ecryptfs-users team mailing list archive
-
ecryptfs-users team
-
Mailing list archive
-
Message #00049
Re: Creating an encrypted directory -- cannot umount
* John Magolske <listmail@xxxxxxx> [110128 12:35]:
> * Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxx> [110127 22:02]:
> >
> > You can also perform a mount, look at the mount options in
> > /proc/mounts, use those arguments to create an entry in /etc/fstab,
> > and add the user option. Then, you'll just need to do the following:
> >
> > $ ecryptfs-add-passphrase
> > $ mount -i ~/.crypto-dir
> >
> > You'll be able to do those 2 commands as a regular user and will no
> > longer have to switch to root for the mount.
>
> I put the arguments found in /proc/mounts (plus the user option) into
> an entry in /etc/fstab, now the `mount -i ~/.crypto-dir` and
> `umount -i .crypto-dir` commands will mount & umount the directory
> without a hitch. But this only works as root, as non-root I get:
>
> $ mount -i /home/john/.crypto-dir
> mount: No such file or directory
>
> then after successfully applying the above command as root:
>
> $ umount -i /home/john/.crypto-dir
> umount: only root can unmount /home/john/.crypto-dir from /home/john/.crypto-dir
>
> Also, if I do `keyctl clear @u` after a `umount -i .crypto-dir`, when I
> try `mount -i ~/.crypto-dir` I get "mount: No such file or directory".
> I can go back & manually do `mount -t ecryptfs .crypto-dir .crypto-dir`
> and that mounts the directory again.
>
> And when I try `ecryptfs-add-passphrase` at any point, there is this:
>
> ecryptfs-add-passphrase: symbol lookup error: ecryptfs-add-passphrase: undefined symbol: ecryptfs_get_passphrase
Below is a shell script I put together to toggle files in a given
directory between being unencrypted & encrypted. Seems to do pretty
much what I want for now:
#!/bin/sh
# add appropriate entries in /etc/sudoers for the mount & umount commands
if [ "$1" = "1" ]
then
sudo mount -t ecryptfs -o \
ecryptfs_sig=xxxxxxxxxxxxxxxx,ecryptfs_cipher=twofish,ecryptfs_key_bytes=32,ecryptfs_passthrough=0 \
/home/john/.crypto-dir /home/john/.crypto-dir
elif [ "$1" = "0" ]
then
sudo umount -i /home/john/.crypto-dir
keyctl clear @u
else
echo "Supply valid argument. Options are \"1\" and \"0\":
1 (unencrypt files)
0 (return to encrypted state)"
fi
Any gotchas / things to look out for?
Thanks,
John
--
John Magolske
http://B79.net/contact
References