diff options
| author | Eric Biggers <ebiggers@google.com> | 2021-12-19 21:19:25 -0600 |
|---|---|---|
| committer | Eric Biggers <ebiggers@google.com> | 2021-12-19 21:44:59 -0600 |
| commit | 4c7c6631cc5a27cc6b4431f5ad3805a2d624c5f5 (patch) | |
| tree | b22856e0d3392a2def633d961ad29c2890ce4fb2 /cli-tests | |
| parent | 360467d0df626d2d0eac003a0a210814910804ce (diff) | |
Set owner of login protectors to correct user
When the root user creates a login protector for a non-root user, make
sure to chown() the protector file to make it owned by the user.
Without this, the protector cannot be updated by the user, which causes
it to get out of sync if the user changes their login passphrase.
Fixes https://github.com/google/fscrypt/issues/319
Diffstat (limited to 'cli-tests')
| -rw-r--r-- | cli-tests/t_encrypt_login.out | 2 | ||||
| -rwxr-xr-x | cli-tests/t_encrypt_login.sh | 11 |
2 files changed, 12 insertions, 1 deletions
diff --git a/cli-tests/t_encrypt_login.out b/cli-tests/t_encrypt_login.out index c531f73..220d901 100644 --- a/cli-tests/t_encrypt_login.out +++ b/cli-tests/t_encrypt_login.out @@ -111,6 +111,8 @@ PROTECTOR LINKED DESCRIPTION desc19 Yes (MNT_ROOT) login protector for fscrypt-test-user desc20 No custom protector "Recovery passphrase for dir" +Protector is owned by fscrypt-test-user:fscrypt-test-user + # Encrypt with login protector with --no-recovery ext4 filesystem "MNT" has 1 protector and 1 policy diff --git a/cli-tests/t_encrypt_login.sh b/cli-tests/t_encrypt_login.sh index 652d860..e03122d 100755 --- a/cli-tests/t_encrypt_login.sh +++ b/cli-tests/t_encrypt_login.sh @@ -27,13 +27,18 @@ show_status() fi } +get_login_protector() +{ + fscrypt status "$dir" | awk '/login protector/{print $1}' +} + begin "Encrypt with login protector" chown "$TEST_USER" "$dir" _user_do "echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase '$dir'" show_status true recovery_passphrase=$(grep -E '^ +[a-z]{20}$' "$dir/fscrypt_recovery_readme.txt" | sed 's/^ +//') recovery_protector=$(fscrypt status "$dir" | awk '/Recovery passphrase/{print $1}') -login_protector=$(fscrypt status "$dir" | awk '/login protector/{print $1}') +login_protector=$(get_login_protector) _print_header "=> Lock, then unlock with login passphrase" _user_do "fscrypt lock '$dir'" # FIXME: should we be able to use $MNT:$login_protector here? @@ -57,6 +62,10 @@ show_status true begin "Encrypt with login protector as root" echo TEST_USER_PASS | fscrypt encrypt --quiet --source=pam_passphrase --user="$TEST_USER" "$dir" show_status true +# The newly-created login protector should be owned by the user, not root. +login_protector=$(get_login_protector) +owner=$(stat -c "%U:%G" "$MNT_ROOT/.fscrypt/protectors/$login_protector") +echo -e "\nProtector is owned by $owner" begin "Encrypt with login protector with --no-recovery" chown "$TEST_USER" "$dir" |