Absolute symlinks not preserved

Bug #1663084 reported by Taylor Raack on 2017-02-09
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
encfs (Ubuntu)
Undecided
Unassigned

Bug Description

I've recently found that encfs converts absolute symlinks into relative symlinks, which isn't good.

[Impact]
All users using encfs to encrypt and decrypt absolute symlinks will work correctly, and will not fail silently.

[Test Case]

# remove old runs
rm -rf /tmp/source
fusermount -u /tmp/decrypted
fusermount -u /tmp/encrypted

# setup
mkdir -p /tmp/source /tmp/encrypted /tmp/decrypted
ln -s /etc/linkedfile /tmp/source/absolute-link

# encrypt /tmp/source into /tmp/encrypted
encfs --standard --reverse -o ro /tmp/source /tmp/encrypted

# decrypt /tmp/encrypted into /tmp/decrypted
ENCFS6_CONFIG=/tmp/source/.encfs6.xml encfs --standard /tmp/encrypted /tmp/decrypted

echo "Now see how the absolute symlink in the source directory (absolute-link -> /etc/linkedfile) has been turned into a relative symlink in the decrypted directory (absolute-link -> /etc/linkedfile)..."
echo ""
echo "Source directory list (see symlink is absolute)"
ls -al /tmp/source
echo ""
echo "Encrypted directory list"
ls -al /tmp/encrypted
echo ""
echo "Decrypted directory list (see symlink has been mangled into a relative link, rather than an absolute link)"
ls -al /tmp/decrypted

This will show:

Creating new encrypted volume.
Standard configuration selected.
--reverse specified, not using unique/chained IV

Configuration finished. The filesystem to be created has
the following properties:
Filesystem cipher: "ssl/aes", version 3:0:2
Filename encoding: "nameio/block", version 3:0:1
Key Size: 192 bits
Block Size: 1024 bytes
File holes passed through to ciphertext.

Now you will need to enter a password for your filesystem.
You will need to remember this password, as there is absolutely
no recovery mechanism. However, the password can be changed
later using encfsctl.

New Encfs Password:
Verify Encfs Password:
EncFS Password:
Now see how the absolute symlink in the source directory (absolute-link -> /etc/linkedfile) has been turned into a relative symlink in the decrypted directory (absolute-link -> /etc/linkedfile)...

Source directory list (see symlink is absolute)
total 2160
drwx------ 2 traack dialout 4096 Jan 23 21:03 .
drwxrwxrwt 18 root root 2199552 Jan 23 21:03 ..
lrwxrwxrwx 1 traack dialout 15 Jan 23 21:03 absolute-link -> /etc/linkedfile
-rw------- 1 traack dialout 1078 Jan 23 21:03 .encfs6.xml

Encrypted directory list
ls: /tmp/encrypted/F1eFQbB,bUUGPNt3WInPxLmu: No such file or directory
total 2160
drwx------ 2 traack dialout 4096 Jan 23 21:03 .
drwxrwxrwt 18 root root 2199552 Jan 23 21:03 ..
lrwxrwxrwx 1 traack dialout 49 Jan 23 21:03 F1eFQbB,bUUGPNt3WInPxLmu -> w4VeHU6C9a23mKMup7sCS7rW/ZFJ1rQnkGjx,FD-nkHTx5ZYP
-rw------- 1 traack dialout 1078 Jan 23 21:03 OdLgnM7TBEPG0naHpgxKJLvE

Decrypted directory list (see symlink has been mangled into a relative link, rather than an absolute link)
ls: /tmp/decrypted/absolute-link: No such file or directory
total 2160
drwx------ 2 traack dialout 4096 Jan 23 21:03 .
drwxrwxrwt 18 root root 2199552 Jan 23 21:03 ..
lrwxrwxrwx 1 traack dialout 14 Jan 23 21:03 absolute-link -> etc/linkedfile
-rw------- 1 traack dialout 1078 Jan 23 21:03 .encfs6.xml

[Regression Potential]
Likely to be low

-----------------------------

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: encfs 1.7.4-2.4ubuntu2
ProcVersionSignature: Ubuntu 3.13.0-108.155-generic 3.13.11-ckt39
Uname: Linux 3.13.0-108-generic i686
NonfreeKernelModules: zfs zunicode zcommon znvpair zavl
ApportVersion: 2.14.1-0ubuntu3.23
Architecture: i386
CurrentDesktop: Unity
Date: Wed Feb 8 17:10:15 2017
EcryptfsInUse: Yes
InstallationDate: Installed on 2010-07-26 (2389 days ago)
InstallationMedia: Ubuntu-Netbook 10.04 "Lucid Lynx" - Release i386 (20100429.4)
SourcePackage: encfs
UpgradeStatus: Upgraded to trusty on 2014-09-08 (885 days ago)

Taylor Raack (track16) wrote :
Taylor Raack (track16) on 2017-02-09
description: updated
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers