SAlan Somers atf_set "require.user" "root" 10f397a004SAlan Somers} 11f397a004SAlan Somersdelkey_body() 12f397a004SAlan Somers{ 13cf551b8aSAlan Somers geli_test_setup 1409d98641SEnji Cooper 1509d98641SEnji Cooper sectors=100 16*96950419SGleb Smirnoff attach_md md -t malloc -s `expr $sectors + 1` 1709d98641SEnji Cooper 18f397a004SAlan Somers atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 19f397a004SAlan Somers atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 20f397a004SAlan Somers atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 21f397a004SAlan Somers atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 2209d98641SEnji Cooper 23f397a004SAlan Somers atf_check geli init -B none -P -K keyfile1 ${md} 24f397a004SAlan Somers atf_check geli attach -p -k keyfile1 ${md} 25f397a004SAlan Somers atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile2 ${md} 2609d98641SEnji Cooper 2709d98641SEnji Cooper # Remove key 0 for attached provider. 28f397a004SAlan Somers atf_check geli delkey -n 0 ${md} 29f397a004SAlan Somers atf_check geli detach ${md} 3009d98641SEnji Cooper 3109d98641SEnji Cooper # We cannot use keyfile1 anymore. 32f397a004SAlan Somers atf_check -s not-exit:0 -e match:"Wrong key" \ 33f397a004SAlan Somers geli attach -p -k keyfile1 ${md} 3409d98641SEnji Cooper 3509d98641SEnji Cooper # Attach with key 1. 36f397a004SAlan Somers atf_check geli attach -p -k keyfile2 ${md} 3709d98641SEnji Cooper 3809d98641SEnji Cooper # We cannot remove last key without -f option (for attached provider). 39f397a004SAlan Somers atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 40f397a004SAlan Somers geli delkey -n 1 ${md} 4109d98641SEnji Cooper 4209d98641SEnji Cooper # Remove last key for attached provider. 43f397a004SAlan Somers atf_check geli delkey -f -n 1 ${md} 4409d98641SEnji Cooper 4509d98641SEnji Cooper # If there are no valid keys, but provider is attached, we can save situation. 46f397a004SAlan Somers atf_check -s exit:0 -o ignore geli setkey -n 0 -P -K keyfile3 ${md} 47f397a004SAlan Somers atf_check geli detach ${md} 4809d98641SEnji Cooper 4909d98641SEnji Cooper # We cannot use keyfile2 anymore. 50f397a004SAlan Somers atf_check -s not-exit:0 -e match:"Wrong key" \ 51f397a004SAlan Somers geli attach -p -k keyfile2 ${md} 5209d98641SEnji Cooper 5309d98641SEnji Cooper # Attach with key 0. 54f397a004SAlan Somers atf_check geli attach -p -k keyfile3 ${md} 5509d98641SEnji Cooper 5609d98641SEnji Cooper # Setup key 1. 57f397a004SAlan Somers atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile4 ${md} 58f397a004SAlan Somers atf_check geli detach ${md} 5909d98641SEnji Cooper 6009d98641SEnji Cooper # Remove key 1 for detached provider. 61f397a004SAlan Somers atf_check geli delkey -n 1 ${md} 6209d98641SEnji Cooper 6309d98641SEnji Cooper # We cannot use keyfile4 anymore. 64f397a004SAlan Somers atf_check -s not-exit:0 -e match:"Wrong key" \ 65f397a004SAlan Somers geli attach -p -k keyfile4 ${md} 6609d98641SEnji Cooper 6709d98641SEnji Cooper # We cannot remove last key without -f option (for detached provider). 68f397a004SAlan Somers atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 69f397a004SAlan Somers geli delkey -n 0 ${md} 7009d98641SEnji Cooper 7109d98641SEnji Cooper # Remove last key for detached provider. 72f397a004SAlan Somers atf_check geli delkey -f -n 0 ${md} 7309d98641SEnji Cooper 7409d98641SEnji Cooper # We cannot use keyfile3 anymore. 75f397a004SAlan Somers atf_check -s not-exit:0 -e match:"No valid keys" \ 76f397a004SAlan Somers geli attach -p -k keyfile3 ${md} 77f397a004SAlan Somers} 78f397a004SAlan Somersdelkey_cleanup() 79f397a004SAlan Somers{ 80f397a004SAlan Somers geli_test_cleanup 81f397a004SAlan Somers} 8209d98641SEnji Cooper 83565a0a2cSAlan Somersatf_test_case delkey_readonly cleanup 84565a0a2cSAlan Somersdelkey_readonly_head() 85565a0a2cSAlan Somers{ 86565a0a2cSAlan Somers atf_set "descr" "geli delkey cannot work on a read-only provider" 87565a0a2cSAlan Somers atf_set "require.user" "root" 88565a0a2cSAlan Somers} 89565a0a2cSAlan Somersdelkey_readonly_body() 90565a0a2cSAlan Somers{ 91cf551b8aSAlan Somers geli_test_setup 92565a0a2cSAlan Somers 93565a0a2cSAlan Somers sectors=100 94*96950419SGleb Smirnoff attach_md md -t malloc -s `expr $sectors + 1` 95565a0a2cSAlan Somers atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 96565a0a2cSAlan Somers 97565a0a2cSAlan Somers atf_check geli init -B none -P -K keyfile ${md} 98565a0a2cSAlan Somers atf_check geli attach -r -p -k keyfile ${md} 99565a0a2cSAlan Somers 100565a0a2cSAlan Somers atf_check -s not-exit:0 -e match:"read-only" geli delkey -n 0 ${md} 101565a0a2cSAlan Somers # Even with -f (force) it should still fail 102565a0a2cSAlan Somers atf_check -s not-exit:0 -e match:"read-only" geli delkey -f -n 0 ${md} 103565a0a2cSAlan Somers} 104565a0a2cSAlan Somersdelkey_readonly_cleanup() 105565a0a2cSAlan Somers{ 106565a0a2cSAlan Somers geli_test_cleanup 107565a0a2cSAlan Somers} 108565a0a2cSAlan Somers 109f397a004SAlan Somersatf_init_test_cases() 110f397a004SAlan Somers{ 111f397a004SAlan Somers atf_add_test_case delkey 112565a0a2cSAlan Somers atf_add_test_case delkey_readonly 113f397a004SAlan Somers} 114