aboutsummaryrefslogtreecommitdiff
path: root/cli-tests
diff options
context:
space:
mode:
Diffstat (limited to 'cli-tests')
-rwxr-xr-xcli-tests/run.sh4
-rw-r--r--cli-tests/t_encrypt.out18
-rw-r--r--cli-tests/t_encrypt_custom.out9
-rw-r--r--cli-tests/t_encrypt_login.out42
-rw-r--r--cli-tests/t_encrypt_raw_key.out15
-rw-r--r--cli-tests/t_metadata.out6
-rwxr-xr-xcli-tests/t_not_supported.sh2
-rw-r--r--cli-tests/t_setup.out6
-rwxr-xr-xcli-tests/t_setup.sh4
-rw-r--r--cli-tests/t_single_user.out30
-rwxr-xr-xcli-tests/t_single_user.sh55
-rw-r--r--cli-tests/t_status.out6
-rw-r--r--cli-tests/t_v1_policy.out3
13 files changed, 160 insertions, 40 deletions
diff --git a/cli-tests/run.sh b/cli-tests/run.sh
index dc17b5b..f6a4868 100755
--- a/cli-tests/run.sh
+++ b/cli-tests/run.sh
@@ -159,7 +159,7 @@ setup_for_test()
# Give the tests their own fscrypt.conf.
export FSCRYPT_CONF="$TMPDIR/fscrypt.conf"
- fscrypt setup --time=1ms > /dev/null
+ fscrypt setup --time=1ms --quiet --all-users > /dev/null
# The tests assume kernel support for v2 policies.
if ! grep -q '"policy_version": "2"' "$FSCRYPT_CONF"; then
@@ -171,7 +171,7 @@ EOF
fi
# Set up the test filesystems that aren't already set up.
- fscrypt setup "$MNT" > /dev/null
+ fscrypt setup --quiet --all-users "$MNT" > /dev/null
}
run_test()
diff --git a/cli-tests/t_encrypt.out b/cli-tests/t_encrypt.out
index f067fc0..b92c9d9 100644
--- a/cli-tests/t_encrypt.out
+++ b/cli-tests/t_encrypt.out
@@ -1,7 +1,8 @@
# Try to encrypt a nonexistent directory
[ERROR] fscrypt encrypt: no such file or directory
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
@@ -23,7 +24,8 @@ files into it, and securely delete the original directory. For example:
Caution: due to the nature of modern storage devices and filesystems, the
original data may still be recoverable from disk. It's much better to encrypt
your files from the start.
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
@@ -45,13 +47,15 @@ files into it, and securely delete the original directory. For example:
Caution: due to the nature of modern storage devices and filesystems, the
original data may still be recoverable from disk. It's much better to encrypt
your files from the start.
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
# Encrypt a directory as non-root user
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No custom protector "prot"
@@ -67,7 +71,8 @@ Unlocked: Yes
Protected with 1 protector:
PROTECTOR LINKED DESCRIPTION
desc1 No custom protector "prot"
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No custom protector "prot"
@@ -94,7 +99,8 @@ desc1 No custom protector "prot"
Encryption can only be enabled on a directory you own,
even if you have write access to the directory.
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
diff --git a/cli-tests/t_encrypt_custom.out b/cli-tests/t_encrypt_custom.out
index 8dd15e3..ac53d6f 100644
--- a/cli-tests/t_encrypt_custom.out
+++ b/cli-tests/t_encrypt_custom.out
@@ -1,6 +1,7 @@
# Encrypt with custom passphrase protector
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No custom protector "prot"
@@ -28,7 +29,8 @@ Enter a name for the new protector: prot
Enter custom passphrase for protector "prot":
Confirm passphrase:
"MNT/dir" is now encrypted, unlocked, and ready for use.
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc6 No custom protector "prot"
@@ -49,7 +51,8 @@ desc6 No custom protector "prot"
[ERROR] fscrypt encrypt: custom_passphrase protectors must be named
Use --name=PROTECTOR_NAME to specify a protector name.
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
diff --git a/cli-tests/t_encrypt_login.out b/cli-tests/t_encrypt_login.out
index 269f597..b84216a 100644
--- a/cli-tests/t_encrypt_login.out
+++ b/cli-tests/t_encrypt_login.out
@@ -7,7 +7,8 @@ IMPORTANT: See "MNT/dir/fscrypt_recovery_readme.txt" for
will lose access to this directory if you reinstall the operating
system or move this filesystem to another system.
-ext4 filesystem "MNT" has 2 protectors and 1 policy
+ext4 filesystem "MNT" has 2 protectors and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 Yes (MNT_ROOT) login protector for fscrypt-test-user
@@ -15,7 +16,8 @@ desc2 No custom protector "Recovery passphrase
POLICY UNLOCKED PROTECTORS
desc3 Yes desc1, desc2
-ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No login protector for fscrypt-test-user
@@ -57,7 +59,8 @@ IMPORTANT: See "MNT/dir/fscrypt_recovery_readme.txt" for
system or move this filesystem to another system.
"MNT/dir" is now encrypted, unlocked, and ready for use.
-ext4 filesystem "MNT" has 2 protectors and 1 policy
+ext4 filesystem "MNT" has 2 protectors and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc10 Yes (MNT_ROOT) login protector for fscrypt-test-user
@@ -65,7 +68,8 @@ desc11 No custom protector "Recovery passphras
POLICY UNLOCKED PROTECTORS
desc12 Yes desc10, desc11
-ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc10 No login protector for fscrypt-test-user
@@ -88,7 +92,8 @@ IMPORTANT: See "MNT/dir/fscrypt_recovery_readme.txt" for
will lose access to this directory if you reinstall the operating
system or move this filesystem to another system.
-ext4 filesystem "MNT" has 2 protectors and 1 policy
+ext4 filesystem "MNT" has 2 protectors and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc19 Yes (MNT_ROOT) login protector for fscrypt-test-user
@@ -96,7 +101,8 @@ desc20 No custom protector "Recovery passphras
POLICY UNLOCKED PROTECTORS
desc21 Yes desc19, desc20
-ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc19 No login protector for fscrypt-test-user
@@ -114,14 +120,16 @@ desc20 No custom protector "Recovery passphras
Protector is owned by fscrypt-test-user:fscrypt-test-user
# Encrypt with login protector with --no-recovery
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc28 Yes (MNT_ROOT) login protector for fscrypt-test-user
POLICY UNLOCKED PROTECTORS
desc29 Yes desc28
-ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies
+ext4 filesystem "MNT_ROOT" has 1 protector and 0 policies.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc28 No login protector for fscrypt-test-user
@@ -145,7 +153,8 @@ Unlocked: Yes
Protected with 1 protector:
PROTECTOR LINKED DESCRIPTION
desc35 No login protector for fscrypt-test-user
-ext4 filesystem "MNT_ROOT" has 1 protector and 1 policy
+ext4 filesystem "MNT_ROOT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc35 No login protector for fscrypt-test-user
@@ -159,18 +168,22 @@ desc34 Yes desc35
identified by user, not by name.
To fix this, don't specify the --name=PROTECTOR_NAME option.
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
-ext4 filesystem "MNT_ROOT" has 0 protectors and 0 policies
+ext4 filesystem "MNT_ROOT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
# Try to use the wrong login passphrase
[ERROR] fscrypt encrypt: incorrect login passphrase
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
-ext4 filesystem "MNT_ROOT" has 0 protectors and 0 policies
+ext4 filesystem "MNT_ROOT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
@@ -183,7 +196,8 @@ IMPORTANT: See "MNT/dir/fscrypt_recovery_readme.txt" for
will lose access to this directory if you reinstall the operating
system or move this filesystem to another system.
-ext4 filesystem "MNT" has 2 protectors and 1 policy
+ext4 filesystem "MNT" has 2 protectors and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc39 No custom protector "Recovery passphrase for dir"
diff --git a/cli-tests/t_encrypt_raw_key.out b/cli-tests/t_encrypt_raw_key.out
index 1f51dc0..4cfc050 100644
--- a/cli-tests/t_encrypt_raw_key.out
+++ b/cli-tests/t_encrypt_raw_key.out
@@ -1,6 +1,7 @@
# Encrypt with raw_key protector from file
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No raw key protector "prot"
@@ -18,7 +19,8 @@ PROTECTOR LINKED DESCRIPTION
desc1 No raw key protector "prot"
# Encrypt with raw_key protector from stdin
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc6 No raw key protector "prot"
@@ -37,21 +39,24 @@ desc6 No raw key protector "prot"
# Try to encrypt with raw_key protector from file, using wrong key length
[ERROR] fscrypt encrypt: TMPDIR/raw_key: key file must be 32 bytes
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
# Try to encrypt with raw_key protector from stdin, using wrong key length
[ERROR] fscrypt encrypt: unexpected EOF
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
[ERROR] fscrypt status: file or directory "MNT/dir" is not
encrypted
# Encrypt with raw_key protector from file, unlock from stdin
"MNT/dir" is now locked.
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc11 No raw key protector "prot"
diff --git a/cli-tests/t_metadata.out b/cli-tests/t_metadata.out
index fba816a..bbcc0f2 100644
--- a/cli-tests/t_metadata.out
+++ b/cli-tests/t_metadata.out
@@ -1,4 +1,5 @@
-ext4 filesystem "MNT" has 3 protectors and 1 policy
+ext4 filesystem "MNT" has 3 protectors and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No custom protector "foo"
@@ -7,7 +8,8 @@ desc3 No custom protector "baz"
POLICY UNLOCKED PROTECTORS
desc4 No desc1, desc2, desc3
-ext4 filesystem "MNT" has 2 protectors and 1 policy
+ext4 filesystem "MNT" has 2 protectors and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc1 No custom protector "foo"
diff --git a/cli-tests/t_not_supported.sh b/cli-tests/t_not_supported.sh
index 9ff90e1..8b52392 100755
--- a/cli-tests/t_not_supported.sh
+++ b/cli-tests/t_not_supported.sh
@@ -10,7 +10,7 @@ umount "$MNT"
mount tmpfs -t tmpfs -o size=128m "$MNT"
_print_header "Try to create fscrypt metadata on tmpfs"
-_expect_failure "fscrypt setup '$MNT'"
+_expect_failure "fscrypt setup --quiet '$MNT'"
_print_header "Try to encrypt a directory on tmpfs"
mkdir "$MNT/dir"
diff --git a/cli-tests/t_setup.out b/cli-tests/t_setup.out
index 943a781..6ea03e3 100644
--- a/cli-tests/t_setup.out
+++ b/cli-tests/t_setup.out
@@ -9,7 +9,8 @@ Skipping creating MNT_ROOT/.fscrypt because it already exists.
Defaulting to policy_version 2 because kernel supports it.
Customizing passphrase hashing difficulty for this system...
Created global config file at "FSCRYPT_CONF".
-Metadata directories created at "MNT_ROOT/.fscrypt".
+Allow users other than root to create fscrypt metadata on this filesystem? (See
+https://github.com/google/fscrypt#setting-up-fscrypt-on-a-filesystem) [y/N] Metadata directories created at "MNT_ROOT/.fscrypt", writable by everyone.
# fscrypt setup when fscrypt.conf already exists (cancel)
Replace "FSCRYPT_CONF"? [y/N] [ERROR] fscrypt setup: operation canceled
@@ -31,7 +32,8 @@ If desired, use --force to automatically run destructive operations.
# fscrypt setup --quiet --force when fscrypt.conf already exists
# fscrypt setup filesystem
-Metadata directories created at "MNT/.fscrypt".
+Allow users other than root to create fscrypt metadata on this filesystem? (See
+https://github.com/google/fscrypt#setting-up-fscrypt-on-a-filesystem) [y/N] Metadata directories created at "MNT/.fscrypt", writable by everyone.
# fscrypt setup filesystem (already set up)
[ERROR] fscrypt setup: filesystem MNT is already setup for
diff --git a/cli-tests/t_setup.sh b/cli-tests/t_setup.sh
index a8a62a3..f7e302d 100755
--- a/cli-tests/t_setup.sh
+++ b/cli-tests/t_setup.sh
@@ -14,7 +14,7 @@ fscrypt setup --time=1ms
_print_header "fscrypt setup creates fscrypt.conf and /.fscrypt"
_rm_metadata "$MNT_ROOT"
rm -f "$FSCRYPT_CONF"
-fscrypt setup --time=1ms
+echo y | fscrypt setup --time=1ms
[ -e "$MNT_ROOT/.fscrypt" ]
_print_header "fscrypt setup when fscrypt.conf already exists (cancel)"
@@ -37,7 +37,7 @@ fscrypt setup --quiet --force --time=1ms
_print_header "fscrypt setup filesystem"
_rm_metadata "$MNT"
-fscrypt setup "$MNT"
+echo y | fscrypt setup "$MNT"
[ -e "$MNT/.fscrypt" ]
_print_header "fscrypt setup filesystem (already set up)"
diff --git a/cli-tests/t_single_user.out b/cli-tests/t_single_user.out
new file mode 100644
index 0000000..e788b3e
--- /dev/null
+++ b/cli-tests/t_single_user.out
@@ -0,0 +1,30 @@
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+Only root can create fscrypt metadata on this filesystem.
+
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+Only root can create fscrypt metadata on this filesystem.
+
+
+# Encrypt, lock, and unlock as root
+"MNT/dir" is now locked.
+
+# Encrypt as root with user's login protector
+
+IMPORTANT: See "MNT/dir/fscrypt_recovery_readme.txt" for
+ important recovery instructions. It is *strongly recommended* to
+ record the recovery passphrase in a secure location; otherwise you
+ will lose access to this directory if you reinstall the operating
+ system or move this filesystem to another system.
+
+Protector desc1 no longer protecting policy desc2.
+"MNT/dir" is now locked.
+Enter login passphrase for fscrypt-test-user: "MNT/dir" is now unlocked and ready for use.
+
+# Encrypt as user (should fail)
+[ERROR] fscrypt encrypt: user lacks permission to create fscrypt metadata on
+ MNT
+
+For how to allow users to create fscrypt metadata on a filesystem, refer to
+https://github.com/google/fscrypt#setting-up-fscrypt-on-a-filesystem
+
+# Encrypt as user if they set up filesystem (should succeed)
diff --git a/cli-tests/t_single_user.sh b/cli-tests/t_single_user.sh
new file mode 100755
index 0000000..c569f20
--- /dev/null
+++ b/cli-tests/t_single_user.sh
@@ -0,0 +1,55 @@
+#!/bin/bash
+
+# Test 'fscrypt setup' without --all-users.
+
+cd "$(dirname "$0")"
+. common.sh
+
+_rm_metadata "$MNT_ROOT"
+_rm_metadata "$MNT"
+rm "$FSCRYPT_CONF"
+fscrypt setup --time=1ms --quiet
+fscrypt setup --time=1ms --quiet "$MNT"
+fscrypt status "$MNT"
+_user_do "fscrypt status \"$MNT\""
+
+dir=$MNT/dir
+
+begin()
+{
+ _reset_filesystems
+ mkdir "$dir"
+ _print_header "$1"
+}
+
+begin "Encrypt, lock, and unlock as root"
+echo hunter2 | fscrypt encrypt --quiet --name=dir --skip-unlock "$dir"
+echo hunter2 | fscrypt unlock --quiet "$dir"
+fscrypt lock "$dir"
+
+begin "Encrypt as root with user's login protector"
+echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase --user="$TEST_USER" "$dir"
+# The user should be able to update the policy and protectors created by the
+# above command themselves. The easiest way to test this is by updating the
+# policy to remove the auto-generated recovery protector. This verifies that
+# (a) the policy was made owned by the user, and that (b) policy updates fall
+# back to overwrites when the process cannot write to the containing directory.
+# (It would be better to test updating the protectors too, but this is the
+# easiest test to do here.)
+policy=$(fscrypt status "$dir" | awk '/Policy/{print $2}')
+recovery_protector=$(_get_protector_descriptor "$MNT" custom 'Recovery passphrase for dir')
+_user_do "fscrypt metadata remove-protector-from-policy --force --protector=$MNT:$recovery_protector --policy=$MNT:$policy"
+chown "$TEST_USER" "$dir"
+_user_do "fscrypt lock $dir"
+_user_do "echo TEST_USER_PASS | fscrypt unlock $dir"
+
+begin "Encrypt as user (should fail)"
+chown "$TEST_USER" "$dir"
+_user_do_and_expect_failure "echo hunter2 | fscrypt encrypt --quiet --name=dir --skip-unlock \"$dir\""
+
+begin "Encrypt as user if they set up filesystem (should succeed)"
+_rm_metadata "$MNT"
+chown "$TEST_USER" "$MNT"
+chown "$TEST_USER" "$dir"
+_user_do "fscrypt setup --time=1ms --quiet $MNT"
+_user_do "echo hunter2 | fscrypt encrypt --quiet --name=dir3 --skip-unlock \"$dir\""
diff --git a/cli-tests/t_status.out b/cli-tests/t_status.out
index 0d478b5..eb425d0 100644
--- a/cli-tests/t_status.out
+++ b/cli-tests/t_status.out
@@ -4,9 +4,11 @@ ext4 supported Yes
ext4 supported Yes
# Get status of setup mountpoint
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
-ext4 filesystem "MNT" has 0 protectors and 0 policies
+ext4 filesystem "MNT" has 0 protectors and 0 policies.
+All users can create fscrypt metadata on this filesystem.
# Get status of unencrypted directory on setup mountpoint
diff --git a/cli-tests/t_v1_policy.out b/cli-tests/t_v1_policy.out
index 9adb00a..1f4f9d7 100644
--- a/cli-tests/t_v1_policy.out
+++ b/cli-tests/t_v1_policy.out
@@ -120,7 +120,8 @@ Unlocked: Partially (incompletely locked, or unlocked by another user)
Protected with 1 protector:
PROTECTOR LINKED DESCRIPTION
desc2 No custom protector "prot"
-ext4 filesystem "MNT" has 1 protector and 1 policy
+ext4 filesystem "MNT" has 1 protector and 1 policy.
+All users can create fscrypt metadata on this filesystem.
PROTECTOR LINKED DESCRIPTION
desc2 No custom protector "prot"
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 21:44:37 +0000