| Age | Commit message (Collapse) | Author |
|---|
|
These were found by a combination of manual review and a custom script
that checks for common errors.
Also removed an outdated sentence from the comment for setupBefore().
|
|
Now the user is persented with help when they try to access a keyring
that isn't theirs or try to use fscrypt without a user keyring linked
into the session keyring.
|
|
|
|
The --user flag can now be used to have the targe user (the one whose
keyring and password will be used in fscrypt) be different than the
calling user. Very usefull for things like
sudo fscrypt purge /media/joerichey/usb --user=joerichey
which will now have privileges to drop caches, but will properly clear
the keys from the user's keyring.
|
|
|
|
|
|
The key file for the raw_key source is required to contain a wrapping
key (32 bytes), not a policy key (64 bytes).
|
|
|
|
The commit changes how we get the username representation, and uses the
new pam API for checking the proposed login token.
|
|
This commit changes all the internal import paths from `fscrypt/foo` to
`github.com/google/fscrypt/foo` so that it can be built once we release
externaly. The documentation in README.md is updated accordingly.
Also, the README has a note noting that we do not make any guarantees
about project stability before 1.0 (when it ships with Ubuntu).
Change-Id: I6ba86e442c74057c8a06ba32a42e17f94833e280
|
|
This command adds in the "fscrypt metadata" command. This command allows
advanced users to manipulate the metadata directly instead of just
creating a policy or protector as an option when encrypting a directory.
As some of these methods will require certain flags, error handling for
this case is also added. As the change passphrase method must indicate
when a old vs new password is necessary, additional KeyFuncs are added
which add this indicator.
Change-Id: Ibc92872088fae078df3c0eebd4f0cfcb7252d781
|
|
This commit adds in the framework for adding commands and subcommands to
the fscrypt tool. This commit adds in the "setup", "encrypt", and
"unlock" commands. Additional information can be found by running:
fscrypt <command> --help.
This commit defines how flags are parsed and errors are handled. It also
creates an extensible framework for prompting the user for information.
Change-Id: I159d7f44ee2b2bbc5e072f0802850e082d9a13ce
|
