From Fedora Project Wiki

(New page: == Description == Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated...)
 
(Updated to instructions borrowed from autopart (encrypted) test case)
Line 1: Line 1:
== Description ==
{{QA/Test Case
Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.
|description=Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). For additional details, consult the http://docs.fedoraproject.org/install-guide/f{{FedoraVersion}}/en-US/html/Disk_Encryption_Guide.html.


When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.
When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.


References:
References:
# [https://fedoraproject.org/wiki/Anaconda/Features/EncryptedBlockDevices#Test_Plan Anaconda/Features/EncryptedBlockDevices]
* [[Anaconda/Features/EncryptedBlockDevices]]
# [https://fedoraproject.org/wiki/Releases/FeatureEncryptedFilesystems Releases/FeatureEncryptedFilesystems]
* [[Releases/FeatureEncryptedFilesystems]]
== Steps To Reproduce ==
|actions=
* start the installer
* Boot the installer using any available means (boot.iso, CD, DVD, Live image or PXE)
* enter the disk druid paritioning screen
# At the first disk partitioning screen, select '''Encrypt System''' and '''Review partition details'''.  Proceed to the next screen by selecting ''Next''
* Create a new LV filesystem (such as device /dev/LogVol00) on a new or existing LVM PV group
# Ensure that each ''LVM logical volume'' is configured for encryption.  You may need to edit the physical volume properties and select '''Encrypt'''
* select the "encrypt" checkbox for the partition using the new device
# Ensure that each ''LVM physical volume'' is configured for encryption.  You may need to edit the physical volume properties and select '''Encrypt'''
* enter a passphrase for the partition
# Proceed to the next step by clicking ''Next''
* create one or more filesystems using the LV filesystem
# When prompted, enter a passphrase twice
* select the "encrypt" checkbox for each filesystem that resides on the LV filesystem
# Complete the installation as desired
* continue the installation
|results=
== Expected Results ==
# The system should install successfully
in post-install system, verify:
# A lock icon appears next to all disk partitions configured for encryption
* a passphrase for the LV LV device is required to access it
# The system should prompt for your passphrase only ''once'' during boot
* an entry for the filesystem using the LVM LV device exists in /etc/crypttab
# The system unlocks the encrypted partition(s) and boots successfully
* a passphrase for the each of the filesystems using the LVG is required to access it
}}
* an entry for the block devices and filesystems using the LVM LV devices exist in /etc/crypttab
[[Category:Installer_Partitioning_Test_Cases]]
 
 
 
|results=
On the installed system verify that:
* you are prompted once for the passphrase to unlock all encrypted partitions
* an entry for each encrypted disk partition exists in /etc/crypttab
}}


[[Category:Encrypted Block Device|LUKS Encrypted LVM VG, all LVs encrypted]]
[[Category:Encrypted Block Device|LUKS Encrypted LVM VG, all LVs encrypted]]

Revision as of 13:08, 30 September 2009

Description

Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). For additional details, consult the http://docs.fedoraproject.org/install-guide/f40/en-US/html/Disk_Encryption_Guide.html.

When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.

References:


How to test

  • Boot the installer using any available means (boot.iso, CD, DVD, Live image or PXE)
  1. At the first disk partitioning screen, select Encrypt System and Review partition details. Proceed to the next screen by selecting Next
  2. Ensure that each LVM logical volume is configured for encryption. You may need to edit the physical volume properties and select Encrypt
  3. Ensure that each LVM physical volume is configured for encryption. You may need to edit the physical volume properties and select Encrypt
  4. Proceed to the next step by clicking Next
  5. When prompted, enter a passphrase twice
  6. Complete the installation as desired

Expected Results

  1. The system should install successfully
  2. A lock icon appears next to all disk partitions configured for encryption
  3. The system should prompt for your passphrase only once during boot
  4. The system unlocks the encrypted partition(s) and boots successfully


|results= On the installed system verify that:

  • you are prompted once for the passphrase to unlock all encrypted partitions
  • an entry for each encrypted disk partition exists in /etc/crypttab

}}

Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_install_with_all_LVM_LVs_and_PVs_encrypted&oldid=127732"