summaryrefslogtreecommitdiffstats
path: root/src/test/test-blockdev-util.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/test/test-blockdev-util.c')
-rw-r--r--src/test/test-blockdev-util.c41
1 files changed, 41 insertions, 0 deletions
diff --git a/src/test/test-blockdev-util.c b/src/test/test-blockdev-util.c
new file mode 100644
index 0000000..134386c
--- /dev/null
+++ b/src/test/test-blockdev-util.c
@@ -0,0 +1,41 @@
+/* SPDX-License-Identifier: LGPL-2.1-or-later */
+
+#include "blockdev-util.h"
+#include "errno-util.h"
+#include "tests.h"
+
+static void test_path_is_encrypted_one(const char *p, int expect) {
+ int r;
+
+ r = path_is_encrypted(p);
+ if (IN_SET(r, -ENOENT, -ELOOP) || ERRNO_IS_NEG_PRIVILEGE(r))
+ /* This might fail, if btrfs is used and we run in a container. In that case we cannot
+ * resolve the device node paths that BTRFS_IOC_DEV_INFO returns, because the device nodes
+ * are unlikely to exist in the container. But if we can't stat() them we cannot determine
+ * the dev_t of them, and thus cannot figure out if they are encrypted. Hence let's just
+ * ignore ENOENT here. Also skip the test if we lack privileges.
+ * ELOOP might happen if the mount point is a symlink, as seen with under
+ * some rpm-ostree distros */
+ return;
+ assert_se(r >= 0);
+
+ log_info("%s encrypted: %s", p, yes_no(r));
+
+ assert_se(expect < 0 || ((r > 0) == (expect > 0)));
+}
+
+TEST(path_is_encrypted) {
+ int booted = sd_booted(); /* If this is run in build environments such as koji, /dev/ might be a
+ * regular fs. Don't assume too much if not running under systemd. */
+
+ log_info("/* %s (sd_booted=%d) */", __func__, booted);
+
+ test_path_is_encrypted_one("/home", -1);
+ test_path_is_encrypted_one("/var", -1);
+ test_path_is_encrypted_one("/", -1);
+ test_path_is_encrypted_one("/proc", false);
+ test_path_is_encrypted_one("/sys", false);
+ test_path_is_encrypted_one("/dev", booted > 0 ? false : -1);
+}
+
+DEFINE_TEST_MAIN(LOG_INFO);