There are several challenges with the existing method of using
/etc/crypttab:
1)encrypted rootfs partitions are not typically listed in this
file (users are prompted for password in early boot instead)
2)the 'luks' option is the default option so it is possible for
/etc/crypttab entries to never have this set explicitly and any
block device configured as such will be missed currently
3)any device mounted manually, or using any other mechanism aside
from /etc/crypttab will be missed
This commit executes 'cryptsetup isLuks' on every block device in
the system to determine whether it is a LUKS device. This handles
all 3 cases mentioned above.
Test case wording was also updated to reflect the fact that it
only checks for LUKS entrypted block devices. So, plain dm-crypt
and TrueCrypt/VeraCrypt block device encryption is not detected.
Nor is any file system level encryption such as eCryptfs, EncFs,
gocryptfs.
84dd024887