[ecryptfs-utils/f15] for file name encryption support check, module must be loaded already
Michal Hlavinka
mhlavink at fedoraproject.org
Tue Jun 5 14:02:22 UTC 2012
commit 1e71f0209dd7c537ba4a7dd7f0fe0db6966f0eb6
Author: Michal Hlavinka <mhlavink at redhat.com>
Date: Tue Jun 5 16:02:15 2012 +0200
for file name encryption support check, module must be loaded already
ecryptfs-utils-75-werror.patch | 182 ++++++++++++++++++++++++++++++++++++----
ecryptfs-utils.spec | 18 +++-
2 files changed, 178 insertions(+), 22 deletions(-)
---
diff --git a/ecryptfs-utils-75-werror.patch b/ecryptfs-utils-75-werror.patch
index fa58946..aee3690 100644
--- a/ecryptfs-utils-75-werror.patch
+++ b/ecryptfs-utils-75-werror.patch
@@ -1,6 +1,6 @@
-diff -up ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c
---- ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2011-10-31 14:18:18.136758412 +0100
-+++ ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2011-10-31 14:18:18.156758569 +0100
+diff -up ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c
+--- ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror 2012-06-04 14:47:13.021862738 +0200
++++ ecryptfs-utils-96/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c 2012-06-04 14:47:13.036862853 +0200
@@ -86,7 +86,7 @@ static int ecryptfs_pkcs11h_deserialize(
pkcs11h_data->serialized_id = NULL;
}
@@ -150,9 +150,9 @@ diff -up ecryptfs-utils-93/src/key_mod/ecryptfs_key_mod_pkcs11_helper.c.werror e
subgraph_key_ctx = (struct pkcs11h_subgraph_key_ctx *)(*foo);
-diff -up ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c
---- ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c.werror 2011-10-27 17:53:07.000000000 +0200
-+++ ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c 2011-10-31 14:18:18.157758576 +0100
+diff -up ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c
+--- ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c.werror 2011-12-14 00:01:38.000000000 +0100
++++ ecryptfs-utils-96/src/libecryptfs/ecryptfs-stat.c 2012-06-04 14:47:13.036862853 +0200
@@ -146,7 +146,7 @@ int ecryptfs_parse_stat(struct ecryptfs_
if (buf_size < (ECRYPTFS_FILE_SIZE_BYTES
+ MAGIC_ECRYPTFS_MARKER_SIZE_BYTES
@@ -162,9 +162,9 @@ diff -up ecryptfs-utils-93/src/libecryptfs/ecryptfs-stat.c.werror ecryptfs-utils
"bytes; there are only [%zu] bytes\n", __FUNCTION__,
(ECRYPTFS_FILE_SIZE_BYTES
+ MAGIC_ECRYPTFS_MARKER_SIZE_BYTES
-diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c
---- ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.werror 2011-10-27 17:53:07.000000000 +0200
-+++ ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c 2011-10-31 14:18:29.644847653 +0100
+diff -up ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c
+--- ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c.werror 2011-12-14 00:01:38.000000000 +0100
++++ ecryptfs-utils-96/src/pam_ecryptfs/pam_ecryptfs.c 2012-06-04 14:47:13.036862853 +0200
@@ -39,35 +39,11 @@
#include <sys/stat.h>
#include <fcntl.h>
@@ -258,9 +258,9 @@ diff -up ecryptfs-utils-93/src/pam_ecryptfs/pam_ecryptfs.c.werror ecryptfs-utils
goto out;
}
saved_uid = geteuid();
-diff -up ecryptfs-utils-93/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-93/src/utils/mount.ecryptfs.c
---- ecryptfs-utils-93/src/utils/mount.ecryptfs.c.werror 2011-10-31 14:18:18.153758546 +0100
-+++ ecryptfs-utils-93/src/utils/mount.ecryptfs.c 2011-10-31 14:18:18.158758583 +0100
+diff -up ecryptfs-utils-96/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-96/src/utils/mount.ecryptfs.c
+--- ecryptfs-utils-96/src/utils/mount.ecryptfs.c.werror 2012-06-04 14:47:13.033862831 +0200
++++ ecryptfs-utils-96/src/utils/mount.ecryptfs.c 2012-06-04 14:47:13.037862861 +0200
@@ -461,7 +461,7 @@ static int ecryptfs_do_mount(int argc, c
{
int rc;
@@ -279,9 +279,9 @@ diff -up ecryptfs-utils-93/src/utils/mount.ecryptfs.c.werror ecryptfs-utils-93/s
if (!(temp = strdup("ecryptfs_unlink_sigs"))) {
rc = -ENOMEM;
goto out;
-diff -up ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c
---- ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c.werror 2011-10-31 14:18:18.146758491 +0100
-+++ ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c 2011-10-31 14:18:18.158758583 +0100
+diff -up ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c.werror ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c
+--- ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c.werror 2012-06-04 14:47:13.027862783 +0200
++++ ecryptfs-utils-96/src/utils/mount.ecryptfs_private.c 2012-06-04 14:47:13.037862861 +0200
@@ -95,7 +95,6 @@ int read_config(char *pw_dir, int uid, c
*s = strdup(e->mnt_fsname);
if (!*s)
@@ -299,9 +299,9 @@ diff -up ecryptfs-utils-93/src/utils/mount.ecryptfs_private.c.werror ecryptfs-ut
if (addmntent(new_mtab, old_ent) != 0) {
perror("addmntent");
goto fail;
-diff -up ecryptfs-utils-93/src/utils/test.c.werror ecryptfs-utils-93/src/utils/test.c
---- ecryptfs-utils-93/src/utils/test.c.werror 2011-10-27 17:53:07.000000000 +0200
-+++ ecryptfs-utils-93/src/utils/test.c 2011-10-31 14:18:18.159758591 +0100
+diff -up ecryptfs-utils-96/src/utils/test.c.werror ecryptfs-utils-96/src/utils/test.c
+--- ecryptfs-utils-96/src/utils/test.c.werror 2011-12-14 00:01:38.000000000 +0100
++++ ecryptfs-utils-96/src/utils/test.c 2012-06-04 14:47:13.038862869 +0200
@@ -281,7 +281,7 @@ int ecryptfs_encrypt_page(int page_cache
struct inode *lower_inode;
struct ecryptfs_crypt_stat *crypt_stat;
@@ -311,3 +311,149 @@ diff -up ecryptfs-utils-93/src/utils/test.c.werror ecryptfs-utils-93/src/utils/t
int orig_byte_offset = 0;
int num_extents_per_page;
#define ECRYPTFS_PAGE_STATE_UNREAD 0
+diff -up ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c.werror ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c
+--- ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c.werror 2012-02-13 17:30:32.000000000 +0100
++++ ecryptfs-utils-96/tests/kernel/directory-concurrent/test.c 2012-06-04 14:47:13.038862869 +0200
+@@ -149,7 +149,7 @@ int hang_check(int option, const char *f
+
+ int test_dirs(const char *path, const int max_dirs)
+ {
+- int i, j;
++ int i/*, j*/;
+ char *filename;
+ size_t len = strlen(path) + 32;
+ int ret = TEST_PASSED;
+diff -up ecryptfs-utils-96/tests/kernel/extend-file-random/test.c.werror ecryptfs-utils-96/tests/kernel/extend-file-random/test.c
+--- ecryptfs-utils-96/tests/kernel/extend-file-random/test.c.werror 2012-02-13 17:30:32.000000000 +0100
++++ ecryptfs-utils-96/tests/kernel/extend-file-random/test.c 2012-06-04 14:48:48.034597731 +0200
+@@ -48,7 +48,7 @@ int test_write(int fd, char *buffer, siz
+ }
+
+ if (write(fd, buffer, len) != len) {
+- fprintf(stderr, "Failed to write %lu bytes, position %lu: %s\n",
++ fprintf(stderr, "Failed to write %zu bytes, position %lu: %s\n",
+ len, offset, strerror(errno));
+ return TEST_FAILED;
+ }
+@@ -58,13 +58,13 @@ int test_write(int fd, char *buffer, siz
+ int test_read(int fd, char *buffer, size_t len, off_t offset)
+ {
+ if (lseek(fd, offset, SEEK_SET) < 0) {
+- fprintf(stderr, "Failed to seek to position %lu: %s\n",
++ fprintf(stderr, "Failed to seek to position %ld: %s\n",
+ offset, strerror(errno));
+ return TEST_FAILED;
+ }
+
+ if (read(fd, buffer, len) != len) {
+- fprintf(stderr, "Failed to read %lu bytes, position %lu: %s\n",
++ fprintf(stderr, "Failed to read %zu bytes, position %lu: %s\n",
+ len, offset, strerror(errno));
+ return TEST_FAILED;
+ }
+diff -up ecryptfs-utils-96/tests/kernel/file-concurrent/test.c.werror ecryptfs-utils-96/tests/kernel/file-concurrent/test.c
+--- ecryptfs-utils-96/tests/kernel/file-concurrent/test.c.werror 2012-02-13 17:30:32.000000000 +0100
++++ ecryptfs-utils-96/tests/kernel/file-concurrent/test.c 2012-06-04 14:47:13.038862869 +0200
+@@ -178,7 +178,7 @@ int hang_check(int option, const char *f
+
+ int test_dirs(const char *path, const int max_files)
+ {
+- int i, j;
++ int i;
+ char *filename;
+ size_t len = strlen(path) + 32;
+ int ret = TEST_PASSED;
+diff -up ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c.werror ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c
+--- ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c.werror 2012-02-16 03:56:20.000000000 +0100
++++ ecryptfs-utils-96/tests/kernel/inode-race-stat/test.c 2012-06-04 14:47:13.040862885 +0200
+@@ -106,7 +106,6 @@ static void do_test(const int fdin, cons
+ {
+ for (;;) {
+ int n;
+- int ret;
+ char cmd[32];
+
+ if ((n = read(fdin, cmd, sizeof(cmd))) < 1) {
+@@ -122,7 +121,7 @@ static void do_test(const int fdin, cons
+ if (cmd[0] == CMD_TEST) {
+ int ret;
+ off_t sz;
+- sscanf(cmd+1, "%zd", &sz);
++ sscanf(cmd+1, "%ld", &sz);
+
+ ret = check_size(filename, sz);
+ switch (ret) {
+@@ -290,7 +289,7 @@ int main(int argc, char **argv)
+ }
+
+ /* Now tell children to stat the file */
+- snprintf(cmd, sizeof(cmd), "%c%zd", CMD_TEST, sz);
++ snprintf(cmd, sizeof(cmd), "%c%ld", CMD_TEST, sz);
+ for (i = 0; i < threads; i++) {
+ if (write(pipe_to[i][1], cmd, strlen(cmd)+1) < 0) {
+ fprintf(stderr, "write to pipe failed: %s\n",
+@@ -347,6 +346,7 @@ abort:
+ int ret;
+
+ ret = write(pipe_to[i][1], cmd, 1);
++ (void)ret;
+ (void)waitpid(pids[i], &status, 0);
+
+ (void)close(pipe_to[i][1]);
+diff -up ecryptfs-utils-96/tests/kernel/trunc-file/test.c.werror ecryptfs-utils-96/tests/kernel/trunc-file/test.c
+--- ecryptfs-utils-96/tests/kernel/trunc-file/test.c.werror 2012-02-13 17:30:32.000000000 +0100
++++ ecryptfs-utils-96/tests/kernel/trunc-file/test.c 2012-06-04 14:47:13.040862885 +0200
+@@ -39,7 +39,7 @@
+
+ int write_buff(int fd, unsigned char *data, ssize_t size)
+ {
+- char *ptr = data;
++ unsigned char *ptr = data;
+ ssize_t n;
+ ssize_t sz = size;
+
+@@ -55,7 +55,7 @@ int write_buff(int fd, unsigned char *da
+
+ int read_buff(int fd, unsigned char *data, ssize_t size)
+ {
+- char *ptr = data;
++ unsigned char *ptr = data;
+ ssize_t n;
+ ssize_t sz = size;
+
+@@ -88,6 +88,7 @@ int test_write_random(char *filename, in
+ }
+ buflen -= n;
+ }
++ return TEST_PASSED;
+ }
+
+ int test_read_random(char *filename, int fd, unsigned char *buff, ssize_t size)
+@@ -157,9 +158,6 @@ int test_read_rest(char *filename, int f
+ int test_exercise(char *filename, ssize_t size)
+ {
+ int fd;
+- ssize_t i;
+- ssize_t n;
+- ssize_t buflen;
+ int ret = TEST_FAILED;
+ ssize_t trunc_size = size / 2;
+ struct stat statbuf;
+@@ -254,8 +252,6 @@ void sighandler(int dummy)
+ int main(int argc, char **argv)
+ {
+ off_t len = DEFAULT_SIZE;
+- int i;
+- int ret;
+
+ if (argc < 2) {
+ fprintf(stderr, "Syntax: %s filename [size_in_K]\n", argv[0]);
+@@ -272,7 +268,7 @@ int main(int argc, char **argv)
+
+ len *= 1024;
+ if (len > SSIZE_MAX) {
+- fprintf(stderr, "size should be < %zd\n", SSIZE_MAX / 1024);
++ fprintf(stderr, "size should be < %zd\n", (size_t)SSIZE_MAX / 1024);
+ exit(TEST_ERROR);
+ }
+
diff --git a/ecryptfs-utils.spec b/ecryptfs-utils.spec
index 52e129f..4caf9de 100644
--- a/ecryptfs-utils.spec
+++ b/ecryptfs-utils.spec
@@ -5,7 +5,7 @@
Name: ecryptfs-utils
Version: 96
-Release: 2%{?dist}
+Release: 3%{?dist}
Summary: The eCryptfs mount helper and support libraries
Group: System Environment/Base
License: GPLv2+
@@ -125,7 +125,7 @@ the interface supplied by the ecryptfs-utils library.
export CFLAGS="$RPM_OPT_FLAGS -Werror -Wtype-limits"
#we're modifing Makefile.am
autoreconf -fiv
-%configure --disable-rpath --enable-tspi --enable-nss --enable-pkcs11-helper
+%configure --disable-rpath --enable-tspi --enable-nss --enable-pkcs11-helper --enable-tests
make clean
#disable rpath
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
@@ -156,6 +156,10 @@ touch -r src/desktop/ecryptfs-setup-private.desktop \
$RPM_BUILD_ROOT%{_datadir}/%{name}/ecryptfs-mount-private.desktop
rm -f $RPM_BUILD_ROOT/%{_datadir}/%{name}/ecryptfs-record-passphrase
+#we need ecryptfs kernel module
+mkdir -p $RPM_BUILD_ROOT/usr/lib/modules-load.d/
+echo -e "# ecryptfs module is needed before ecryptfs mount, so mount helper can \n# check for file name encryption support\necryptfs" >$RPM_BUILD_ROOT/usr/lib/modules-load.d/ecryptfs.conf
+
%find_lang %{name}
%check
@@ -163,6 +167,8 @@ if ldd $RPM_BUILD_ROOT%{_sbindir}/umount.ecryptfs | grep -q '/usr/'
then
exit 1
fi
+export LD_LIBRARY_PATH=$(pwd)/src/libecryptfs/.libs
+make check
%pre
groupadd -r -f ecryptfs
@@ -203,6 +209,7 @@ rm -rf $RPM_BUILD_ROOT
%{_libdir}/ecryptfs
%{_libdir}/libecryptfs.so.*
%{_libdir}/security/pam_ecryptfs.so
+/usr/lib/modules-load.d/ecryptfs.conf
%dir %{_datadir}/%{name}
%{_datadir}/%{name}/ecryptfs-mount-private.txt
%{_datadir}/%{name}/ecryptfs-mount-private.desktop
@@ -249,13 +256,16 @@ rm -rf $RPM_BUILD_ROOT
%{python_sitearch}/ecryptfs-utils/_libecryptfs.so
%changelog
+* Mon Jun 04 2012 Michal Hlavinka <mhlavink at redhat.com> - 96-3
+- for file name encryption support check, module must be loaded already
+
* Mon Apr 16 2012 Michal Hlavinka <mhlavink at redhat.com> - 96-2
- when ecryptfs-mount-fails, check if user is member of ecryptfs group
* Mon Feb 20 2012 Michal Hlavinka <mhlavink at redhat.com> - 96-1
- ecryptfs-utils updated to 96
-* Mon Feb 13 2012 Michal Hlavinka <mhlavink at redhat.com> - 95-2
+* Thu Feb 09 2012 Michal Hlavinka <mhlavink at redhat.com> - 95-2
- blowfish and twofish support check did not work with on 3.2.x kernels (#785036)
* Fri Dec 16 2011 Michal Hlavinka <mhlavink at redhat.com> - 95-1
@@ -288,7 +298,7 @@ rm -rf $RPM_BUILD_ROOT
- fix pam module to set ecryptfs gid before mount helper execution
- do not use zombie process, it causes lock ups in ssh
-* Mon Jul 11 2011 Michal Hlavinka <mhlavink at redhat.com> - 87-6
+* Tue Jul 19 2011 Michal Hlavinka <mhlavink at redhat.com> - 87-6
- do not use memcpy for overlaping areas
- fix broken pam module resulting in session with wrong gid
More information about the scm-commits
mailing list