1 files changed, 57 insertions, 8 deletions
diff --git a/cmd/fscrypt/setup.go b/cmd/fscrypt/setup.go
index 72dfbdb..b9a16e8 100644
--- a/cmd/fscrypt/setup.go
+++ b/cmd/fscrypt/setup.go
@@ -1,5 +1,5 @@
 /*
- * strings.go - File containing the functionality initializing directories and
+ * setup.go - File containing the functionality for initializing directories and
  * the global config file.
  *
  * Copyright 2017 Google Inc.
@@ -26,6 +26,7 @@ import (
 	"os"
 
 	"github.com/google/fscrypt/actions"
+	"github.com/google/fscrypt/filesystem"
 	"github.com/google/fscrypt/util"
 )
 
@@ -35,7 +36,7 @@ func createGlobalConfig(w io.Writer, path string) error {
 		return ErrMustBeRoot
 	}
 
-	// Ask to create or replace the config file
+	// If the config file already exists, ask to replace it
 	_, err := os.Stat(path)
 	switch {
 	case err == nil:
@@ -44,14 +45,28 @@ func createGlobalConfig(w io.Writer, path string) error {
 			err = os.Remove(path)
 		}
 	case os.IsNotExist(err):
-		err = askConfirmation(fmt.Sprintf("Create %q?", path), true, "")
+		err = nil
 	}
 	if err != nil {
 		return err
 	}
 
+	// v2 encryption policies are recommended, so set policy_version 2 when
+	// the kernel supports it. v2 policies are supported by upstream Linux
+	// v5.4 and later. For now we simply check the kernel version. Ideally
+	// we'd instead check whether setting a v2 policy actually works, in
+	// order to also detect backports of the kernel patches. However, that's
+	// hard because from this context (creating /etc/fscrypt.conf) we may
+	// not yet have access to a filesystem that supports encryption.
+	var policyVersion int64
+	if util.IsKernelVersionAtLeast(5, 4) {
+		fmt.Fprintln(w, "Defaulting to policy_version 2 because kernel supports it.")
+		policyVersion = 2
+	} else {
+		fmt.Fprintln(w, "Defaulting to policy_version 1 because kernel doesn't support v2.")
+	}
 	fmt.Fprintln(w, "Customizing passphrase hashing difficulty for this system...")
-	err = actions.CreateConfigFile(timeTargetFlag.Value, legacyFlag.Value)
+	err = actions.CreateConfigFile(timeTargetFlag.Value, policyVersion)
 	if err != nil {
 		return err
 	}
@@ -66,13 +81,47 @@ func setupFilesystem(w io.Writer, path string) error {
 	if err != nil {
 		return err
 	}
+	username := ctx.TargetUser.Username
+
+	err = ctx.Mount.CheckSetup(ctx.TrustedUser)
+	if err == nil {
+		return &filesystem.ErrAlreadySetup{Mount: ctx.Mount}
+	}
+	if _, ok := err.(*filesystem.ErrNotSetup); !ok {
+		return err
+	}
 
-	if err = ctx.Mount.Setup(); err != nil {
+	allUsers := allUsersSetupFlag.Value
+	if !allUsers {
+		thisFilesystem := "this filesystem"
+		if ctx.Mount.Path == "/" {
+			thisFilesystem = "the root filesystem"
+		}
+		prompt := fmt.Sprintf(`Allow users other than %s to create
+fscrypt metadata on %s? (See
+https://github.com/google/fscrypt#setting-up-fscrypt-on-a-filesystem)`,
+			username, thisFilesystem)
+		allUsers, err = askQuestion(wrapText(prompt, 0), false)
+		if err != nil {
+			return err
+		}
+	}
+	var setupMode filesystem.SetupMode
+	if allUsers {
+		setupMode = filesystem.WorldWritable
+	} else {
+		setupMode = filesystem.SingleUserWritable
+	}
+	if err = ctx.Mount.Setup(setupMode); err != nil {
 		return err
 	}
 
-	fmt.Fprintf(w, "Metadata directories created at %q.\n", ctx.Mount.BaseDir())
-	fmt.Fprintf(w, "Filesystem %q (%s) ready for use with %s encryption.\n",
-		ctx.Mount.Path, ctx.Mount.Device, ctx.Mount.Filesystem)
+	if allUsers {
+		fmt.Fprintf(w, "Metadata directories created at %q, writable by everyone.\n",
+			ctx.Mount.BaseDir())
+	} else {
+		fmt.Fprintf(w, "Metadata directories created at %q, writable by %s only.\n",
+			ctx.Mount.BaseDir(), username)
+	}
 	return nil
 }