Merge pull request #218 from ebiggers/cli-tests

Add tests for command-line interface Add tests that directly test the fscrypt command-line tool. See cli-tests/README.md for information about the test framework. The following test scripts are included: * t_change_passphrase * t_encrypt_custom * t_encrypt_login * t_encrypt_raw_key * t_encrypt * t_lock * t_not_enabled * t_not_supported * t_passphrase_hashing * t_setup * t_status * t_unlock * t_v1_policy_fs_keyring * t_v1_policy Unfortunately, we can't actually make Travis CI run these tests yet because they need kernel v5.4 or later, and Travis CI doesn't support an Ubuntu version that has that yet. But for now, they can be run manually using make cli-test.
author: Eric Biggers <ebiggers@google.com> 2020-05-09 15:15:12 -0700
committer: GitHub <noreply@github.com> 2020-05-09 15:15:12 -0700
commit: 338347ac4766f899fdc471d57f293798ff0e6c29 (patch)
tree: 8f5c0969a49a396d60c33a324834d92d9911a240 /cli-tests/t_encrypt.out
parent: 1aef2541a434bd9e88ebd52be72f13d56c5ef748 (diff)
parent: e68d65c440125ff1e47627abf1fc5a97f700d38d (diff)
1 files changed, 67 insertions, 0 deletions
diff --git a/cli-tests/t_encrypt.out b/cli-tests/t_encrypt.out
new file mode 100644
index 0000000..af38299
--- /dev/null
+++ b/cli-tests/t_encrypt.out
@@ -0,0 +1,67 @@
+
+# Try to encrypt a nonexistent directory
+[ERROR] fscrypt encrypt: no such file or directory
+ext4 filesystem "MNT" has 0 protectors and 0 policies
+
+[ERROR] fscrypt status: get encryption policy MNT/dir: file
+                        or directory not encrypted
+
+# Try to encrypt a nonempty directory
+[ERROR] fscrypt encrypt: MNT/dir: not an empty directory
+
+Encryption can only be setup on empty directories; files cannot be encrypted
+in-place. Instead, encrypt an empty directory, copy the files into that
+encrypted directory, and securely delete the originals with "shred".
+ext4 filesystem "MNT" has 0 protectors and 0 policies
+
+[ERROR] fscrypt status: get encryption policy MNT/dir: file
+                        or directory not encrypted
+
+# Encrypt a directory as non-root user
+ext4 filesystem "MNT" has 1 protector and 1 policy
+
+PROTECTOR         LINKED  DESCRIPTION
+desc1  No      custom protector "prot"
+
+POLICY                            UNLOCKED  PROTECTORS
+desc2  Yes       desc1
+"MNT/dir" is encrypted with fscrypt.
+
+Policy:   desc2
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 1 protector:
+PROTECTOR         LINKED  DESCRIPTION
+desc1  No      custom protector "prot"
+ext4 filesystem "MNT" has 1 protector and 1 policy
+
+PROTECTOR         LINKED  DESCRIPTION
+desc1  No      custom protector "prot"
+
+POLICY                            UNLOCKED  PROTECTORS
+desc2  Yes       desc1
+"MNT/dir" is encrypted with fscrypt.
+
+Policy:   desc2
+Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:2 
+Unlocked: Yes
+
+Protected with 1 protector:
+PROTECTOR         LINKED  DESCRIPTION
+desc1  No      custom protector "prot"
+
+# Try to encrypt an already-encrypted directory
+[ERROR] fscrypt encrypt: MNT/dir: file or directory already
+                         encrypted
+
+# Try to encrypt another user's directory as a non-root user
+[ERROR] fscrypt encrypt: MNT/dir: you do not own this
+                         directory
+
+Encryption can only be setup on directories you own, even if you have write
+permission for the directory.
+ext4 filesystem "MNT" has 0 protectors and 0 policies
+
+[ERROR] fscrypt status: get encryption policy MNT/dir: file
+                        or directory not encrypted
author	Eric Biggers <ebiggers@google.com>	2020-05-09 15:15:12 -0700
committer	GitHub <noreply@github.com>	2020-05-09 15:15:12 -0700
commit	338347ac4766f899fdc471d57f293798ff0e6c29 (patch)
tree	8f5c0969a49a396d60c33a324834d92d9911a240 /cli-tests/t_encrypt.out
parent	1aef2541a434bd9e88ebd52be72f13d56c5ef748 (diff)
parent	e68d65c440125ff1e47627abf1fc5a97f700d38d (diff)