Jakob Unterwurzacher
7c053e67f2
contrib: add gocryptfs-maybe.bash
...
Conditionally try to mount a gocryptfs filesystem. If either
* CIPHERDIR does not exist OR
* something is already mounted on MOUNTPOINT
print a message to stdout (not stderr!) but exit with 0.
This is meant to be called from automated mount systems like pam_mount,
where you want to avoid error messages if the filesystem does not exist,
or duplicate mounts if the filesystem has already been mounted.
2016-10-11 23:19:21 +02:00
Jakob Unterwurzacher
72efd3b6c3
main: suppress master key display if not running on a terminal
...
Mounting through fstab or pam_mount may get the output logged
into syslog. We don't want the master key to end up in syslog.
2016-10-11 09:13:51 +02:00
Jakob Unterwurzacher
c8e5dc9844
main: show "-o" in the help text
...
Binds it to a dummy variable so it appears in the help text.
2016-10-10 20:57:35 +02:00
Jakob Unterwurzacher
7b2049c769
main: accept "-o" at the front AND at the end
...
Moving "-o" to the end broke a third-party app, SiriKali.
Breaking your users is bad, so let's accept "-o" anywhere.
2016-10-10 19:44:34 +02:00
Jakob Unterwurzacher
828f718483
fusefrontend: Also preserve the owner in Mkdir
...
This already worked for files but was missing for dirs.
2016-10-10 08:53:29 +02:00
Jakob Unterwurzacher
40420cb4cd
Update performance.txt for v1.1 release
2016-10-09 23:19:08 +02:00
Jakob Unterwurzacher
b2aae7d36c
Travis CI: Also build without openssl
...
Also update Go versions
2016-10-09 23:18:37 +02:00
Jakob Unterwurzacher
15b6ab12b1
README: fix formatting error
2016-10-09 21:29:43 +02:00
Jakob Unterwurzacher
5ef27ee549
Drop contrib/pam_mount
...
The README text has been moved to
https://github.com/rfjakob/gocryptfs/wiki/Mounting-on-login-using-pam_mount
and the gocryptfs_pam_mount.bash is no longer needed since
commit 9cf3ced0ce
.
2016-10-09 21:27:34 +02:00
Jakob Unterwurzacher
9f0793ab0f
main: more useful error message on unknown flag
2016-10-09 20:55:33 +02:00
Jakob Unterwurzacher
b70d2ffd94
main: add tests for the "-o" parsing
2016-10-09 20:54:40 +02:00
Jakob Unterwurzacher
2298726bc6
Update README with -passfile, -o, -ko changes
2016-10-09 20:34:49 +02:00
Jakob Unterwurzacher
e1c5e71b09
main: add "-passfile" option
...
Make it easier to read the password from a file. Internally this
is equivalent to "-extpass /bin/cat FILE".
2016-10-09 20:08:10 +02:00
Jakob Unterwurzacher
03c8b13371
main: ignore options rw, nosuid, nodev.
...
When called from mount, we always get either "suid" or "nosuid".
As "nosuid" is the default, just ignore the options. Same for
the other options.
2016-10-09 20:06:23 +02:00
Jakob Unterwurzacher
9cf3ced0ce
main: also accept options at the end via "-o"
...
For compatability with mount(1), options are also accepted as
"-o COMMA-SEPARATED-OPTIONS" at the end of the command line.
For example, "-o q,zerokey" is equivalent to "-q -zerokey".
2016-10-09 20:05:54 +02:00
Jakob Unterwurzacher
25a8802403
main: rename "-o" option to "-ko"
...
This prevents confusion with the "-o" options that is passed
by mount(1) at the end of the command line.
2016-10-09 19:32:55 +02:00
Jakob Unterwurzacher
17df345103
main: init: handle spaces in mount suggestion message
...
Before:
You can now mount it using: gocryptfs a x MOUNTPOINT
After:
You can now mount it using: gocryptfs "a x" MOUNTPOINT
This is still not bulletproof but should handle the common
case of having a space in the directory name. After all,
it's only a suggestion.
2016-10-09 18:27:03 +02:00
Jakob Unterwurzacher
495479dc66
main: friendlier error message on wrong number of arguments
...
Before:
Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
After:
Wrong number of arguments (have 9, want 2). You passed: "-nosyslog" "." "asd" "-q" "ß" "asdf" "fg" "gh" "sdf" "asd fs\\dfg"
Usage: gocryptfs [OPTIONS] CIPHERDIR MOUNTPOINT
2016-10-09 18:18:14 +02:00
Jakob Unterwurzacher
d3b78fea95
reverse: add panics against API abuse
...
These should help prevent later programming errors.
2016-10-09 17:05:12 +02:00
Jakob Unterwurzacher
f754c8a200
README: reverse mode is ticket #19 , not #34
2016-10-09 01:24:01 +02:00
Jakob Unterwurzacher
9ab6c64a49
Update Changelog for v1.1-rc1
2016-10-09 00:59:00 +02:00
Jakob Unterwurzacher
a985096b50
contrib: pam_mount: check if something is already mounted on DST
...
pam_mount is supposed to check that as well, but it seems to get confused
by the "command#path" syntax used for FUSE. Let's do it here.
2016-10-09 00:32:49 +02:00
Jakob Unterwurzacher
e220b24c5a
tests: add test for "mountpoint shadows cipherdir" logic
2016-10-09 00:03:39 +02:00
Jakob Unterwurzacher
dc4fdd8f44
main: fix shadow detection logic
...
This fired incorrectly:
Mountpoint "/home/testuser" would shadow cipherdir "/home/testuser.cipher", this is not supported
2016-10-08 23:50:19 +02:00
Jakob Unterwurzacher
12f8ba85c2
LICENSE: add full name
2016-10-08 23:41:22 +02:00
Jakob Unterwurzacher
22f96bfce6
contrib: pam_mount: add instructions for whole-home-dir encryption
2016-10-08 22:30:19 +02:00
Jakob Unterwurzacher
610a242ec6
contrib: pam_mount: add documentation and wrapper
...
See ticket #34
2016-10-08 22:30:13 +02:00
Jakob Unterwurzacher
d25fcc6a4b
reverse: gocryptfs.conf was missing from the directory listings
...
Fix the test for that and add checks in example_filesystems_test.
2016-10-08 22:25:08 +02:00
Jakob Unterwurzacher
8efef4b3d6
tests: unmount leftover filesystems before starting the tests
...
A panic during the tests can leave mounted filesystems behind.
2016-10-08 21:59:21 +02:00
Jakob Unterwurzacher
79e3e28671
tests: add v1.1-reverse-plaintextnames example filesystem
2016-10-08 21:49:21 +02:00
Jakob Unterwurzacher
eb51a1ed20
tests: add v1.1-reverse example filesystem
2016-10-08 21:45:11 +02:00
Jakob Unterwurzacher
3c2c3453ad
tests: add v1.1-aessiv example filesystem
...
Also move the example content into "content".
2016-10-08 21:45:01 +02:00
Jakob Unterwurzacher
e47577834b
reverse: merge config translation check into isTranslatedConfig
...
Also get rid of useless isFiltered function.
2016-10-08 21:14:16 +02:00
Jakob Unterwurzacher
f054353bd3
reverse: make gocryptfs.conf mapping plaintextnames-aware
...
Only in plaintextnames-mode AND with the config file at the
default location it will be mapped into the mountpoint.
Also adds a test for that.
2016-10-08 20:57:38 +02:00
Jakob Unterwurzacher
dde4a66454
tests: pass "-nosyslog"
...
We want to see panics and warnings on the console
2016-10-08 19:36:26 +02:00
Jakob Unterwurzacher
8c89e2da0c
tests: invert ResetTmpDir argument
...
As reverse also does not want a diriv file, the "plaintextNames"
argument became a misnomer.
2016-10-08 19:22:59 +02:00
Jakob Unterwurzacher
29c8ca85d8
tests: matrix: have the testcase struct as a global variable
...
Future tests will need more info about the running test case.
2016-10-08 19:18:56 +02:00
Jakob Unterwurzacher
084cd597ab
tests: matrix: convert to table-based style
...
And add AES-SIV
2016-10-08 19:16:05 +02:00
Jakob Unterwurzacher
04cdc695f0
main: error out when the mount shadows the cipherdir
...
For example, we cannot mount "/home/user/.cipher" at "/home/user"
because the mount will hide ".cipher" also for us.
Doing it anyway used to cause a nasty hang.
2016-10-08 18:43:31 +02:00
Jakob Unterwurzacher
631c538f13
main: split doMount into its own file
...
Ongoing effort to reduce the size of main().
2016-10-08 18:43:24 +02:00
Jakob Unterwurzacher
89bcc50294
main: check if the config file can opened before prompting for password
...
This was frustrating:
$ gocryptfs a b
Password:
Decrypting master key
open a/gocryptfs.conf: permission denied
2016-10-08 17:19:55 +02:00
Jakob Unterwurzacher
9b1a35174b
MANPAGE: note that "-f" implies "-nosyslog"
...
Also explain why AES-SIV exists.
2016-10-07 23:02:04 +02:00
Jakob Unterwurzacher
14fd5ce598
main: daemonize more thoroughly
...
As described at http://software.clapper.org/daemonize/ ,
a daemon should chdir to / and close its FDs.
2016-10-07 22:44:28 +02:00
Jakob Unterwurzacher
53257f4ee5
nametransform: better error code on invalid diriv length
...
go-fuse translates errors unknown to it into "function not
implemented", which is wrong in this case.
2016-10-07 22:40:30 +02:00
Jakob Unterwurzacher
45dfc90a2f
main: clarify nosyslog code path
...
Split the block up and add a comment why notifypid is important.
2016-10-07 00:05:46 +02:00
Jakob Unterwurzacher
434ce50db3
main: add "-nonempty" option
2016-10-06 22:41:13 +02:00
Jakob Unterwurzacher
ff48dc1aab
reverse: initialize the longname cache only when reverse mode is used
...
Gets rid of the idling longnameCacheCleaner thread in "normal" mode.
2016-10-05 22:22:28 +02:00
Jakob Unterwurzacher
a4956fa6bf
A few more lint fixes
2016-10-04 23:30:05 +02:00
Valient Gough
b764917cd5
lint fixes
2016-10-04 23:18:33 +02:00
Jakob Unterwurzacher
31a8f8b839
tests: skip "go tool vet" if the command is not available
...
"vet" is not availably by default on Go 1.4.
2016-10-04 22:42:30 +02:00