| View previous topic :: View next topic |
| Author |
Message |
Buffoon
Veteran
Joined: 17 Jun 2015
Posts: 1369
Location: EU or US
|
 Posted: Fri Sep 09, 2016 1:31 pm Post subject: Kernel Ext4 encryption |
 |
|
| There has been Ext4 encryption in kernel for some time now, what user space tools I need to use it? |
|
| Back to top |
|
 |
frostschutz
Advocate
Joined: 22 Feb 2005
Posts: 2977
Location: Germany
|
| Posted: Fri Sep 09, 2016 1:36 pm Post subject: |
|
|
| e4crypt |
|
| Back to top |
|
|
Buffoon
Veteran
Joined: 17 Jun 2015
Posts: 1369
Location: EU or US
|
| Posted: Fri Sep 09, 2016 2:23 pm Post subject: |
|
|
| Thanks! Why it is not on users path?! |
|
| Back to top |
|
|
toralf
Developer
Joined: 01 Feb 2004
Posts: 3943
Location: Hamburg
|
| Posted: Fri Sep 09, 2016 3:07 pm Post subject: |
|
|
| Buffoon wrote: | | Thanks! Why it is not on users path?! |
| Code: | tfoerste@mr-fox ~ $ grep e2 /etc/portage/package.accept_keywords/z_misc
~sys-fs/e2fsprogs-1.43.3
~sys-libs/e2fsprogs-libs-1.43.3
|
|
|
| Back to top |
|
|
Buffoon
Veteran
Joined: 17 Jun 2015
Posts: 1369
Location: EU or US
|
| Posted: Fri Sep 09, 2016 3:24 pm Post subject: |
|
|
| I am running ~arch, e4crypt is installed into /usr/sbin/ - yet it is a tool for users. |
|
| Back to top |
|
|
Myu
Apprentice
Joined: 22 Oct 2014
Posts: 164
Location: Belgium
|
| Posted: Fri Sep 09, 2016 7:35 pm Post subject: |
|
|
It's categorized as a section (8), not (1), maybe that's why, I've got the same behaviour with xfsdump which is (8)
_________________
Gentoo stable with bits of ~amd64 // Xfce 4.13 + Compiz Reloaded. |
|
| Back to top |
|
|
depontius
Advocate
Joined: 05 May 2004
Posts: 3530
|
| Posted: Tue Sep 20, 2016 2:46 pm Post subject: |
|
|
I've begun looking into the native ext4 encryption as a means of encrypting a single directory, rather than everything. I've just looked at "e4crypt" and it doesn't look nearly as easy to use as the package from the pentoo overlay, "ext4-crypt". However with the latter I get:
| Code: | $ ext4-crypt create vault
Enter passphrase:
Confirm passphrase:
Cannot create inode in directory: Operation not permitted |
Does anyone else have this working for anything less than a partition?
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
frostschutz
Advocate
Joined: 22 Feb 2005
Posts: 2977
Location: Germany
|
| Posted: Tue Sep 20, 2016 3:14 pm Post subject: |
|
|
| Is that really supposed to work without root? |
|
| Back to top |
|
|
depontius
Advocate
Joined: 05 May 2004
Posts: 3530
|
| Posted: Tue Sep 20, 2016 3:39 pm Post subject: |
|
|
| frostschutz wrote: | | Is that really supposed to work without root? |
Yes it is, and the results are the same for root, too.
More information...
I suspect the real problem is that the ebuild is not sufficiently picky. The first time I tried ext4-crypt and failed, it notified me that I didn't have CONFIG_EXT4_ENCRYPTION set, and it told me so at runtime. However it seems to me that the ebuild should have tested that and notified me. Kernel keyring facilities are needed by ext4-crypt and not tested at build-time, either. Somewhere I also saw something about e2fsprogs-1.43+, so I kicked that up too. I don't know what the various requirements are either for libs or kernel. In the case of the one missing kernel option it properly flagged it at runtime, but I don't know what else may not be getting properly flagged.
_________________
.sigs waste space and bandwidth |
|
| Back to top |
|
|
|
Unsupported Software
