ecryptfs team mailing list archive

[Colin Watson <cjwatson@xxxxxxxxxxxxx>]

If a bind mount works for this, would it not also be possible to
document how to extend backup utilities to do that mount just for the
duration of the backup? I would prefer that to having the bind-mount
around all the time. Backup utilities often already do tricks at least
as complicated as this before they start a backup, for example creating
LVM snapshots.

If you must have it available all the time, an fstab entry is
questionable; I'd rather it were done dynamically in init scripts. I'm
not wild about the name either; have a look through the FHS and see if
you can think of a better location.

(How are backup utilities going to avoid backing up /home for certain
users? They'd presumably want to back up only the encrypted files for
users with encrypted home directories. This suggests that backup
utilities would need to be modified anyway in order to play nicely with
ecryptfs, in which case having to do a bind-mount doesn't seem a major
imposition.)

-- 
establish ro,bind mount of /home for backup purposes
https://bugs.launchpad.net/bugs/371719
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Triaged
Status in “ecryptfs-utils” source package in Ubuntu: Triaged

Bug description:
This bug is similar to Bug #365596.

A commenter there had an excellent suggestion.  eCryptfs should, perhaps, add an entry to /etc/fstab that looks like this:

/home /.home-backup none ro,bind

This would ensure that encrypted copies of all files are available at all times to backup utilities at /.home-backup.

:-Dustin