From Fedora Project Wiki

< QA‎ | TestCases

Description

Support the use of encrypted filesystems for anything other than /boot using cryptsetup and LUKS. This includes install time creation/configuration, as well as integrated support in mkinitrd and initscripts (others?). Currently we are only pursuing support for encrypted devices using cryptsetup/LUKS.

When using encrypted file systems/block devices, the functionality should continue to work as expected, and not create situations where the encryption leads to undesired errors.

References:

  1. Anaconda/Features/EncryptedBlockDevices
  2. Releases/FeatureEncryptedFilesystems

Steps To Reproduce

  • start the installer
  • enter the disk druid paritioning screen
  • Create multiple new RAID partitions
  • select the "encrypt" checkbox for each partition
  • enter a passphrase for the partition
  • create one or more encrypted md devices using the RAID partitions
  • select the "encrypt" checkbox for each filesystem that is composed of RAID partitions
  • create one or more non-encrypted md devices using the RAID partitions
  • continue the installation

Expected Results

in post-install system, verify:

  • a passphrase for each RAID partition is required to access it
  • an entry for each RAID partition exists in /etc/crypttab
  • a passphrase for each of the encrypted filesystems using the RAID partitions is required to access it
  • an entry for the block devices and filesystems using the RAID partitions exist in /etc/crypttab