ecryptfs team mailing list archive

Thread
Date

[Bug 434576] Re: cannot change PEM key file path when mounting a directory with ecryptfs vfstype

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Tyler Hicks <tyhicks@xxxxxxxxxxxxxxxxxx>
Date: Thu, 15 Oct 2009 05:00:09 -0000
Reply-to: Bug 434576 <434576@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

I can't reproduce this upstream, so this problem has been fixed at some
point.  It has been a long time since ecryptfs-utils-38.

Here's what happened when I gave an incorrect path:

---
# mount -t ecryptfs lower upper
Select key type to use for newly created files: 
 1) passphrase
 2) openssl
Selection: 2
PEM key file [/root/.ecryptfs/pki/openssl/key.pem]: /root/.ecryptfs-BAD/pki/openssl/key.pem
Method of providing the passphrase: 
 1) openssl_passwd: Enter on Console
 2) openssl_passwd_file: File Containing Passphrase
 3) openssl_passwd_fd: File Descriptor for File Containing Passphrase
Selection [openssl_passwd]: 1
Passphrase: 
Error attempting to evaluate mount options: [-5] Input/output error
Check your system logs for details on why this happened.
Try updating your ecryptfs-utils package, and/or
submit a bug report on https://launchpad.net/ecryptfs
---

and this was logged:

---
Oct 14 23:53:19 fedora-virt mount.ecryptfs: Unable to read filename [/root/.ecryptfs-BAD/pki/openssl/key.pem]
Oct 14 23:53:19 fedora-virt mount.ecryptfs: Error attempting to read RSA key from file; rc = [-5]
Oct 14 23:53:19 fedora-virt mount.ecryptfs: Call into key module's get_key_sig failed; rc = [-5]
Oct 14 23:53:19 fedora-virt mount.ecryptfs: Error initializing key from module; rc = [-5]
Oct 14 23:53:19 fedora-virt mount.ecryptfs: Error attempting to add key to keyring for key module [openssl]; rc = [-5]
Oct 14 23:53:19 fedora-virt mount.ecryptfs: Error processing OpenSSL key; rc = [-5]
---

Good, a bad path throws an error, as expected.  What about a good path,
that's not the default?

---
# mount -t ecryptfs lower upper
Select key type to use for newly created files: 
 1) passphrase
 2) openssl
Selection: 2
PEM key file [/root/.ecryptfs/pki/openssl/key.pem]: /root/ecryptfs-pki/openssl/key.pem
Method of providing the passphrase: 
 1) openssl_passwd: Enter on Console
 2) openssl_passwd_file: File Containing Passphrase
 3) openssl_passwd_fd: File Descriptor for File Containing Passphrase
Selection [openssl_passwd]: 1
Passphrase: 
...
<Mount goes on to succeed>
---

** Changed in: ecryptfs
       Status: Triaged => Fix Released

-- 
cannot change PEM key file path when mounting a directory with ecryptfs vfstype
https://bugs.launchpad.net/bugs/434576
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Fix Released
Status in “ecryptfs-utils” package in Ubuntu: Won't Fix

Bug description:
Binary package hint: ecryptfs-utils

If I launch the command

mount -t ecryptfs /home/marco/Documents /home/marco/Documents

I'm asked to select  the key type  to use for newly created files. If I select openssl (1) I'm asked to specify key.pem path but it seems that I cannot change this value (if I press any keys I don't see anything)

Tested with Hardy and ecryptfs-utils 38-2.

References

[Bug 434576] [NEW] cannot change PEM key file path when mounting a directory with ecryptfs vfstype
From: marco.pallotta, 2009-09-22