| 1 |
On Friday, July 8 at 11:55 (-0500), Harry Putnam said: |
| 2 |
|
| 3 |
[..] |
| 4 |
> Somehow I managed to really hurt the installation ... here is what I |
| 5 |
> remember having done: |
| 6 |
> |
| 7 |
> Some how I got mixed up when running as root, and attempted to mount a |
| 8 |
> users encfs directory. (Its a single user machine so it my users |
| 9 |
> directory) |
| 10 |
> |
| 11 |
> That should just fail with some kind of permission error since no one, |
| 12 |
> even root, can mess with someone elses' encfs directory. |
| 13 |
> |
| 14 |
This is not entirely the case. No one can enter an encfs mount |
| 15 |
(destination) but the person that mounted it (by default), but anyone |
| 16 |
can *mount* the encfs "source" (and thus become the owner of the mount). |
| 17 |
All other Unix permissions are retained. |
| 18 |
|
| 19 |
> But once I'd done that I could no longer even `ls' the subject |
| 20 |
> directory. Not as user, not as root. A simple `ls' would totally |
| 21 |
> hang the terminal. |
| 22 |
> |
| 23 |
> Of course I tried to umount but really it never actually mounted. |
| 24 |
> |
| 25 |
It probably *did* mount, but... |
| 26 |
|
| 27 |
> I started getting this error: `Transport endpoint is not connected' |
| 28 |
> |
| 29 |
Usually that means the background process that actually handles the |
| 30 |
enc/dec has died or is otherwise not responding. |
| 31 |
|
| 32 |
> I could see roots attempt to mount the darn thing in ps wwaux output |
| 33 |
> and killed that pid. |
| 34 |
> |
| 35 |
That's probably why you got the above error. But technically if you |
| 36 |
just kill the process, the kernel still thinks it's mounted. |
| 37 |
|
| 38 |
> Eventually (after posting several days ago on encfs list. I resorted |
| 39 |
> to umounting /home (after full backup of course) and reformatted it. |
| 40 |
> |
| 41 |
That's seems a bit extreme... |
| 42 |
|
| 43 |
> I was then able to deleted encfs_raw and encfs_mnt. |
| 44 |
> |
| 45 |
Did you try simply rebooting or manually unmounting? That's probably |
| 46 |
all that was needed. |
| 47 |
|
| 48 |
> But here is the real kicker. Even after all that, and in fact another |
| 49 |
> full round of mostly the same stuff, including another reformat. So |
| 50 |
> two reformats and two reboots. Even with that, I still cannot create a |
| 51 |
> new enc_raw and enc_mount of the same name as the old one. |
| 52 |
> |
| 53 |
What do you mean by "cannot"? Do you get an error? Does dmesg tell you |
| 54 |
anything? |
| 55 |
|
| 56 |
> I would like to, because I have several scripts that depend on that |
| 57 |
> name. Not a huge deal... but what could still be causing trouble? |
| 58 |
> |
| 59 |
This is indicative possibly of another issue, that is being masked. Try |
| 60 |
reading dmesg or strace the encfs process in foreground mode. |
| 61 |
|
| 62 |
> I can create any number of encfs directories with different names. |
| 63 |
> Just not the original. |
| 64 |
> |
| 65 |
Again, seems indicative of another issue. Perhaps the host fs is |
| 66 |
currupt or something similar. |
| 67 |
|
| 68 |
> What happens if I try is that after creation (using old name) I can |
| 69 |
> move files to the new (with old name) directory. |
| 70 |
> |
| 71 |
> But if I once umount it like: fusermount -u /my/oldencfs, then when I |
| 72 |
> try next to mount it, it hangs terminally. Takes over the terminal |
| 73 |
> and kills all further progress (in that terminal). This happens at |
| 74 |
> the point where I answer the passwd prompt with the appropriate |
| 75 |
> passwd. |
| 76 |
> |
| 77 |
> (No .. no chance I'm entering it wrong... its been in daily use for |
| 78 |
> yrs). |
| 79 |
> |
| 80 |
> I'm kind of stumped at what else to try. I've used encfs -v (verbose) |
| 81 |
> mode and -f (foreground) mode but after entering the passwd... it |
| 82 |
> all just goes south... nothing more can happen. |
| 83 |
> |
| 84 |
> Maybe encfs keeps data somewhere that I can delete and make this go |
| 85 |
> away? But a `qlist encfs', listing all that got installed doesn't show |
| 86 |
> anything like that. |
| 87 |
> |
| 88 |
If you totally remove the source and target directories, there is no |
| 89 |
other information stored, which allows you to (e.g) encfs directory on a |
| 90 |
vfat-formated USB stick and move it mount it on a different machine. |
| 91 |
All that encfs knows about an encrypted directory is in *one* file on |
| 92 |
the source directory (.encfs6.xml). Once that file is gone, there is no |
| 93 |
such thing as an encfs. |
| 94 |
|
| 95 |
Having said that: |
| 96 |
One of encfs's Achilles heel is its dependency on the boost C++ library |
| 97 |
which is *very* sensitive wrt to API/ABI changes and the like. It also |
| 98 |
depends on OpenSSL which also shares this notoriety (although, in my |
| 99 |
experience, less so). So there is a possibility that an update to any |
| 100 |
of those packages may have broken encfs and you need to rebuild the |
| 101 |
package. |
Archives