actions/policy: improve errors

ErrMissingPolicyMetadata: Include the mount, directory path, and metadata path. Also move the explanation into actions/ since it doesn't refer to any CLI command. ErrPolicyMetadataMismatch: Include a lot more information. Also start checking for consistency of the policy key descriptors, not just the encryption options. Add a test for this. ErrDifferentFilesystem: Include the mountpoints. ErrOnlyProtector: Clarify the message and include the protector descriptor. ErrAlreadyProtected: ErrNotProtected: Include the policy and protector descriptors. ErrAccessDeniedPossiblyV2: Make it slightly clearer what failed. Also move the explanation into actions/ since it doesn't refer to any CLI command.
author: Eric Biggers <ebiggers@google.com> 2020-05-09 14:52:07 -0700
committer: Eric Biggers <ebiggers@google.com> 2020-05-09 15:21:31 -0700
commit: 209a2d1419ea575fd316bd9975fb63e40cce7a77 (patch)
tree: 30d6b308d60af9963f7dbfd0bf989b7728d3f2b2 /cmd/fscrypt/prompt.go
parent: 37457cce5b0436493dba7cdac6e1af5f51d25f47 (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/cmd/fscrypt/prompt.go b/cmd/fscrypt/prompt.go
index b854fb9..210d7bc 100644
--- a/cmd/fscrypt/prompt.go
+++ b/cmd/fscrypt/prompt.go
@@ -318,7 +318,8 @@ func optionFn(policyDescriptor string, options []*actions.ProtectorOption) (int,
 				return idx, nil
 			}
 		}
-		return 0, actions.ErrNotProtected
+		return 0, &actions.ErrNotProtected{PolicyDescriptor: policyDescriptor,
+			ProtectorDescriptor: protector.Descriptor()}
 	}
 
 	log.Printf("optionFn(%s)", policyDescriptor)
author	Eric Biggers <ebiggers@google.com>	2020-05-09 14:52:07 -0700
committer	Eric Biggers <ebiggers@google.com>	2020-05-09 15:21:31 -0700
commit	209a2d1419ea575fd316bd9975fb63e40cce7a77 (patch)
tree	30d6b308d60af9963f7dbfd0bf989b7728d3f2b2 /cmd/fscrypt/prompt.go
parent	37457cce5b0436493dba7cdac6e1af5f51d25f47 (diff)