rpms/kexec-tools
6
0
Fork 0
Code Issues Pull Requests Releases Activity
10253d9e05
kexec-tools/spec/kdumpctl_setup_crypttab_spec.sh
Coiby Xu 10253d9e05 Add kdumpctl setup-crypttab subcommand 
Resolves: https://issues.redhat.com/browse/RHEL-104940
Conflict: None

commit ddd33c8d0f552cb46097aeade86178266637aa05
Author: Coiby Xu <coxu@redhat.com>
Date:   Tue Sep 16 16:22:18 2025 +0800

    Add kdumpctl setup-crypttab subcommand

    Resolves: https://issues.redhat.com/browse/RHEL-29037
    Relates: https://issues.redhat.com/browse/RHEL-29039

    This subcommand is to add the 'link-volume-key' option to /etc/crypttab
    so the volume keys can be passed to the crash kernel to unlock
    LUKS-encrypted device automatically.

    This API will be also be called by kdump-anaconda-addon to set up
    /etc/crypttab on installation.

    Signed-off-by: Coiby Xu <coxu@redhat.com>
    Assisted-by: Google Gemini

Signed-off-by: Coiby Xu <coxu@redhat.com>
2025-10-13 12:28:51 +08:00

91 lines
3.1 KiB
Bash
Raw Blame History

#!/bin/bash
Describe "kdumpctl "
Include ./kdumpctl
# dinfo is a bit complex for unit tets, simply mock it
dinfo() {
echo "$1"
}
Describe "setup_crypttab()"
# Set up global variables and mocks for each test
# shellcheck disable=SC2016 # expand expression later
BeforeEach 'CRYPTTAB_FILE=$(mktemp)'
# shellcheck disable=SC2016 # expand expression later
AfterEach 'rm -f "$CRYPTTAB_FILE"'
Context "when everything is correct"
It "adds link-volume-key to specified UUIDs"
# Arrange
get_all_kdump_crypt_dev() {
echo "uuid-001"
echo "uuid-003"
echo "uuid-005"
echo "uuid-006"
echo "uuid-007"
}
cat >"$CRYPTTAB_FILE" <<EOF
luks-001 UUID=uuid-001 none discard
luks-002 UUID=uuid-002 none discard
# only two mandatory fields
luks-003 UUID=uuid-003
# two mandatory fields + one optional field
luks-005 UUID=uuid-005 -
# tab as delimiter
luks-006 UUID=uuid-006
luks-007 UUID=uuid-007 none discard,link-volume-key=TO_RE_REPLACED
EOF
When call setup_crypttab
The status should be success
The output should include "Success! $CRYPTTAB_FILE has been updated."
The output should include "to run 'dracut -f --regenerate-all'"
The file "$CRYPTTAB_FILE" should be file
The contents of file "$CRYPTTAB_FILE" should eq \
"luks-001 UUID=uuid-001 none discard,link-volume-key=@u::%logon:${LUKS_KEY_PRFIX}uuid-001
luks-002 UUID=uuid-002 none discard
# only two mandatory fields
luks-003 UUID=uuid-003 none link-volume-key=@u::%logon:${LUKS_KEY_PRFIX}uuid-003
# two mandatory fields + one optional field
luks-005 UUID=uuid-005 - link-volume-key=@u::%logon:${LUKS_KEY_PRFIX}uuid-005
# tab as delimiter
luks-006 UUID=uuid-006 none link-volume-key=@u::%logon:${LUKS_KEY_PRFIX}uuid-006
luks-007 UUID=uuid-007 none discard,link-volume-key=@u::%logon:${LUKS_KEY_PRFIX}uuid-007"
End
End
Context "with safety checks and edge cases"
It "succeeds if no LUKS device used for kdump"
get_all_kdump_crypt_dev() { return 0; }
echo "luks-001 UUID=uuid-001" >"$CRYPTTAB_FILE"
When call setup_crypttab
The status should be success
The output should include "No LUKS-encrypted device found to process. Exiting."
End
It "aborts if target UUID is not in crypttab"
get_all_kdump_crypt_dev() { echo "uuid-nonexistent"; }
echo "luks-001 UUID=uuid-001" >"$CRYPTTAB_FILE"
When call setup_crypttab
The status should be failure
The stderr should include "Device UUID=$(get_all_kdump_crypt_dev) doesn't exist"
End
It "aborts if target UUID is only in a commented-out line"
get_all_kdump_crypt_dev() { echo "uuid-001"; }
echo "#luks-001 UUID=uuid-001" >"$CRYPTTAB_FILE"
When call setup_crypttab
The status should be failure
The stderr should include "Device UUID=$(get_all_kdump_crypt_dev) doesn't exist"
End
It "succeeds with no changes if crypttab is already correct"
get_all_kdump_crypt_dev() { echo "uuid-001"; }
echo "luks-001 UUID=uuid-001 none link-volume-key=@u::%logon:${LUKS_KEY_PRFIX}uuid-001" >"$CRYPTTAB_FILE"
When call setup_crypttab
The status should be success
The output should include "No changes were needed."
End
End
End
End
Reference in New Issue View Git Blame Copy Permalink