1#!/bin/sh 2 3. $(atf_get_srcdir)/conf.sh 4 5atf_test_case delkey cleanup 6delkey_head() 7{ 8 atf_set "descr" "geli delkey can destroy the master key" 9 atf_set "require.user" "root" 10} 11delkey_body() 12{ 13 geli_test_setup 14 15 sectors=100 16 md=$(attach_md -t malloc -s `expr $sectors + 1`) 17 18 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 19 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 20 atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 21 atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 22 23 atf_check geli init -B none -P -K keyfile1 ${md} 24 atf_check geli attach -p -k keyfile1 ${md} 25 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile2 ${md} 26 27 # Remove key 0 for attached provider. 28 atf_check geli delkey -n 0 ${md} 29 atf_check geli detach ${md} 30 31 # We cannot use keyfile1 anymore. 32 atf_check -s not-exit:0 -e match:"Wrong key" \ 33 geli attach -p -k keyfile1 ${md} 34 35 # Attach with key 1. 36 atf_check geli attach -p -k keyfile2 ${md} 37 38 # We cannot remove last key without -f option (for attached provider). 39 atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 40 geli delkey -n 1 ${md} 41 42 # Remove last key for attached provider. 43 atf_check geli delkey -f -n 1 ${md} 44 45 # If there are no valid keys, but provider is attached, we can save situation. 46 atf_check -s exit:0 -o ignore geli setkey -n 0 -P -K keyfile3 ${md} 47 atf_check geli detach ${md} 48 49 # We cannot use keyfile2 anymore. 50 atf_check -s not-exit:0 -e match:"Wrong key" \ 51 geli attach -p -k keyfile2 ${md} 52 53 # Attach with key 0. 54 atf_check geli attach -p -k keyfile3 ${md} 55 56 # Setup key 1. 57 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile4 ${md} 58 atf_check geli detach ${md} 59 60 # Remove key 1 for detached provider. 61 atf_check geli delkey -n 1 ${md} 62 63 # We cannot use keyfile4 anymore. 64 atf_check -s not-exit:0 -e match:"Wrong key" \ 65 geli attach -p -k keyfile4 ${md} 66 67 # We cannot remove last key without -f option (for detached provider). 68 atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 69 geli delkey -n 0 ${md} 70 71 # Remove last key for detached provider. 72 atf_check geli delkey -f -n 0 ${md} 73 74 # We cannot use keyfile3 anymore. 75 atf_check -s not-exit:0 -e match:"No valid keys" \ 76 geli attach -p -k keyfile3 ${md} 77} 78delkey_cleanup() 79{ 80 geli_test_cleanup 81} 82 83atf_test_case delkey_readonly cleanup 84delkey_readonly_head() 85{ 86 atf_set "descr" "geli delkey cannot work on a read-only provider" 87 atf_set "require.user" "root" 88} 89delkey_readonly_body() 90{ 91 geli_test_setup 92 93 sectors=100 94 md=$(attach_md -t malloc -s `expr $sectors + 1`) 95 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 96 97 atf_check geli init -B none -P -K keyfile ${md} 98 atf_check geli attach -r -p -k keyfile ${md} 99 100 atf_check -s not-exit:0 -e match:"read-only" geli delkey -n 0 ${md} 101 # Even with -f (force) it should still fail 102 atf_check -s not-exit:0 -e match:"read-only" geli delkey -f -n 0 ${md} 103} 104delkey_readonly_cleanup() 105{ 106 geli_test_cleanup 107} 108 109atf_init_test_cases() 110{ 111 atf_add_test_case delkey 112 atf_add_test_case delkey_readonly 113} 114