ecryptfs-users team mailing list archive
-
ecryptfs-users team
-
Mailing list archive
-
Message #00045
Re: Creating an encrypted directory -- cannot umount
Thanks for the helpful reply,
* Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxx> [110127 21:21]:
> On Thu Jan 27, 2011 at 07:37:05PM -0800, John Magolske <listmail@xxxxxxx> wrote:
> > I'm trying to create an encrypted directory
> > [...]
> > I tried this:
> >
> > % mkdir .crypto-dir
> > % chmod 700 .crypto-dir
> > # aptitude install ecryptfs-utils
> > # modprobe ecryptfs
> > # mount -t ecryptfs .crypto-dir .crypto-dir
> > Passphrase:
> > [...]
> >
> > Then I cd'd into ~/.crypto-dir (as non-root) and created some
> > files there. But when I try to umount, I'm getting this:
> >
> > # umount .crypto-dir
> > /sbin/umount.ecryptfs: symbol lookup error: /sbin/umount.ecryptfs:
> > undefined symbol: ecryptfs_remove_auth_tok_from_keyring
> > /sbin/umount.ecryptfs: symbol lookup error: /sbin/umount.ecryptfs:
> > undefined symbol: ecryptfs_remove_auth_tok_from_keyring
>
> What does `ldd /sbin/*mount.ecryptfs` give?
% ldd /sbin/*mount.ecryptfs
/sbin/mount.ecryptfs:
linux-gate.so.1 => (0xb7f53000)
libecryptfs.so.0 => /usr/lib/libecryptfs.so.0 (0xb7f22000)
libkeyutils.so.1 => /lib/libkeyutils.so.1 (0xb7f1f000)
libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb7f1a000)
libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7dd4000)
libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7d5f000)
libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7d5b000)
/lib/ld-linux.so.2 (0xb7f54000)
/sbin/umount.ecryptfs:
linux-gate.so.1 => (0xb80af000)
libecryptfs.so.0 => /usr/lib/libecryptfs.so.0 (0xb807e000)
libdl.so.2 => /lib/i686/cmov/libdl.so.2 (0xb807a000)
libc.so.6 => /lib/i686/cmov/libc.so.6 (0xb7f33000)
libgcrypt.so.11 => /usr/lib/libgcrypt.so.11 (0xb7ebe000)
libgpg-error.so.0 => /usr/lib/libgpg-error.so.0 (0xb7eba000)
libkeyutils.so.1 => /lib/libkeyutils.so.1 (0xb7eb7000)
/lib/ld-linux.so.2 (0xb80b0000)
> ecryptfs_remove_auth_tok_from_keyring() is in libecryptfs and
> umount.ecryptfs should be linked against it. I'm guessing that you
> either have an old libecryptfs laying around somewhere
> (/usr/local/lib/ ?) or something is wrong with the way that debian is
> building umount.ecryptfs.
I've never used eCryptfs on this system or anywhere before. Also,
didn't see anything under /usr/local/lib/ ...
> If you're just wanting umount to work without warnings/errors,
> `umount -i .crypto-dir` will work until we figure this out. That will
> bypass the eCryptfs umount helper and will just perform the unmount.
>
> Note that the eCryptfs umount helper is what removes your mount key
> from the kernel keyring. So, if you don't want the key to hang around,
> you'll need to do something like `keyctl clear @u` after umount with
> the -i flag.
Excellent, this does the job for now. Next, to wrap up
`mount -t ecryptfs -o key= ...` in a shell script that queries
me for the passphrase.
Best regards,
John
--
John Magolske
http://B79.net/contact
Follow ups
References