| Age | Commit message (Collapse) | Author |
|---|
|
When O_PATH is specified in flags, flag bits other than O_CLOEXEC, O_DIRECTORY,
and O_NOFOLLOW are ignored.
|
|
Run at low priority to not annoy the user too much.
|
|
The gocryptfs process may keep one fd open for up to one second
in the dirCache.
|
|
Un-spaghettify the function and let the callers open
the directory.
|
|
Hopefully gets rid of the false positives on travis.
|
|
https://github.com/rfjakob/gocryptfs/issues/308
|
|
Make clear what we have and what we want.
|
|
Give the gocryptfs process one extra millisecond to close
files. Allows us to drop several other sleeps.
UnmountErr now really returns an error when it detects an fd leak
instead of just printing a message.
|
|
These are created on demand by the Go runtime and are usually
not interesting.
|
|
Tests outside the test_helpers package may want to look
at this.
|
|
|
|
Also, drop entries that disappear while we stat them.
|
|
With the FD leak logic, the mount/unmount functions have
become complex enough to give them their own file.
|
|
For now, this only prints a message but does not fail the tests.
|
|
|
|
This will allow to tests to monitor fd usage and maybe other things.
|
|
An Open() a fifo blocks until it is opened for writing.
This meant that xattr operations on FIFOs would block.
Pass O_NONBLOCK to fix that, and add a test.
|
|
Uses the /proc/self/fd trick, which does not work
on Darwin.
|
|
Test for the upcoming fd-based xattr support.
|
|
Make Access() symlink-safe through use of faccessat.
|
|
Mostly detected with the 'codespell' utility, but also includes some
manual grammar fixes.
|
|
Error was:
tests/cli/cli_test.go:552: declaration of "err" shadows declaration at tests/cli/cli_test.go:544
|
|
Mount with idle timeout 10ms and check that the process exits by itself
within 5 seconds.
|
|
Retry with length 1000 if length 4000 fails, which
should work on all filesystems.
Failure was:
--- FAIL: TestTooLongSymlink (0.00s)
correctness_test.go:198: symlink xxx[...]xxxx /tmp/xfs.mnt/gocryptfs-test-parent/549823072/365091391/TooLongSymlink: file name too long
https://github.com/rfjakob/gocryptfs/issues/267
|
|
Setting TMPDIR now allows to run the tests against
a directory of your choice, making it easier to test
different filesystems.
|
|
Directly use int file descriptors for the dirfd
and get rid of one level of indirection.
|
|
Help uncover symlink races.
|
|
Instead of reporting the consequence:
matrix_test.go:906: modeHave 0664 != modeWant 0777
Report it if chmod itself fails, and also report the old file mode:
matrix_test.go:901: chmod 000 -> 777 failed: bad file descriptor
|
|
The cipherdir path is used as the fsname, as displayed
in "df -T". Now, having a comma in fsname triggers a sanity check
in go-fuse, aborting the mount with:
/bin/fusermount: mount failed: Invalid argument
fuse.NewServer failed: fusermount exited with code 256
Sanitize fsname by replacing any commas with underscores.
https://github.com/rfjakob/gocryptfs/issues/262
|
|
Rename openBackingPath to openBackingDir and use OpenDirNofollow
to be safe against symlink races. Note that openBackingDir is
not used in several important code paths like Create().
But it is used in Unlink, and the performance impact in the RM benchmark
to be acceptable:
Before
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.bYO: gocryptfs v1.6-12-g930c37e-dirty; go-fuse v20170619-49-gb11e293; 2018-09-08 go1.10.3
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.07979 s, 243 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.882413 s, 297 MB/s
UNTAR: 16.703
MD5: 7.606
LS: 1.349
RM: 3.237
After
$ ./benchmark.bash
Testing gocryptfs at /tmp/benchmark.bash.jK3: gocryptfs v1.6-13-g84d6faf-dirty; go-fuse v20170619-49-gb11e293; 2018-09-08 go1.10.3
WRITE: 262144000 bytes (262 MB, 250 MiB) copied, 1.06261 s, 247 MB/s
READ: 262144000 bytes (262 MB, 250 MiB) copied, 0.947228 s, 277 MB/s
UNTAR: 17.197
MD5: 7.540
LS: 1.364
RM: 3.410
|
|
Go 1.7 does not have t.Name() yet.
|
|
This fixes the "0100 directory" problem in reverse mode,
and should be slightly faster.
|
|
Makes sure we don't add regressions when fixing
https://github.com/rfjakob/gocryptfs/issues/259
|
|
The function seems to have been renamed by 426b9536 by mistake.
Rename it back so the test is run again.
|
|
Instead, first Load() the file, then DecryptMasterKey().
Fixes https://github.com/rfjakob/gocryptfs/issues/258
|
|
Callers that do not want to decrypt the masterkey should
call plain Load().
https://github.com/rfjakob/gocryptfs/issues/258
|
|
|
|
https://github.com/rfjakob/gocryptfs/issues/235
|
|
In the past we did not check whether all methods of checking
the file return the same result. We should.
|
|
If we encounter a 128KB block of zeros, try to skip to the next
data section by calling File.SeekData().
This fixes xfstests generic/285, which creates a 17TB sparse file,
and runs fsck afterwards. Without this optimization, fsck would
take ages.
|
|
TrezorPayload stores 32 random bytes used for unlocking
the master key using a Trezor security module. The randomness makes sure
that a unique unlock value is used for each gocryptfs filesystem.
|
|
configfile.LoadConfFile() -> configfile.Load()
configfile.CreateConfFile() -> configfile.Create()
|
|
Using an external program for the Trezor PIN is not supported
at the moment.
|
|
Verify that the Trezor feature flag is set after "-init -trezor".
|
|
readpassword.Trezor() is not implemented yet and returns
a hardcoded dummy key.
|
|
When mounted via /etc/fstab like this,
/a /b fuse.gocryptfs default 0 0
we always get extra options passed. As reported by @mahkoh
at https://github.com/rfjakob/gocryptfs/pull/233 :
mount passes `-o noexec` if `-o user` is set and `-o exec` is not set.
If both `-o user` and `-o exec` are set, it passes `-o exec`.
Make these options work, and in addtion, also make -suid and -rw
work the same way.
Reported-by: @mahkoh
|
|
By returning an error instead of calling os.Exit,
error cases can be tested easily. Error cases
were not tested until now.
|
|
Support has been merged into the xattr package
( https://github.com/pkg/xattr/pull/29 ), use it.
|
|
This currently fails because we do not use llistxattr
yet.
|
|
mv is unhappy when we return EPERM when it tries to set
system.posix_acl_access:
mv: preserving permissions for ‘b/x’: Operation not permitted
Now we return EOPNOTSUPP like tmpfs does and mv seems happy.
|
