diff options
| author | Eric Biggers <ebiggers@google.com> | 2023-12-09 14:36:03 -0800 |
|---|---|---|
| committer | Eric Biggers <ebiggers3@gmail.com> | 2023-12-11 19:33:48 -0800 |
| commit | a6c5029cd114cd27cc59024e968feb4765e5323d (patch) | |
| tree | ca36a75d27d3a8cca37c0d1aa5a09df9e88ffc25 /cli-tests | |
| parent | 6c5fc571ba7b851e7b36b054fd428bf6ad779dcc (diff) | |
Provide better error message when given a locked regular file
Since opening an encrypted regular file that is locked fails with
ENOKEY, getting the encryption policy of such a file is not possible.
As a result, 'fscrypt status' and 'fscrypt lock' fail on such files.
Provide a better error message that tries to explain what is going on.
Resolves https://github.com/google/fscrypt/issues/393
Diffstat (limited to 'cli-tests')
| -rw-r--r-- | cli-tests/t_lock.out | 15 | ||||
| -rwxr-xr-x | cli-tests/t_lock.sh | 11 |
2 files changed, 26 insertions, 0 deletions
diff --git a/cli-tests/t_lock.out b/cli-tests/t_lock.out index d630e74..ce27713 100644 --- a/cli-tests/t_lock.out +++ b/cli-tests/t_lock.out @@ -85,3 +85,18 @@ If you want to force the directory to be locked, use: contents "MNT/dir" is now locked. cat: MNT/dir/file: No such file or directory + +# Try to operate on locked regular file +"MNT/dir" is now locked. +[ERROR] fscrypt status: cannot operate on locked regular file + "MNT/file" + +It is not possible to operate directly on a locked regular file, since the +kernel does not support this. Specify the parent directory instead. (For loose +files, any directory with the file's policy works.) +[ERROR] fscrypt unlock: cannot operate on locked regular file + "MNT/file" + +It is not possible to operate directly on a locked regular file, since the +kernel does not support this. Specify the parent directory instead. (For loose +files, any directory with the file's policy works.) diff --git a/cli-tests/t_lock.sh b/cli-tests/t_lock.sh index 9b193fd..e5df4df 100755 --- a/cli-tests/t_lock.sh +++ b/cli-tests/t_lock.sh @@ -52,3 +52,14 @@ _expect_failure "fscrypt lock '$dir'" cat "$dir/file" fscrypt lock --all-users "$dir" _expect_failure "cat '$dir/file'" + +_print_header "Try to operate on locked regular file" +_reset_filesystems +rm -rf "$dir" +mkdir "$dir" +echo hunter2 | fscrypt encrypt --quiet --name=prot "$dir" +echo contents > "$dir/file" +mv "$dir/file" "$MNT/file" # Make it a loose encrypted file. +fscrypt lock "$dir" +_expect_failure "fscrypt status '$MNT/file'" +_expect_failure "fscrypt unlock '$MNT/file'" |