From 7fed63a84963cbd790e86a0e59ff14724bcf33c4 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Tue, 14 Sep 2021 14:12:39 -0700
Subject: Adjust recovery passphrase generation

As per the feedback at https://github.com/google/fscrypt/issues/115
where users didn't understand that the recovery passphrase is important,
restore the original behavior where recovery passphrase generation
happens automatically without a prompt.  This applies to the case where
'fscrypt encrypt' is using a login protector on a non-root filesystem.

However, leave the --no-recovery option so that the recovery passphrase
can still be disabled if the user really wants to.  Also, clarify the
information provided about the recovery passphrase.

Update https://github.com/google/fscrypt/issues/115
---
 cli-tests/t_encrypt_login.sh | 2 --
 1 file changed, 2 deletions(-)

(limited to 'cli-tests/t_encrypt_login.sh')

diff --git a/cli-tests/t_encrypt_login.sh b/cli-tests/t_encrypt_login.sh
index 11a62f1..652d860 100755
--- a/cli-tests/t_encrypt_login.sh
+++ b/cli-tests/t_encrypt_login.sh
@@ -50,8 +50,6 @@ expect "Enter the source number for the new protector"
 send "1\r"
 expect "Enter login passphrase"
 send "TEST_USER_PASS\r"
-expect "Protector is on a different filesystem! Generate a recovery passphrase (recommended)?"
-send "y\r"
 expect eof
 EOF
 show_status true
-- 
cgit v1.2.3