c6ebac4cd5
Added C++ code which is designed for managing encrypted filesystems for securely managing data on StarlingX. The code gets executed when the luks-fs-mgr service is started. The program does the following steps: - Generates a passphrase using a PassphraseGenerator. - Creates a default directory for LUKS operations if it doesn't exist. - Parses the JSON configuration and extracts LUKS volume attributes. - Checks if the LUKS vault file exists. If it does, it proceeds to open and mount it. If not, it creates the vault file, sets up encryption, opens it, creates a filesystem, and mounts it. - Logs the relevant information. - Cleans up the JSON object. - The program returns 0 on successful execution and 1 on failure. Depends-On: https://review.opendev.org/c/starlingx/integ/+/894531 Test Plan: PASSED: build-pkgs -c -p luks-fs-mgr PASSED: build-image PASSED: AIO-SX bootstrap PASSED: binary available at /usr/local/sbin/ PASSED: systemd unit file available at /lib/systemd/system PASSED: luks_config.json avaiable at /etc/luks-fs-mgr.d/ PASSED: Started service on booted host with already created, mounted luks volume PASSED: Started service on booted host with sealed/closed luks volume PASSED: Started service on booted host with unsealed/open luks volume and unmounted mountPath but mountPath exists PASSED: Started service on booted host with unsealed/open luks volume and FS is unmounted and vault img file also doesnt exists. PASSED: Started service on booted host with sealed/closed luks volume and mountpath is unmounted and deleted PASSED: Started service on booted host with sealed/closed luks volume and mountpath is unmounted and deleted but vault img file exits PASSED: Started service on first boot host with changed config file where vault size has 1G space PASSED: Started service on first boot host with changed config file where vault size has no suffix PASSED: Started service on first boot host with changed config file where vault size has no suffix as well as the numerical value is less than the default size PASSED: Started service on first boot host with changed config file where vault size has incorrect suffix and numerical value is less than the default size PASSED: Started service on first boot host with changed config file with changed mount path PASSED: Started service on first boot host with changed config file where vault size has incorrect suffix PASSED: Started service on booted host with changed config file where mount path has changed to incorrect path PASSED: Started service on first boot with changed config file where MOUNT_PATH is changed to different name under default directory PASSED: Started service on booted host with changed config file where mount path has changed and volume name is changed PASSED: Started service on booted host with changed config file where we have 2 luks volume with mounted paths and then these mounted paths are exchanged with the luks volume PASSED: Started service on booted host with unsealed/open luks volume and FS is unmounted, deleted and vault img file also doesnt exists. PASSED: Started service on first boot with changed config file where MOUNT_PATH doesnt contain the full directory path PASSED: Started service on booted host with changed config file where 2 mount points are associated with 1 luks volume and the change is persistent on both the mount points PASSED: Started service on booted host with missing attribute in json config file PASSED: Started service on booted host with changed config file where mount path has changed Story: 2010872 Task: 48769 Change-Id: I17cb56b91f9c0d956138aa52a2e255f54908acc4 Signed-off-by: Rahul Roshan Kachchap <rahulroshan.kachchap@windriver.com> |
||
|---|---|---|
| .. | ||
| drbd/drbd-tools | ||
| luks | ||
| parted | ||