Device files and suid binaries are often not needed when running
gocryptfs as root. As they are potentially dangerous, let the
user enable them explicitely via the new "-o" option instead of
always enabling them when running as root.
FUSE filesystems are mounted with "nosuid" by default. If we run as root,
we can use device files by passing the opposite mount option, "suid".
Also we have to use syscall.Chmod instead of os.Chmod because the
portability translation layer "syscallMode" messes up the sgid
and suid bits.
Fixes 70% of the failures in xfstests generic/193. The remaining are
related to truncate, but we err on the safe side:
$ diff -u tests/generic/193.out /home/jakob/src/fuse-xfstests/results//generic/193.out.bad
[...]
check that suid/sgid bits are cleared after successful truncate...
with no exec perm
before: -rwSr-Sr--
-after: -rw-r-Sr--
+after: -rw-r--r--
FUSE filesystems are mounted with "nodev" by default. If we run as root,
we can use device files by passing the opposite mount option, "dev".
Fixes xfstests generic/184.
Support truncate(2) by opening the file and calling ftruncate(2)
While the glibc "truncate" wrapper seems to always use ftruncate, fsstress from
xfstests uses this a lot by calling "truncate64" directly.
There is no need to test that deprecated command-line options
produce an error. I trust the flags package.
Also split the example_filesystem helper functions into a
separate file.
The v0.6-plaintextnames example FS lacks the GCMIV128 feature
flag, is no longer mountable and can no longer be used for testing.
Add a new "-plaintextnames" filesystem created by gocryptfs v0.7.
There have been no format changes to "-plaintextnames" since then.
As v0.4 introduced ext4-style feature flags, the on-disk format version
is unlinkely to change. Drop it from the version output to reduce
clutter. Use "gocryptfs -version -debug" to see it.
Add the Go version string because only Go 1.6 and newer have an optimized
AES-GCM implementation. This will help users to understand the performance
of their build.
tlog is used heavily everywhere and deserves a shorter name.
Renamed using sed magic, without any manual rework:
find * -type f -exec sed -i 's/toggledlog/tlog/g' {} +
Also, capture all stderr and stdout but pass "-q".
This way we get to see error messages if there are any, or
spurious output when there should be none due to "-q".
This used to fail in an ugly way:
$ ./build.bash
./build.bash: line 13: go: command not found
./build.bash: line 15: [: too many arguments
./build.bash: line 20: go: command not found
Warnings were:
main.go:234: declaration of err shadows declaration at main.go:163:
internal/fusefrontend/file.go:401: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
internal/fusefrontend/file.go:419: declaration of err shadows declaration at internal/fusefrontend/file.go:379:
internal/fusefrontend/fs_dir.go:140: declaration of err shadows declaration at internal/fusefrontend/fs_dir.go:97:
If /proc/self/fd/X did not exist, the actual error is that the file
descriptor was invalid.
go-fuse's pathfs prefers using an open fd even for path-based operations
but does not take any locks to prevent the fd from being closed.
Instead, it retries the operation by path if it get EBADF. So this
change allows the retry logic to work correctly.
This fixes the error
rsync: failed to set times on "/tmp/ping.Kgw.mnt/linux-3.0/[...]/.dvb_demux.c.N7YlEM":
No such file or directory (2)
that was triggered by pingpong-rsync.bash.
Mounts two gocryptfs filesystems, "ping" and "pong" and moves the
linux-3.0 kernel tree back and forth between them.
When called as "pingpong-rsync.bash" it uses "rsync --remove-source-files"
for moving the files, otherwise plain "mv".
We (actually, go-fuse) used to call Chown() instead of Lchown()
which meant that the operation would fail on dangling symlinks.
Fix this by calling os.Lchown() ourself. Also add a test case
for this.
Running these tests from integration_tests' TestMain() was awkward
because they were run twice with unchanged settings.
integration_tests tests everything with OpenSSL and with native
Go crypto, but this does not take affect for the example filesystems.
To make this work, test_helpers is also split into its own package.
