From 209a2d1419ea575fd316bd9975fb63e40cce7a77 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Sat, 9 May 2020 14:52:07 -0700
Subject: actions/policy: improve errors

ErrMissingPolicyMetadata:
	Include the mount, directory path, and metadata path.  Also move
	the explanation into actions/ since it doesn't refer to any CLI
	command.

ErrPolicyMetadataMismatch:
	Include a lot more information.  Also start checking for
	consistency of the policy key descriptors, not just the
	encryption options.  Add a test for this.

ErrDifferentFilesystem:
	Include the mountpoints.

ErrOnlyProtector:
	Clarify the message and include the protector descriptor.

ErrAlreadyProtected:
ErrNotProtected:
	Include the policy and protector descriptors.

ErrAccessDeniedPossiblyV2:
	Make it slightly clearer what failed.  Also move the explanation
	into actions/ since it doesn't refer to any CLI command.
---
 cmd/fscrypt/prompt.go | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'cmd/fscrypt/prompt.go')

diff --git a/cmd/fscrypt/prompt.go b/cmd/fscrypt/prompt.go
index b854fb9..210d7bc 100644
--- a/cmd/fscrypt/prompt.go
+++ b/cmd/fscrypt/prompt.go
@@ -318,7 +318,8 @@ func optionFn(policyDescriptor string, options []*actions.ProtectorOption) (int,
 				return idx, nil
 			}
 		}
-		return 0, actions.ErrNotProtected
+		return 0, &actions.ErrNotProtected{PolicyDescriptor: policyDescriptor,
+			ProtectorDescriptor: protector.Descriptor()}
 	}
 
 	log.Printf("optionFn(%s)", policyDescriptor)
-- 
cgit v1.2.3