initrd-secrets
test does not test that a secret actually ends up in the initrd #106
Labels
No labels
bug
dependency
documentation
duplicate
enhancement
good first issue
help wanted
invalid
question
review-next
security
stub
tool
wontfix
No milestone
No project
No assignees
1 participant
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: raito/lanzaboote#106
Loading…
Add table
Add a link
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
The test executes a grept that is supposed to fail if it does not find the secret in the initrd or if the contents are not as expected with
boot.initrd.preDeviceCommands
. However, even if this grep fails, the system comes up normally and the tests succeeds.See: https://github.com/NixOS/nixpkgs/blob/master/nixos/tests/initrd-secrets.nix for a better way to test this.