Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Filesystem plugin: Add "EncryptionStatus" to each volume on Windows #1226

Closed
stuartpreston opened this issue Jul 24, 2018 · 3 comments
Closed

Filesystem plugin: Add "EncryptionStatus" to each volume on Windows #1226

stuartpreston opened this issue Jul 24, 2018 · 3 comments
Labels
Platform: Windows Type: Enhancement Adds new functionality.

Comments

@stuartpreston
Copy link

Description

On a Windows System (tested on Windows 10), the EncryptionStatus for a volume can be seen by inspecting the win32-encryptablevolume class in the root/cimv2/security/MicrosoftVolumeEncryption namespace or by executing the following PowerShell (full compatibility/module versions to be determined)

> (Get-BitlockerVolume -MountPoint "C:").VolumeStatus
FullyEncrypted

Using this information would enhance the ohai filesystem plugin output to look similar to the following:

{
  "C:": {
    "kb_size": 511463911,
    "kb_available": 252410994,
    "kb_used": 259052917,
    "percent_used": 50,
    "mount": "C:",
    "fs_type": "ntfs",
    "volume_name": "",
    "encryption_status": "FullyEncrypted"
  }
}

The encryption_status field is the text representation of the ConversionStatus class from https://docs.microsoft.com/en-us/windows/desktop/secprov/getconversionstatus-win32-encryptablevolume#parameters:

Value Meaning
FullyDecrypted For a standard hard drive (HDD), the volume is fully decrypted. For a hardware encrypted hard drive (EHDD), the volume is perpetually unlocked.
FullyEncrypted For a standard hard drive (HDD), the volume is fully encrypted. For a hardware encrypted hard drive (EHDD), the volume is not perpetually unlocked.
EncryptionInProgress The volume is partially encrypted.
DecryptionInProgress The volume is partially encrypted.
EncryptionPaused The volume has been paused during the encryption progress. The volume is partially encrypted.
DecryptionPaused The volume has been paused during the decryption progress. The volume is partially encrypted.

Ohai Version

14 (not a breaking change)

Platform Version

Windows 10, ideally target Windows 2008 upwards (at the very least this should not fail on Windows 2008)
@kmf
Copy link

kmf commented Jul 25, 2018

Thanks for this!

@Nimesh-Msys Nimesh-Msys mentioned this issue Aug 31, 2018
Merged
4 tasks
@tas50 tas50 closed this as completed Sep 9, 2018
@tas50
Copy link
Contributor

tas50 commented Sep 9, 2018

This will ship in Chef 14.5

@lock
Copy link

lock bot commented Mar 3, 2019

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Mar 3, 2019
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
Platform: Windows Type: Enhancement Adds new functionality.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kmf @tas50 @stuartpreston