fscrypt.git/actions/policy.go, branch v0.2.1 Go tool for managing Linux filesystem encryption security: Change user keyring lookup algorithm 2017-09-01T07:53:07+00:00 Joseph Richey joerichey94@gmail.com 2017-09-01T07:53:07+00:00 1ce72a7367967152948dbe332ea8d9834f194c27 Now instead of spawning a seperate thread we alternate between changing the euid and ruid to both find the keyring and link it to the process keyring. Note that we also ensure that the user keyring is linked into the root keyring whenever possible. 
Now instead of spawning a seperate thread we alternate between changing
the euid and ruid to both find the keyring and link it to the process
keyring. Note that we also ensure that the user keyring is linked into
the root keyring whenever possible.
actions: context now hold a target user.User 2017-08-31T01:00:04+00:00 Joe Richey joerichey@google.com 2017-08-31T01:00:04+00:00 dad0a047cefc79cbe664afc07d69db6b8bf123bd This user is used with policies to interface with the keryings and with protectors to indicate which user's login passphrase should be used to protectors of type pam_passphrase. 
This user is used with policies to interface with the keryings and with
protectors to indicate which user's login passphrase should be used to
protectors of type pam_passphrase.
Various small nits a helper functions for PAM 2017-08-22T18:51:31+00:00 Joe Richey joerichey@google.com joerichey@google.com 2017-07-19T22:40:35+00:00 f3f1d2f98de26e8180c56d87aaad0e4e98fb4e47 






cmd/fscrypt: purge command now clears cache
2017-08-18T05:49:44+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-16T01:11:29+00:00

151e8965fa3a9c8f65e316430f9df0fa763fb02d












crypto: Switch from session to user keyring
2017-08-15T20:16:08+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-08-15T19:06:11+00:00

5e8dfc196020693d2a9dc809cf6bc87096ddc09f












Small fixes so "make lint" doesn't complain.
2017-07-18T06:16:00+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-18T06:16:00+00:00

744dbff34969ef612b219cde5b8f116f3ae3d26f












actions: Protectors can directly unlock Policies
2017-07-17T19:15:20+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-17T19:15:20+00:00

c5e23466e7b9f814fd5ecc3a5d965bd1f1dd2987

In addition to using callbacks, unlocked Protectors can now directly
unlock a policy. The error codes are updated to make more sense.





In addition to using callbacks, unlocked Protectors can now directly
unlock a policy. The error codes are updated to make more sense.







actions: Policies now have Description method
2017-07-14T19:04:21+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-07-14T19:04:21+00:00

480527993359c477849ccbd2c4d369df54807903












Finalize import paths and documentation
2017-06-28T22:15:21+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-28T20:57:55+00:00

2c52eca8727df744d093703bbcbd87fc39d57d30

This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280





This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.

Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).

Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280







actions: error handling and API changed
2017-06-28T22:15:15+00:00

Joe Richey joerichey@google.com
joerichey@google.com

2017-06-21T17:03:44+00:00

93415b198a3ef427c02893b8fdf036aa75ffe50f

This commit changes the error handling for the actions package to use
the error handling library github.com/pkg/errors. This means replacing
"errors" with "github.com/pkg/errors", reworking some of the error
values, and wrapping some errors with additional context.

This commit also changes the Protector/Policy API, moving most of the
package functionality into Protector or Policy methods. These types are
now "locked" when they are queried from the filesystem, and Unlock()
must be used to get their corresponding keys. Note that only certain
operations will require unlocking the keys. Certain unnecessary
functions and methods are also removed.

This CL also fixes two bugs reported by Tyler Hicks in CreateConfigFile.
CPU time is used instead of wall time, and kiB is used instead of kB.

Change-Id: I88f45659e9fe4938d148843e3289e7b6d5b698d8





This commit changes the error handling for the actions package to use
the error handling library github.com/pkg/errors. This means replacing
"errors" with "github.com/pkg/errors", reworking some of the error
values, and wrapping some errors with additional context.

This commit also changes the Protector/Policy API, moving most of the
package functionality into Protector or Policy methods. These types are
now "locked" when they are queried from the filesystem, and Unlock()
must be used to get their corresponding keys. Note that only certain
operations will require unlocking the keys. Certain unnecessary
functions and methods are also removed.

This CL also fixes two bugs reported by Tyler Hicks in CreateConfigFile.
CPU time is used instead of wall time, and kiB is used instead of kB.

Change-Id: I88f45659e9fe4938d148843e3289e7b6d5b698d8