1 |
On Friday, July 8 at 11:55 (-0500), Harry Putnam said: |
2 |
|
3 |
[..] |
4 |
> Somehow I managed to really hurt the installation ... here is what I |
5 |
> remember having done: |
6 |
> |
7 |
> Some how I got mixed up when running as root, and attempted to mount a |
8 |
> users encfs directory. (Its a single user machine so it my users |
9 |
> directory) |
10 |
> |
11 |
> That should just fail with some kind of permission error since no one, |
12 |
> even root, can mess with someone elses' encfs directory. |
13 |
> |
14 |
This is not entirely the case. No one can enter an encfs mount |
15 |
(destination) but the person that mounted it (by default), but anyone |
16 |
can *mount* the encfs "source" (and thus become the owner of the mount). |
17 |
All other Unix permissions are retained. |
18 |
|
19 |
> But once I'd done that I could no longer even `ls' the subject |
20 |
> directory. Not as user, not as root. A simple `ls' would totally |
21 |
> hang the terminal. |
22 |
> |
23 |
> Of course I tried to umount but really it never actually mounted. |
24 |
> |
25 |
It probably *did* mount, but... |
26 |
|
27 |
> I started getting this error: `Transport endpoint is not connected' |
28 |
> |
29 |
Usually that means the background process that actually handles the |
30 |
enc/dec has died or is otherwise not responding. |
31 |
|
32 |
> I could see roots attempt to mount the darn thing in ps wwaux output |
33 |
> and killed that pid. |
34 |
> |
35 |
That's probably why you got the above error. But technically if you |
36 |
just kill the process, the kernel still thinks it's mounted. |
37 |
|
38 |
> Eventually (after posting several days ago on encfs list. I resorted |
39 |
> to umounting /home (after full backup of course) and reformatted it. |
40 |
> |
41 |
That's seems a bit extreme... |
42 |
|
43 |
> I was then able to deleted encfs_raw and encfs_mnt. |
44 |
> |
45 |
Did you try simply rebooting or manually unmounting? That's probably |
46 |
all that was needed. |
47 |
|
48 |
> But here is the real kicker. Even after all that, and in fact another |
49 |
> full round of mostly the same stuff, including another reformat. So |
50 |
> two reformats and two reboots. Even with that, I still cannot create a |
51 |
> new enc_raw and enc_mount of the same name as the old one. |
52 |
> |
53 |
What do you mean by "cannot"? Do you get an error? Does dmesg tell you |
54 |
anything? |
55 |
|
56 |
> I would like to, because I have several scripts that depend on that |
57 |
> name. Not a huge deal... but what could still be causing trouble? |
58 |
> |
59 |
This is indicative possibly of another issue, that is being masked. Try |
60 |
reading dmesg or strace the encfs process in foreground mode. |
61 |
|
62 |
> I can create any number of encfs directories with different names. |
63 |
> Just not the original. |
64 |
> |
65 |
Again, seems indicative of another issue. Perhaps the host fs is |
66 |
currupt or something similar. |
67 |
|
68 |
> What happens if I try is that after creation (using old name) I can |
69 |
> move files to the new (with old name) directory. |
70 |
> |
71 |
> But if I once umount it like: fusermount -u /my/oldencfs, then when I |
72 |
> try next to mount it, it hangs terminally. Takes over the terminal |
73 |
> and kills all further progress (in that terminal). This happens at |
74 |
> the point where I answer the passwd prompt with the appropriate |
75 |
> passwd. |
76 |
> |
77 |
> (No .. no chance I'm entering it wrong... its been in daily use for |
78 |
> yrs). |
79 |
> |
80 |
> I'm kind of stumped at what else to try. I've used encfs -v (verbose) |
81 |
> mode and -f (foreground) mode but after entering the passwd... it |
82 |
> all just goes south... nothing more can happen. |
83 |
> |
84 |
> Maybe encfs keeps data somewhere that I can delete and make this go |
85 |
> away? But a `qlist encfs', listing all that got installed doesn't show |
86 |
> anything like that. |
87 |
> |
88 |
If you totally remove the source and target directories, there is no |
89 |
other information stored, which allows you to (e.g) encfs directory on a |
90 |
vfat-formated USB stick and move it mount it on a different machine. |
91 |
All that encfs knows about an encrypted directory is in *one* file on |
92 |
the source directory (.encfs6.xml). Once that file is gone, there is no |
93 |
such thing as an encfs. |
94 |
|
95 |
Having said that: |
96 |
One of encfs's Achilles heel is its dependency on the boost C++ library |
97 |
which is *very* sensitive wrt to API/ABI changes and the like. It also |
98 |
depends on OpenSSL which also shares this notoriety (although, in my |
99 |
experience, less so). So there is a possibility that an update to any |
100 |
of those packages may have broken encfs and you need to rebuild the |
101 |
package. |