1#!/bin/sh 2# $FreeBSD$ 3 4atf_test_case delkey cleanup 5delkey_head() 6{ 7 atf_set "descr" "geli delkey can destroy the master key" 8 atf_set "require.user" "root" 9} 10delkey_body() 11{ 12 . $(atf_get_srcdir)/conf.sh 13 14 sectors=100 15 md=$(attach_md -t malloc -s `expr $sectors + 1`) 16 17 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 18 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 19 atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 20 atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 21 22 atf_check geli init -B none -P -K keyfile1 ${md} 23 atf_check geli attach -p -k keyfile1 ${md} 24 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile2 ${md} 25 26 # Remove key 0 for attached provider. 27 atf_check geli delkey -n 0 ${md} 28 atf_check geli detach ${md} 29 30 # We cannot use keyfile1 anymore. 31 atf_check -s not-exit:0 -e match:"Wrong key" \ 32 geli attach -p -k keyfile1 ${md} 33 34 # Attach with key 1. 35 atf_check geli attach -p -k keyfile2 ${md} 36 37 # We cannot remove last key without -f option (for attached provider). 38 atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 39 geli delkey -n 1 ${md} 40 41 # Remove last key for attached provider. 42 atf_check geli delkey -f -n 1 ${md} 43 44 # If there are no valid keys, but provider is attached, we can save situation. 45 atf_check -s exit:0 -o ignore geli setkey -n 0 -P -K keyfile3 ${md} 46 atf_check geli detach ${md} 47 48 # We cannot use keyfile2 anymore. 49 atf_check -s not-exit:0 -e match:"Wrong key" \ 50 geli attach -p -k keyfile2 ${md} 51 52 # Attach with key 0. 53 atf_check geli attach -p -k keyfile3 ${md} 54 55 # Setup key 1. 56 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile4 ${md} 57 atf_check geli detach ${md} 58 59 # Remove key 1 for detached provider. 60 atf_check geli delkey -n 1 ${md} 61 62 # We cannot use keyfile4 anymore. 63 atf_check -s not-exit:0 -e match:"Wrong key" \ 64 geli attach -p -k keyfile4 ${md} 65 66 # We cannot remove last key without -f option (for detached provider). 67 atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 68 geli delkey -n 0 ${md} 69 70 # Remove last key for detached provider. 71 atf_check geli delkey -f -n 0 ${md} 72 73 # We cannot use keyfile3 anymore. 74 atf_check -s not-exit:0 -e match:"No valid keys" \ 75 geli attach -p -k keyfile3 ${md} 76} 77delkey_cleanup() 78{ 79 . $(atf_get_srcdir)/conf.sh 80 geli_test_cleanup 81} 82 83atf_test_case delkey_readonly cleanup 84delkey_readonly_head() 85{ 86 atf_set "descr" "geli delkey cannot work on a read-only provider" 87 atf_set "require.user" "root" 88} 89delkey_readonly_body() 90{ 91 . $(atf_get_srcdir)/conf.sh 92 93 sectors=100 94 md=$(attach_md -t malloc -s `expr $sectors + 1`) 95 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 96 97 atf_check geli init -B none -P -K keyfile ${md} 98 atf_check geli attach -r -p -k keyfile ${md} 99 100 atf_check -s not-exit:0 -e match:"read-only" geli delkey -n 0 ${md} 101 # Even with -f (force) it should still fail 102 atf_check -s not-exit:0 -e match:"read-only" geli delkey -f -n 0 ${md} 103} 104delkey_readonly_cleanup() 105{ 106 . $(atf_get_srcdir)/conf.sh 107 geli_test_cleanup 108} 109 110atf_init_test_cases() 111{ 112 atf_add_test_case delkey 113 atf_add_test_case delkey_readonly 114} 115