assert_env MDSCOUNT
-if [ `using_krb5_sec $SECURITY` == 'n' ] ; then
- ALWAYS_EXCEPT="0c $ALWAYS_EXCEPT"
-fi
+SETUP=${SETUP:-"setup"}
+CLEANUP=${CLEANUP:-"cleanup"}
+DIR1=${DIR1:-$MOUNT1}
+DIR2=${DIR2:-$MOUNT2}
+CRYPT_TYPE=${CRYPT_TYPE:-"gks"}
+TMPFILE=${TMPFILE:-"/tmp/encrypt.tmp"}
+RUN_UID=${RUN_UID:-1000}
gen_config() {
rm -f $XMLCONFIG
fi
add_ost ost --lov lov1 --dev $OSTDEV --size $OSTSIZE
add_ost ost2 --lov lov1 --dev ${OSTDEV}-2 --size $OSTSIZE
- add_gks gks
- add_client client $MDS --lov lov1 --gks gks_svc --path $MOUNT
+ if [ $CRYPT_TYPE == "gks" ]; then
+ add_gks gks
+ add_client client $MDS --lov lov1 --gks gks_svc --path $MOUNT
+ else
+ add_client client $MDS --lov lov1 --path $MOUNT
+ fi
+
}
build_test_filter
umount $MOUNT2 || true
umount $MOUNT || true
rmmod llite
-
- stop_gks gks
+ if [ $CRYPT_TYPE == "gks" ]; then
+ stop_gks gks
+ fi
for mds in `mds_list`; do
stop $mds ${FORCE} $MDSLCONFARGS
done
exit
fi
-SETUP=${SETUP:-"setup"}
-CLEANUP=${CLEANUP:-"cleanup"}
setup() {
gen_config
for mds in `mds_list`; do
start $mds --reformat $MDSLCONFARGS
done
- set -vx
- start_gks gks || exit 4
- set -e
+ if [ $CRYPT_TYPE == "gks" ]; then
+ start_gks gks || exit 4
+ fi
grep " $MOUNT " /proc/mounts || zconf_mount `hostname` $MOUNT
grep " $MOUNT2 " /proc/mounts || zconf_mount `hostname` $MOUNT2
}
if [ "$ONLY" == "setup" ]; then
exit 0
fi
+disable_encrypt() {
+ NAME=$1
+ grep " $MOUNT " /proc/mounts && umount $MOUNT
+ zconf_mount `hostname` $NAME
+}
+enable_encrypt() {
+ NAME=$1
+ grep " $MOUNT " /proc/mounts && umount $MOUNT
+ zconf_mount `hostname` $MOUNT
+ $LCTL set_crypt $MOUNT $CRYPT_TYPE
+}
mkdir -p $DIR
+
+
+dd if=/dev/urandom of=$TMPFILE bs=1024 count=1024
+
+test_1a() {
+ rm -rf $DIR1/1a*
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/1a0
+ cp $TMPFILE $DIR2/1a1
+ diff -u $DIR1/1a0 $DIR2/1a1 || error "files are different"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/1a0 $DIR2/1a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/1a0 $DIR2/1a1 || error "files are different"
+}
+run_test 1a "read/write encryption============="
+
+test_2a() {
+ rm -rf $DIR1/2a*
+ enable_encrypt $MOUNT
+ touch $DIR1/2a0
+ setfacl -m u:bin:rw $DIR1/2a0
+ cp $TMPFILE $DIR1/2a0
+ cp $TMPFILE $DIR2/2a1
+ diff -u $DIR1/2a0 $DIR2/2a1 || error "files are different"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/2a0 $DIR2/2a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/2a0 $DIR2/2a1 || error "files are different"
+}
+run_test 2a "read/write encryption with acl============="
+
+test_3a() {
+ rm -rf $DIR1/3a*
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/3a0
+ cp $TMPFILE $DIR2/3a1
+ chown $RUN_UID $DIR1/3a0
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/3a0 || error "chown write error"
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/3a1
+ diff -u $DIR1/3a0 $DIR2/3a1 || error "files are different"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/3a0 $DIR2/3a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/3a0 $DIR2/3a1 || error "files are different"
+}
+run_test 3a "write chown encryption============="
+
+test_4a() {
+ rm -rf $DIR1/4a*
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/4a0
+ cp $TMPFILE $DIR2/4a1
+ setfacl -m u:bin:rw $DIR1/4a0
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/4a0 || error "chown write error"
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/4a1
+ diff -u $DIR1/4a0 $DIR2/4a1 || error "files are different"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/4a0 $DIR2/4a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/4a0 $DIR2/4a1 || error "files are different"
+}
+run_test 4a "write chacl encryption============="
+
+test_5a() {
+ rm -rf $DIR1/5a*
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/5a0
+ cp $TMPFILE $DIR2/5a1
+ setfacl -m u:bin:rw $DIR1/5a0
+ chown $RUN_UID $DIR1/5a0
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/5a0 || error "chown write error"
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/5a1
+ diff -u $DIR1/5a0 $DIR2/5a1 || error "files are different"
+ echo "enable crypt read success"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/5a0 $DIR2/5a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/5a0 $DIR2/5a1 || error "files are different"
+}
+run_test 5a "write chacl encryption============="
+
+test_6a() {
+ rm -rf $DIR1/6a*
+ enable_encrypt $MOUNT
+ cp $TMPFILE $DIR1/6a0
+ cp $TMPFILE $DIR2/6a1
+ chown 0600 $DIR1/6a0
+ setfacl -m u:bin:rw $DIR1/6a0
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/6a0 || error "chown write error"
+ echo aaaaaaaaaaaaaaaaaaaa >> $DIR1/6a1
+ diff -u $DIR1/6a0 $DIR2/6a1 || error "files are different"
+ echo "enable crypt read success"
+ disable_encrypt $MOUNT
+ diff -u $DIR1/6a0 $DIR2/6a1 && error "write encryption failed"
+ enable_encrypt $MOUNT
+ diff -u $DIR1/6a0 $DIR2/6a1 || error "files are different"
+}
+run_test 6a "write chmod/setfacl encryption============="
+
$CLEANUP