Ubuntu
ecryptfs-utils package

Input/output error with eCryptfs on Hardy Heron 8.04.1

Bug #308249 reported by vlc
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
Won't Fix
Undecided
Unassigned

Bug Description

Binary package hint: ecryptfs-utils

When configuring an eCryptfs directory as specified in http://ecryptfs.sourceforge.net/README, I cannot decrypt the stored files any more after unmounting / mounting the directory:

$ echo hello > ~/Secret/test.txt
$ cat ~/Secret/test.txt
hello
$ umount ~/Secret
$ mount -i ~/Secret
$ cat ~/Secret/test.txt
cat: /home/vlc/Secret/test.txt: Input/output error

The following errors can be found in the system log:

> The lower file appears to be a non-encrypted eCryptfs file; this is not supported in this version of the eCryptfs kernel module
> Error attempting to read the [user.ecryptfs] xattr from the lower file; return value = [4294967201]
> Valid eCryptfs headers not found in file header region or xattr region
> Attempt to read file that is not in a valid eCryptfs format, and plaintext passthrough mode is not enabled; returning -EIO

Ubuntu version: 8.04.1
ecryptfs-utils version: 38-2

Attached in file ecryptfs.txt please find the exact steps I executed to configure the eCryptfs directory.

Tags: ecryptfs
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

What is the output of the following:
 $ uname -a
...
 $ dpkg -l | grep linux-

:-Dustin

Revision history for this message
vlc (vlc) wrote :
Download full text (5.4 KiB)

$ uname -a
Linux EDDIE 2.6.24-22-generic #1 SMP Mon Nov 24 18:32:42 UTC 2008 i686 GNU/Linu

$ dpkg -l | grep linux-
ii linux-generic 2.6.24.22.24 Complete Generic Linux kernel
ii linux-headers-2.6.24-16 2.6.24-16.30 Header files related to Linux kernel version
ii linux-headers-2.6.24-16-generic 2.6.24-16.30 Linux kernel headers for version 2.6.24 on x
ii linux-headers-2.6.24-17 2.6.24-17.31 Header files related to Linux kernel version
ii linux-headers-2.6.24-17-generic 2.6.24-17.31 Linux kernel headers for version 2.6.24 on x
ii linux-headers-2.6.24-18 2.6.24-18.32 Header files related to Linux kernel version
ii linux-headers-2.6.24-18-generic 2.6.24-18.32 Linux kernel headers for version 2.6.24 on x
ii linux-headers-2.6.24-19 2.6.24-19.41 Header files related to Linux kernel version
ii linux-headers-2.6.24-19-generic 2.6.24-19.41 Linux kernel headers for version 2.6.24 on x
ii linux-headers-2.6.24-21 2.6.24-21.43 Header files related to Linux kernel version
ii linux-headers-2.6.24-21-generic 2.6.24-21.43 Linux kernel headers for version 2.6.24 on x
ii linux-headers-2.6.24-22 2.6.24-22.45 Header files related to Linux kernel version
ii linux-headers-2.6.24-22-generic 2.6.24-22.45 Linux kernel headers for version 2.6.24 on x
ii linux-headers-generic 2.6.24.22.24 Generic Linux kernel headers
ii linux-image-2.6.24-16-generic 2.6.24-16.30 Linux kernel image for version 2.6.24 on x86
ii linux-image-2.6.24-17-generic 2.6.24-17.31 Linux kernel image for version 2.6.24 on x86
ii linux-image-2.6.24-18-generic 2.6.24-18.32 Linux kernel image for version 2.6.24 on x86
ii linux-image-2.6.24-19-generic 2.6.24-19.41 Linux kernel image for version 2.6.24 on x86
ii linux-image-2.6.24-21-generic 2.6.24-21.43 Linux kernel image for version 2.6.24 on x86
ii linux-image-2.6.24-22-generic 2.6.24-22.45 Linux kernel image for version 2.6.24 on x86
ii linux-image-generic 2.6.24.22.24 Generic Linux kernel image
ii linux-libc-dev 2.6.24-22.45 ...

Read more...

Revision history for this message
vlc (vlc) wrote :
Revision history for this message
Dustin Kirkland  (kirkland) wrote : Re: [Bug 308249] Re: Input/output error with eCryptfs on Hardy Heron 8.04.1

Looks like the first echo didn't actually write encrypted data.
There's a lot of things that could have gone wrong with this. For one
thing, if you were in the ~/ directory when you did these tests, that
probably wouldn't work.

After performing the mount, and the unmount, try 'cat /proc/mounts' to
make sure that the mounts succeeded.

More generally, I really don't recommend ecryptfs in Hardy. It's far
more mature in Intrepid.

:-Dustin

Revision history for this message
vlc (vlc) wrote :

With "if you were in the ~/ directory when you did these tests" you mean ALL steps I performed to install the encrypted directory as well as the test? Which directory is better suited?

I checked in "/proc/mounts" and the directory was mounted:

$ cat /proc/mounts | grep Secret
/home/vlc/Secret /home/vlc/Secret ecryptfs rw,nosuid,nodev,noexec,dir=/home/vlc/Secret 0 0

The problem is that Intrepid does not boot on my PC, not even the Live-CD. Can you recommend another encryption method for Hardy? I'm not bound to eCryptfs.

Thanks!

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

On Tue, Dec 16, 2008 at 4:48 AM, vlc <email address hidden> wrote:
> The problem is that Intrepid does not boot on my PC, not even the Live-
> CD. Can you recommend another encryption method for Hardy? I'm not bound
> to eCryptfs.

Can you live-upgrade to Intrepid?

:-Dustin

Revision history for this message
vlc (vlc) wrote :

Well, as this is my productive system, I would not like to take the risk breaking it.

When browsing the repositories, I can find several other crypting utilities like bcrypt, ccrypt, cryptmount, ... Do you have an idea which of them has a good support in Hardy?

Thanks a lot!

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

On Tue, Dec 16, 2008 at 1:55 PM, vlc <email address hidden> wrote:
> Well, as this is my productive system, I would not like to take the risk
> breaking it.
>
> When browsing the repositories, I can find several other crypting
> utilities like bcrypt, ccrypt, cryptmount, ... Do you have an idea which
> of them has a good support in Hardy?

I don't know. ecryptfs is my expertise.

:-Dustin

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Thanks for the bug report.

I can't reproduce this specific issue. The reporter states that he's moved on, away from eCryptfs.

Please re-open if you can reproduce this specific issue, and provide more detail.

Thanks,

:-Dustin

Changed in ecryptfs-utils:
status: New → Invalid
Revision history for this message
Philipp Morger (philipp-morger) wrote :

Hi

Mar 28 17:43:19 serenity kernel: [81123.741796] Valid eCryptfs headers not found in file header region or xattr region
Mar 28 17:43:19 serenity kernel: [81123.741809] Either the lower file is not in a valid eCryptfs format, or the key could not be retrieved. Plaintext passthrough mode is not enabled; returning -EIO
Mar 28 17:43:19 serenity kernel: [81123.741969] Valid eCryptfs headers not found in file header region or xattr region
Mar 28 17:43:19 serenity kernel: [81123.741976] Either the lower file is not in a valid eCryptfs format, or the key could not be retrieved. Plaintext passthrough mode is not enabled; returning -EIO

Please note, this is lucid BETA 1.

Changed in ecryptfs-utils (Ubuntu):
status: Invalid → New
Revision history for this message
Philipp Morger (philipp-morger) wrote :

273818 0 -rw-r--r-- 1 phoenix phoenix 0 Mar 11 07:04 ./ECRYPTFS_FNEK_ENCRYPTED.FXb.....

I don't know if the issue is some 0 byte files....

I read, that some folks have issues with ext4 and loosing data reported by bug #317781.

So if an 0 byte file is placed in my .Private, then maybe ecryptfs can't read it.... though I don't know if I simply can delete those 0 byte files....

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

Marking this bug "won't-fix". Hardy's version of ecryptfs-utils was very pre-GA, and is unsupportable. Sorry.

Changed in ecryptfs-utils (Ubuntu):
status: New → Won't Fix
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.