eCryptfs

Ecryptfs Mounting Error Needs More Details: mount.ecryptfs: Failed to perform eCryptfs mount: [-32]

Bug #1435354 reported by naisanza
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
eCryptfs
Opinion
Undecided
Unassigned

Bug Description

Ecryptfs does not provide a helpful error when it fails to find a passphrase in the user's kernel keyring when mounting an encrypted directory.

The solution is to show an error that says, "Failed to perform eCryptfs mount, stored passphrase not found: [-32]"

The error reported by ecryptfs is the following, in system log:

mount.ecryptfs: Failed to perform eCryptfs mount: [-32]

in console output:

mount: mount(2) failed: No such file or directory
Error mounting eCryptfs: [-1] Operation not permitted

Below is the console output:

eric@skylab:~$ sudo ./mount.sh
Unable to find a list of options to parse, defaulting to interactive mount
Passphrase:
Select cipher:
 1) aes: blocksize = 16; min keysize = 16; max keysize = 32
 2) blowfish: blocksize = 8; min keysize = 16; max keysize = 56
 3) des3_ede: blocksize = 8; min keysize = 24; max keysize = 24
 4) twofish: blocksize = 16; min keysize = 16; max keysize = 32
 5) cast6: blocksize = 16; min keysize = 16; max keysize = 32
 6) cast5: blocksize = 8; min keysize = 5; max keysize = 16
Selection [aes]:
Select key bytes:
 1) 16
 2) 32
 3) 24
Selection [16]:
Enable plaintext passthrough (y/n) [n]:
Enable filename encryption (y/n) [n]: y
Filename Encryption Key (FNEK) Signature [655d7d308b95b589]: e43d8413a70fc94e
Unable to find a list of options to parse, defaulting to interactive mount
Attempting to mount with the following options:
  ecryptfs_unlink_sigs
  ecryptfs_fnek_sig=e43d8413a70fc94e
  ecryptfs_key_bytes=16
  ecryptfs_cipher=aes
  ecryptfs_sig=655d7d308b95b589
mount: mount(2) failed: No such file or directory
Error mounting eCryptfs: [-1] Operation not permitted
Check your system logs; visit <http://ecryptfs.org/support.html>

Revision history for this message
naisanza (naisanza) wrote :

Propose Bug title change to "New Ecryptfs Mounting Error Detail" for better clarity

Revision history for this message
Tyler Hicks (tyhicks) wrote :

Hello and thanks for reporting this issue.

There are actually quite a few messages related to not finding the correct key in the kernel keyring that are printed to the syslog in this case. You pasted one of them but I don't see the others in your bug description. Here's what I see:

Mar 27 14:23:26 sec-vivid-amd64 kernel: [ 132.827393] Could not find key with description: [655d7d308b95b589]
Mar 27 14:23:26 sec-vivid-amd64 kernel: [ 132.827404] process_request_key_err: No key
Mar 27 14:23:26 sec-vivid-amd64 kernel: [ 132.827408] Could not find valid key in user session keyring for sig specified in mount option: [655d7d308b95b589]
Mar 27 14:23:26 sec-vivid-amd64 kernel: [ 132.827411] One or more global auth toks could not properly register; rc = [-2]
Mar 27 14:23:26 sec-vivid-amd64 kernel: [ 132.827416] Error parsing options; rc = [-2]
Mar 27 14:23:26 sec-vivid-amd64 mount.ecryptfs: Failed to perform eCryptfs mount: [-32]

That seems sufficient enough to convey the error. Perhaps even too verbose and unfriendly. Do you not see these error messages on your system?

Changed in ecryptfs:
status: New → Incomplete
Revision history for this message
naisanza (naisanza) wrote :

You are right. I was only looking for mount.ecryptfs errors in the log and wasn't expecting it to come from the kernel. Let's close out this report.

Though it seems it's likely to be a common issue, and having the output to stdout instead of to the logs might be a bit more helpful.

Changed in ecryptfs:
status: Incomplete → Opinion
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.