Skip cryptsetup password quality checking

LUKS password quality checking is not useful
since we only use long hex strings for passwords.

Not skipping this means that we have to install
cracklib-dicts for cryptsetup to work, which is
unnecessary weight.

Closes-Bug: #1861120

Change-Id: Idc281be7cf88eeeeefe260877a1fc275d94f2bed
(cherry picked from commit afb7beb7ce)
(cherry picked from commit 6461c993bc)
(cherry picked from commit 0db2285387)
This commit is contained in:
Eric Harney 2020-01-28 09:12:55 -05:00
parent 71bafe0da1
commit d640c73d9b
2 changed files with 2 additions and 0 deletions

View File

@ -118,6 +118,7 @@ class LuksEncryptor(cryptsetup.CryptsetupEncryptor):
# Enter new passphrase for key slot: # Enter new passphrase for key slot:
# Verify passphrase: # Verify passphrase:
self._execute('cryptsetup', 'luksAddKey', self.dev_path, self._execute('cryptsetup', 'luksAddKey', self.dev_path,
'--force-password',
process_input=''.join([mangled_passphrase, '\n', process_input=''.join([mangled_passphrase, '\n',
passphrase, '\n', passphrase]), passphrase, '\n', passphrase]),
run_as_root=True, check_exit_code=True, run_as_root=True, check_exit_code=True,

View File

@ -226,6 +226,7 @@ class LuksEncryptorTestCase(test_cryptsetup.CryptsetupEncryptorTestCase):
root_helper=self.root_helper, run_as_root=True, root_helper=self.root_helper, run_as_root=True,
check_exit_code=[0, 4], attempts=3), check_exit_code=[0, 4], attempts=3),
mock.call('cryptsetup', 'luksAddKey', self.dev_path, mock.call('cryptsetup', 'luksAddKey', self.dev_path,
'--force-password',
process_input=''.join([fake_key_mangled, process_input=''.join([fake_key_mangled,
'\n', fake_key, '\n', fake_key,
'\n', fake_key]), '\n', fake_key]),