Merge pull request #56 from google/panicsv0.2.10.2.1

Fixed failures in PAM module

3 files changed, 27 insertions, 11 deletions

diff --git a/cmd/fscrypt/commands.go b/cmd/fscrypt/commands.go
index 43c9cb0..fd90626 100644
--- a/cmd/fscrypt/commands.go
+++ b/cmd/fscrypt/commands.go
@@ -119,7 +119,7 @@ func encryptAction(c *cli.Context) error {
 // keyring unless --skip-unlock is used. On failure, an error is returned, any
 // metadata creation is reverted, and the directory is unmodified.
 func encryptPath(path string) (err error) {
-	target, err := parseUserFlag()
+	target, err := parseUserFlag(!skipUnlockFlag.Value)
 	if err != nil {
 		return
 	}
@@ -274,7 +274,7 @@ func unlockAction(c *cli.Context) error {
 		return expectedArgsErr(c, 1, false)
 	}
 
-	target, err := parseUserFlag()
+	target, err := parseUserFlag(true)
 	if err != nil {
 		return newExitError(c, err)
 	}
@@ -357,7 +357,7 @@ func purgeAction(c *cli.Context) error {
 		}
 	}
 
-	target, err := parseUserFlag()
+	target, err := parseUserFlag(true)
 	if err != nil {
 		return newExitError(c, err)
 	}
@@ -507,7 +507,7 @@ func createProtectorAction(c *cli.Context) error {
 		return expectedArgsErr(c, 1, false)
 	}
 
-	target, err := parseUserFlag()
+	target, err := parseUserFlag(false)
 	if err != nil {
 		return newExitError(c, err)
 	}
diff --git a/cmd/fscrypt/errors.go b/cmd/fscrypt/errors.go
index 9731efc..81a6798 100644
--- a/cmd/fscrypt/errors.go
+++ b/cmd/fscrypt/errors.go
@@ -35,6 +35,7 @@ import (
 	"github.com/google/fscrypt/crypto"
 	"github.com/google/fscrypt/filesystem"
 	"github.com/google/fscrypt/metadata"
+	"github.com/google/fscrypt/security"
 	"github.com/google/fscrypt/util"
 )
 
@@ -93,6 +94,14 @@ func getErrorSuggestions(err error) string {
 			needs to be enabled for this filesystem. See the
 			documentation on how to enable encryption on ext4
 			systems (and the risks of doing so).`
+	case security.ErrSessionUserKeying:
+		return `This is usually the result of a bad PAM configuration.
+			Either correct the problem in your PAM stack, enable
+			pam_keyinit.so, or run "keyctl link @u @s".`
+	case security.ErrAccessUserKeyring:
+		return fmt.Sprintf(`You can only use %s to access the user
+			keyring of another user if you are running as root.`,
+			shortDisplay(userFlag))
 	case actions.ErrBadConfigFile:
 		return `Run "sudo fscrypt setup" to recreate the file.`
 	case actions.ErrNoConfigFile:
diff --git a/cmd/fscrypt/flags.go b/cmd/fscrypt/flags.go
index e883a6d..af03ad2 100644
--- a/cmd/fscrypt/flags.go
+++ b/cmd/fscrypt/flags.go
@@ -33,6 +33,7 @@ import (
 	"github.com/urfave/cli"
 
 	"github.com/google/fscrypt/actions"
+	"github.com/google/fscrypt/security"
 	"github.com/google/fscrypt/util"
 )
 
@@ -283,17 +284,23 @@ func getPolicyFromFlag(flagValue string, target *user.User) (*actions.Policy, er
 
 // parseUserFlag returns the user specified by userFlag or the current effective
 // user if the flag value is missing. If the effective user is root, however, a
-// user must specified in the flag.
-func parseUserFlag() (*user.User, error) {
+// user must specified in the flag. If checkKeyring is true, we also make sure
+// there are no problems accessing the user keyring.
+func parseUserFlag(checkKeyring bool) (targetUser *user.User, err error) {
 	if userFlag.Value != "" {
-		return user.Lookup(userFlag.Value)
+		targetUser, err = user.Lookup(userFlag.Value)
+	} else {
+		if util.IsUserRoot() {
+			return nil, ErrSpecifyUser
+		}
+		targetUser, err = util.EffectiveUser()
 	}
-	effectiveUser, err := util.EffectiveUser()
 	if err != nil {
 		return nil, err
 	}
-	if util.IsUserRoot() {
-		return nil, ErrSpecifyUser
+
+	if checkKeyring {
+		_, err = security.UserKeyringID(targetUser)
 	}
-	return effectiveUser, nil
+	return targetUser, err
 }