GNU bug report logs -
#69275
[PATCH] gnu: ecryptfs-utils: Add the openssl key module.
Previous Next
Full log
View this message in rfc822 format
Hi Steve,
I apologize for the late reply---I somehow missed that you had
responded to my patch.
To be honest, I don't actually use ecryptfs with guix; I used guix
with this patch to reproduce a linux kernel bug I had discovered [1]
(this bug only happened when using the openssl key module). After
testing the fix for the kernel bug, I figured it was better to send
this patch upstream rather than delete it forever.
> You sent through a patch for adding the openssl module, your commit
> message doesn't say why it's required?
eCryptfs allows you to mount a filesystem overlay similar to overlayfs
but with an added layer of encryption (i.e. files written to the
overlay are encrypted before being written to the underlying
storage). Keys are set up using "key modules" from
ecryptfs-utils. Without my patch, the only available module on guix is
the "passphrase" module that uses a user-supplied passphrase for
encryption/decryption. My patch also enables the "openssl" module that
performs encryption/decryption using an assymmetric key using openssl.
> As I don't use ecryptfs-utils I was wondering if you have a small
> example test of how it's used?
Unfortunately I've lost the scripts that I was using to test this, but
'mount -t ecryptfs' should ask a sequence of questions about which
module and key to use etc.
> Also, there's a bunch of pre-requisite patches, are these still
> needed?
These are not required, I think this was just because I had a handful
of other WIP commits on my local checkout when I created this patch.
Brian
[1] https://lore.kernel.org/ecryptfs/5j2q56p6qkhezva6b2yuqfrsurmvrrqtxxzrnp3wqu7xrz22i7 <at> hoecdztoplbl/
This bug report was last modified 79 days ago.
Previous Next
GNU bug tracking system
Copyright (C) 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson.