Compare commits

..

3 Commits

Author SHA1 Message Date
Yu Watanabe 7ac1ad90d0
Merge pull request #34460 from yuwata/test-86-follow-ups
test: follow-ups for TEST-86
2024-09-18 09:31:17 +09:00
Yu Watanabe d265b8afb7 test: drop unused test.sh for TEST-86-MULTI-PROFILE-UKI
The test cannot run with the bash test runner, as it requires python.
Hence, test.sh is not necessary.

Follow-up for a37640653c.
2024-09-18 04:00:05 +09:00
Yu Watanabe 1aab0a5b10 test: minor coding style fixlets
Follow-up for a37640653c.
2024-09-18 03:50:46 +09:00
2 changed files with 5 additions and 15 deletions

View File

@ -1,10 +0,0 @@
#!/usr/bin/env bash
# SPDX-License-Identifier: LGPL-2.1-or-later
set -e
TEST_DESCRIPTION="Test Multi-Profile UKI Boots"
# shellcheck source=test/test-functions
. "${TEST_BASE_DIR:?}/test-functions"
do_test "$@"

View File

@ -17,9 +17,9 @@ if test -f /run/systemd/stub/profile; then
fi fi
echo "CURRENT MEASUREMENT:" echo "CURRENT MEASUREMENT:"
/usr/lib/systemd/systemd-measure --current /usr/lib/systemd/systemd-measure --current
if test -f /run/systemd/tpm2-pcr-signature.json ; then if test -f /run/systemd/tpm2-pcr-signature.json; then
echo "CURRENT SIGNATURE:" echo "CURRENT SIGNATURE:"
jq < /run/systemd/tpm2-pcr-signature.json jq </run/systemd/tpm2-pcr-signature.json
fi fi
echo "CURRENT EVENT LOG + PCRS:" echo "CURRENT EVENT LOG + PCRS:"
@ -45,7 +45,7 @@ TITLE="Profile Two"' --measure-base=/tmp/extended1.efi --cmdline="testprofile2=1
# Prepare a disk image, locked to the PCR measurements of the UKI we just generated # Prepare a disk image, locked to the PCR measurements of the UKI we just generated
truncate -s 32M /root/encrypted.raw truncate -s 32M /root/encrypted.raw
echo -n "geheim" > /root/encrypted.secret echo -n "geheim" >/root/encrypted.secret
cryptsetup luksFormat -q --pbkdf pbkdf2 --pbkdf-force-iterations 1000 --use-urandom /root/encrypted.raw --key-file=/root/encrypted.secret cryptsetup luksFormat -q --pbkdf pbkdf2 --pbkdf-force-iterations 1000 --use-urandom /root/encrypted.raw --key-file=/root/encrypted.secret
systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs= --tpm2-public-key=/root/pcrsign.public.pem --unlock-key-file=/root/encrypted.secret /root/encrypted.raw systemd-cryptenroll --tpm2-device=auto --tpm2-pcrs= --tpm2-public-key=/root/pcrsign.public.pem --unlock-key-file=/root/encrypted.secret /root/encrypted.raw
rm -f /root/encrypted.secret rm -f /root/encrypted.secret
@ -62,12 +62,12 @@ else
if [ "$ID" = "profile0" ]; then if [ "$ID" = "profile0" ]; then
grep -v testprofile /proc/cmdline grep -v testprofile /proc/cmdline
echo "default $(basename "$CURRENT_UKI")@profile1" > "$(bootctl -p)/loader/loader.conf" echo "default $(basename "$CURRENT_UKI")@profile1" >"$(bootctl -p)/loader/loader.conf"
reboot reboot
exit 0 exit 0
elif [ "$ID" = "profile1" ]; then elif [ "$ID" = "profile1" ]; then
grep testprofile1=1 /proc/cmdline grep testprofile1=1 /proc/cmdline
echo "default $(basename "$CURRENT_UKI")@profile2" > "$(bootctl -p)/loader/loader.conf" echo "default $(basename "$CURRENT_UKI")@profile2" >"$(bootctl -p)/loader/loader.conf"
reboot reboot
exit 0 exit 0
elif [ "$ID" = "profile2" ]; then elif [ "$ID" = "profile2" ]; then