From Fedora Project Wiki

(New page: == Description == Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated...)
 
(Minor wording update)
 
(5 intermediate revisions by the same user not shown)
Line 1: Line 1:
== Description ==
{{QA/Test Case
Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.
|description=Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). For additional details, consult the http://docs.fedoraproject.org/install-guide/f{{FedoraVersion}}/en-US/html/Disk_Encryption_Guide.html.


When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.
When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.


References:
References:
# [https://fedoraproject.org/wiki/Anaconda/Features/EncryptedBlockDevices#Test_Plan Anaconda/Features/EncryptedBlockDevices]
* [[Anaconda/Features/EncryptedBlockDevices]]
# [https://fedoraproject.org/wiki/Releases/FeatureEncryptedFilesystems Releases/FeatureEncryptedFilesystems]
* [[Releases/FeatureEncryptedFilesystems]]
== Steps To Reproduce ==
|actions=
* start the installer
# Boot the installer using any available means (boot.iso, CD, DVD, Live image or PXE)
* enter the disk druid paritioning screen
# At the first disk partitioning screen, select ''Use entire drive'', ''Encrypt System'', and ''Review and modify partitioning layout''.  Proceed to the next screen by selecting ''Next''
* Create a new LV filesystem (such as device /dev/LogVol00) on a new or existing LVM PV group
# Ensure that each ''LVM logical volume'' is configured for encryption.  You may need to edit the physical volume properties and select '''Encrypt'''
* select the "encrypt" checkbox for the partition using the new device
# Ensure that each ''LVM physical volume'' is configured for encryption.  You may need to edit the physical volume properties and select '''Encrypt'''
* enter a passphrase for the partition
# Proceed to the next step by clicking ''Next''
* create one or more filesystems using the LV filesystem
# When prompted, enter a passphrase twice
* select the "encrypt" checkbox for each filesystem that resides on the LV filesystem
# Complete the installation as desired
* continue the installation
|results=
== Expected Results ==
# The system should install successfully
in post-install system, verify:
# A lock icon appears next to all disk partitions configured for encryption
* a passphrase for the LV LV device is required to access it
# The system should prompt for your passphrase only ''once'' during boot
* an entry for the filesystem using the LVM LV device exists in /etc/crypttab
# The system unlocks the encrypted partition(s) and boots successfully
* a passphrase for the each of the filesystems using the LVG is required to access it
# an entry for each encrypted disk partition exists in /etc/crypttab
* an entry for the block devices and filesystems using the LVM LV devices exist in /etc/crypttab
}}


[[Category:Encrypted Block Device|LUKS Encrypted LVM VG, all LVs encrypted]]
[[Category:Encrypted Block Device|LUKS Encrypted LVM VG, all LVs encrypted]]

Latest revision as of 15:11, 30 September 2009

Description

Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). For additional details, consult the http://docs.fedoraproject.org/install-guide/f40/en-US/html/Disk_Encryption_Guide.html.

When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.

References:


How to test

  1. Boot the installer using any available means (boot.iso, CD, DVD, Live image or PXE)
  2. At the first disk partitioning screen, select Use entire drive, Encrypt System, and Review and modify partitioning layout. Proceed to the next screen by selecting Next
  3. Ensure that each LVM logical volume is configured for encryption. You may need to edit the physical volume properties and select Encrypt
  4. Ensure that each LVM physical volume is configured for encryption. You may need to edit the physical volume properties and select Encrypt
  5. Proceed to the next step by clicking Next
  6. When prompted, enter a passphrase twice
  7. Complete the installation as desired

Expected Results

  1. The system should install successfully
  2. A lock icon appears next to all disk partitions configured for encryption
  3. The system should prompt for your passphrase only once during boot
  4. The system unlocks the encrypted partition(s) and boots successfully
  5. an entry for each encrypted disk partition exists in /etc/crypttab
Retrieved from "https://fedoraproject.org/w/index.php?title=QA:Testcase_install_with_all_LVM_LVs_and_PVs_encrypted&oldid=127749"