On Mon, 17 Dec 2007, Michael Halcrow wrote: -> Thanks for the report. I did break the OpenSSL key module setup code -> in release 33. Release 34 is now available, and it should be in better -> shape now.
OK, I'll have a look at it. Thanks for checking into it. -> > I started using ecryptfs and upgraded with the new releases that -> > came out until ecryptfs-utils-27. This worked well, but sometimes, -> > every 3rd or 4th use, -> -> What do you mean by "use"? One full mount, start ecryptfsd, use the files, stop ecryptfsd, unmount the filesystem, clear the key (keyctl clear @u). This seems to happen more with root doing the actual mount, then another user starting the ecryptfsd daemon and using the files. -> > ecrypfsd would segfault/zombie any command touching the ecryptfs -> > files. -> > -> > This would usually leave ecryptfs stuck mounted, resulting in a full -> > filesystem fsck after a reboot was attempted. -> -> This might be bug somewhere in the kernel code. eCryptfs is supposed -> to recover gracefully from ecryptfsd suddenly dying at any point in -> time (via a timeout in the kernel module). ecryptfsd has never died -> for me while I was using the OpenSSL key module, so I will have to -> manually kill it to run some tests here. I've not seen it yet in 2.6.23.9, but I've not had time to use ecryptfs very much as this kernel was just dropped in yesterday (Sun.) morning. -> I rewrote the cipher selection code for release 33. It parses -> /proc/crypto and the contents of /lib/modules/`uname -r`/kernel/crypto/ -> for the available ciphers. Unexpected contents for either location may -> cause this strange behavior; I will run some more tests to make sure -> everything works right for corner cases. There are mostly all modules here. My (built-in) defaults are: name : crc32c driver : crc32c-generic module : kernel priority : 0 refcnt : 1 type : digest blocksize : 32 digestsize : 4 name : deflate driver : deflate-generic module : kernel priority : 0 refcnt : 1 type : compression But actually available are: ls -la /lib/modules/`uname -r`/kernel/crypto/ total 244K drwxr-xr-x 2 root root 4.0K 2007-12-15 05:03 ./ drwxr-xr-x 9 root root 4.0K 2007-12-15 04:31 ../ -rw-r--r-- 1 root root 1.4K 2007-12-15 04:30 ablkcipher.ko.gz -rw-r--r-- 1 root root 5.8K 2007-12-15 04:30 aes.ko.gz -rw-r--r-- 1 root root 8.1K 2007-12-15 04:30 anubis.ko.gz -rw-r--r-- 1 root root 1.1K 2007-12-15 04:30 arc4.ko.gz -rw-r--r-- 1 root root 3.0K 2007-12-15 04:30 blkcipher.ko.gz -rw-r--r-- 1 root root 5.9K 2007-12-15 04:30 blowfish.ko.gz -rw-r--r-- 1 root root 13K 2007-12-15 04:30 camellia.ko.gz -rw-r--r-- 1 root root 12K 2007-12-15 04:30 cast5.ko.gz -rw-r--r-- 1 root root 11K 2007-12-15 04:30 cast6.ko.gz -rw-r--r-- 1 root root 2.3K 2007-12-15 04:30 cbc.ko.gz -rw-r--r-- 1 root root 2.6K 2007-12-15 04:30 cryptd.ko.gz -rw-r--r-- 1 root root 1.2K 2007-12-15 04:30 crypto_null.ko.gz -rw-r--r-- 1 root root 6.8K 2007-12-15 04:30 des.ko.gz -rw-r--r-- 1 root root 1.6K 2007-12-15 04:30 ecb.ko.gz -rw-r--r-- 1 root root 4.2K 2007-12-15 04:30 fcrypt.ko.gz -rw-r--r-- 1 root root 4.1K 2007-12-15 04:30 gf128mul.ko.gz -rw-r--r-- 1 root root 15K 2007-12-15 04:30 khazad.ko.gz -rw-r--r-- 1 root root 2.2K 2007-12-15 04:30 lrw.ko.gz -rw-r--r-- 1 root root 1.9K 2007-12-15 04:30 md4.ko.gz -rw-r--r-- 1 root root 2.2K 2007-12-15 04:30 md5.ko.gz -rw-r--r-- 1 root root 1.4K 2007-12-15 04:30 michael_mic.ko.gz -rw-r--r-- 1 root root 2.3K 2007-12-15 04:30 pcbc.ko.gz -rw-r--r-- 1 root root 9.2K 2007-12-15 04:30 serpent.ko.gz -rw-r--r-- 1 root root 1.4K 2007-12-15 04:30 sha1.ko.gz -rw-r--r-- 1 root root 5.0K 2007-12-15 04:30 sha256.ko.gz -rw-r--r-- 1 root root 4.7K 2007-12-15 04:30 sha512.ko.gz -rw-r--r-- 1 root root 1.6K 2007-12-15 04:30 tea.ko.gz -rw-r--r-- 1 root root 12K 2007-12-15 04:30 tgr192.ko.gz -rw-r--r-- 1 root root 14K 2007-12-15 04:30 twofish_common.ko.gz -rw-r--r-- 1 root root 12K 2007-12-15 04:30 wp512.ko.gz -rw-r--r-- 1 root root 2.8K 2007-12-15 04:30 xcbc.ko.gz The full set (with the 586 optimized version only, where there are two). I could have modprobe pre-load some crypto modules with 'install', that's no big deal as long as I know that the ecryptfs modules requires some crypto modules to already be loaded. I'll grab ecryptfs-utils-35 at sourceforge. ------------------------------------------------------------------------- SF.Net email is sponsored by: Check out the new SourceForge.net Marketplace. It's the best place to buy or sell services for just about anything Open Source. http://ad.doubleclick.net/clk;164216239;13503038;w?http://sf.net/marketplace _______________________________________________ eCryptfs-users mailing list eCryptfs-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ecryptfs-users
