Ubuntu
fscrypt package

Package needs newer version with v2 encryption policy

Bug #1882993 reported by Redsandro
26
This bug affects 6 people
Affects Status Importance Assigned to Milestone
fscrypt (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

The latest packaged version is fscrypt v0.2.5, which is almost a year old.

Since then, some serious limitations have been addressed that depend on the 5.4 kernel.
https://www.kernel.org/doc/html/latest/filesystems/fscrypt.html

The v2 encryption policy allows for some non-trivial fixes that allow usage with docker, www-data and other situations for which multiple system users require access, that right now forces us to use LUKS rather than fscrypt, and have been released specifically before the launch of the Ubuntu focal 20.04 LTS release.

Can we update this package for focal to fscrypt v0.2.8?

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in fscrypt (Ubuntu):
status: New → Confirmed
Revision history for this message
Redsandro (redsandro) wrote :

It's time to package fscrypt 0.2.9.

Revision history for this message
Thiago Martins (martinx) wrote :

I can't wait for it!

Revision history for this message
Laurent Bonnaud (laurent-bonnaud) wrote :

Recent Ubuntu releases now include fscrypt 0.2.9.

Changed in fscrypt (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Steve Dodd (anarchetic) wrote (last edit ):

Note that in particular, lightdm seems have to problems when using v1 policies, see https://github.com/google/fscrypt/issues/203. I had to upgrade one focal laptop to v2 policies to get lightdm to work - although oddly I had no problems on another, and I can't see the difference between them.

I would have thought a backport for at least focal might have been justified, as home directory encryption must be one of the major use cases for fscrypt.

Revision history for this message
Redsandro (redsandro) wrote :

Be advised that this package is provided by the Debian Go Packaging Team.

https://go-team.pages.debian.net

The Go-Team does not use Launchpad. In stead, the package is tracked over at Debian:

https://tracker.debian.org/pkg/fscrypt

I did not know this at the time I opened this request. Launchpad is probably an automation. Future issues should be reported over at the Debian tracker.

https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=fscrypt

For this specific issue, I think we can assume there won't be a backport, but for Ubuntu 22.04 LTS, we will get fscrypt 0.3.1 which is quite recent.

https://github.com/google/fscrypt/releases/tag/v0.3.1

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.