-
Epic
-
Resolution: Unresolved
-
Undefined
-
None
-
[Epic]: [RHEL10] Incorrect key file in crypttab entry for volume encrypted_vol [rhel-9]
-
Red Hat Enterprise Linux
-
rhel-system-roles
-
False
-
-
Unspecified
-
Unspecified
-
Unspecified
This is a clone of issue RHEL-95729 to use for version rhel-9.7
–
Original description:
TASK [Check key file of crypttab entry] **************************************************************************************************
task path: /usr/share/ansible/roles/rhel-system-roles.storage/tests/test-verify-volume-encryption.yml:155
fatal: [localhost]: FAILED! => {
"assertion": "_storage_test_crypttab_entries[0].split()[2] == _storage_test_expected_crypttab_key_file",
"changed": false,
"evaluated_to": false,
"msg": "Incorrect key file in crypttab entry for volume encrypted_vol"
}PLAY RECAP *******************************************************************************************************************************
localhost : ok=502 changed=13 unreachable=0 failed=1 skipped=409 rescued=0 ignored=0
the var _storage_test_expected_crypttab_entries could not get right values if add two or more encryption volumes to /etc/crypttab
test-verify-volume-encryption.yml
- name: Set test variables
set_fact:
_storage_test_expected_crypttab_entries: "{{
(storage_test_volume.encryption and _storage_test_volume_present) |
ternary(1, 0) }}"
_storage_test_crypttab_entries: "{{ storage_test_crypttab.stdout_lines |
map('regex_search', '^' + storage_test_volume._device |
basename + ' .*$') |
select('string') | list }}"
_storage_test_expected_crypttab_key_file: "{{
storage_test_volume.encryption_key or '-' }}"
[root@storageqe-109 tests]# cat /etc/crypttab luks-086dd5ea-ea8a-4cf5-9b9b-ae7feb642f0a /dev/mapper/mixed_encryption_pool-encrypted_vol - luks-b50ee7df-cd82-4ad1-be2d-e58614664c16 /dev/mapper/mixed_encryption_pool-unencrypted_vol - [root@storageqe-109 tests]#
# Test pool with mixed encrypted/unencrypted volumes - name: Create pool with mixed encryption include_role: name: linux-system-roles.storage vars: storage_safe_mode: false storage_pools: - name: mixed_encryption_pool type: lvm disks: "{{ unused_disks }}" volumes: - name: encrypted_vol size: 1g mount_point: "{{ mount_location }}_encrypted" encryption: true encryption_password: encryptedvolpassword - name: unencrypted_vol size: 1g mount_point: "{{ mount_location }}_unencrypted" encryption: false - name: Verify mixed encryption pool results include_tasks: verify-role-results.yml # Test changing encryption on existing volume - name: Change encryption settings on existing volume include_role: name: linux-system-roles.storage vars: storage_safe_mode: false storage_pools: - name: mixed_encryption_pool type: lvm disks: "{{ unused_disks }}" volumes: - name: encrypted_vol size: 1g mount_point: "{{ mount_location }}_encrypted" encryption: true encryption_password: newencryptedpassword encryption_luks_version: luks2 # Changed from default - name: unencrypted_vol size: 1g mount_point: "{{ mount_location }}_unencrypted" encryption: true # Changed from false to true encryption_password: newlyencryptedpassword
[root@storageqe-109 tests]# rpm -qa |grep role
rhel-system-roles-1.101.1-0.1.el10.noarch
[root@storageqe-109 tests]# uname -a
Linux storageqe-109.rhts.eng.pek2.redhat.com 6.12.0-89.el10.x86_64 #1 SMP PREEMPT_DYNAMIC Tue May 27 00:52:07 EDT 2025 x86_64 GNU/Linux
[root@storageqe-109 tests]#