aboutsummaryrefslogtreecommitdiff
path: root/mount.go
AgeCommit message (Collapse)Author
2021-08-30Reimplement -serialize_reads flag using new SyncRead mount flagJakob Unterwurzacher
Let the kernel do the work for us. See https://github.com/hanwen/go-fuse/commit/15a8bb029a4e1a51e10043c370970596b1fbb737 for more info.
2021-08-23cryptocore: add NonceSize to AEADTypeEnumJakob Unterwurzacher
Have the information in one centralized place, and access it from main as needed.
2021-08-23Add partial XChaCha20-Poly1305 support (mount flag only)Jakob Unterwurzacher
Mount flag only at the moment, not saved to gocryptfs.conf. https://github.com/rfjakob/gocryptfs/issues/452
2021-08-23go mod: declare module version v2Jakob Unterwurzacher
Our git version is v2+ for some time now, but go.mod still declared v1. Hopefully making both match makes https://pkg.go.dev/github.com/rfjakob/gocryptfs/v2 work. All the import paths have been fixed like this: find . -name \*.go | xargs sed -i s%github.com/rfjakob/gocryptfs/%github.com/rfjakob/gocryptfs/v2/%
2021-08-20-deterministic-names: accept flag on -initJakob Unterwurzacher
And store it in gocryptfs.conf (=remove DirIV feature flag).
2021-08-20Implement -deterministic-names: extended -zerodirivJakob Unterwurzacher
-deterministc-names uses all-zero dirivs but does not write them to disk anymore.
2021-08-19Flag -zerodiriv to create all diriv as all zero byte filesJose M Perez
2021-08-19golangci-lint: fix issues found by gosimpleJakob Unterwurzacher
Everything except the if err2.Err == syscall.EOPNOTSUPP case. Gets too confusing when collapsed into a single line. Issues were: $ golangci-lint run --disable-all --enable gosimple mount.go:473:2: S1008: should use 'return strings.HasPrefix(v, "fusermount version")' instead of 'if strings.HasPrefix(v, "fusermount version") { return true }; return false' (gosimple) if strings.HasPrefix(v, "fusermount version") { ^ cli_args.go:258:5: S1002: should omit comparison to bool constant, can be simplified to `args.forcedecode` (gosimple) if args.forcedecode == true { ^ cli_args.go:263:6: S1002: should omit comparison to bool constant, can be simplified to `args.aessiv` (gosimple) if args.aessiv == true { ^ cli_args.go:267:6: S1002: should omit comparison to bool constant, can be simplified to `args.reverse` (gosimple) if args.reverse == true { ^ internal/stupidgcm/stupidgcm.go:227:6: S1002: should omit comparison to bool constant, can be simplified to `g.forceDecode` (gosimple) if g.forceDecode == true { ^ gocryptfs-xray/xray_tests/xray_test.go:23:5: S1004: should use !bytes.Equal(out, expected) instead (gosimple) if bytes.Compare(out, expected) != 0 { ^ gocryptfs-xray/xray_tests/xray_test.go:40:5: S1004: should use !bytes.Equal(out, expected) instead (gosimple) if bytes.Compare(out, expected) != 0 { ^ gocryptfs-xray/paths_ctlsock.go:34:20: S1002: should omit comparison to bool constant, can be simplified to `!eof` (gosimple) for eof := false; eof == false; line++ { ^ tests/reverse/xattr_test.go:19:2: S1008: should use 'return err2.Err != syscall.EOPNOTSUPP' instead of 'if err2.Err == syscall.EOPNOTSUPP { return false }; return true' (gosimple) if err2.Err == syscall.EOPNOTSUPP { ^ internal/fusefrontend/node.go:459:45: S1002: should omit comparison to bool constant, can be simplified to `!nameFileAlreadyThere` (gosimple) if nametransform.IsLongContent(cName2) && nameFileAlreadyThere == false { ^ tests/xattr/xattr_integration_test.go:221:2: S1008: should use 'return err2.Err != syscall.EOPNOTSUPP' instead of 'if err2.Err == syscall.EOPNOTSUPP { return false }; return true' (gosimple) if err2.Err == syscall.EOPNOTSUPP { ^ tests/test_helpers/helpers.go:338:19: S1002: should omit comparison to bool constant, can be simplified to `open` (gosimple) if err != nil && open == true { ^ tests/matrix/concurrency_test.go:121:7: S1004: should use !bytes.Equal(buf, content) instead (gosimple) if bytes.Compare(buf, content) != 0 { ^
2021-08-16reverse mode: implement -one-file-systemJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/475
2021-08-12main: accept magic /dev/fd/ mountpointJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/590
2021-08-02fusefrontend: add quirks for MacOS ExFATJakob Unterwurzacher
This also moves the quirks logic into fusefrontend. Fixes https://github.com/rfjakob/gocryptfs/issues/585
2021-06-21Improve startup debug outputJakob Unterwurzacher
The startup debug output was very verbose but still missing some effective crypto settings.
2021-06-20nametransform: pass badname patterns via NewJakob Unterwurzacher
This means we can unexport the field.
2021-06-20main: use JSONDump helper for debug outputJakob Unterwurzacher
2021-05-18fsck: redirect go-fuse noise to syslogJakob Unterwurzacher
2021-05-15Add -acl flag to enable ACL enforcementJakob Unterwurzacher
With test to verify that it actually works this time: Run "make root_test". Depends-on: https://github.com/rfjakob/gocryptfs/issues/536 Fixes: https://github.com/rfjakob/gocryptfs/issues/536
2021-04-05fusefrontend: print dirCache stats after unmountJakob Unterwurzacher
2021-03-07v2api: -sharestorage: disable hard link tracking & add testsJakob Unterwurzacher
Hard link tracking was not correctly disabled since the migration to the go-fuse v2 api. Add a test to ensure it stays off. Fixes https://github.com/rfjakob/gocryptfs/issues/525
2021-01-02-idle: don't lazy-unmountJakob Unterwurzacher
When a process has its working dir inside the mount, the only way we notice is that we get EBUSY when trying to unmount. We used to lazy-unmount in this case, but this means pulling the rug from under the process. For example, bash will start throwing cd: error retrieving current directory: getcwd: cannot access parent directories: No such file or directory messages. Fixes https://github.com/rfjakob/gocryptfs/issues/533
2020-12-20main: add "-kernel_cache" flaggmd20
This option is similar to fuse(8) kernel_cache Verified using vmtouch. Without -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0242321 s, 433 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011159 seconds Files: 1 Directories: 0 Resident Pages: 0/2560 0/10M 0% Elapsed: 0.000993 seconds With -kernel_cache: $ dd if=/dev/zero of=foo bs=1M count=10 ; vmtouch -t foo ; vmtouch foo 10+0 records in 10+0 records out 10485760 bytes (10 MB, 10 MiB) copied, 0,0244015 s, 430 MB/s Files: 1 Directories: 0 Touched Pages: 2560 (10M) Elapsed: 0.011564 seconds Files: 1 Directories: 0 Resident Pages: 2560/2560 10M/10M 100% Elapsed: 0.000369 seconds
2020-10-18fusefronted: reject GETXATTR "security.capability"Jakob Unterwurzacher
Unless we are mounted with -suid, we can reject these requests, and gain back some lost speed. Closes https://github.com/rfjakob/gocryptfs/issues/515
2020-10-14main: show microseconds in go-fuse logsJakob Unterwurzacher
Suppress the date but show microseconds in fuse debug logs (-fusedebug) and go-fuse warnings.
2020-07-27v2api: pass fusedebug option via MountOptionsJakob Unterwurzacher
srv.SetDebug() is deprecated and only enables the debug output after the init sequence, so we missed the first few transaction in the debug output.
2020-07-19v2api: fsck: use a temporary mountJakob Unterwurzacher
Directly accessing the Nodes does not work properly, as there is no way to attach a newly LOOKUPped Node to the tree. This means Path() does not work. Use an actual mount instead and walk the tree.
2020-07-19v2api: enable go-fuse warnings on mount & fsckJakob Unterwurzacher
2020-07-18v2api: make fsck compile againJakob Unterwurzacher
Horribly broken, but it compiles. .../tests/fsck$ ./run_fsck.bash Reading password from extpass program "echo", arguments: ["test"] Decrypting master key OpenDir ".": invalid entry "invalid_file_name.3": illegal base64 data at input byte 17 OpenDir ".": invalid entry "invalid_file_name_2": bad message fsck: corrupt entry in dir "": "invalid_file_name.3" fsck: corrupt entry in dir "": "invalid_file_name_2" OpenDir ".": invalid entry "invalid_file_name____1": bad message fsck: corrupt entry in dir "": "invalid_file_name____1" fsck: error stating file ".go-fuse.5577006791947779410/deleted": no such file or directory fsck: error listing xattrs on ".go-fuse.13260572831089785859/deleted": no such file or directory fsck: error opening dir "i10488239 (dir): ": no such file or directory fsck: error reading symlink ".go-fuse.10667007354186551956/deleted": no such file or directory fsck: error listing xattrs on ".go-fuse.11998794077335055257/deleted": no such file or directory [...]
2020-07-12v2api: set NullPermissions = trueJakob Unterwurzacher
Don't let go-fuse mess úp 0000 permissions.
2020-07-08v2api: fix crash on umountJakob Unterwurzacher
fs.Mount already called srv.Serve() for us.
2020-06-21v2api (go-fuse v2 api): initial noop implementationJakob Unterwurzacher
Compiles and mounts but does nothing useful.
2020-05-17Update go-fuse import path to github.com/hanwen/go-fuse/v2Jakob Unterwurzacher
We need https://github.com/hanwen/go-fuse/commit/fd7328faf9fdf75709f7ba7df7072aaf4eeb18b3 to fix a crash reported in https://github.com/rfjakob/gocryptfs/issues/430 : 2019/10/30 17:14:16 Unknown opcode 2016 panic: runtime error: invalid memory address or nil pointer dereference [signal SIGSEGV: segmentation violation code=0x1 addr=0x20 pc=0x508d38] This patch is only in the v2.x.x branch. Upgrade to v2, as the old API is also supported there. Running git grep hanwen/go-fuse | grep -v hanwen/go-fuse/v2 to check for forgotten references comes back clean.
2020-05-09ctlsock: create exported ctlsock client libraryJakob Unterwurzacher
The former interal ctlsock server package is renamed to ctlsocksrv.
2020-05-09main: untangle `-masterkey` handling and config loadingJakob Unterwurzacher
This was handled both in getMasterKey(). Split it apart.
2020-02-28Show undecryptable filenames if they match supplied globorcas
Resolves https://github.com/rfjakob/gocryptfs/issues/393
2020-01-14main: haveFusermount2: respect PATH environment variableJakob Unterwurzacher
Use exec.LookPath() to find fusermount in the user's PATH first. Fall back to /bin/fusermount for the case that PATH is not set, like go-fuse does. Fixes https://github.com/rfjakob/gocryptfs/issues/448
2019-12-28main: detect fusermount3 and don't add `nonempty`Jakob Unterwurzacher
fusermount3 (i.e. fusermount from libfuse 3.x) has dropped the `nonempty` option. Detect fusermount3 and don't add `nonempty` in this case. Fixes https://github.com/rfjakob/gocryptfs/pull/440
2019-09-08Fix -idle unmounting despite activityJakob Unterwurzacher
Fixes https://github.com/rfjakob/gocryptfs/issues/421
2019-08-04Fix "constant 2435016766 overflows int32" build failure on armJakob Unterwurzacher
Cast to uint32 to fix the int32 overflow, and define BTRFS_SUPER_MAGIC locally to fix the next failure on darwin.
2019-08-04Rename isDirEmpty -> isEmptyDirJakob Unterwurzacher
The function actually answers the question: "is this an empty dir"?
2019-08-04Force -noprealloc on BtrfsJakob Unterwurzacher
Preallocation on Btrfs is broken ( https://github.com/rfjakob/gocryptfs/issues/395 , https://lore.kernel.org/linux-btrfs/CAPv9Zmk46As_P9Gyf_icET53xRda63h7iC1meES9xbdDEt9qow@mail.gmail.com/ ) and slow ( https://github.com/rfjakob/gocryptfs/issues/63 ).
2019-03-26reverse mode: support wildcard exclude (--exclude-wildcard)Eduardo M KALINOWSKI
This adds support for gitignore-like wildcards and exclude patters in reverse mode. It (somewhat) fixes #273: no regexp support, but the syntax should be powerful enough to satisfy most needs. Also, since adding a lot of --exclude options can be tedious, it adds the --exclude-from option to read patterns from a file (or files).
2019-01-15mount: Replace commas in volume name.Sebastian Lackner
Fixes the following test failure: cli_test.go:534: Failed to mount "[...]/542399800,foo,bar" on "[...]/542399800,foo,bar.mnt": exit status 19
2018-10-17main: also redirect Fatal logger to syslog on daemonizationJakob Unterwurzacher
The messages would still be collected via gocryptfs-logger, but let's do it right. Before: Oct 17 21:58:12 brikett gocryptfs[9926]: testing info Oct 17 21:58:12 brikett gocryptfs[9926]: testing warn Oct 17 21:58:12 brikett gocryptfs-9926-logger[9935]: testing fatal After: Oct 17 22:00:53 brikett gocryptfs[10314]: testing info Oct 17 22:00:53 brikett gocryptfs[10314]: testing warn Oct 17 22:00:53 brikett gocryptfs[10314]: testing fatal
2018-10-11Add option for autounmountJesse Dunietz
Even though filesystem notifications aren't implemented for FUSE, I decided to try my hand at implementing the autounmount feature (#128). I based it on the EncFS autounmount code, which records filesystem accesses and checks every X seconds whether it's idled long enough to unmount. I've tested the feature locally, but I haven't added any tests for this flag. I also haven't worked with Go before. So please let me know if there's anything that should be done differently. One particular concern: I worked from the assumption that the open files table is unique per-filesystem. If that's not true, I'll need to add an open file count and associated lock to the Filesystem type instead. https://github.com/rfjakob/gocryptfs/pull/265
2018-09-18main: sanitize commas from fsnameJakob Unterwurzacher
The cipherdir path is used as the fsname, as displayed in "df -T". Now, having a comma in fsname triggers a sanity check in go-fuse, aborting the mount with: /bin/fusermount: mount failed: Invalid argument fuse.NewServer failed: fusermount exited with code 256 Sanitize fsname by replacing any commas with underscores. https://github.com/rfjakob/gocryptfs/issues/262
2018-09-08main: don't read the config file twice (fix pipe bug)Jakob Unterwurzacher
Instead, first Load() the file, then DecryptMasterKey(). Fixes https://github.com/rfjakob/gocryptfs/issues/258
2018-08-11reverse mode: add --exclude optionJakob Unterwurzacher
https://github.com/rfjakob/gocryptfs/issues/235
2018-07-01main: improve fuse.NewServer error messageJakob Unterwurzacher
Before: fuse.NewServer failed: "fusermount exited with code 256\n" After: fuse.NewServer failed: fusermount exited with code 256
2018-06-07main: accept -dev, -nodev, -suid, -nosuid, -exec, -noexecJakob Unterwurzacher
When mounted via /etc/fstab like this, /a /b fuse.gocryptfs default 0 0 we always get extra options passed. As reported by @mahkoh at https://github.com/rfjakob/gocryptfs/pull/233 : mount passes `-o noexec` if `-o user` is set and `-o exec` is not set. If both `-o user` and `-o exec` are set, it passes `-o exec`. Make these options work, and in addtion, also make -suid and -rw work the same way. Reported-by: @mahkoh
2018-04-08Fix the easy golint warningsJakob Unterwurzacher
Reported by https://goreportcard.com/report/github.com/rfjakob/gocryptfs
2018-04-01main: move getMasterKey into initFuseFrontendJakob Unterwurzacher
This is where the results are used, so call it there. This simplifies doMount a bit because we can get rid of the block protecting masterkey.