Ubuntu
ecryptfs-utils package

main inclusion request: ecryptfs-utils

Bug #247400 reported by Dustin Kirkland  on 2008-07-10

8

Affects		Status	Importance	Assigned to	Milestone
	ecryptfs-utils (Ubuntu)	Fix Released	Undecided	Unassigned

Bug Description

Binary package hint: ecryptfs-utils

Please consider ecryptfs-utils for inclusion into Ubuntu main.

The Main Inclusion Report can be found at:
* https://wiki.ubuntu.com/MainInclusionReportEcryptfsUtils

This is the key package necessary for the Encrypted Private Directories feature for Intrepid:
* https://wiki.ubuntu.com/EncryptedPrivateDirectory
* https://blueprints.edge.launchpad.net/ubuntu/+spec/encrypted-private-directories

It provides the userspace utilies, mount command, and pam module.

This package's inclusion also depends on approval of pkcs11-helper's addition to main.
* Bug #247336
* https://wiki.ubuntu.com/MainInclusionReportPkcs11Helper

:-Dustin

See original description

Dustin Kirkland  (kirkland) on 2008-07-10

description:

updated

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-07-10:

#1

This MIR depends on the patch for Bug #247389, which removes unnecessary build dependencies on at least trousers, freetype1, and opencryptoki.

:-Dustin

Revision history for this message

Matthias Klose (doko) wrote on 2008-07-15:

#2

- debian-security, please have a look at the suid binary sbin/mount.ecryptfs_private
and related code.
- besides the ok from ubuntu-security and the promotion of opencryptoki, the code looks ok for promotion

Changed in ecryptfs-utils:
assignee:	nobody → ubuntu-security
status:	New → Incomplete

Revision history for this message

Kees Cook (kees) wrote on 2008-07-15:

#3

I'm happy with the mount helper. pitti and I have reviewed it with kirkland the while it was being written.

Changed in ecryptfs-utils:
assignee:	ubuntu-security → nobody
status:	Incomplete → Confirmed

Revision history for this message

Martin Pitt (pitti) wrote on 2008-07-16:

#4

The library is invalidly packaged: libecryptfs0 ships files which are non-SONAME specific, even conffiles. This will lead to trouble when the ABI gets bumped, and thus libecryptfs1 is not installable in parallel. It will also cause headaches with conffile migrtation. The conffile and ./lib/security/pam_ecryptfs.so either need to move to some -common package, or straight to ecryptfs-utils.

Changed in ecryptfs-utils:
status:	Confirmed → Incomplete

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-07-16:

#5

The soname independent binaries have been moved from libecryptfs0 to ecryptfs-utils as of 50-4. I'll merge as soon as it's built in Debian.

The Debian maintainer says that libecryptfs0 doesn't have conffiles... What conffiles do you speak of, Martin?

:-Dustin

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-07-31:

#6

Martin-

Your concerns should be addressed in the latest ecryptfs-utils. Could you check this again for main inclusion?

:-Dustin

Changed in ecryptfs-utils:
status:	Incomplete → Confirmed

Revision history for this message

Martin Pitt (pitti) wrote on 2008-08-01:

#7

Indeed, looks fine now. Promoted.

Please get it seeded somewhere (or add a dependency to it), so that it will stay in main.

Changed in ecryptfs-utils:
status:	Confirmed → Fix Released

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-08-08:

#8

Added to server-ship here:
* https://code.launchpad.net/~kirkland/ubuntu-seeds/247400

:-Dustin

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.