fscrypt.git, branch sshd-bug-workaround

debug

2021-12-21T19:01:00+00:00

[BROKEN] pam_fscrypt: save unlocked protector keys in root user keyring

2021-12-21T19:00:58+00:00

Merge pull request #332 from ebiggers/skip-irrelevant-filesystems

2021-12-20T17:28:26+00:00

filesystem: avoid accessing irrelevant filesystems

filesystem: avoid accessing irrelevant filesystems

2021-12-20T16:24:15+00:00

Forbid 'fscrypt setup' on filesystems that aren't expected to support
encryption (other than the root filesystem), and skip looking for
fscrypt metadata directories on such filesystems.  This has two
benefits.  First, it avoids the printing of annoying warnings like:

	pam_fscrypt[75038]: stat /run/user/0/.fscrypt: permission denied
	pam_fscrypt[75038]: stat /run/user/0/.fscrypt/policies: permission denied
	pam_fscrypt[75038]: stat /run/user/0/.fscrypt/protectors: permission denied
	pam_fscrypt[75038]: stat /sys/firmware/efi/efivars/.fscrypt: invalid argument
	pam_fscrypt[75038]: stat /sys/firmware/efi/efivars/.fscrypt/policies: invalid argument
	pam_fscrypt[75038]: stat /sys/firmware/efi/efivars/.fscrypt/protectors: invalid argument
	pam_fscrypt[75038]: stat /sys/fs/pstore/.fscrypt: permission denied
	pam_fscrypt[75038]: stat /sys/fs/pstore/.fscrypt/policies: permission denied
	pam_fscrypt[75038]: stat /sys/fs/pstore/.fscrypt/protectors: permission denied

Second, it avoids long delays or side effects on some filesystems.

To do this, introduce an allowlist of filesystem types that fscrypt will
recognize.  I wanted to avoid doing this, since this list will need to
be updated in the future, but I don't see a better solution.

Merge pull request #331 from ebiggers/login-protector-perms

2021-12-20T15:54:40+00:00

Set owner of login protectors to correct user

Merge pull request #329 from ebiggers/doc-ssh-issue

2021-12-20T15:41:55+00:00

README: document issue with ssh ChallengeResponseAuthentication

Merge pull request #330 from google/avoid-warning

2021-12-20T15:40:35+00:00

pam: avoid compiler warning in copyIntoSecret()

Set owner of login protectors to correct user

2021-12-20T03:44:59+00:00

When the root user creates a login protector for a non-root user, make
sure to chown() the protector file to make it owned by the user.
Without this, the protector cannot be updated by the user, which causes
it to get out of sync if the user changes their login passphrase.

Fixes https://github.com/google/fscrypt/issues/319

pam: avoid compiler warning in copyIntoSecret()

2021-12-20T03:43:34+00:00

gcc 11 enabled -Wmaybe-uninitialized by default.  It causes a
false-positive warning in copyIntoSecret() because gcc doesn't
understand that mlock() is special and doesn't read from the memory.

Just initialize the memory to avoid this warning.

README: document issue with ssh ChallengeResponseAuthentication

2021-12-20T02:41:39+00:00

Update https://github.com/google/fscrypt/issues/321
Update https://github.com/google/fscrypt/issues/324