unbind-luks1 2.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. #!/bin/bash -ex
  2. # vim: set tabstop=8 shiftwidth=4 softtabstop=4 expandtab smarttab colorcolumn=80:
  3. #
  4. # Copyright (c) 2019 Red Hat, Inc.
  5. # Author: Sergio Correia <scorreia@redhat.com>
  6. #
  7. # This program is free software: you can redistribute it and/or modify
  8. # it under the terms of the GNU General Public License as published by
  9. # the Free Software Foundation, either version 3 of the License, or
  10. # (at your option) any later version.
  11. #
  12. # This program is distributed in the hope that it will be useful,
  13. # but WITHOUT ANY WARRANTY; without even the implied warranty of
  14. # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  15. # GNU General Public License for more details.
  16. #
  17. # You should have received a copy of the GNU General Public License
  18. # along with this program. If not, see <http://www.gnu.org/licenses/>.
  19. #
  20. TEST=$(basename "${0}")
  21. . tests-common-functions
  22. on_exit() {
  23. [ -d "${TMP}" ] && rm -rf "${TMP}"
  24. }
  25. trap 'on_exit' EXIT
  26. trap 'exit' ERR
  27. TMP="$(mktemp -d)"
  28. ADV="${TMP}/adv.jws"
  29. create_tang_adv "${ADV}"
  30. CFG="$(printf '{"url":"foobar","adv":"%s"}' "$ADV")"
  31. # LUKS1.
  32. DEV="${TMP}/luks1-device"
  33. UUID="cb6e8904-81ff-40da-a84a-07ab9ab5715e"
  34. new_device "luks1" "${DEV}"
  35. # Bind, initially.
  36. if ! clevis luks bind -f -d "${DEV}" tang "${CFG}" <<< "${DEFAULT_PASS}"; then
  37. error "${TEST}: Binding is expected to succeed when given a correct (${DEFAULT_PASS}) password." >&2
  38. fi
  39. SLT=1
  40. if ! read -r _ state uuid < <(luksmeta show -d "${DEV}" | grep "^${SLT} *"); then
  41. error "${TEST}: Error reading LUKSmeta info for slot ${SLT} of ${DEV}." >&2
  42. fi
  43. if [ "${state}" != "active" ]; then
  44. error "${TEST}: state (${state}) is expected to be 'active'." >&2
  45. fi
  46. if [ "${uuid}" != "${UUID}" ]; then
  47. error "${TEST}: UUID ($uuid) is expected to be '${UUID}'." >&2
  48. fi
  49. # Now unbind.
  50. if ! clevis luks unbind -f -d "${DEV}" -s "${SLT}"; then
  51. error "${TEST}: Unbind is expected to succeed for device ${DEV} and slot ${SLT}" >&2
  52. fi
  53. if ! read -r _ state uuid < <(luksmeta show -d "${DEV}" | grep "^${SLT} *"); then
  54. error "${TEST}: Error reading LUKSmeta info for slot ${SLT} of ${DEV}." >&2
  55. fi
  56. if [ "${state}" != "inactive" ]; then
  57. error "${TEST}: state (${state}) is expected to be 'inactive'." >&2
  58. fi
  59. if [ "${uuid}" != "empty" ]; then
  60. error "${TEST}: UUID ($uuid) is expected to be 'empty'." >&2
  61. fi