On Fri 2017-09-15 (13:16), Austin S. Hemmelgarn wrote: > >> And then mount enryptfs: > >> > >> mount.ecryptfs /<MOUNTPOINT_ENCRYPTED> /<MOUNTPOINT_DECRYPTED> > > > > This only possible by root. > > For a user it is not possible to have access for his own snapshots. > > Bad. > > Which is why you use EncFS (which is a FUSE module that runs in > userspace and requires no root privileges) instead of eCryptFS (which is > a kernel assisted filesystem that doesn't use FUSE, has more complicated > setup constraints, and requires CAP_SYS_ADMIN or root access).
I use both, encfs and ecryptfs, for different use cases. I use ecryptfs on my notebooks for $HOME, which has some kind of automounter on login (via pam). This setup is not possible with encfs, which is also much slower and has a lower security level. But even for encfs it is very circumstantial for a user to have access to snapshots. -- Ullrich Horlacher Server und Virtualisierung Rechenzentrum TIK Universitaet Stuttgart E-Mail: horlac...@tik.uni-stuttgart.de Allmandring 30a Tel: ++49-711-68565868 70569 Stuttgart (Germany) WWW: http://www.tik.uni-stuttgart.de/ REF:<6cd1ef22-7cab-4c8c-0b73-d254aeca8...@gmail.com> -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html