Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/quantal/ecryptfs-utils
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Ubuntu branches

Recent revisions

86. By Dustin Kirkland 

[ Tyler Hicks ]
* src/pam_ecryptfs/pam_ecryptfs.c, src/libecryptfs/key_management.c:
    LP: #1024476
  - fix regression introduced in ecryptfs-utils-99 when Encrypted
    Home/Private is in use and the eCryptfs kernel code is compiled as a
  - drop check for kernel filename encryption support in pam_ecryptfs, as
    appropriate privileges to load the eCryptfs kernel module may not be
    available and filename encryption has been supported since 2.6.29
  - always add filename encryption key to the kernel keyring from pam mount

[ Colin King ]
* tests/kernel/inode-race-stat/test.c:
  - limit number of forks based on fd limits
* tests/kernel/enospc.sh, tests/kernel/enospc/test.c,
  tests/kernel/Makefile.am, tests/kernel/tests.rc:
  - add test case for ENOSPC

[ Tim Harder ]
* m4/ac_python_devel.m4: LP: #1029217
  - properly save and restore CPPFLAGS and LIBS when python support is

85. By Dustin Kirkland 

[ Dustin Kirkland ]
* debian/ecryptfs-utils.postinst: LP: #936093
  - ensure desktop file is executable
* precise

[ Wesley Wiedenmeier ]
* src/utils/mount.ecryptfs.c: LP: #329264
  - remove old hack, that worked around a temporary kernel regression;
    ensure that all mount memory is mlocked

[ Sebastian Krahmer ]
* src/pam_ecryptfs/pam_ecryptfs.c: LP: #732614
  - drop group privileges in the same places that user privileges are
  - check return status of setresuid() calls and return if they fail
  - drop privileges before checking for the existence of
    ~/.ecryptfs/auto-mount to prevent possible file existence leakage
    by a symlink to a path that typically would not be searchable by
    the user
  - drop privileges before reading salt from the rc file to prevent the
    leakage of root's salt and, more importantly, using the incorrect salt
  - discovered, independently, by Vasiliy Kulikov and Sebastian Krahmer
* src/pam_ecryptfs/pam_ecryptfs.c: LP: #1020904
  - after dropping privileges, clear the environment before executing the
    private eCryptfs mount helper
  - discovered by Sebastian Krahmer
* src/utils/mount.ecryptfs_private.c: LP: #1020904
  - do not allow private eCryptfs mount aliases to contain ".." characters
    as a preventative measure against a crafted file path being used as an
  - force the MS_NOSUID mount flag to protect against user controlled lower
    filesystems, such as an auto mounted USB drive, that may contain a
    setuid-root binary
    + CVE-2012-3409
  - force the MS_NODEV mount flag
  - after dropping privileges, clear the environment before executing umount
  - discovered by Sebastian Krahmer

[ Tyler Hicks ]
* src/libecryptfs/key_management.c: LP: #732614
  - zero statically declared buffers to prevent the leakage of stack
    contents in the case of a short file read
  - discovered by Vasiliy Kulikov
* src/libecryptfs/module_mgr.c, src/pam_ecryptfs/pam_ecryptfs.c:
  - fix compiler warnings

84. By Dustin Kirkland 

[ Dustin Kirkland ]
* debian/ecryptfs-utils.prerm:
  - drop the pre-removal ERRORs down to WARNINGs
  - these have caused a ton of trouble; whatever is causing ecryptfs-utils
    to be marked for removal should be fixed; but ecryptfs exiting 1 seems
    to be causing more trouble than it's worth
  - LP: #871021, #812270, #988960, #990630, #995381, #1010961
* doc/ecryptfs-faq.html:
  - update the frequently asked questions, which haven't seen much
    attention in a while now
  - drop a few references to sourceforge
* doc/ecryptfs-pam-doc.txt, doc/manpage/fr/ecryptfs-add-passphrase.1,
  doc/manpage/fr/ecryptfs-generate-tpm-key.1, doc/manpage/fr/ecryptfs-
  insert-wrapped-passphrase-into-keyring.1, doc/manpage/fr/ecryptfs-
  mount-private.1, doc/manpage/fr/ecryptfs-rewrap-passphrase.1,
  doc/manpage/fr/ecryptfs-setup-private.1, doc/manpage/fr/ecryptfs-
  umount-private.1, doc/manpage/fr/ecryptfs-unwrap-passphrase.1,
  doc/manpage/fr/ecryptfs-wrap-passphrase.1, doc/manpage/fr/ecryptfs-
  zombie-kill.1, doc/manpage/fr/ecryptfs-zombie-list.1,
  doc/sourceforge_webpage/index.html, doc/sourceforge_webpage/README,
  === removed directory doc/manpage/fr, === removed directory
  doc/sourceforge_webpage, rpm/ecryptfs-utils.spec:
  - remove some deprecated documentation
  - fish it out of bzr, if we ever need it again, but let's
    quit publishing it in our release tarballs
* precise

83. By Dustin Kirkland 

[ Kees Cook ]
* src/pam_ecryptfs/pam_ecryptfs.c: LP: #938326
  - exit, rather than return to prevent duplicate processes

[ Andreas Raster ]
* src/desktop/ecryptfs-find:
  - $mounts was quoted once too often

[ George Wilson ]
* src/key_mod/ecryptfs_key_mod_openssl.c,
  src/key_mod/ecryptfs_key_mod_tspi.c: LP: #937331
  - IBM would like to grant a license exception for key modules that
    require linking to OpenSSL. The change should make the modules
    shippable by Linux distributions

[ Dustin Kirkland ]
* debian/copyright:
  - note the GPLv2 SSL exception granted by IBM for the key modules
* debian/control, debian/copyright, doc/manpage/ecryptfs.7,
  doc/manpage/ecryptfs-add-passphrase.1, doc/manpage/ecryptfsd.8,
  doc/manpage/ecryptfs-generate-tpm-key.1, doc/manpage/ecryptfs-
  insert-wrapped-passphrase-into-keyring.1, doc/manpage/ecryptfs-
  manager.8, doc/manpage/ecryptfs-mount-private.1,
  doc/manpage/ecryptfs-recover-private.1, doc/manpage/ecryptfs-rewrap-
  passphrase.1, doc/manpage/ecryptfs-rewrite-file.1,
  doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs-setup-
  swap.1, doc/manpage/ecryptfs-stat.1, doc/manpage/ecryptfs-umount-
  private.1, doc/manpage/ecryptfs-unwrap-passphrase.1,
  doc/manpage/mount.ecryptfs.8, doc/manpage/mount.ecryptfs_private.1,
  doc/manpage/pam_ecryptfs.8, doc/manpage/umount.ecryptfs.8,
  doc/manpage/umount.ecryptfs_private.1, README,
  - use the new ecryptfs.org website where appropriate
* debian/control:
  - update to suggest zescrow-client
* precise

[ Sergio Peña ]
* src/libecryptfs/cipher_list.c: LP: #922821
  - add the new name of the blowfish cipher (linux >= 3.2)
* src/include/ecryptfs.h, src/libecryptfs/main.c,
  src/utils/mount.ecryptfs.c: LP: #917509
  - use execl() to mount ecryptfs
  - this allows us to support any arbitrary mount options in

[ Tyler Hicks ]
* doc/manpage/ecryptfs.7:
  - Remove the note saying that the passphrase and openssl key modules are
    available by default. That's true upstream but not always true in distro
* tests/run_tests.sh:
  - Make upper and lower mount point arguments optional by automatically
    creating directories in /tmp by default.
  - Make it possible to run only userspace tests without having to specify
    unused mount information
  - Accept a comma-separated list of lower filesystems to test on and loop
    through all kernel tests for each lower filesystem
  - Accept a comma-separated list of tests to run
* tests/lib/etl_funcs.sh:
  - Unset $ETL_DISK just before etl_remove_disk() successfully returns
* tests/userspace/Makefile.am:
  - Also build 'make check' tests when building with --enable-tests
* include/ecryptfs.h, libecryptfs/Makefile.am,
  libecryptfs/cipher_list.c, libecryptfs/module_mgr.c,
  utils/io.h: LP: #994813
  - remove overly complicated implementation to detect what ciphers
    are supported by the currently running kernel's crypto api
  - prompt for the entire supported cipher list, if the user selects a
    cipher that their kernel doesn't support, the mount will fail
    and the kernel will write an error message to the syslog
* src/libecryptfs/module_mgr.c:
  - Use correct blowfish block size when displaying supported ciphers to
    the user
* tests/kernel/lp-1009207.sh, tests/kernel/Makefile.am,
  - Add simple test case for incorrect handling of umask and default POSIX
    ACL masks
* tests/kernel/lp-994247.sh, tests/kernel/lp-994247/test.c,
  tests/kernel/Makefile.am, tests/kernel/tests.rc:
  - Add test case for incorrect handling of open /dev/ecryptfs file
    descriptors that are passed or inherited by other processes

[ Colin King ]
* tests/lib/etl_funcs.sh:
  - etl_lumount() should use DST rather than SRC dir so it can run on Lucid
  - use file system appropriate mkfs force flag
  - cater for correct ext2 default mount flags
* tests/kernel/lp-509180.sh, tests/kernel/lp-509180/test.c:
  - test for trailing garbage at end of files
* tests/kernel/lp-524919.sh, tests/kernel/lp-524919/test.c:
  - test case for checking lstat/readlink size
* tests/kernel/lp-870326.sh, tests/kernel/lp-870326/test.c:
  - test case for open(), mmap(), close(), modify mmap'd region
* tests/kernel/lp-469664.sh:
  - test case for lsattr
* tests/kernel/lp-613873.sh:
  - test case for stat modify time
* tests/kernel/lp-745836.sh:
  - test case for clearing ECRYPTFS_NEW_FILE flag during truncate
* tests/lib/etl_funcs.sh, tests/kernel/extend-file-random.sh,
  tests/kernel/trunc-file.sh (LP: #1007159):
  - Add test library function for estimating available space in lower fs
  - Use new library function in tests that need to create large files

[ Colin Watson ]
* src/utils/ecryptfs-setup-swap: Skip /dev/zram* swap devices
  LP: #979350

[ Serge Hallyn ]
* src/utils/mount.ecryptfs_private.c:
  - EoL fixes

82. By Colin Watson

src/utils/ecryptfs-setup-swap: Skip /dev/zram* swap devices
(LP: #979350).

81. By Kees Cook

Add debian/patches/automount-fork-exit.patch (LP: #938326).

80. By Dustin Kirkland 

[ Dustin Kirkland ]
  - added a new file to describe how to contribute to ecryptfs
* === added directory img/old, img/old/ecryptfs_14.png,
  img/old/ecryptfs_192.png, img/old/ecryptfs_64.png:
  - saving the old logos/branding for posterity
* debian/copyright, img/COPYING:
  - added CC-by-SA 3.0 license
  - use the text version
* img/ecryptfs_14.png, img/ecryptfs_192.png, img/ecryptfs_64.png:
  - added scaled copies of images used for Launchpad.net branding
* src/utils/ecryptfs-recover-private: LP: #847505
  - add an option to allow user to enter the mount passphrase,
    in case they've recorded that, but forgotten their login
* src/libecryptfs/sysfs.c: LP: #802197
  - default sysfs to /sys, if not found in /etc/mtab
  - it seems that reading /etc/mtab for this is outdated
  - ensure that ecryptfs works even if there is no sysfs entry
    in /etc/mtab
* src/key_mod/ecryptfs_key_mod_tspi.c: LP: #462225
  - fix TPM and string_to_uuid 64bits issue
  - thanks to Janos for the patch
* precise

[ Tyler Hicks ]
  - clarified how to contribute to the ecryptfs kernel module
* tests/lib/etl_funcs.sh:
  - created eCryptfs test library of bash functions for use in test
    cases and test harnesses
* test/etl_add_passphrase_key_to_keyring.c:
  - created a C helper program to allow bash scripts to interface to
    the libecryptfs function that adds passphrase-based keys to the
    kernel keyring
* tests/kernel/tests.rc, tests/userspace/tests.rc:
  - created a test case category files for test harnesses to source
    when running testcases of a certain category (destructive, safe,
* tests/run_tests.sh:
  - created a test harness to run eCryptfs test cases
* tests/kernel/miscdev-bad-count.sh,
  - created test case for miscdev issue reported to mailing list
* tests/kernel/lp-885744.sh:
  - created test case for pathconf bug
* tests/kernel/lp-926292.sh:
  - created test case for checking stale inode attrs after setxattr
* tests/new.sh:
  - created new test case template to copy from
* tests/userspace/verify-passphrase-sig.sh,
  - created test case, for make check, to test the creation of
    passphrase-based fekeks and signatures
* configure.ac, Makefile.am, tests/Makefile.am, tests/lib/Makefile.am,
  tests/kernel/Makefile.am, tests/userspace/Makefile.am:
  - updated and created autoconf/automake files to build the new tests
  - added make check target

[ Eddie Garcia ]
* img/*: LP: #907131
  - contributing a new set of logos and branding under the CC-by-SA3.0

[ Colin King ]
* tests/kernel/extend-file-random.sh,
  - Test to randomly extend file size, read/write + unlink
* tests/kernel/trunc-file.sh, tests/kernel/trunc-file/test.c:
  - Test to exercise file truncation
* tests/kernel/directory-concurrent.sh,
  - test for directory creation/deletion races with multiple processes
* tests/kernel/file-concurrent.sh,
  - test for file creation/truncation/unlink races with multiple
* tests/kernel/inotify.sh, tests/kernel/inotify/test.c:
  - test for proper inotify support
* tests/kernel/mmap-dir.sh, tests/kernel/mmap-dir/test.c:
  - test that directory files cannot be mmap'ed
* tests/kernel/read-dir.sh, tests/kernel/read-dir/test.c:
  - test that read() on directory files returns the right error
* tests/kernel/setattr-flush-dirty.sh:
  - test that the modified timestamp isn't clobbered in writeback
* tests/kernel/inode-race-stat.sh, tests/kernel/inode-race-stat/test.c:
  - test for inode initialization race condition

79. By Dustin Kirkland 

[ Serge Hallyn ]
* fix infinite loop on arm: fgetc returns an int, and -1 at end of
  options. Arm makes char unsigned. (LP: #884407)

[ Dustin Kirkland ]
* debian/compat, debian/control, debian/ecryptfs-utils.install,
  debian/libecryptfs0.install, debian/libecryptfs-dev.install,
  debian/lintian/ecryptfs-utils, debian/python-ecryptfs.install,
  debian/rules, debian/source/options, doc/ecryptfs-pam-doc.txt,
  doc/manpage/ecryptfs-setup-private.1, lintian/ecryptfs-utils, ===
  removed directory debian/lintian:
  - merge a bunch of packaging changes from Debian's Daniel Baumann
* scripts/release.sh:
  - minor release fixes

78. By Dustin Kirkland 

[ Dustin Kirkland ]
* scripts/release.sh:
  - fix release script
  - bump ubuntu release
* doc/manpage/ecryptfs-recover-private.1, src/utils/ecryptfs-migrate-
  home (properties changed: -x to +x), src/utils/ecryptfs-recover-
  - add a --rw option for ecryptfs-recover-private
* src/utils/ecryptfs-migrate-home: LP: #820416
  - show progress on rsync
* debian/ecryptfs-utils.ecryptfs-utils-restore.upstart,
  src/utils/ecryptfs-setup-private: LP: #883238
  - remove 2 upstart scripts, which attempted to "save" users who didn't
    login after migrating their home; instead, we now require the root
    user to enter user passwords at migration time
* debian/copyright, debian/ecryptfs-utils.ecryptfs-utils-
  restore.upstart, debian/ecryptfs-utils.ecryptfs-utils-save.upstart,
  doc/manpage/ecryptfs.7, doc/manpage/ecryptfs-add-passphrase.1,
  doc/manpage/ecryptfs-generate-tpm-key.1, doc/manpage/ecryptfs-
  insert-wrapped-passphrase-into-keyring.1, doc/manpage/ecryptfs-
  mount-private.1, doc/manpage/ecryptfs-recover-private.1,
  doc/manpage/ecryptfs-rewrap-passphrase.1, doc/manpage/ecryptfs-
  rewrite-file.1, doc/manpage/ecryptfs-setup-private.1,
  doc/manpage/ecryptfs-setup-swap.1, doc/manpage/ecryptfs-stat.1,
  doc/manpage/ecryptfs-umount-private.1, doc/manpage/ecryptfs-unwrap-
  passphrase.1, doc/manpage/ecryptfs-wrap-passphrase.1,
  doc/manpage/fr/ecryptfs-add-passphrase.1, doc/manpage/fr/ecryptfs-
  generate-tpm-key.1, doc/manpage/fr/ecryptfs-insert-wrapped-
  passphrase-into-keyring.1, doc/manpage/fr/ecryptfs-mount-private.1,
  doc/manpage/fr/ecryptfs-setup-private.1, doc/manpage/fr/ecryptfs-
  umount-private.1, doc/manpage/fr/ecryptfs-unwrap-passphrase.1,
  doc/manpage/fr/ecryptfs-wrap-passphrase.1, doc/manpage/fr/ecryptfs-
  zombie-kill.1, doc/manpage/fr/ecryptfs-zombie-list.1,
  doc/manpage/mount.ecryptfs_private.1, doc/manpage/pam_ecryptfs.8,
  src/utils/ecryptfs-migrate-home, src/utils/ecryptfs-mount-private,
  src/utils/ecryptfs_rewrap_passphrase.c, src/utils/ecryptfs-rewrite-
  file, src/utils/ecryptfs-setup-private, src/utils/ecryptfs-setup-
  swap, src/utils/ecryptfs-umount-private,
  - update some email addresses, moving <email address hidden> ->
    <email address hidden> (which I can still read)
* src/libecryptfs/key_management.c: LP: #715066
  - fix 2 places where we were handling
    ecryptfs_add_passphrase_key_to_keyring() inconsistently
  - if we're trying to add a key to the keyring, and it's already there,
    treat that as "success"
* debian/control:
  - ecryptfs-setup-swap is strongly recommended, which depends on
    cryptsetup; so promote cryptsetup from suggests -> recommends
* precise

[ Stephan Ritscher and Tyler Hicks ]
* src/libecryptfs/cmd_ln_parser.c: LP: #683535
  - fix passphrase_passwd_fd for pipes
  - handle memory allocation failures
  - free memory in error paths

[ Arfrever Frehtes Taifersar Arahesis ]
* configure.ac: LP: #893327
  - no need to check for python, if --disable-pywrap is passed

77. By Serge Hallyn

fix infinite loop on arm: fgetc returns an int, and -1 at end of
options. Arm makes char unsigned. (LP: #884407)

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
This branch contains Public information 
Everyone can see this information.