Skip cryptsetup password quality checking

LUKS password quality checking is not useful
since we only use long hex strings for passwords.

Not skipping this means that we have to install
cracklib-dicts for cryptsetup to work, which is
unnecessary weight.

Closes-Bug: #1861120

Change-Id: I1105c16caaf916e9101b6dca34a7f13936ce2240
This commit is contained in:
Eric Harney 2020-01-28 09:14:36 -05:00
parent 81590cbf8a
commit 7c3621311a
2 changed files with 3 additions and 0 deletions

View File

@ -1679,6 +1679,7 @@ class VolumeTestCase(base.BaseVolumeTestCase):
mock_execute.assert_called_once_with(
'cryptsetup', 'luksChangeKey',
'/some/device/thing',
'--force-password',
log_errors=processutils.LOG_ALL_ERRORS,
process_input='qwert\nasdfg\n',
run_as_root=True)

View File

@ -559,6 +559,7 @@ class CreateVolumeFromSpecTask(flow_utils.CinderTask):
'cryptsetup',
'luksChangeKey',
attach_info['device']['path'],
'--force-password',
run_as_root=True,
process_input=key_str,
log_errors=processutils.LOG_ALL_ERRORS)
@ -583,6 +584,7 @@ class CreateVolumeFromSpecTask(flow_utils.CinderTask):
'cryptsetup',
'--batch-mode',
'luksFormat',
'--force-password',
'--type', encryption['provider'],
'--cipher', encryption['cipher'],
'--key-size', str(encryption['key_size']),