aboutsummaryrefslogtreecommitdiff
path: root/cmd/fscrypt/commands.go
diff options
context:
space:
mode:
Diffstat (limited to 'cmd/fscrypt/commands.go')
-rw-r--r--cmd/fscrypt/commands.go17
1 files changed, 7 insertions, 10 deletions
diff --git a/cmd/fscrypt/commands.go b/cmd/fscrypt/commands.go
index 51cf136..86816ba 100644
--- a/cmd/fscrypt/commands.go
+++ b/cmd/fscrypt/commands.go
@@ -282,11 +282,7 @@ func encryptPath(path string) (err error) {
}
}()
}
- if err = policy.Apply(path); os.IsPermission(errors.Cause(err)) {
- // EACCES at this point indicates ownership issues.
- err = errors.Wrap(ErrBadOwners, path)
- }
- if err != nil {
+ if err = policy.Apply(path); err != nil {
return
}
if recoveryPassphrase != nil {
@@ -320,14 +316,15 @@ func checkEncryptable(ctx *actions.Context, path string) error {
log.Printf("ensuring %s supports encryption and filesystem is using fscrypt", path)
switch _, err := actions.GetPolicyFromPath(ctx, path); errors.Cause(err) {
- case metadata.ErrNotEncrypted:
- // We are not encrypted. Finally, we check that the filesystem
- // supports encryption
- return ctx.Mount.CheckSupport()
case nil:
// We are encrypted
- return errors.Wrap(metadata.ErrEncrypted, path)
+ return &metadata.ErrAlreadyEncrypted{path}
default:
+ if _, ok := err.(*metadata.ErrNotEncrypted); ok {
+ // We are not encrypted. Finally, we check that the filesystem
+ // supports encryption
+ return ctx.Mount.CheckSupport()
+ }
return err
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 18:29:19 +0000