Laszlo Ersek
2022-Feb-23 16:22 UTC
[Libguestfs] [guestfs-tools PATCH 0/3] inspector: add LUKS-on-LVM test
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1658126
Laszlo Ersek (2):
inspector: rename "luks" to "lvm-on-luks"
inspector: add LUKS-on-LVM test
Richard W.M. Jones (1):
test-data: Replace deprecated luks_open with cryptsetup_open.
.gitignore
| 3 +-
inspector/Makefile.am
| 11 ++--
inspector/{expected-fedora-luks.img.xml =>
expected-fedora-lvm-on-luks.img.xml} | 0
inspector/{expected-fedora.img.xml => expected-fedora-luks-on-lvm.img.xml}
| 6 +-
inspector/{test-virt-inspector-luks.sh =>
test-virt-inspector-luks-on-lvm.sh} | 15 +++--
inspector/{test-virt-inspector-luks.sh =>
test-virt-inspector-lvm-on-luks.sh} | 2 +-
test-data/phony-guests/Makefile.am
| 15 +++--
test-data/phony-guests/guests.xml.in
| 22 ++++++-
test-data/phony-guests/make-fedora-img.pl
| 64 ++++++++++++++++++--
9 files changed, 113 insertions(+), 25 deletions(-)
copy inspector/{expected-fedora.img.xml =>
expected-fedora-luks-on-lvm.img.xml} (98%)
copy inspector/{test-virt-inspector-luks.sh =>
test-virt-inspector-luks-on-lvm.sh} (73%)
rename inspector/{expected-fedora-luks.img.xml =>
expected-fedora-lvm-on-luks.img.xml} (100%)
rename inspector/{test-virt-inspector-luks.sh =>
test-virt-inspector-lvm-on-luks.sh} (96%)
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Feb-23 16:22 UTC
[Libguestfs] [guestfs-tools PATCH 1/3] test-data: Replace deprecated luks_open with cryptsetup_open.
From: "Richard W.M. Jones" <rjones at redhat.com>
The two calls are identical, so this simply avoids a deprecation
warning.
(Picked from libguestfs commit 0b223a287711 ("test-data: Replace
deprecated luks_open with cryptsetup_open.", 2021-05-27), synchronizing
"make-fedora-img.pl" in guestfs-tools with the same file in libguestfs
@
commit 0b223a287711.)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1658126
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
test-data/phony-guests/make-fedora-img.pl | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/test-data/phony-guests/make-fedora-img.pl
b/test-data/phony-guests/make-fedora-img.pl
index 90492b814e2b..27b154f9d71d 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -195,7 +195,7 @@ EOF
# Put LUKS on the second partition.
$g->luks_format ('/dev/sda2', 'FEDORA', 0);
- $g->luks_open ('/dev/sda2', 'FEDORA', 'luks');
+ $g->cryptsetup_open ('/dev/sda2', 'FEDORA',
'luks');
init_lvm_root ('/dev/mapper/luks');
}
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Feb-23 16:22 UTC
[Libguestfs] [guestfs-tools PATCH 2/3] inspector: rename "luks" to "lvm-on-luks"
Clarify that our current usage of "luks" stands for
"lvm-on-luks" (IOW,
that the decrypted LUKS devices are Physical Volumes for LVM).
(This is a port of libguestfs patch 'tests: rename "luks" to
"lvm-on-luks"'.)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1658126
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
inspector/Makefile.am
| 8 ++++----
test-data/phony-guests/Makefile.am
| 8 ++++----
.gitignore
| 2 +-
inspector/{expected-fedora-luks.img.xml =>
expected-fedora-lvm-on-luks.img.xml} | 0
inspector/{test-virt-inspector-luks.sh =>
test-virt-inspector-lvm-on-luks.sh} | 2 +-
test-data/phony-guests/guests.xml.in
| 4 ++--
test-data/phony-guests/make-fedora-img.pl
| 8 ++++----
7 files changed, 16 insertions(+), 16 deletions(-)
diff --git a/inspector/Makefile.am b/inspector/Makefile.am
index 3c7cc17c98e3..961498e81788 100644
--- a/inspector/Makefile.am
+++ b/inspector/Makefile.am
@@ -27,13 +27,13 @@ example_xml = \
EXTRA_DIST = \
expected-debian.img.xml \
expected-fedora.img.xml \
- expected-fedora-luks.img.xml \
+ expected-fedora-lvm-on-luks.img.xml \
expected-ubuntu.img.xml \
expected-archlinux.img.xml \
expected-coreos.img.xml \
expected-windows.img.xml \
test-virt-inspector.sh \
- test-virt-inspector-luks.sh \
+ test-virt-inspector-lvm-on-luks.sh \
test-virt-inspector-docs.sh \
test-xmllint.sh \
virt-inspector.pod
@@ -95,14 +95,14 @@ TESTS_ENVIRONMENT = $(top_builddir)/run --test
TESTS = \
test-virt-inspector-docs.sh \
test-virt-inspector.sh \
- test-virt-inspector-luks.sh
+ test-virt-inspector-lvm-on-luks.sh
if HAVE_XMLLINT
TESTS += test-xmllint.sh
endif
check-valgrind:
- $(MAKE) TESTS="test-virt-inspector.sh test-virt-inspector-luks.sh"
VG="@VG@" check
+ $(MAKE) TESTS="test-virt-inspector.sh
test-virt-inspector-lvm-on-luks.sh" VG="@VG@" check
check-valgrind-local-guests:
for g in $(GUESTS); do \
diff --git a/test-data/phony-guests/Makefile.am
b/test-data/phony-guests/Makefile.am
index 60313548af32..0114d10bb170 100644
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -49,7 +49,7 @@ disk_images = \
fedora-md1.img \
fedora-md2.img \
fedora-btrfs.img \
- fedora-luks.img \
+ fedora-lvm-on-luks.img \
ubuntu.img \
archlinux.img \
coreos.img \
@@ -96,11 +96,11 @@ fedora-btrfs.img: make-fedora-img.pl \
fedora.db
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
-# Make a (dummy) Fedora image with LVM encrypted with LUKS.
-fedora-luks.img: make-fedora-img.pl \
+# Make a (dummy) Fedora image with LVM-on-LUKS.
+fedora-lvm-on-luks.img: make-fedora-img.pl \
fedora-journal.tar.xz \
fedora.db
- SRCDIR=$(srcdir) LAYOUT=lvm-luks $(top_builddir)/run --test ./$<
+ SRCDIR=$(srcdir) LAYOUT=lvm-on-luks $(top_builddir)/run --test ./$<
# Make a (dummy) Debian image.
debian.img: make-debian-img.sh
diff --git a/.gitignore b/.gitignore
index 6bc509faba32..5489c0cd2a5d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -151,7 +151,7 @@ Makefile.in
/test-data/phony-guests/debian.img
/test-data/phony-guests/fedora.img
/test-data/phony-guests/fedora-btrfs.img
-/test-data/phony-guests/fedora-luks.img
+/test-data/phony-guests/fedora-lvm-on-luks.img
/test-data/phony-guests/fedora-md1.img
/test-data/phony-guests/fedora-md2.img
/test-data/phony-guests/fedora.db
diff --git a/inspector/expected-fedora-luks.img.xml
b/inspector/expected-fedora-lvm-on-luks.img.xml
similarity index 100%
rename from inspector/expected-fedora-luks.img.xml
rename to inspector/expected-fedora-lvm-on-luks.img.xml
diff --git a/inspector/test-virt-inspector-luks.sh
b/inspector/test-virt-inspector-lvm-on-luks.sh
similarity index 96%
rename from inspector/test-virt-inspector-luks.sh
rename to inspector/test-virt-inspector-lvm-on-luks.sh
index 79adb1a9619f..955ac6316946 100755
--- a/inspector/test-virt-inspector-luks.sh
+++ b/inspector/test-virt-inspector-lvm-on-luks.sh
@@ -27,7 +27,7 @@ set -x
$TEST_FUNCTIONS
skip_if_skipped
-f=../test-data/phony-guests/fedora-luks.img
+f=../test-data/phony-guests/fedora-lvm-on-luks.img
# Ignore zero-sized file.
if [ -s "$f" ]; then
diff --git a/test-data/phony-guests/guests.xml.in
b/test-data/phony-guests/guests.xml.in
index 4139d04f689f..3af6b27af073 100644
--- a/test-data/phony-guests/guests.xml.in
+++ b/test-data/phony-guests/guests.xml.in
@@ -185,7 +185,7 @@
<!-- LUKS password is 'FEDORA' -->
<domain type='test'>
- <name>fedora-luks</name>
+ <name>fedora-lvm-on-luks</name>
<memory>1048576</memory>
<os>
<type>hvm</type>
@@ -194,7 +194,7 @@
<devices>
<disk type='file' device='disk'>
<driver name='qemu' type='raw'/>
- <source file='@abs_builddir@/fedora-luks.img'/>
+ <source file='@abs_builddir@/fedora-lvm-on-luks.img'/>
<target dev='vda' bus='virtio'/>
</disk>
</devices>
diff --git a/test-data/phony-guests/make-fedora-img.pl
b/test-data/phony-guests/make-fedora-img.pl
index 27b154f9d71d..4cd6ef9575eb 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -171,8 +171,8 @@ EOF
}
}
-elsif ($ENV{LAYOUT} eq 'lvm-luks') {
- push (@images, "fedora-luks.img-t");
+elsif ($ENV{LAYOUT} eq 'lvm-on-luks') {
+ push (@images, "fedora-lvm-on-luks.img-t");
open (my $fstab, '>', "fedora.fstab") or die;
print $fstab <<EOF;
@@ -183,9 +183,9 @@ EOF
$bootdev = '/dev/sda1';
- $g->disk_create ("fedora-luks.img-t", "raw",
$IMAGE_SIZE);
+ $g->disk_create ("fedora-lvm-on-luks.img-t", "raw",
$IMAGE_SIZE);
- $g->add_drive ("fedora-luks.img-t", format =>
"raw");
+ $g->add_drive ("fedora-lvm-on-luks.img-t", format =>
"raw");
$g->launch ();
$g->part_init ('/dev/sda', 'mbr');
--
2.19.1.3.g30247aa5d201
Laszlo Ersek
2022-Feb-23 16:22 UTC
[Libguestfs] [guestfs-tools PATCH 3/3] inspector: add LUKS-on-LVM test
Port libguestfs patch 'tests: add LUKS-on-LVM test' to virt-inspector.
(This patch is best formatted with "--find-copies-harder".)
Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1658126
Signed-off-by: Laszlo Ersek <lersek at redhat.com>
---
inspector/Makefile.am
| 5 +-
test-data/phony-guests/Makefile.am
| 7 +++
.gitignore
| 1 +
inspector/{expected-fedora.img.xml => expected-fedora-luks-on-lvm.img.xml}
| 6 +--
inspector/{test-virt-inspector-lvm-on-luks.sh =>
test-virt-inspector-luks-on-lvm.sh} | 15 ++++--
test-data/phony-guests/guests.xml.in
| 18 +++++++
test-data/phony-guests/make-fedora-img.pl
| 54 ++++++++++++++++++++
7 files changed, 97 insertions(+), 9 deletions(-)
diff --git a/inspector/Makefile.am b/inspector/Makefile.am
index 961498e81788..297887bae3a4 100644
--- a/inspector/Makefile.am
+++ b/inspector/Makefile.am
@@ -27,12 +27,14 @@ example_xml = \
EXTRA_DIST = \
expected-debian.img.xml \
expected-fedora.img.xml \
+ expected-fedora-luks-on-lvm.img.xml \
expected-fedora-lvm-on-luks.img.xml \
expected-ubuntu.img.xml \
expected-archlinux.img.xml \
expected-coreos.img.xml \
expected-windows.img.xml \
test-virt-inspector.sh \
+ test-virt-inspector-luks-on-lvm.sh \
test-virt-inspector-lvm-on-luks.sh \
test-virt-inspector-docs.sh \
test-xmllint.sh \
@@ -95,6 +97,7 @@ TESTS_ENVIRONMENT = $(top_builddir)/run --test
TESTS = \
test-virt-inspector-docs.sh \
test-virt-inspector.sh \
+ test-virt-inspector-luks-on-lvm.sh \
test-virt-inspector-lvm-on-luks.sh
if HAVE_XMLLINT
@@ -102,7 +105,7 @@ TESTS += test-xmllint.sh
endif
check-valgrind:
- $(MAKE) TESTS="test-virt-inspector.sh
test-virt-inspector-lvm-on-luks.sh" VG="@VG@" check
+ $(MAKE) TESTS="test-virt-inspector.sh test-virt-inspector-luks-on-lvm.sh
test-virt-inspector-lvm-on-luks.sh" VG="@VG@" check
check-valgrind-local-guests:
for g in $(GUESTS); do \
diff --git a/test-data/phony-guests/Makefile.am
b/test-data/phony-guests/Makefile.am
index 0114d10bb170..0a41f168bdfc 100644
--- a/test-data/phony-guests/Makefile.am
+++ b/test-data/phony-guests/Makefile.am
@@ -49,6 +49,7 @@ disk_images = \
fedora-md1.img \
fedora-md2.img \
fedora-btrfs.img \
+ fedora-luks-on-lvm.img \
fedora-lvm-on-luks.img \
ubuntu.img \
archlinux.img \
@@ -96,6 +97,12 @@ fedora-btrfs.img: make-fedora-img.pl \
fedora.db
SRCDIR=$(srcdir) LAYOUT=btrfs $(top_builddir)/run --test ./$<
+# Make a (dummy) Fedora image with LUKS-on-LVM.
+fedora-luks-on-lvm.img: make-fedora-img.pl \
+ fedora-journal.tar.xz \
+ fedora.db
+ SRCDIR=$(srcdir) LAYOUT=luks-on-lvm $(top_builddir)/run --test ./$<
+
# Make a (dummy) Fedora image with LVM-on-LUKS.
fedora-lvm-on-luks.img: make-fedora-img.pl \
fedora-journal.tar.xz \
diff --git a/.gitignore b/.gitignore
index 5489c0cd2a5d..87040a727a7c 100644
--- a/.gitignore
+++ b/.gitignore
@@ -151,6 +151,7 @@ Makefile.in
/test-data/phony-guests/debian.img
/test-data/phony-guests/fedora.img
/test-data/phony-guests/fedora-btrfs.img
+/test-data/phony-guests/fedora-luks-on-lvm.img
/test-data/phony-guests/fedora-lvm-on-luks.img
/test-data/phony-guests/fedora-md1.img
/test-data/phony-guests/fedora-md2.img
diff --git a/inspector/expected-fedora.img.xml
b/inspector/expected-fedora-luks-on-lvm.img.xml
similarity index 98%
copy from inspector/expected-fedora.img.xml
copy to inspector/expected-fedora-luks-on-lvm.img.xml
index 72cddaf8816d..6e21591d8066 100644
--- a/inspector/expected-fedora.img.xml
+++ b/inspector/expected-fedora-luks-on-lvm.img.xml
@@ -1,7 +1,7 @@
<?xml version="1.0"?>
<operatingsystems>
<operatingsystem>
- <root>/dev/VG/Root</root>
+ <root>/dev/mapper/luks-ROOTUUID</root>
<name>linux</name>
<arch>x86_64</arch>
<distro>fedora</distro>
@@ -13,11 +13,11 @@
<hostname>fedora.invalid</hostname>
<osinfo>fedora14</osinfo>
<mountpoints>
- <mountpoint dev="/dev/VG/Root">/</mountpoint>
+ <mountpoint
dev="/dev/mapper/luks-ROOTUUID">/</mountpoint>
<mountpoint dev="/dev/sda1">/boot</mountpoint>
</mountpoints>
<filesystems>
- <filesystem dev="/dev/VG/Root">
+ <filesystem dev="/dev/mapper/luks-ROOTUUID">
<type>ext2</type>
<label>ROOT</label>
<uuid>01234567-0123-0123-0123-012345678902</uuid>
diff --git a/inspector/test-virt-inspector-lvm-on-luks.sh
b/inspector/test-virt-inspector-luks-on-lvm.sh
similarity index 73%
copy from inspector/test-virt-inspector-lvm-on-luks.sh
copy to inspector/test-virt-inspector-luks-on-lvm.sh
index 955ac6316946..b2e10232c05d 100755
--- a/inspector/test-virt-inspector-lvm-on-luks.sh
+++ b/inspector/test-virt-inspector-luks-on-lvm.sh
@@ -19,7 +19,7 @@
# Test that virt-inspector can work on encrypted images when the
# right password is supplied.
#
-# Regression test for https://bugzilla.redhat.com/show_bug.cgi?id=1602353
+# Regression test for https://bugzilla.redhat.com/show_bug.cgi?id=1658126
set -e
set -x
@@ -27,16 +27,21 @@ set -x
$TEST_FUNCTIONS
skip_if_skipped
-f=../test-data/phony-guests/fedora-lvm-on-luks.img
+f=../test-data/phony-guests/fedora-luks-on-lvm.img
+keys=(--key /dev/VG/Root:key:FEDORA-Root
+ --key /dev/VG/LV1:key:FEDORA-LV1
+ --key /dev/VG/LV2:key:FEDORA-LV2
+ --key /dev/VG/LV3:key:FEDORA-LV3)
# Ignore zero-sized file.
if [ -s "$f" ]; then
+ uuid_root=$(guestfish --ro -i -a "$f" "${keys[@]}"
luks-uuid /dev/VG/Root)
b=$(basename "$f")
- echo FEDORA |
- $VG virt-inspector --keys-from-stdin --format=raw -a "$f" >
"actual-$b.xml"
+ $VG virt-inspector "${keys[@]}" --format=raw -a "$f"
> "actual-$b.xml"
# Check the generated output validate the schema.
$XMLLINT --noout --relaxng "$srcdir/virt-inspector.rng"
"actual-$b.xml"
# This 'diff' command will fail (because of -e option) if there
# are any differences.
- diff -ur $diff_ignore "$srcdir/expected-$b.xml"
"actual-$b.xml"
+ sed -e "s/ROOTUUID/$uuid_root/" <
"$srcdir/expected-$b.xml" \
+ | diff -u - "actual-$b.xml"
fi
diff --git a/test-data/phony-guests/guests.xml.in
b/test-data/phony-guests/guests.xml.in
index 3af6b27af073..dfcccc3d4cff 100644
--- a/test-data/phony-guests/guests.xml.in
+++ b/test-data/phony-guests/guests.xml.in
@@ -183,6 +183,24 @@
</devices>
</domain>
+ <!-- LUKS passwords are 'FEDORA-Root', 'FEDORA-LV1',
'FEDORA-LV2',
+ 'FEDORA-LV3' -->
+ <domain type='test'>
+ <name>fedora-luks-on-lvm</name>
+ <memory>1048576</memory>
+ <os>
+ <type>hvm</type>
+ <boot dev='hd'/>
+ </os>
+ <devices>
+ <disk type='file' device='disk'>
+ <driver name='qemu' type='raw'/>
+ <source file='@abs_builddir@/fedora-luks-on-lvm.img'/>
+ <target dev='vda' bus='virtio'/>
+ </disk>
+ </devices>
+ </domain>
+
<!-- LUKS password is 'FEDORA' -->
<domain type='test'>
<name>fedora-lvm-on-luks</name>
diff --git a/test-data/phony-guests/make-fedora-img.pl
b/test-data/phony-guests/make-fedora-img.pl
index 4cd6ef9575eb..84d4742e9000 100755
--- a/test-data/phony-guests/make-fedora-img.pl
+++ b/test-data/phony-guests/make-fedora-img.pl
@@ -200,6 +200,60 @@ EOF
init_lvm_root ('/dev/mapper/luks');
}
+elsif ($ENV{LAYOUT} eq 'luks-on-lvm') {
+ push (@images, "fedora-luks-on-lvm.img-t");
+
+ open (my $fstab, '>', "fedora.fstab") or die;
+ print $fstab <<EOF;
+LABEL=BOOT /boot ext2 default 0 0
+LABEL=ROOT / ext2 default 0 0
+EOF
+ close ($fstab) or die;
+
+ $bootdev = '/dev/sda1';
+
+ $g->disk_create ("fedora-luks-on-lvm.img-t", "raw",
$IMAGE_SIZE);
+
+ $g->add_drive ("fedora-luks-on-lvm.img-t", format =>
"raw");
+ $g->launch ();
+
+ $g->part_init ('/dev/sda', 'mbr');
+ foreach my $p (@PARTITIONS) {
+ $g->part_add('/dev/sda', @$p);
+ }
+
+ # Create the Volume Group on /dev/sda2.
+ $g->pvcreate ('/dev/sda2');
+ $g->vgcreate ('VG', ['/dev/sda2']);
+ $g->lvcreate ('Root', 'VG', 32);
+ $g->lvcreate ('LV1', 'VG', 32);
+ $g->lvcreate ('LV2', 'VG', 32);
+ $g->lvcreate ('LV3', 'VG', 64);
+
+ # Format each Logical Group as a LUKS device, with a different password.
+ $g->luks_format ('/dev/VG/Root', 'FEDORA-Root', 0);
+ $g->luks_format ('/dev/VG/LV1', 'FEDORA-LV1', 0);
+ $g->luks_format ('/dev/VG/LV2', 'FEDORA-LV2', 0);
+ $g->luks_format ('/dev/VG/LV3', 'FEDORA-LV3', 0);
+
+ # Open the LUKS devices. This creates nodes like /dev/mapper/*-luks.
+ $g->cryptsetup_open ('/dev/VG/Root', 'FEDORA-Root',
'Root-luks');
+ $g->cryptsetup_open ('/dev/VG/LV1', 'FEDORA-LV1',
'LV1-luks');
+ $g->cryptsetup_open ('/dev/VG/LV2', 'FEDORA-LV2',
'LV2-luks');
+ $g->cryptsetup_open ('/dev/VG/LV3', 'FEDORA-LV3',
'LV3-luks');
+
+ # Phony root filesystem.
+ $g->mkfs ('ext2', '/dev/mapper/Root-luks', blocksize
=> 4096, label => 'ROOT');
+ $g->set_uuid ('/dev/mapper/Root-luks',
'01234567-0123-0123-0123-012345678902');
+
+ # Other filesystems, just for testing findfs-label.
+ $g->mkfs ('ext2', '/dev/mapper/LV1-luks', blocksize
=> 4096, label => 'LV1');
+ $g->mkfs ('ext2', '/dev/mapper/LV2-luks', blocksize
=> 1024, label => 'LV2');
+ $g->mkfs ('ext2', '/dev/mapper/LV3-luks', blocksize
=> 2048, label => 'LV3');
+
+ $g->mount ('/dev/mapper/Root-luks', '/');
+}
+
else {
print STDERR "$0: Unknown LAYOUT: ",$ENV{LAYOUT},"\n";
exit 1;
--
2.19.1.3.g30247aa5d201