eCryptfs

Merge lp:~tyhicks/ecryptfs/lp1454388-lp1454319 into lp:ecryptfs

  1. lp1454388-lp1454319
  2. Merge into trunk
Proposed by Tyler Hicks
Status: Merged
Merged at revision: 860
Proposed branch: lp:~tyhicks/ecryptfs/lp1454388-lp1454319
Merge into: lp:ecryptfs
Diff against target: 205 lines (+96/-22)
4 files modified
debian/changelog (+17/-0)
src/pam_ecryptfs/pam_ecryptfs.c (+1/-1)
src/utils/ecryptfs-umount-private (+2/-0)
src/utils/mount.ecryptfs_private.c (+76/-21)
To merge this branch: bzr merge lp:~tyhicks/ecryptfs/lp1454388-lp1454319
Reviewer Review Type Date Requested Status
eCryptfs Pending
Review via email: mp+258944@code.launchpad.net

Description of the change

My main intent was to fix the "Sessions still open, not unmounting" error message that umount.ecryptfs_private always prints when attempting to unmount an in-use encrypted private dir. While fixing that, I discovered some other bugs and usability issues.

To post a comment you must log in.
Revision history for this message
Tyler Hicks (tyhicks) wrote :

With this change, there are now two modes for umount.ecryptfs_private:

1) By default, decrement the counter and if the counter is non-zero, print a warning and exit with a failure code. If the counter is zero, do the unmount.

2) If the -d option is given, decrement the counter and if the counter is non-zero, do nothing and exit with a success code. If the counter is zero, do the unmount.

The pam_ecryptfs module would use mode #2.

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Dustin gave me an ack through IRC:

  16:29 < kirkland> tyhicks: I'm fine with the MP, I'll pull that in now

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2015-03-27 22:53:20 +0000
3+++ debian/changelog 2015-05-12 23:17:46 +0000
4@@ -1,7 +1,24 @@
5 ecryptfs-utils (108) UNRELEASED; urgency=medium
6
7+ [ Dustin Kirkland ]
8 * UNRELEASED
9
10+ [ Tyler Hicks ]
11+ * src/utils/mount.ecryptfs_private.c: Implement proper option parsing to
12+ restore the -f option when unmounting and display a helpful usage message
13+ (LP: #1454388)
14+ * src/utils/mount.ecryptfs_private.c: Add an option, -d, to
15+ umount.ecryptfs_private to treat the situation where the encrypted private
16+ session counter is nonzero, after decrementing it, as a non-error
17+ situation. No error message is printed to stderr and the exit status is 0.
18+ * src/pam_ecryptfs/pam_ecryptfs.c: Use the new umount.ecryptfs_private '-d'
19+ option to silence the error message that was printed to stderr when the
20+ encrypted private session counter is nonzero after being decremented.
21+ (LP: #1454319)
22+ * src/utils/ecryptfs-umount-private: Return 1 if umount.ecryptfs_private
23+ encounters an error. The ecryptfs-umount-private script was previously
24+ returning 0 even when umount.ecryptfs_private exited upon error.
25+
26 -- Dustin Kirkland <kirkland@ubuntu.com> Fri, 27 Mar 2015 17:53:18 -0500
27
28 ecryptfs-utils (107) utopic; urgency=medium
29
30=== modified file 'src/pam_ecryptfs/pam_ecryptfs.c'
31--- src/pam_ecryptfs/pam_ecryptfs.c 2015-02-14 22:11:29 +0000
32+++ src/pam_ecryptfs/pam_ecryptfs.c 2015-05-12 23:17:46 +0000
33@@ -387,7 +387,7 @@
34 if (setresuid(pwd->pw_uid, pwd->pw_uid, pwd->pw_uid) < 0)
35 exit(-1);
36 execl("/sbin/umount.ecryptfs_private",
37- "umount.ecryptfs_private", NULL);
38+ "umount.ecryptfs_private", "-d", NULL);
39 exit(1);
40 }
41 exit(1);
42
43=== modified file 'src/utils/ecryptfs-umount-private'
44--- src/utils/ecryptfs-umount-private 2011-12-13 20:51:40 +0000
45+++ src/utils/ecryptfs-umount-private 2015-05-12 23:17:46 +0000
46@@ -23,4 +23,6 @@
47 echo " cd $PWD"
48 echo
49 fi
50+ exit 0
51 fi
52+exit 1
53
54=== modified file 'src/utils/mount.ecryptfs_private.c'
55--- src/utils/mount.ecryptfs_private.c 2013-10-27 22:34:10 +0000
56+++ src/utils/mount.ecryptfs_private.c 2015-05-12 23:17:46 +0000
57@@ -472,6 +472,67 @@
58 return bump_counter(fh, -MAXINT+1);
59 }
60
61+/* Returns -1 on error, 0 on success, and 1 if the program should exit with 0 */
62+static int parse_options(int argc, char *argv[], int *mounting, int *force,
63+ int *nonzero_decrement_is_error, char **alias)
64+{
65+ const char *optstr, *usagestr;
66+ int opt, usage = 0, rc = -1;
67+
68+ *force = 0;
69+ *nonzero_decrement_is_error = 1;
70+ *alias = NULL;
71+
72+ /* Determine if mounting or unmounting by looking at the invocation */
73+ if (strstr(argv[0], "umount") == NULL) {
74+ *mounting = 1;
75+ optstr = "h";
76+ usagestr = "[ALIAS]\n"
77+ "Mount the default private directory or ALIAS, if specified.\n"
78+ "\n"
79+ " -h display this help and exit\n";
80+ } else {
81+ *mounting = 0;
82+ optstr = "hfd";
83+ usagestr = "[-f] [-d] [ALIAS]\n"
84+ "Unmount the default private directory or ALIAS, if specified.\n"
85+ "\n"
86+ " -h display this help and exit\n"
87+ " -f forcibly unmount\n"
88+ " -d don't treat a non-zero session counter as an error\n";
89+ }
90+
91+ while ((opt = getopt(argc, argv, optstr)) != -1) {
92+ switch (opt) {
93+ case 'h':
94+ rc = 1;
95+ usage = 1;
96+ goto out;
97+ case 'f':
98+ *force = 1;
99+ break;
100+ case 'd':
101+ *nonzero_decrement_is_error = 0;
102+ break;
103+ default:
104+ usage = 1;
105+ goto out;
106+ }
107+ }
108+
109+ if (optind < (argc - 1)) {
110+ usage = 1;
111+ goto out;
112+ } else if (optind == (argc - 1)) {
113+ *alias = argv[optind];
114+ }
115+
116+ rc = 0;
117+out:
118+ if (usage)
119+ fprintf(stderr, "Usage: %s %s", argv[0], usagestr);
120+ return rc;
121+}
122
123 /* This program is a setuid-executable allowing a non-privileged user to mount
124 * and unmount an ecryptfs private directory. This program is necessary to
125@@ -509,8 +570,7 @@
126 int main(int argc, char *argv[]) {
127 uid_t uid;
128 gid_t gid;
129- int mounting;
130- int force = 0;
131+ int mounting, force, nonzero_decrement_is_error;
132 struct passwd *pwd;
133 char *alias, *src, *dest, *opt, *opts2;
134 char *sig_fekek = NULL, *sig_fnek = NULL;
135@@ -532,10 +592,20 @@
136 goto fail;
137 }
138
139+ switch (parse_options(argc, argv, &mounting, &force,
140+ &nonzero_decrement_is_error, &alias)) {
141+ case -1:
142+ goto fail;
143+ case 1:
144+ goto success;
145+ default:
146+ break; /* proceed */
147+ }
148+
149 /* If no arguments, default to private dir; but accept at most one
150 argument, an alias for the configuration to read and use.
151 */
152- if (argc == 1) {
153+ if (alias == NULL) {
154 /* Use default source and destination dirs */
155 alias = ECRYPTFS_PRIVATE_DIR;
156 if ((asprintf(&src, "%s/.%s", pwd->pw_dir, alias) < 0) || src == NULL) {
157@@ -547,8 +617,7 @@
158 perror("asprintf (dest)");
159 goto fail;
160 }
161- } else if (argc == 2) {
162- alias = argv[1];
163+ } else {
164 /* Read the source and destination dirs from .conf file */
165 if (read_config(pwd->pw_dir, uid, alias, &src, &dest, &opts2) < 0) {
166 fputs("Error reading configuration file\n", stderr);
167@@ -558,9 +627,6 @@
168 fputs("Mount options are not supported here\n", stderr);
169 exit(1);
170 }
171- } else {
172- fputs("Too many arguments\n", stderr);
173- exit(1);
174 }
175
176 if (strstr(alias, "..")) {
177@@ -582,19 +648,6 @@
178 goto fail;
179 }
180
181- /* Determine if mounting or unmounting by looking at the invocation */
182- if (strstr(argv[0], "umount") == NULL) {
183- mounting = 1;
184- } else {
185- mounting = 0;
186- /* Determine if unmounting is forced */
187- if (argv[1] != NULL && strncmp(argv[1], "-f", 2) == 0) {
188- force = 1;
189- } else {
190- force = 0;
191- }
192- }
193-
194 /* Fetch signatures from file */
195 /* First line is the file content encryption key signature */
196 /* Second line, if present, is the filename encryption key signature */
197@@ -677,6 +730,8 @@
198 if (force == 1) {
199 zero(fh_counter);
200 } else if (decrement(fh_counter) > 0) {
201+ if (!nonzero_decrement_is_error)
202+ goto success;
203 fputs("Sessions still open, not unmounting\n", stderr);
204 goto fail;
205 }

Subscribers

People subscribed via source and target branches