New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
s3fs-fuse with ecryptfs? #166
Comments
A mechanism to avoid AWS S3 with ecryptfs was added because there is an issue: s3fs-fuse/s3fs-fuse#166
A mechanism to avoid cloudfuse with ecryptfs was added because there is an similar issue as this s3fs-fuse/s3fs-fuse#166
A mechanism to avoid cloudfuse with ecryptfs was added because there is an similar issue as s3fs-fuse/s3fs-fuse#166
I have not been geting this reason yet. example for my test:
I think it seems that nested mounting by s3fs does with no problem. Thanks in advance for your assistance. |
Thanks.
|
Thanks for quickly replying. I think that In order to find the cause we must look the other way. Thanks in advance for your help. |
Hi Takeshi, Steven. |
@stevenshiau I'm sorry to know no detail about eCryptfs. Regards, |
Hi Takeshi, Steven. |
@stevenshiau I created new branch "xattr" which supported extended attributes FUSE api.(posted same comment #169) Thanks in advance for your assistance. |
@ggtakec Thanks. I tested the new branch "xattr", still the results are the same:
The debug info are:
Anything else I need to test? Steven. |
Hi, Steven Thanks for replying and testing quickly. Regards, |
@ggtakec
Anything else I can test? Steven. |
Are you sure that this issue is related to the extended attributes? |
@delx, Steven. |
@delx @stevenshiau
I have not found detailed operation of ecryptfs yet, but I think that a cause is that ecryptfs can not be obtained extended attributes.(Who should write this extended attribute?) For example, #169 (about encfs) seems like this issue, it puts following log:
I think we need to know how to set these extended attributes for the object which is made by ecryptfs(encfs). I try to study about it, please wait for a while, and if you know about it please let me know. Thanks in advance for your help. |
Could you run ecryptfs with ecryptfs_xattr option? |
@ggtakec,
Then the error is:
Somehow the option "ecryptfs_xattr" prevents the file creation. Steven. |
@stevenshiau I'm sorry for replying late. I tried to do your scenario on ubuntu. I did not get something error about ecryptfs_xattr option yet. Thanks in advance for your assistance. |
@ggtakec, Steven. |
@stevenshiau I’m sorry, still I'm not able to solve this problem. I fixed that s3fs has been able to receive a binary array as value for extended attribute. It seems that s3fs could not return the value as "system.posix_acl_default" extended attribute, but this attribute is not set by any calling. Regards, |
@ggtakec No problem. I can fully understand that debugging might take a lot of time. I am a very patient user, and really glad that you keep fixing this issue. BR, |
@stevenshiau I fixed xattr branch now, it seems that works good.(after remount) I warry one, that the file size which encoded is not correct at first time before reading it. Note the thing about xattr of s3fs. |
At the end of this week, I will try to merge xattr branch to master branch. Thanks in advance for your assistance. |
@ggtakec, Steven. |
#199 merged, master branch supports extended attributes. |
Sorry for the late, and thanks for your updates. However, I tried to compile the master you just merged and did the same test as my 1st post. I still got the same issue. Did you do the similar test with ecryptfs? Does it work there? Steven. |
I’m sorry for forgetting tell you about it. |
@ggtakec, Steven. |
Dear maintainer,
I encountered an issue when using ecryptfs with s3fs. Here is how the issue could be reproduced. First put the password file in /tmp/p.txt, and its content is like:
The script "s3fs-ecryptfs.sh" for all the steps:
The results for the above script:
As you can see, the md5sum of "/tmp/ecryptfs_mnt/ok.txt" in the 2nd mounting is different from the 1st one, and it's the same with encrypted file "/home/partimag/test-s3/ok.txt". Therefore you can see ecryptfs failed in decryption.
On the other hand, I tried the nearly same steps, and the only difference is to mount a local partition instead of S3 resource. Here the script "local-ecryptfs.sh" is:
As you can see, the only difference is in the 1st line.
Now the results for the script "local-ecryptfs.sh":
As you can see, the md5sum of "/tmp/ecryptfs_mnt/ok.txt" in the 2nd mounting is the same with the 1st one. This makes sense. Therefore you can see ecryptfs worked in decryption.
Any thought? Did I miss something? Or by nature the 2 file systems conflict with each other?
Thank you very much.
Steven.
The text was updated successfully, but these errors were encountered: