Details
-
Technical task
-
Resolution: Unresolved
-
Minor
-
None
-
None
-
None
-
9223372036854775807
Description
In "Test Plan for Client-Side Encryption" in
Test ‘lfs migrate/mirror’ of encrypted file. ‘lfs mirror’ actions known to be presently functional are the ‘create/resync/verify/write/read’ sequence, with and without the encryption key.
If I test without encryption key lfs mirror read :
# lfs mirror read --mirror-id=1 /mnt/lustre/vault/+ed0A1hnSFSvU9myM1ZHw9anVti9gRDhKf4r3fK6FNM
lfs mirror read: cannot open '/mnt/lustre/vault/+ed0A1hnSFSvU9myM1ZHw9anVti9gRDhKf4r3fK6FNM': Required key not available
Read the content of a specified mirror of a file.
This is the correct behavior - if there is no encryption key, then the user should not be able to read or write the data.
We need to fix this in the test plan.
Correct, we are on the same page.