GNU bug report logs - #77203
[PATCH 0/4] gnu: Add fscrypt.

Previous Next

Package: guix-patches;

Reported by: 45mg <45mg.writes <at> gmail.com>

Date: Sun, 23 Mar 2025 10:23:02 UTC

Severity: normal

Tags: patch

Done: Leo Famulari <leo <at> famulari.name>

Bug is archived. No further changes may be made.

Full log

Message #44 received at 77203 <at> debbugs.gnu.org (full text, mbox):

From: 45mg <45mg.writes <at> gmail.com>
To: 45mg <45mg.writes <at> gmail.com>, Leo Famulari <leo <at> famulari.name>, 45mg
 <45mg.writes <at> gmail.com>
Cc: 77203 <at> debbugs.gnu.org, Wilko Meyer <w <at> wmeyer.eu>,
 Katherine Cox-Buday <cox.katherine.e+guix <at> gmail.com>,
 Sharlatan Hellseher <sharlatanus <at> gmail.com>
Subject: Re: [PATCH v2 0/4] Linux native filesystem encryption (fscrypt).
Date: Sun, 06 Apr 2025 08:35:37 +0000

45mg <45mg.writes <at> gmail.com> writes:

> After posting v1 I tried to build a VM with it, and when I checked
> /proc/config.gz inside the VM CONFIG_FS_ENCRYPTION was not enabled. So I
> thought maybe it needed to be enabled in aux-files/*.
[...]
> So I guess I must have done something wrong when building the VM, since
> the option is clearly enabled for the build.

Yep, just did the exact same VM test again, and from inside the VM:

# zcat /proc/config.gz | grep 'CONFIG_FS_ENCRYPTION='
CONFIG_FS_ENCRYPTION=y

Within the VM, I successfully performed the example from the fscryptctl
README:
https://github.com/google/fscryptctl?tab=readme-ov-file#example-usage

I've attached the system config I used for the VM below.

# ./pre-inst-env guix system vm test-system.scm

--8<---------------cut here---------------start------------->8---
;; -*- mode: scheme; -*-
;; This is an operating system configuration template
;; for a "bare bones" setup, with no X11 display server.

(use-modules (gnu))
(use-package-modules file-systems)

(operating-system
  (host-name "komputilo")
  (timezone "Europe/Berlin")
  (locale "en_US.utf8")

  ;; Boot in "legacy" BIOS mode, assuming /dev/sdX is the
  ;; target hard disk, and "my-root" is the label of the target
  ;; root file system.
  (bootloader (bootloader-configuration
                (bootloader grub-bootloader)
                (targets '("/dev/sdX"))))
  ;; It's fitting to support the equally bare bones ‘-nographic’
  ;; QEMU option, which also nicely sidesteps forcing QWERTY.
  (kernel-arguments (list "console=ttyS0,115200"))
  (file-systems (cons (file-system
                        (device (file-system-label "myroot"))
                        (mount-point "/")
                        (type "btrfs"))
                      %base-file-systems))

  ;; Globally-installed packages.
  (packages (cons* fscrypt fscryptctl %base-packages)))
--8<---------------cut here---------------end--------------->8---
This bug report was last modified 42 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.