From 4c7c6631cc5a27cc6b4431f5ad3805a2d624c5f5 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Sun, 19 Dec 2021 21:19:25 -0600
Subject: Set owner of login protectors to correct user

When the root user creates a login protector for a non-root user, make
sure to chown() the protector file to make it owned by the user.
Without this, the protector cannot be updated by the user, which causes
it to get out of sync if the user changes their login passphrase.

Fixes https://github.com/google/fscrypt/issues/319
---
 cli-tests/t_encrypt_login.out | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'cli-tests/t_encrypt_login.out')

diff --git a/cli-tests/t_encrypt_login.out b/cli-tests/t_encrypt_login.out
index c531f73..220d901 100644
--- a/cli-tests/t_encrypt_login.out
+++ b/cli-tests/t_encrypt_login.out
@@ -111,6 +111,8 @@ PROTECTOR         LINKED                              DESCRIPTION
 desc19  Yes (MNT_ROOT)  login protector for fscrypt-test-user
 desc20  No                                  custom protector "Recovery passphrase for dir"
 
+Protector is owned by fscrypt-test-user:fscrypt-test-user
+
 # Encrypt with login protector with --no-recovery
 ext4 filesystem "MNT" has 1 protector and 1 policy
 
-- 
cgit v1.2.3