diff options
| author | Eric Biggers <ebiggers@google.com> | 2021-09-14 11:07:42 -0700 |
|---|---|---|
| committer | Eric Biggers <ebiggers3@gmail.com> | 2021-09-14 14:33:22 -0700 |
| commit | 955d3305cd117ad83411f75c2b3227fbaea60700 (patch) | |
| tree | d7bd9064ee4a02c4cc8ed8d0b95821d2806fee16 | |
| parent | 7a8e315e458175fcb8db1d764d2b8a302a90d1c0 (diff) | |
README: clarify how restoring /.fscrypt directory works
Update https://github.com/google/fscrypt/issues/115
| -rw-r--r-- | README.md | 9 |
1 files changed, 6 insertions, 3 deletions
@@ -490,9 +490,12 @@ directories include the following: `fscrypt metadata add-protector-to-policy`. * Backing up and restoring the `/.fscrypt` directory on the root filesystem. - Note that after restore, if the UUID of the root filesystem changed, you will - need to manually fix the UUID in any `.fscrypt/protectors/*.link` files on - other filesystems. + Note that after restoring the `/.fscrypt` directory, unlocking the login + protectors will require the passphrases they had at the time the backup was + made **even if they were changed later**, so make sure to remember these + passphrase(s) or store them in a secure location. Also note that if the UUID + of the root filesystem changed, you will need to manually fix the UUID in any + `.fscrypt/protectors/*.link` files on other filesystems. The auto-generated recovery passphrases should be enough for most users, though. |