1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
|
#!/bin/sh
set -eu
kver="$(uname -r)"
if linux-version compare "$kver" lt 6.5; then
echo "I: This kernel version ($kver) is too old"
exit 77
fi
. debian/tests/test-common
# Configure export
export_dir=/srv/server.internal
mkdir -p "$export_dir"
rm -f "$export_dir"/*
cat >/etc/exports <<EOF
$export_dir localhost(no_root_squash,rw,xprtsec=mtls)
EOF
exportfs -a
# Try to mount
mount_dir=/media/server.internal
mkdir -p "$mount_dir"
! mountpoint "$mount_dir" || umount "$mount_dir"
mount -t nfs -o nodev,nosuid,xprtsec=mtls \
"server.internal:$export_dir" "$mount_dir"
# Check that mTLS is used
printf 'I: Mounted as: %s\n' "$(grep '^server\.internal:' /proc/mounts)"
if grep '^server\.internal:' /proc/mounts | grep -qv '\bxprtsec=mtls\b'; then
echo >&2 "E: Missing xprtsec=mtls"
fi
# Check that it's really working
touch "$export_dir/server"
touch "$mount_dir/client"
if ! [ -f "$mount_dir/server" ]; then
echo >&2 "E: Failing to see server changes on client"
fi
if ! [ -f "$export_dir/client" ]; then
echo >&2 "E: Failing to see client changes on server"
fi
|
