New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
New logic to type LUKS passphrase in grub phase #18270
Conversation
LGTM. |
BTW, for failed case https://openqa.suse.de/tests/12948511#step/boot_to_desktop/10, we can use the similar logic:
However, it might introduce some expected result since all things are controlled via setting |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is a product bug: https://bugzilla.suse.com/show_bug.cgi?id=1205314
With my suggestion, unset LVM is treated as LVM=0.
|
Thanks, then need to double check /boot partition is encrypted or not |
c2f16c9
to
b60b8f6
Compare
Great PR! Please pay attention to the following items before merging: Files matching
This is an automatically generated QA checklist based on modified files. |
Change the code to handle |
@Vogtinator Can I ask for your kindly help to review my PR again? |
The latest VRs: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
we should follow SLE's condition on Leap like to use is_leap('<15.6') here
Could you please add two verification runs as well: installation (maybe is similar) https://openqa.suse.de/tests/13004386 and job https://openqa.suse.de/tests/13004389 which uses that image and it needs to enter password as well. |
With this, |
Agree with you! |
1db3bb1
to
34f3321
Compare
First new test fails are incoming: |
Thanks, In this job, only /boot partition is encrypted, so it leads to another logic, I think we can un-schedule the test module |
IMO having an encrypted |
It should be introduced from ticket, https://progress.opensuse.org/issues/81780. I will ask qe-security team to double check! |
That reminds me of https://progress.opensuse.org/issues/120459 |
If that ticket is what the test is supposed to do then you need the opposite: Plain |
Two test fails on Leap 15 relate to partition encrypting/decrypting:
please let me know if you need the separate poo ticket for them I can do so. |
Thanks, please help update https://progress.opensuse.org/issues/152621 |
With quick reading I was going to say that yes we have test case "FIPS: Full disk encryption with LUKS (separate unencrypted /boot)", but reading it again I see yes I don't see any point in /boot encrypted only with / non-encrypted. |
https://progress.opensuse.org/issues/151393
VRs:
tw crypt_no_lvm
sle crypt_no_lvm
Staging
yast failed cases
yast passed cases
New VRs:
boot_to_desktop
staging
yast sainty
kernel_encrypt_create_hdd