1#!/bin/sh 2# $FreeBSD$ 3 4. $(atf_get_srcdir)/conf.sh 5 6atf_test_case delkey cleanup 7delkey_head() 8{ 9 atf_set "descr" "geli delkey can destroy the master key" 10 atf_set "require.user" "root" 11} 12delkey_body() 13{ 14 geli_test_setup 15 16 sectors=100 17 md=$(attach_md -t malloc -s `expr $sectors + 1`) 18 19 atf_check dd if=/dev/random of=keyfile1 bs=512 count=16 status=none 20 atf_check dd if=/dev/random of=keyfile2 bs=512 count=16 status=none 21 atf_check dd if=/dev/random of=keyfile3 bs=512 count=16 status=none 22 atf_check dd if=/dev/random of=keyfile4 bs=512 count=16 status=none 23 24 atf_check geli init -B none -P -K keyfile1 ${md} 25 atf_check geli attach -p -k keyfile1 ${md} 26 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile2 ${md} 27 28 # Remove key 0 for attached provider. 29 atf_check geli delkey -n 0 ${md} 30 atf_check geli detach ${md} 31 32 # We cannot use keyfile1 anymore. 33 atf_check -s not-exit:0 -e match:"Wrong key" \ 34 geli attach -p -k keyfile1 ${md} 35 36 # Attach with key 1. 37 atf_check geli attach -p -k keyfile2 ${md} 38 39 # We cannot remove last key without -f option (for attached provider). 40 atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 41 geli delkey -n 1 ${md} 42 43 # Remove last key for attached provider. 44 atf_check geli delkey -f -n 1 ${md} 45 46 # If there are no valid keys, but provider is attached, we can save situation. 47 atf_check -s exit:0 -o ignore geli setkey -n 0 -P -K keyfile3 ${md} 48 atf_check geli detach ${md} 49 50 # We cannot use keyfile2 anymore. 51 atf_check -s not-exit:0 -e match:"Wrong key" \ 52 geli attach -p -k keyfile2 ${md} 53 54 # Attach with key 0. 55 atf_check geli attach -p -k keyfile3 ${md} 56 57 # Setup key 1. 58 atf_check -s exit:0 -o ignore geli setkey -n 1 -P -K keyfile4 ${md} 59 atf_check geli detach ${md} 60 61 # Remove key 1 for detached provider. 62 atf_check geli delkey -n 1 ${md} 63 64 # We cannot use keyfile4 anymore. 65 atf_check -s not-exit:0 -e match:"Wrong key" \ 66 geli attach -p -k keyfile4 ${md} 67 68 # We cannot remove last key without -f option (for detached provider). 69 atf_check -s not-exit:0 -e match:"This is the last Master Key" \ 70 geli delkey -n 0 ${md} 71 72 # Remove last key for detached provider. 73 atf_check geli delkey -f -n 0 ${md} 74 75 # We cannot use keyfile3 anymore. 76 atf_check -s not-exit:0 -e match:"No valid keys" \ 77 geli attach -p -k keyfile3 ${md} 78} 79delkey_cleanup() 80{ 81 geli_test_cleanup 82} 83 84atf_test_case delkey_readonly cleanup 85delkey_readonly_head() 86{ 87 atf_set "descr" "geli delkey cannot work on a read-only provider" 88 atf_set "require.user" "root" 89} 90delkey_readonly_body() 91{ 92 geli_test_setup 93 94 sectors=100 95 md=$(attach_md -t malloc -s `expr $sectors + 1`) 96 atf_check dd if=/dev/random of=keyfile bs=512 count=16 status=none 97 98 atf_check geli init -B none -P -K keyfile ${md} 99 atf_check geli attach -r -p -k keyfile ${md} 100 101 atf_check -s not-exit:0 -e match:"read-only" geli delkey -n 0 ${md} 102 # Even with -f (force) it should still fail 103 atf_check -s not-exit:0 -e match:"read-only" geli delkey -f -n 0 ${md} 104} 105delkey_readonly_cleanup() 106{ 107 geli_test_cleanup 108} 109 110atf_init_test_cases() 111{ 112 atf_add_test_case delkey 113 atf_add_test_case delkey_readonly 114} 115