diff options
| author | Eric Biggers <ebiggers@google.com> | 2020-05-09 15:27:24 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-05-09 15:27:24 -0700 |
| commit | d4d28232d32bfb3f4827fcb79bd5043e1932ae66 (patch) | |
| tree | dda5a65b2d8c157e03d3d35f3442547dafd51e4c /cli-tests/t_v1_policy.out | |
| parent | 1cdefc21b8b07aad7aafeefd05d3124cf93b9216 (diff) | |
| parent | 181600d6327ed34a3f62eda0dd03a6d2ae49e5f9 (diff) | |
Merge pull request #219 from ebiggers/improve-errors
Improve error messages and suggestions
Diffstat (limited to 'cli-tests/t_v1_policy.out')
| -rw-r--r-- | cli-tests/t_v1_policy.out | 20 |
1 files changed, 13 insertions, 7 deletions
diff --git a/cli-tests/t_v1_policy.out b/cli-tests/t_v1_policy.out index 0ff5219..b47bcca 100644 --- a/cli-tests/t_v1_policy.out +++ b/cli-tests/t_v1_policy.out @@ -11,14 +11,15 @@ can be done with --user=USERNAME. To use the root user's keyring or passphrase, use --user=root. # Try to use --user=root as user -[ERROR] fscrypt encrypt: setting uids: operation not permitted: could not access - user keyring +[ERROR] fscrypt encrypt: could not access user keyring for "root": setting uids: + operation not permitted You can only use --user=USERNAME to access the user keyring of another user if you are running as root. # Try to encrypt without user keyring in session keyring -[ERROR] fscrypt encrypt: user keyring not linked into session keyring +[ERROR] fscrypt encrypt: user keyring for "fscrypt-test-user" is not linked into + the session keyring This is usually the result of a bad PAM configuration. Either correct the problem in your PAM stack, enable pam_keyinit.so, or run "keyctl link @u @s". @@ -100,11 +101,16 @@ cat: MNT/dir/file: No such file or directory # Testing incompletely locking v1-encrypted directory Enter custom passphrase for protector "prot": "MNT/dir" is now unlocked and ready for use. Encrypted data removed from filesystem cache. -[ERROR] fscrypt lock: some files using the key are still open +[ERROR] fscrypt lock: Directory was incompletely locked because some files are + still open. These files remain accessible. -Directory was incompletely locked because some files are still open. These files -remain accessible. Try killing any processes using files in the directory, then -re-running 'fscrypt lock'. +Try killing any processes using files in the directory, for example using: + + find "MNT/dir" -print0 | xargs -0 fuser -k + +Then re-run: + + fscrypt lock "MNT/dir" "MNT/dir" is encrypted with fscrypt. Policy: desc1 |