Age | Commit message (Collapse) | Author |
|
...and exit if it is not zero.
|
|
This makes sure all callers of parseMasterKey warn the user.
At the moment there is only one, but another one will be added
soon for forcing a password change when only the master key is
known.
|
|
Crash is described at https://github.com/rfjakob/gocryptfs/issues/48 .
Revert this once https://github.com/hanwen/go-fuse/pull/131 is merged.
|
|
It currently does not and even causes a crash due to a bug in
go-fuse.
Also converts the test to table-based.
|
|
|
|
This can happen during normal operation when the directory has
been deleted concurrently. But it can also mean that the
gocryptfs.diriv is missing due to an error, so log the event
at "info" level.
|
|
Also fixes the failure to run the benchmarks do to the missing
gocryptfs.diriv.
|
|
|
|
Conditionally try to mount a gocryptfs filesystem. If either
* CIPHERDIR does not exist OR
* something is already mounted on MOUNTPOINT
print a message to stdout (not stderr!) but exit with 0.
This is meant to be called from automated mount systems like pam_mount,
where you want to avoid error messages if the filesystem does not exist,
or duplicate mounts if the filesystem has already been mounted.
|
|
Mounting through fstab or pam_mount may get the output logged
into syslog. We don't want the master key to end up in syslog.
|
|
Binds it to a dummy variable so it appears in the help text.
|
|
Moving "-o" to the end broke a third-party app, SiriKali.
Breaking your users is bad, so let's accept "-o" anywhere.
|
|
This already worked for files but was missing for dirs.
|
|
|
|
Also update Go versions
|
|
|
|
The README text has been moved to
https://github.com/rfjakob/gocryptfs/wiki/Mounting-on-login-using-pam_mount
and the gocryptfs_pam_mount.bash is no longer needed since
commit 9cf3ced0ce95495cabd8f4e7055d1c98f42363c9 .
|
|
|
|
|
|
|
|
Make it easier to read the password from a file. Internally this
is equivalent to "-extpass /bin/cat FILE".
|
|
When called from mount, we always get either "suid" or "nosuid".
As "nosuid" is the default, just ignore the options. Same for
the other options.
|
|
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
|
|
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
|
|
Before:
You can now mount it using: gocryptfs a x MOUNTPOINT
After:
You can now mount it using: gocryptfs "a x" MOUNTPOINT
This is still not bulletproof but should handle the common
case of having a space in the directory name. After all,
it's only a suggestion.
|
|
Before:
Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
After:
Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg"
Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
|
|
These should help prevent later programming errors.
|
|
|
|
|
|
pam_mount is supposed to check that as well, but it seems to get confused
by the "command#path" syntax used for FUSE. Let's do it here.
|
|
|
|
This fired incorrectly:
Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
|
|
|
|
|
|
See ticket #34
|
|
Fix the test for that and add checks in example_filesystems_test.
|
|
A panic during the tests can leave mounted filesystems behind.
|
|
|
|
|
|
Also move the example content into "content".
|
|
Also get rid of useless isFiltered function.
|
|
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.
Also adds a test for that.
|
|
We want to see panics and warnings on the console
|
|
As reverse also does not want a diriv file, the "plaintextNames"
argument became a misnomer.
|
|
Future tests will need more info about the running test case.
|
|
And add AES-SIV
|
|
For example, we cannot mount "/home/user/.cipher" at "/home/user"
because the mount will hide ".cipher" also for us.
Doing it anyway used to cause a nasty hang.
|
|
Ongoing effort to reduce the size of main().
|
|
This was frustrating:
$ gocryptfs a b
Password:
Decrypting master key
open a/gocryptfs.conf: permission denied
|
|
Also explain why AES-SIV exists.
|