DIR1=${DIR1:-$MOUNT1}
DIR2=${DIR2:-$MOUNT2}
CRYPT_TYPE=${CRYPT_TYPE:-"gks"}
+TMPFILE=${TMPFILE:-"/tmp/encrypt.tmp"}
RUN_UID=${RUN_UID:-1000}
-if [ `using_krb5_sec $SECURITY` == 'n' ] ; then
- ALWAYS_EXCEPT="0c $ALWAYS_EXCEPT"
-fi
gen_config() {
rm -f $XMLCONFIG
fi
add_ost ost --lov lov1 --dev $OSTDEV --size $OSTSIZE
add_ost ost2 --lov lov1 --dev ${OSTDEV}-2 --size $OSTSIZE
- add_gks gks
- add_client client $MDS --lov lov1 --gks gks_svc --path $MOUNT
+ if [ $CRYPT_TYPE == "gks" ]; then
+ add_gks gks
+ add_client client $MDS --lov lov1 --gks gks_svc --path $MOUNT
+ else
+ add_client client $MDS --lov lov1 --path $MOUNT
+ fi
+
}
build_test_filter
umount $MOUNT2 || true
umount $MOUNT || true
rmmod llite
-
- stop_gks gks
+ if [ $CRYPT_TYPE == "gks" ]; then
+ stop_gks gks
+ fi
for mds in `mds_list`; do
stop $mds ${FORCE} $MDSLCONFARGS
done
for mds in `mds_list`; do
start $mds --reformat $MDSLCONFARGS
done
- set -vx
- start_gks gks || exit 4
- set -e
+ if [ $CRYPT_TYPE == "gks" ]; then
+ start_gks gks || exit 4
+ fi
grep " $MOUNT " /proc/mounts || zconf_mount `hostname` $MOUNT
grep " $MOUNT2 " /proc/mounts || zconf_mount `hostname` $MOUNT2
}
}
enable_encrypt() {
NAME=$1
- grep " $MOUNT " /proc/mounts || zconf_mount `hostname` $MOUNT
+ grep " $MOUNT " /proc/mounts && umount $MOUNT
+ zconf_mount `hostname` $MOUNT
$LCTL set_crypt $MOUNT $CRYPT_TYPE
}
mkdir -p $DIR
+
+dd if=/dev/urandom of=$TMPFILE bs=1024 count=1024
+
test_1a() {
rm -rf $DIR1/1a*
enable_encrypt $MOUNT
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/1a0
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR2/1a1
+ cp $TMPFILE $DIR1/1a0
+ cp $TMPFILE $DIR2/1a1
diff -u $DIR1/1a0 $DIR2/1a1 || error "files are different"
disable_encrypt $MOUNT
diff -u $DIR1/1a0 $DIR2/1a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/1a0 $DIR2/1a1 || error "files are different"
}
run_test 1a "read/write encryption============="
enable_encrypt $MOUNT
touch $DIR1/2a0
setfacl -m u:bin:rw $DIR1/2a0
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/2a0
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR2/2a1
+ cp $TMPFILE $DIR1/2a0
+ cp $TMPFILE $DIR2/2a1
diff -u $DIR1/2a0 $DIR2/2a1 || error "files are different"
disable_encrypt $MOUNT
diff -u $DIR1/2a0 $DIR2/2a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/2a0 $DIR2/2a1 || error "files are different"
}
run_test 2a "read/write encryption with acl============="
test_3a() {
rm -rf $DIR1/3a*
enable_encrypt $MOUNT
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/3a0
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR2/3a1
+ cp $TMPFILE $DIR1/3a0
+ cp $TMPFILE $DIR2/3a1
chown $RUN_UID $DIR1/3a0
echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/3a0 || error "chown write error"
echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/3a1
diff -u $DIR1/3a0 $DIR2/3a1 || error "files are different"
disable_encrypt $MOUNT
diff -u $DIR1/3a0 $DIR2/3a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/3a0 $DIR2/3a1 || error "files are different"
}
-run_test 3a "write chmod encryption============="
+run_test 3a "write chown encryption============="
test_4a() {
rm -rf $DIR1/4a*
- enable_encrypt $MOUNT
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/4a0
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR2/4a1
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/4a0
+ cp $TMPFILE $DIR2/4a1
setfacl -m u:bin:rw $DIR1/4a0
echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/4a0 || error "chown write error"
echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/4a1
diff -u $DIR1/4a0 $DIR2/4a1 || error "files are different"
disable_encrypt $MOUNT
diff -u $DIR1/4a0 $DIR2/4a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/4a0 $DIR2/4a1 || error "files are different"
}
run_test 4a "write chacl encryption============="
test_5a() {
rm -rf $DIR1/5a*
enable_encrypt $MOUNT
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/5a0
- echo aaaaaaaaaaaaaaaaaaaa >> $DIR2/5a1
+ cp $TMPFILE $DIR1/5a0
+ cp $TMPFILE $DIR2/5a1
setfacl -m u:bin:rw $DIR1/5a0
- chown $RUN_UID $DIR1/3a0
+ chown $RUN_UID $DIR1/5a0
echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/5a0 || error "chown write error"
echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/5a1
diff -u $DIR1/5a0 $DIR2/5a1 || error "files are different"
+ echo "enable crypt read success"
disable_encrypt $MOUNT
diff -u $DIR1/5a0 $DIR2/5a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/5a0 $DIR2/5a1 || error "files are different"
}
run_test 5a "write chacl encryption============="
+test_6a() {
+ rm -rf $DIR1/6a*
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/6a0
+ cp $TMPFILE $DIR2/6a1
+ chown 0600 $DIR1/6a0
+ setfacl -m u:bin:rw $DIR1/6a0
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/6a0 || error "chown write error"
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/6a1
+ diff -u $DIR1/6a0 $DIR2/6a1 || error "files are different"
+ echo "enable crypt read success"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/6a0 $DIR2/6a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/6a0 $DIR2/6a1 || error "files are different"
+}
+run_test 6a "write chmod/setfacl encryption============="
+
$CLEANUP