systemd/test/TEST-24-CRYPTSETUP/test.sh

#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e

TEST_DESCRIPTION="cryptsetup systemd setup"
IMAGE_NAME="cryptsetup"
TEST_NO_NSPAWN=1
TEST_FORCE_NEWIMAGE=1

# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"

PART_UUID="deadbeef-dead-dead-beef-000000000000"
DM_NAME="test24_varcrypt"
# Mount the keyfile only in initrd (hence rd.luks.key), since it resides on
# the rootfs and we would get a (harmless) error when trying to mount it after
# switching root (since rootfs is already mounted)
KERNEL_APPEND+=" rd.luks=1 luks.name=$PART_UUID=$DM_NAME rd.luks.key=$PART_UUID=/etc/varkey:LABEL=systemd_boot"

check_result_qemu() {
    local ret=1

    mount_initdir
    [[ -e "${initdir:?}/testok" ]] && ret=0
    [[ -f "$initdir/failed" ]] && cp -a "$initdir/failed" "${TESTDIR:?}"

    cryptsetup luksOpen "${LOOPDEV:?}p2" "${DM_NAME:?}" <"$TESTDIR/keyfile"
    mount "/dev/mapper/$DM_NAME" "$initdir/var"
    save_journal "$initdir/var/log/journal"
    check_coverage_reports "${initdir:?}" || ret=5
    _umount_dir "$initdir/var"
    _umount_dir "$initdir"
    cryptsetup luksClose "/dev/mapper/$DM_NAME"

    [[ -f "$TESTDIR/failed" ]] && cat "$TESTDIR/failed"
    echo "${JOURNAL_LIST:-No journals were saved}"

    test -s "$TESTDIR/failed" && ret=1
    return $ret
}

test_create_image() {
    create_empty_image_rootdir

    echo -n test >"${TESTDIR:?}/keyfile"
    cryptsetup -q luksFormat --uuid="$PART_UUID" --pbkdf pbkdf2 --pbkdf-force-iterations 1000 "${LOOPDEV:?}p2" "$TESTDIR/keyfile"
    cryptsetup luksOpen "${LOOPDEV}p2" "${DM_NAME:?}" <"$TESTDIR/keyfile"
    mkfs.ext4 -L var "/dev/mapper/$DM_NAME"
    mkdir -p "${initdir:?}/var"
    mount "/dev/mapper/$DM_NAME" "$initdir/var"

    LOG_LEVEL=5

    setup_basic_environment
    mask_supporting_services

    install_dmevent
    generate_module_dependencies

    echo -n test >"$initdir/etc/varkey"

    cat >>"$initdir/etc/fstab" <<EOF
/dev/mapper/$DM_NAME    /var    ext4    defaults 0 1
EOF

    # Forward journal messages to the console, so we have something
    # to investigate even if we fail to mount the encrypted /var
    echo ForwardToConsole=yes >> "$initdir/etc/systemd/journald.conf"
}

cleanup_root_var() {
    ddebug "umount ${initdir:?}/var"
    mountpoint "$initdir/var" && umount "$initdir/var"
    [[ -b "/dev/mapper/${DM_NAME:?}" ]] && cryptsetup luksClose "/dev/mapper/$DM_NAME"
}

test_cleanup() {
    # ignore errors, so cleanup can continue
    cleanup_root_var || :
    _test_cleanup
}

test_setup_cleanup() {
    cleanup_root_var || :
    cleanup_initdir
}

do_test "$@"
treewide: more portable bash shebangs As in 2a5fcfae024ffc370bb780572279f45a1da3f946 and in 3e67e5c9928f8b1e1c5a63def88d53ed1fed12eb using /usr/bin/env allows bash to be looked up in PATH rather than being hard-coded. As with the previous changes the same arguments apply - distributions have scripts to rewrite shebangs on installation and they know what locations to rely on. - For tests/compilation we should rather rely on the user to have setup there PATH correctly. In particular this makes testing from git easier on NixOS where do not provide /bin/bash to improve compose-ability. 2020-03-04 09:35:06 +00:00			`#!/usr/bin/env bash`
tests: add spdx headers to scripts and Makefiles 2021-10-17 16:13:06 +00:00			`# SPDX-License-Identifier: LGPL-2.1-or-later`
test: Run qemu/nspawn tests with "set -e" This catches errors like "ninja not found", missing programs etc. early, instead of silently ignoring them and trying to boot a broken VM. In install_config_files(), allow some distro specific files to be absent (such as /etc/sysconfig/init). 2017-08-07 19:09:21 +00:00			`set -e`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00			`TEST_DESCRIPTION="cryptsetup systemd setup"`
test: rework how images are created Before, we'd create a separate image for each test, in /var/tmp/systemd-test.XXXXX/rootdisk.img. Most of the images where very similar, except that each one had some unit files installed specifically for the test. The installation of those custom unit files was removed in previous commits (all the unit files are always installed). The new approach is to only create as few distinct images as possible. We have: default.img: the "normal" image suitable for almost all the tests basic.img: the same as default image but doesn't mask any services cryptsetup.img: p2 is used for encrypted /var badid.img: /etc/machine-id is overwritten with stuff selinux.img: with selinux added for fun and fun and a few others: ls -l build/test/*img lrwxrwxrwx 1 root root 38 Mar 21 21:23 build/test/badid.img -> /var/tmp/systemd-test.PJFFeo/badid.img lrwxrwxrwx 1 root root 38 Mar 21 21:17 build/test/basic.img -> /var/tmp/systemd-test.na0xOI/basic.img lrwxrwxrwx 1 root root 43 Mar 21 21:18 build/test/cryptsetup.img -> /var/tmp/systemd-test.Tzjv06/cryptsetup.img lrwxrwxrwx 1 root root 40 Mar 21 21:19 build/test/default.img -> /var/tmp/systemd-test.EscAsS/default.img lrwxrwxrwx 1 root root 39 Mar 21 21:22 build/test/nspawn.img -> /var/tmp/systemd-test.HSebKo/nspawn.img lrwxrwxrwx 1 root root 40 Mar 21 21:20 build/test/selinux.img -> /var/tmp/systemd-test.daBjbx/selinux.img lrwxrwxrwx 1 root root 39 Mar 21 21:21 build/test/test08.img -> /var/tmp/systemd-test.OgnN8Z/test08.img I considered trying to use the same image everywhere. It would probably be possible, but it would be very brittle. By using separate images where it is necessary we keep various orthogonal modifications independent. The way that images are cached is complicated by the fact that we still want to keep them in /var/tmp. Thus, an image is created on first use and linked to from build/test/ so it can be found by other tests. Tests cannot be run in parallel. I think that is an acceptable limitation. Creation of the images was probably taking more resources then the actual tests, so we should be better off anyway. 2019-12-12 08:37:19 +00:00			`IMAGE_NAME="cryptsetup"`
test: Factorize common integration test functions (#6540) All test/TEST* but TEST-02-CRYPTSETUP share the same check_result_qemu() and test_cleanup(), so move them into test_functions and only override them in TEST-02-CRYPTSETUP. Also provide a common test_run() which by default assumes that both QEMU and nspawn tests are run. Particular tests which don't support either need to explicitly opt out by setting $TEST_NO_{QEMU,NSPAWN}. Do it this way around to avoid accidentally forgetting to opt in, and to encourage test authors to at least always support nspawn. 2017-08-04 12:34:14 +00:00			`TEST_NO_NSPAWN=1`
tests: build the image once and then copy/extend it Building custom images for each test takes a lot of time. Build the default one, and if the test needs incompatible changes just copy it and extend it instead. 2021-01-06 21:42:28 +00:00			`TEST_FORCE_NEWIMAGE=1`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`# shellcheck source=test/test-functions`
			`. "${TEST_BASE_DIR:?}/test-functions"`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`PART_UUID="deadbeef-dead-dead-beef-000000000000"`
			`DM_NAME="test24_varcrypt"`
			`# Mount the keyfile only in initrd (hence rd.luks.key), since it resides on`
			`# the rootfs and we would get a (harmless) error when trying to mount it after`
			`# switching root (since rootfs is already mounted)`
			`KERNEL_APPEND+=" rd.luks=1 luks.name=$PART_UUID=$DM_NAME rd.luks.key=$PART_UUID=/etc/varkey:LABEL=systemd_boot"`

test: remove duplicated code 2013-11-05 22:32:56 +00:00			`check_result_qemu() {`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`local ret=1`

test: stop caching loopdev It is more trouble than it is worth. The setup is of a loopback device is very quick, so it's better to always create it when needed and immediately drop afterwards. 2020-03-20 19:17:11 +00:00			`mount_initdir`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`[[ -e "${initdir:?}/testok" ]] && ret=0`
			`[[ -f "$initdir/failed" ]] && cp -a "$initdir/failed" "${TESTDIR:?}"`

test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`cryptsetup luksOpen "${LOOPDEV:?}p2" "${DM_NAME:?}" <"$TESTDIR/keyfile"`
			`mount "/dev/mapper/$DM_NAME" "$initdir/var"`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`save_journal "$initdir/var/log/journal"`
test: collect the coverage _before_ unmounting the rootfs d'oh! 2021-10-21 16:12:06 +00:00			`check_coverage_reports "${initdir:?}" \|\| ret=5`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`_umount_dir "$initdir/var"`
			`_umount_dir "$initdir"`
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`cryptsetup luksClose "/dev/mapper/$DM_NAME"`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00
			`[[ -f "$TESTDIR/failed" ]] && cat "$TESTDIR/failed"`
			`echo "${JOURNAL_LIST:-No journals were saved}"`

test: move the logic to support /skipped into shared logic The logic to query test state was rather complex. I don't quite grok the point of ret=$((ret+1))… But afaics, the precise result was always ignored by the caller anyway. 2021-04-23 08:55:49 +00:00			`test -s "$TESTDIR/failed" && ret=1`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00			`return $ret`
			`}`

test: rework how images are created Before, we'd create a separate image for each test, in /var/tmp/systemd-test.XXXXX/rootdisk.img. Most of the images where very similar, except that each one had some unit files installed specifically for the test. The installation of those custom unit files was removed in previous commits (all the unit files are always installed). The new approach is to only create as few distinct images as possible. We have: default.img: the "normal" image suitable for almost all the tests basic.img: the same as default image but doesn't mask any services cryptsetup.img: p2 is used for encrypted /var badid.img: /etc/machine-id is overwritten with stuff selinux.img: with selinux added for fun and fun and a few others: ls -l build/test/*img lrwxrwxrwx 1 root root 38 Mar 21 21:23 build/test/badid.img -> /var/tmp/systemd-test.PJFFeo/badid.img lrwxrwxrwx 1 root root 38 Mar 21 21:17 build/test/basic.img -> /var/tmp/systemd-test.na0xOI/basic.img lrwxrwxrwx 1 root root 43 Mar 21 21:18 build/test/cryptsetup.img -> /var/tmp/systemd-test.Tzjv06/cryptsetup.img lrwxrwxrwx 1 root root 40 Mar 21 21:19 build/test/default.img -> /var/tmp/systemd-test.EscAsS/default.img lrwxrwxrwx 1 root root 39 Mar 21 21:22 build/test/nspawn.img -> /var/tmp/systemd-test.HSebKo/nspawn.img lrwxrwxrwx 1 root root 40 Mar 21 21:20 build/test/selinux.img -> /var/tmp/systemd-test.daBjbx/selinux.img lrwxrwxrwx 1 root root 39 Mar 21 21:21 build/test/test08.img -> /var/tmp/systemd-test.OgnN8Z/test08.img I considered trying to use the same image everywhere. It would probably be possible, but it would be very brittle. By using separate images where it is necessary we keep various orthogonal modifications independent. The way that images are cached is complicated by the fact that we still want to keep them in /var/tmp. Thus, an image is created on first use and linked to from build/test/ so it can be found by other tests. Tests cannot be run in parallel. I think that is an acceptable limitation. Creation of the images was probably taking more resources then the actual tests, so we should be better off anyway. 2019-12-12 08:37:19 +00:00			`test_create_image() {`
test: add create_empty_image_rootdir() to simplify testcase setup Almost all tests were manually mounting/unmounting $TESTDIR/root from the loopback image; this moves all that into test-functions so the test setup functions are simplier. Also add test_setup_cleanup() function, to cleanup what is mounted by create_empty_image_rootdir() 2019-07-12 15:47:26 +00:00			`create_empty_image_rootdir`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00
			`echo -n test >"${TESTDIR:?}/keyfile"`
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`cryptsetup -q luksFormat --uuid="$PART_UUID" --pbkdf pbkdf2 --pbkdf-force-iterations 1000 "${LOOPDEV:?}p2" "$TESTDIR/keyfile"`
			`cryptsetup luksOpen "${LOOPDEV}p2" "${DM_NAME:?}" <"$TESTDIR/keyfile"`
			`mkfs.ext4 -L var "/dev/mapper/$DM_NAME"`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`mkdir -p "${initdir:?}/var"`
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`mount "/dev/mapper/$DM_NAME" "$initdir/var"`

			`LOG_LEVEL=5`

			`setup_basic_environment`
			`mask_supporting_services`

			`install_dmevent`
			`generate_module_dependencies`

			`echo -n test >"$initdir/etc/varkey"`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`cat >>"$initdir/etc/fstab" <<EOF`
			`/dev/mapper/$DM_NAME /var ext4 defaults 0 1`
test: remove duplicated code 2013-11-05 22:32:56 +00:00			`EOF`
test: make TEST-02-CRYPTSETUP a bit more robust Prompted by systemd/systemd#16111. * check if /var is a mountpoint - if not, something went wrong. In case of systemd/systemd#16111 the /failed file was created, because systemd-cryptsetup failed, but it ended up being empty, making the result check incorrectly pass * forward journal messages to console - if we fail to mount /var, journald won't flush logs to the persistent storage and we end up empty handed and with no clue what went wrong For example, without systemd/systemd#16111 and with this patch: ... [FAILED] Failed to start systemd-cryptsetup@varcrypt.service. See 'systemctl status systemd-cryptsetup@varcrypt.service' for details. [DEPEND] Dependency failed for cryptsetup.target. ... [ 3.882451] systemd-cryptsetup[581]: Key file /etc/varkey is world-readable. This is not a good idea! [ 3.883946] systemd-cryptsetup[581]: WARNING: Locking directory /run/cryptsetup is missing! [ 3.884846] systemd-cryptsetup[581]: Failed to load Bitlocker superblock on device /dev/disk/by-uuid/180ba5ef-873b-4018-9968-47c23431f71a: Invalid argument ... [ 4.099451] sh[606]: + mountpoint /var [ 4.100025] sh[603]: + systemctl poweroff --no-block [ 4.101636] systemd[1]: Finished systemd-user-sessions.service. [ 4.102598] sh[608]: /var is not a mountpoint [FAILED] Failed to start testsuite-02.service. 2020-06-09 14:51:55 +00:00
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`# Forward journal messages to the console, so we have something`
			`# to investigate even if we fail to mount the encrypted /var`
			`echo ForwardToConsole=yes >> "$initdir/etc/systemd/journald.conf"`
test: add create_empty_image_rootdir() to simplify testcase setup Almost all tests were manually mounting/unmounting $TESTDIR/root from the loopback image; this moves all that into test-functions so the test setup functions are simplier. Also add test_setup_cleanup() function, to cleanup what is mounted by create_empty_image_rootdir() 2019-07-12 15:47:26 +00:00			`}`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00
test: add create_empty_image_rootdir() to simplify testcase setup Almost all tests were manually mounting/unmounting $TESTDIR/root from the loopback image; this moves all that into test-functions so the test setup functions are simplier. Also add test_setup_cleanup() function, to cleanup what is mounted by create_empty_image_rootdir() 2019-07-12 15:47:26 +00:00			`cleanup_root_var() {`
test: make the test entrypoint scripts shellcheck-compliant 2021-04-19 11:01:59 +00:00			`ddebug "umount ${initdir:?}/var"`
			`mountpoint "$initdir/var" && umount "$initdir/var"`
test: cover initrd->sysroot transition in TEST-24 This should cover cases regarding devices with `OPTIONS+="db_persist"` during initrd->sysroot transition. See: * https://github.com/systemd/systemd/issues/23429 * https://github.com/systemd/systemd/pull/23218 * https://github.com/systemd/systemd/pull/23489 * https://bugzilla.redhat.com/show_bug.cgi?id=2087225 2022-05-25 15:39:14 +00:00			`[[ -b "/dev/mapper/${DM_NAME:?}" ]] && cryptsetup luksClose "/dev/mapper/$DM_NAME"`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00			`}`

			`test_cleanup() {`
test: ignore errors during test cleanup, so cleanup can finish Also move TESTDIR and STATEFILE removal into test_cleanup 2019-07-12 18:09:48 +00:00			`# ignore errors, so cleanup can continue`
test: convert all uses of '\|\| true' into '\|\| :' No change in functionality; just use the shorter \|\| : 2019-07-19 00:34:57 +00:00			`cleanup_root_var \|\| :`
test: add create_empty_image_rootdir() to simplify testcase setup Almost all tests were manually mounting/unmounting $TESTDIR/root from the loopback image; this moves all that into test-functions so the test setup functions are simplier. Also add test_setup_cleanup() function, to cleanup what is mounted by create_empty_image_rootdir() 2019-07-12 15:47:26 +00:00			`_test_cleanup`
			`}`

			`test_setup_cleanup() {`
test: run tests directly from the loopback device Before, we'd copy the test tree into nspawn-root, and run the tests from there. This is OK, and doesn't actually take much extra time. But it uses quite a lot of extra disk space. So let's make things a bit more efficient by running directly from the image file. We still run the unprivileged nspawn tests from a copy. Once the kernel implements fs shift, we can do away with that too. 2019-12-13 13:21:31 +00:00			`cleanup_root_var \|\| :`
			`cleanup_initdir`
test: split of cryptsetup into its own test 2012-09-13 21:19:05 +00:00			`}`

test: "detect" the test number automagically Specifying the test number manually is tedious and prone to errors (as recently proven). Since we have all the necessary data to work out the test number, let's do it automagically. 2021-04-26 17:20:18 +00:00			`do_test "$@"`