-
Notifications
You must be signed in to change notification settings - Fork 36
/
Copy pathautopart-luks-4.ks.in
50 lines (36 loc) · 1.11 KB
/
autopart-luks-4.ks.in
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
%ksappend repos/default.ks
network --bootproto=dhcp
bootloader --timeout=1
zerombr
clearpart --all --initlabel
# Test LUKS 2 with argon2i and limited memory.
autopart --type=lvm --encrypted --passphrase="passphrase" --luks-version=luks2 --pbkdf=argon2i --pbkdf-memory=64
keyboard us
lang en
timezone America/New_York
rootpw qweqwe
shutdown
%packages
%end
%post
# Find the LUKS device.
crypted="$(blkid --match-token TYPE="crypto_LUKS" --output device)"
if [[ $? != 0 ]] ; then
echo "*** couldn't find a LUKS device" > /root/RESULT
exit 1
fi
# Check the PBKDF of the LUKS device.
result="$(cryptsetup luksDump ${crypted} | awk '{ if ($1 == "PBKDF:") print $2; }' )"
if [[ "$result" != "argon2i" ]] ; then
echo "*** unexpected PBKDF for ${crypted}: ${result}" >> /root/RESULT
fi
# Check the memory of the LUKS device.
result="$(cryptsetup luksDump ${crypted} | awk '{ if ($1 == "Memory:") print $2; }' )"
if [[ "$result" != "64" ]] ; then
echo "*** unexpected memory for ${crypted}: ${result}" >> /root/RESULT
fi
# The test was successful.
if [ ! -e /root/RESULT ]; then
echo SUCCESS > /root/RESULT
fi
%end