Re: [Ecryptfs-users] Creating an encrypted directory -- cannot umount

Thu, 03 Feb 2011 21:00:08 -0800 

* John Magolske <[email protected]> [110128 12:35]:
> * Tyler Hicks <[email protected]> [110127 22:02]:
> > 
> > You can also perform a mount, look at the mount options in
> > /proc/mounts, use those arguments to create an entry in /etc/fstab,
> > and add the user option. Then, you'll just need to do the following:
> > 
> > $ ecryptfs-add-passphrase
> > $ mount -i ~/.crypto-dir
> > 
> > You'll be able to do those 2 commands as a regular user and will no
> > longer have to switch to root for the mount.
> 
> I put the arguments found in /proc/mounts (plus the user option) into
> an entry in /etc/fstab, now the `mount -i ~/.crypto-dir` and
> `umount -i .crypto-dir` commands will mount & umount the directory
> without a hitch. But this only works as root, as non-root I get:
> 
>   $ mount -i /home/john/.crypto-dir
>   mount: No such file or directory
> 
> then after successfully applying the above command as root:
> 
>   $ umount -i /home/john/.crypto-dir
>   umount: only root can unmount /home/john/.crypto-dir from 
> /home/john/.crypto-dir
> 
> Also, if I do `keyctl clear @u` after a `umount -i .crypto-dir`, when I
> try `mount -i ~/.crypto-dir` I get "mount: No such file or directory".
> I can go back & manually do `mount -t ecryptfs .crypto-dir .crypto-dir`
> and that mounts the directory again.
> 
> And when I try `ecryptfs-add-passphrase` at any point, there is this:
> 
>   ecryptfs-add-passphrase: symbol lookup error: ecryptfs-add-passphrase: 
> undefined symbol: ecryptfs_get_passphrase

Below is a shell script I put together to toggle files in a given
directory between being unencrypted & encrypted. Seems to do pretty
much what I want for now:

  #!/bin/sh
  # add appropriate entries in /etc/sudoers for the mount & umount commands
  if [ "$1" = "1" ]
  then
      sudo mount -t ecryptfs -o \
      
ecryptfs_sig=xxxxxxxxxxxxxxxx,ecryptfs_cipher=twofish,ecryptfs_key_bytes=32,ecryptfs_passthrough=0
 \
      /home/john/.crypto-dir /home/john/.crypto-dir
  elif [ "$1" = "0" ]
  then
      sudo umount -i /home/john/.crypto-dir
      keyctl clear @u
  else
      echo "Supply valid argument. Options are \"1\" and \"0\":
      1       (unencrypt files)
      0       (return to encrypted state)"
  fi

Any gotchas / things to look out for?

Thanks,

John

-- 
John Magolske
http://B79.net/contact

_______________________________________________
Mailing list: https://launchpad.net/~ecryptfs-users
Post to     : [email protected]
Unsubscribe : https://launchpad.net/~ecryptfs-users
More help   : https://help.launchpad.net/ListHelp

Reply via email to