aboutsummaryrefslogtreecommitdiff
path: root/cli-tests/t_encrypt_login.out
AgeCommit message (Collapse)Author
2021-12-19Set owner of login protectors to correct userEric Biggers
When the root user creates a login protector for a non-root user, make sure to chown() the protector file to make it owned by the user. Without this, the protector cannot be updated by the user, which causes it to get out of sync if the user changes their login passphrase. Fixes https://github.com/google/fscrypt/issues/319
2021-10-05Adjust recovery passphrase generationEric Biggers
As per the feedback at https://github.com/google/fscrypt/issues/115 where users didn't understand that the recovery passphrase is important, restore the original behavior where recovery passphrase generation happens automatically without a prompt. This applies to the case where 'fscrypt encrypt' is using a login protector on a non-root filesystem. However, leave the --no-recovery option so that the recovery passphrase can still be disabled if the user really wants to. Also, clarify the information provided about the recovery passphrase. Update https://github.com/google/fscrypt/issues/115
2020-05-13cmd/fscrypt: link to guide when interactively creating login protector (#225)Eric Biggers
Update https://github.com/google/fscrypt/issues/220
2020-05-09metadata: improve errorsEric Biggers
ErrBadOwners: Rename to ErrDirectoryNotOwned for clarity, move it from cmd/fscrypt/ to metadata/ where it better belongs, and improve the message. ErrEncrypted: Rename to ErrAlreadyEncrypted for clarity, and include the path. ErrNotEncrypted: Include the path. ErrBadEncryptionOptions: Include the path and bad options. ErrEncryptionNotSupported: ErrEncryptionNotEnabled: Don't wrap with "get encryption policy %s", in preparation for wrapping these with filesystem-level context instead. Also avoid mixing together the error handling for the "get policy" and "set policy" ioctls. Make it very clear how we're handling the errors from each ioctl.
2020-05-09actions/protector: improve errorsEric Biggers
ErrProtectorName: Rename to ErrLoginProtectorName for clarity, and include the name and user. ErrMissingProtectorName: Include the correct protector source. ErrDuplicateName: Rename to ErrProtectorNameExists for clarity, and remove a level of wrapping by including the name directly. ErrDuplicateUID: Rename to ErrLoginProtectorExists for clarity, and remove a level of wrapping by including the user directly.
2020-05-09cli-tests: add t_encrypt_loginEric Biggers
Test encrypting a directory using a login (pam_passphrase) protector.
generated by cgit v1.2.3 (git 2.25.1) at 2026-05-10 20:01:17 +0000