diff --git a/VMEncryption/main/BekUtil.py b/VMEncryption/main/BekUtil.py index 5b79a236f..3cc064abb 100644 --- a/VMEncryption/main/BekUtil.py +++ b/VMEncryption/main/BekUtil.py @@ -40,7 +40,7 @@ class BekUtil(object): def __init__(self, disk_util, logger): self.disk_util = disk_util self.logger = logger - self.bek_filesystem_mount_point = '/mnt/azure_bek_disk' + self.bek_filesystem_mount_point = '/azure_bek_disk' self.bek_label = 'BEK VOLUME' self.bek_filesystem = 'vfat' self.wrong_fs_msg = "BEK does not have vfat filesystem." diff --git a/VMEncryption/main/Common.py b/VMEncryption/main/Common.py index 2fa54abc2..a2ebd4c81 100644 --- a/VMEncryption/main/Common.py +++ b/VMEncryption/main/Common.py @@ -37,7 +37,7 @@ class CommonVariables: wire protocol message format """ encryption_key_file_name = 'LinuxPassPhraseFileName' - encryption_key_mount_point = '/mnt/azure_bek_disk' + encryption_key_mount_point = '/azure_bek_disk' bek_fstab_line_template = 'LABEL=BEK\\040VOLUME {0} auto defaults,discard,nofail 0 0\n' bek_fstab_line_template_ubuntu_14 = 'LABEL=BEK\\040VOLUME {0} auto defaults,discard,nobootwait 0 0\n' etc_defaults_cryptdisks_line = '\nCRYPTDISKS_MOUNT="$CRYPTDISKS_MOUNT {0}"\n' diff --git a/VMEncryption/main/oscrypto/91ade/cryptroot-ask-ade.sh b/VMEncryption/main/oscrypto/91ade/cryptroot-ask-ade.sh index 433bccc6e..8f5189dfc 100644 --- a/VMEncryption/main/oscrypto/91ade/cryptroot-ask-ade.sh +++ b/VMEncryption/main/oscrypto/91ade/cryptroot-ask-ade.sh @@ -42,9 +42,9 @@ numtries=${3:-10} info "luksOpen $device $luksname" -ls /mnt/azure_bek_disk/LinuxPassPhraseFileName* || (mkdir -p /mnt/azure_bek_disk/ && mount -L "BEK VOLUME" /mnt/azure_bek_disk/) +ls /azure_bek_disk/LinuxPassPhraseFileName* || (mkdir -p /azure_bek_disk/ && mount -L "BEK VOLUME" /azure_bek_disk/) -for luksfile in $(ls /mnt/azure_bek_disk/LinuxPassPhraseFileName*); do +for luksfile in $(ls /azure_bek_disk/LinuxPassPhraseFileName*); do break; done @@ -77,7 +77,7 @@ if [ $ask_passphrase -ne 0 ]; then unset luks_open fi -umount /mnt/azure_bek_disk +umount /azure_bek_disk unset device luksname luksfile diff --git a/VMEncryption/main/oscrypto/centos_68/encryptstates/UnmountOldrootState.py b/VMEncryption/main/oscrypto/centos_68/encryptstates/UnmountOldrootState.py index 7c82a0329..cf7cde049 100644 --- a/VMEncryption/main/oscrypto/centos_68/encryptstates/UnmountOldrootState.py +++ b/VMEncryption/main/oscrypto/centos_68/encryptstates/UnmountOldrootState.py @@ -86,14 +86,14 @@ def enter(self): if os.path.exists("/oldroot/mnt"): self.command_executor.Execute('umount /oldroot/mnt') - if os.path.exists("/oldroot/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /oldroot/mnt/azure_bek_disk') + if os.path.exists("/oldroot/azure_bek_disk"): + self.command_executor.Execute('umount /oldroot/azure_bek_disk') if os.path.exists("/mnt"): self.command_executor.Execute('umount /mnt') - if os.path.exists("/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /mnt/azure_bek_disk') + if os.path.exists("/azure_bek_disk"): + self.command_executor.Execute('umount /azure_bek_disk') self.command_executor.Execute('umount /oldroot/mnt/resource') self.command_executor.Execute('umount /oldroot/boot') diff --git a/VMEncryption/main/oscrypto/rhel_68/encryptstates/UnmountOldrootState.py b/VMEncryption/main/oscrypto/rhel_68/encryptstates/UnmountOldrootState.py index 5cedd7ed3..20bd9243d 100644 --- a/VMEncryption/main/oscrypto/rhel_68/encryptstates/UnmountOldrootState.py +++ b/VMEncryption/main/oscrypto/rhel_68/encryptstates/UnmountOldrootState.py @@ -83,14 +83,14 @@ def enter(self): if os.path.exists("/oldroot/mnt"): self.command_executor.Execute('umount /oldroot/mnt') - if os.path.exists("/oldroot/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /oldroot/mnt/azure_bek_disk') + if os.path.exists("/oldroot/azure_bek_disk"): + self.command_executor.Execute('umount /oldroot/azure_bek_disk') if os.path.exists("/mnt"): self.command_executor.Execute('umount /mnt') - if os.path.exists("/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /mnt/azure_bek_disk') + if os.path.exists("/azure_bek_disk"): + self.command_executor.Execute('umount /azure_bek_disk') self.command_executor.Execute('umount /oldroot/mnt/resource') self.command_executor.Execute('umount /oldroot/boot') diff --git a/VMEncryption/main/oscrypto/ubuntu_1404/encryptstates/UnmountOldrootState.py b/VMEncryption/main/oscrypto/ubuntu_1404/encryptstates/UnmountOldrootState.py index 0a2852039..226abf92d 100644 --- a/VMEncryption/main/oscrypto/ubuntu_1404/encryptstates/UnmountOldrootState.py +++ b/VMEncryption/main/oscrypto/ubuntu_1404/encryptstates/UnmountOldrootState.py @@ -77,14 +77,14 @@ def enter(self): if os.path.exists("/oldroot/mnt"): self.command_executor.Execute('umount /oldroot/mnt') - if os.path.exists("/oldroot/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /oldroot/mnt/azure_bek_disk') + if os.path.exists("/oldroot/azure_bek_disk"): + self.command_executor.Execute('umount /oldroot/azure_bek_disk') if os.path.exists("/mnt"): self.command_executor.Execute('umount /mnt') - if os.path.exists("/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /mnt/azure_bek_disk') + if os.path.exists("/azure_bek_disk"): + self.command_executor.Execute('umount /azure_bek_disk') proc_comm = ProcessCommunicator() diff --git a/VMEncryption/main/oscrypto/ubuntu_1604/encryptstates/UnmountOldrootState.py b/VMEncryption/main/oscrypto/ubuntu_1604/encryptstates/UnmountOldrootState.py index 6a8ba186d..6bffa315f 100644 --- a/VMEncryption/main/oscrypto/ubuntu_1604/encryptstates/UnmountOldrootState.py +++ b/VMEncryption/main/oscrypto/ubuntu_1604/encryptstates/UnmountOldrootState.py @@ -79,14 +79,14 @@ def enter(self): if os.path.exists("/oldroot/mnt"): self.command_executor.Execute('umount /oldroot/mnt') - if os.path.exists("/oldroot/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /oldroot/mnt/azure_bek_disk') + if os.path.exists("/oldroot/azure_bek_disk"): + self.command_executor.Execute('umount /oldroot/azure_bek_disk') if os.path.exists("/mnt"): self.command_executor.Execute('umount -R /mnt') - if os.path.exists("/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /mnt/azure_bek_disk') + if os.path.exists("/azure_bek_disk"): + self.command_executor.Execute('umount /azure_bek_disk') proc_comm = ProcessCommunicator() diff --git a/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-boot b/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-boot index dbc208dad..4d9b4fd62 100644 --- a/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-boot +++ b/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-boot @@ -7,7 +7,7 @@ set -x # - /usr/share/initramfs-tools/hooks/crypt-ade-hook has run # - /etc/fstab file has been copied to initramfs # - /etc/fstab includes an entry to mount /boot -# - /etc/fstab includes an entry to mount /mnt/azure_bek_disk +# - /etc/fstab includes an entry to mount /azure_bek_disk # - hook script will append cryptsetup and exit command PREREQS="udev" @@ -18,6 +18,6 @@ prereqs() } mount -a -cryptsetup luksOpen /dev/disk/by-partuuid/ROOTPARTUUID osencrypt --header /boot/luks/osluksheader -d /mnt/azure_bek_disk/LinuxPassPhraseFileName +cryptsetup luksOpen /dev/disk/by-partuuid/ROOTPARTUUID osencrypt --header /boot/luks/osluksheader -d /azure_bek_disk/LinuxPassPhraseFileName exit 0 \ No newline at end of file diff --git a/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-hook b/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-hook index 4c8850146..51a067284 100644 --- a/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-hook +++ b/VMEncryption/main/oscrypto/ubuntu_2004/encryptscripts/crypt-ade-hook @@ -21,10 +21,10 @@ esac # add /etc/fstab entries and mount point directories mkdir -p $DESTDIR/boot -mkdir -p $DESTDIR/mnt/azure_bek_disk +mkdir -p $DESTDIR/azure_bek_disk BOOTUUID=$(findmnt -fn -o UUID /boot) echo "/dev/disk/by-uuid/$BOOTUUID /boot ext2 defaults 0 0" >> "$DESTDIR/etc/fstab" -echo "/dev/disk/by-label/BEK\\x20VOLUME /mnt/azure_bek_disk auto defaults 0 0" >> "$DESTDIR/etc/fstab" +echo "/dev/disk/by-label/BEK\\x20VOLUME /azure_bek_disk auto defaults 0 0" >> "$DESTDIR/etc/fstab" # inject luks header mkdir -p ${DESTDIR}/boot/luks diff --git a/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/PatchBootSystemState.py b/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/PatchBootSystemState.py index c99056acf..6e716986a 100644 --- a/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/PatchBootSystemState.py +++ b/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/PatchBootSystemState.py @@ -128,7 +128,7 @@ def _modify_pivoted_oldroot(self): # add root partition UUID to boot script cryptsetup command self.command_executor.Execute("sed -i 's/ROOTPARTUUID/{0}/g' /usr/share/initramfs-tools/scripts/init-premount/crypt-ade-boot".format(root_partition_uuid), True) # add root partition UUID to /etc/crypttab - entry = 'osencrypt /dev/disk/by-partuuid/{0} /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,discard,header=/boot/luks/osluksheader'.format(root_partition_uuid) + entry = 'osencrypt /dev/disk/by-partuuid/{0} /azure_bek_disk/LinuxPassPhraseFileName luks,discard,header=/boot/luks/osluksheader'.format(root_partition_uuid) self._append_contents_to_file(entry, '/etc/crypttab') else: message = "Failed to get root partition UUID" diff --git a/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/UnmountOldrootState.py b/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/UnmountOldrootState.py index d47d108e8..9a76b91a6 100644 --- a/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/UnmountOldrootState.py +++ b/VMEncryption/main/oscrypto/ubuntu_2004/encryptstates/UnmountOldrootState.py @@ -75,14 +75,14 @@ def enter(self): if os.path.exists("/oldroot/mnt"): self.command_executor.Execute('umount /oldroot/mnt') - if os.path.exists("/oldroot/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /oldroot/mnt/azure_bek_disk') + if os.path.exists("/oldroot/azure_bek_disk"): + self.command_executor.Execute('umount /oldroot/azure_bek_disk') if os.path.exists("/mnt"): self.command_executor.Execute('umount -R /mnt') - if os.path.exists("/mnt/azure_bek_disk"): - self.command_executor.Execute('umount /mnt/azure_bek_disk') + if os.path.exists("/azure_bek_disk"): + self.command_executor.Execute('umount /azure_bek_disk') proc_comm = ProcessCommunicator() diff --git a/VMEncryption/main/test/test_UbuntuPatching.py b/VMEncryption/main/test/test_UbuntuPatching.py index 21a74d43d..24ddb12fd 100644 --- a/VMEncryption/main/test/test_UbuntuPatching.py +++ b/VMEncryption/main/test/test_UbuntuPatching.py @@ -61,12 +61,12 @@ def test_update_prereq(self, ce_mock, exists_mock, open_mock): self.assertEqual(exists_mock.call_count, 2) # Test 2: Other Entries along with osencrypt - crypttab_contents="mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + crypttab_contents="mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/sda1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" - expected_crypttab_contents="mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + expected_crypttab_contents="mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" open_mock.reset_mock() ce_mock.reset_mock() exists_mock.reset_mock() @@ -79,11 +79,11 @@ def test_update_prereq(self, ce_mock, exists_mock, open_mock): # Test 3: osencrypt already with /dev/disk/azure/root-part1 crypttab_contents="""osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh - mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail - mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" + mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail + mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" expected_crypttab_contents="""osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh - mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail - mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" + mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail + mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" open_mock.reset_mock() ce_mock.reset_mock() exists_mock.reset_mock() @@ -96,15 +96,15 @@ def test_update_prereq(self, ce_mock, exists_mock, open_mock): # Test 4: crypttab has comments and empty lines crypttab_contents="#This is mock crypttab file\n"\ - "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/sda1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ "\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" expected_crypttab_contents="#This is mock crypttab file\n"\ - "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ "\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" open_mock.reset_mock() ce_mock.reset_mock() exists_mock.reset_mock() @@ -117,15 +117,15 @@ def test_update_prereq(self, ce_mock, exists_mock, open_mock): # Test 5: osencrypt entry with /dev/disk/by-id/wwn-* crypttab_contents="#This is mock crypttab file\n"\ - "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/disk/by-id/wwn-0x60022480b469b749f472dfc8093da5dd-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ "\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" expected_crypttab_contents="#This is mock crypttab file\n"\ - "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ "\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" open_mock.reset_mock() ce_mock.reset_mock() exists_mock.reset_mock() @@ -138,15 +138,15 @@ def test_update_prereq(self, ce_mock, exists_mock, open_mock): # Test 6: osencrypt entry with /dev/disk/by-id/scsi-* crypttab_contents="#This is mock crypttab file\n"\ - "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/disk/by-id/scsi-0x60022480b469b749f472dfc8093da5dd-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ "\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" expected_crypttab_contents="#This is mock crypttab file\n"\ - "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ + "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail\n"\ "osencrypt /dev/disk/azure/root-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh\n"\ "\n"\ - "mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" + "mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" open_mock.reset_mock() ce_mock.reset_mock() exists_mock.reset_mock() @@ -159,11 +159,11 @@ def test_update_prereq(self, ce_mock, exists_mock, open_mock): # Test 7: /dev/disk/azure/root-part1 does not exist crypttab_contents="""osencrypt /dev/disk/azure/scsi0/lun0-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh - mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail - mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" + mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail + mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" expected_crypttab_contents="""osencrypt /dev/disk/azure/scsi0/lun0-part1 none luks,discard,header=/boot/luks/osluksheader,keyscript=/usr/sbin/azure_crypt_key.sh - mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,nofail - mapper_name1 /dev/dev_path1 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" + mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks,nofail + mapper_name1 /dev/dev_path1 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail""" open_mock.reset_mock() ce_mock.reset_mock() exists_mock.reset_mock() diff --git a/VMEncryption/main/test/test_bek_util.py b/VMEncryption/main/test/test_bek_util.py index 580cef2aa..e5c0322f3 100644 --- a/VMEncryption/main/test/test_bek_util.py +++ b/VMEncryption/main/test/test_bek_util.py @@ -16,7 +16,7 @@ def setUp(self): @mock.patch('DiskUtil.DiskUtil', autospec=True) def test_is_bek_volume_mounted_and_formatted_expected(self, disk_util_mock): bek_util = BekUtil(disk_util_mock, self.logger) - disk_util_mock.get_mount_items.return_value = [{"src":"/dev/sdc1", "dest":"/mnt/azure_bek_disk", "fs":"vfat"}] + disk_util_mock.get_mount_items.return_value = [{"src":"/dev/sdc1", "dest":"/azure_bek_disk", "fs":"vfat"}] bek_expected, fault_reason = bek_util.is_bek_volume_mounted_and_formatted() self.assertTrue(bek_expected) @@ -31,7 +31,7 @@ def test_is_bek_volume_mounted_and_formatted_not_mounted(self, disk_util_mock): @mock.patch('DiskUtil.DiskUtil', autospec=True) def test_is_bek_volume_mounted_and_formatted_wrong_fs(self, disk_util_mock): bek_util = BekUtil(disk_util_mock, self.logger) - disk_util_mock.get_mount_items.return_value = [{"src":"/dev/sdc1", "dest":"/mnt/azure_bek_disk", "fs":"wrongFS"}, {"src":"/dev/sda1", "dest":"/", "fs":"ext4"}] + disk_util_mock.get_mount_items.return_value = [{"src":"/dev/sdc1", "dest":"/azure_bek_disk", "fs":"wrongFS"}, {"src":"/dev/sda1", "dest":"/", "fs":"ext4"}] bek_expected, fault_reason = bek_util.is_bek_volume_mounted_and_formatted() self.assertFalse(bek_expected) self.assertEqual(fault_reason, bek_util.wrong_fs_msg) diff --git a/VMEncryption/main/test/test_crypt_mount_config_util.py b/VMEncryption/main/test/test_crypt_mount_config_util.py index 6df9d8792..2277a7086 100644 --- a/VMEncryption/main/test/test_crypt_mount_config_util.py +++ b/VMEncryption/main/test/test_crypt_mount_config_util.py @@ -85,7 +85,7 @@ def test_parse_crypttab_line(self): self.assertEqual(None, crypt_item) # a bare bones crypttab line - line = "mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName luks" + line = "mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName luks" expected_crypt_item = self._create_expected_crypt_item(mapper_name="mapper_name", dev_path="/dev/dev_path") crypt_item = self.crypt_mount_config_util.parse_crypttab_line(line) @@ -200,7 +200,7 @@ def test_get_crypt_items(self, disk_util_mock, use_acm_mock, open_mock, ce_mock, use_acm_mock.return_value = False # Now, use the /etc/crypttab file exists_mock.return_value = True # Crypttab file found self._mock_open_with_read_data_dict(open_mock, {"/etc/fstab": "/dev/mapper/osencrypt / ext4 defaults,nofail 0 0", - "/etc/crypttab": "osencrypt /dev/sda1 /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,discard"}) + "/etc/crypttab": "osencrypt /dev/sda1 /azure_bek_disk/LinuxPassPhraseFileName luks,discard"}) crypt_items = self.crypt_mount_config_util.get_crypt_items() self.assertEqual(str(self._create_expected_crypt_item(mapper_name="osencrypt", dev_path="/dev/sda1", @@ -239,7 +239,7 @@ def test_get_crypt_items(self, disk_util_mock, use_acm_mock, open_mock, ce_mock, crypt_items) self._mock_open_with_read_data_dict(open_mock, {"/etc/fstab": "/dev/mapper/encrypteddatadisk /mnt/datadisk auto defaults,nofail 0 0", - "/etc/crypttab": "encrypteddatadisk /dev/disk/azure/scsi1/lun0 /mnt/azure_bek_disk/LinuxPassPhraseFileName luks,discard,header=/headerfile"}) + "/etc/crypttab": "encrypteddatadisk /dev/disk/azure/scsi1/lun0 /azure_bek_disk/LinuxPassPhraseFileName luks,discard,header=/headerfile"}) crypt_items = self.crypt_mount_config_util.get_crypt_items() self.assertEqual(str(self._create_expected_crypt_item(mapper_name="encrypteddatadisk", dev_path="/dev/disk/azure/scsi1/lun0", @@ -276,17 +276,17 @@ def rename_side_effect(name1, name2): "/mnt/point/.azure_ade_backup_mount_info/fstab_line": ""}) self.crypt_mount_config_util.migrate_crypt_items() self.assertEqual(open_mock.call_count, 8) - self.assertTrue("LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0" in open_mock.content_dict["/etc/fstab"]) + self.assertTrue("LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0" in open_mock.content_dict["/etc/fstab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" in open_mock.content_dict["/etc/fstab"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/etc/crypttab"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/etc/crypttab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/fstab_line"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) # Test 2: migrate an entry (BEK in fstab) open_mock.reset_mock() use_acm_mock.return_value = True self._mock_open_with_read_data_dict(open_mock, {"/var/lib/azure_disk_encryption_config/azure_crypt_mount": "mapper_name /dev/dev_path None /mnt/point ext4 False 0", - "/etc/fstab": "LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0", + "/etc/fstab": "LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0", "/etc/crypttab": "", "/mnt/point/.azure_ade_backup_mount_info/crypttab_line": "", "/mnt/point/.azure_ade_backup_mount_info/fstab_line": ""}) @@ -295,30 +295,30 @@ def rename_side_effect(name1, name2): self.crypt_mount_config_util.migrate_crypt_items() self.assertEqual(open_mock.call_count, 7) self.assertTrue("/dev/mapper/mapper_name /mnt/point auto defaults,nofail,discard 0 0" in open_mock.content_dict["/etc/fstab"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/etc/crypttab"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/etc/crypttab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/fstab_line"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) # Test 3: migrate no entry open_mock.reset_mock() use_acm_mock.return_value = True self._mock_open_with_read_data_dict(open_mock, {"/var/lib/azure_disk_encryption_config/azure_crypt_mount": "", - "/etc/fstab": "LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0", + "/etc/fstab": "LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0", "/etc/crypttab": ""}) self.crypt_mount_config_util.migrate_crypt_items() self.assertEqual(open_mock.call_count, 2) - self.assertTrue("LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0" == open_mock.content_dict["/etc/fstab"].strip()) + self.assertTrue("LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0" == open_mock.content_dict["/etc/fstab"].strip()) self.assertTrue("" == open_mock.content_dict["/etc/crypttab"].strip()) # Test 4: skip migrating the OS entry open_mock.reset_mock() use_acm_mock.return_value = True self._mock_open_with_read_data_dict(open_mock, {"/var/lib/azure_disk_encryption_config/azure_crypt_mount": "osencrypt /dev/dev_path None / ext4 False 0", - "/etc/fstab": "LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0", + "/etc/fstab": "LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0", "/etc/crypttab": ""}) self.crypt_mount_config_util.migrate_crypt_items() self.assertEqual(open_mock.call_count, 2) - self.assertTrue("LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0" == open_mock.content_dict["/etc/fstab"].strip()) + self.assertTrue("LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0" == open_mock.content_dict["/etc/fstab"].strip()) self.assertTrue("" == open_mock.content_dict["/etc/crypttab"].strip()) # Test 5: migrate many entries @@ -340,12 +340,12 @@ def rename_side_effect(name1, name2): self.assertEqual(open_mock.call_count, 13) self.assertTrue("/dev/mapper/mapper_name /mnt/point auto defaults,nofail,discard 0 0\n" in open_mock.content_dict["/etc/fstab"]) self.assertTrue("/dev/mapper/mapper_name2 /mnt/point2 auto defaults,nofail,discard 0 0" in open_mock.content_dict["/etc/fstab"]) - self.assertTrue("\nmapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0" in open_mock.content_dict["/etc/crypttab"]) - self.assertTrue("\nmapper_name2 /dev/dev_path2 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0" in open_mock.content_dict["/etc/crypttab"]) + self.assertTrue("\nmapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0" in open_mock.content_dict["/etc/crypttab"]) + self.assertTrue("\nmapper_name2 /dev/dev_path2 /azure_bek_disk/LinuxPassPhraseFileName_1_0" in open_mock.content_dict["/etc/crypttab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point auto defaults,nofail,discard 0 0" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/fstab_line"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) self.assertTrue("/dev/mapper/mapper_name2 /mnt/point2 auto defaults,nofail,discard 0 0" in open_mock.content_dict["/mnt/point2/.azure_ade_backup_mount_info/fstab_line"]) - self.assertTrue("mapper_name2 /dev/dev_path2 /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point2/.azure_ade_backup_mount_info/crypttab_line"]) + self.assertTrue("mapper_name2 /dev/dev_path2 /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" in open_mock.content_dict["/mnt/point2/.azure_ade_backup_mount_info/crypttab_line"]) # Test 6: skip if filesystem not supported open_mock.reset_mock() @@ -360,11 +360,11 @@ def rename_side_effect(name1, name2): "/mnt/point/.azure_ade_backup_mount_info/fstab_line": ""}) self.crypt_mount_config_util.migrate_crypt_items() self.assertEqual(open_mock.call_count, 3) - self.assertTrue("LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0" in open_mock.content_dict["/etc/fstab"]) + self.assertTrue("LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0" in open_mock.content_dict["/etc/fstab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" not in open_mock.content_dict["/etc/fstab"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/etc/crypttab"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/etc/crypttab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" not in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/fstab_line"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) # Test 7: skip if device does not exist open_mock.reset_mock() @@ -379,8 +379,8 @@ def rename_side_effect(name1, name2): "/mnt/point/.azure_ade_backup_mount_info/fstab_line": ""}) self.crypt_mount_config_util.migrate_crypt_items() self.assertEqual(open_mock.call_count, 3) - self.assertTrue("LABEL=BEK\\040VOLUME /mnt/azure_bek_disk auto defaults,discard,nobootwait 0 0" in open_mock.content_dict["/etc/fstab"]) + self.assertTrue("LABEL=BEK\\040VOLUME /azure_bek_disk auto defaults,discard,nobootwait 0 0" in open_mock.content_dict["/etc/fstab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" not in open_mock.content_dict["/etc/fstab"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/etc/crypttab"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/etc/crypttab"]) self.assertTrue("/dev/mapper/mapper_name /mnt/point" not in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/fstab_line"]) - self.assertTrue("mapper_name /dev/dev_path /mnt/azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) + self.assertTrue("mapper_name /dev/dev_path /azure_bek_disk/LinuxPassPhraseFileName_1_0 luks,nofail" not in open_mock.content_dict["/mnt/point/.azure_ade_backup_mount_info/crypttab_line"]) diff --git a/VMEncryption/main/version.txt b/VMEncryption/main/version.txt index d5e64a223..39c1b4b3c 100644 --- a/VMEncryption/main/version.txt +++ b/VMEncryption/main/version.txt @@ -1 +1 @@ -1.2.0.91 +1.2.0.93 \ No newline at end of file