ecryptfs never releases the lower file

Bug #773260 reported by Serge Hallyn on 2011-04-29
This bug affects 2 people
Affects Status Importance Assigned to Milestone
linux (Ubuntu)

Bug Description

Ecryptfs never releases the lower file. That means that no inotify events are ever issued for the underlying encrypted fs. This in turn means that if the encrypted directory is on Ubuntu One, changes are not synced until after a forced rescan or after a reboot.

Commit 332ab16f830f59e7621ae8eb2c353dc135a316f6 by tyhicks adds reference counting (resulting in a fput of the lower file on final umount) to the underlying files. This should allow an ecryptfs filesystem located under Ubuntu One to be properly synced. Could we get that into natty-proposed?

Serge Hallyn (serge-hallyn) wrote :

Unfortunately the patch may not be enough. This bug could be deemed depending on bug 723518.

Tyler Hicks (tyhicks) wrote :

Serge - the fix for this is simple. See the patch attached to bug 723518.

I don't think that it depends on Commit 332ab16f830f59e7621ae8eb2c353dc135a316f6, but I can't say for sure.

Quoting Tyler Hicks (<email address hidden>):
> Serge - the fix for this is simple. See the patch attached to bug
> 723518.
> I don't think that it depends on Commit
> 332ab16f830f59e7621ae8eb2c353dc135a316f6, but I can't say for sure.

Ok, thanks - I was holding of yesterday afternoon after you mentioned
that there appeared to still be a bug. I'll test that patch on

Serge Hallyn (serge-hallyn) wrote :

To give this a more repeatable test, here is a python file which can be used to verify. When I do

  (sudo bash)
  mkdir src tgt
  mount -t ecryptfs src tgt
  (in window 1):
  (in window 2):
  echo hi > hi
  echo there >> hi

I see:
root@ecryptfs-natty-amd64:~# python
Create: /home/serge/src/hi
MOdified: /home/serge/src/hi
MOdified: /home/serge/src/hi

so the modified inotify events are sent, but the closed-write are not.

import os
from pyinotify import WatchManager, Notifier, ThreadedNotifier, EventsCodes, ProcessEvent

wm = WatchManager()

mask = EventsCodes.ALL_FLAGS['IN_DELETE'] | EventsCodes.ALL_FLAGS['IN_CREATE'] | EventsCodes.ALL_FLAGS['IN_MODIFY'] | EventsCodes.ALL_FLAGS['IN_CLOSE_WRITE'] # watched events

class PTmp(ProcessEvent):
    def process_IN_CREATE(self, event):
        print "Create: %s" % os.path.join(event.path,

    def process_IN_DELETE(self, event):
        print "Remove: %s" % os.path.join(event.path,

    def process_IN_MODIFY(self, event):
        print "MOdified: %s" % os.path.join(event.path,

    def process_IN_CLOSE_WRITE(self, event):
        print "closed write: %s" % os.path.join(event.path,

notifier = Notifier(wm, PTmp())

wdd = wm.add_watch('/home/serge/src/', mask, rec=True)

while True: # loop forever
        # process the queue of events as explained above
        if notifier.check_events():
            # read notified events and enqeue them
        # you can do some tasks here...
    except KeyboardInterrupt:
        # destroy the inotify's instance on this interrupt (stop monitoring)

Serge Hallyn (serge-hallyn) wrote :

With the cherrypicked commit from upstream, the results are:

root@ecryptfs-natty-amd64:~# python
closed write: /home/serge/src/hi
closed write: /home/serge/src/
Create: /home/serge/src/yo
MOdified: /home/serge/src/yo
closed write: /home/serge/src/yo
MOdified: /home/serge/src/yo
closed write: /home/serge/src/yo
MOdified: /home/serge/src/yo
closed write: /home/serge/src/yo

Serge Hallyn (serge-hallyn) wrote :
Serge Hallyn (serge-hallyn) wrote :

I"ve marked this high priority since it prevents ecryptfs from being used with Ubuntu One, and there is no workaround - all you can do is to frequently reboot.

Changed in linux (Ubuntu):
status: New → Triaged
Serge Hallyn (serge-hallyn) wrote :

(of course if you disagree please do change the priority :)

Changed in linux (Ubuntu):
importance: Undecided → High
Serge Hallyn (serge-hallyn) wrote :

Drat, running with my cherrypicked patch for some time now, but while inotify events are being sent, Ubuntu One does not seem to be syncing the changes.

Andy Whitcroft (apw) wrote :

@Serge -- has this progressed at all upstream? This patch is pretty big, but you imply its not sufficient yet?

Serge Hallyn (serge-hallyn) wrote :


Hm, even normal files dont' seem to be getting pushed right now, so I'm afraid I can't confirm. The best I can confirm is that when I stop u1sdtool and the syncdaemon and then u1sdtool -c, ecryptfs backing files which have been modified then get pushed.

Brad Figg (brad-figg) wrote :


Is this issue fully resolved in Oneiric and Precise kernels? Is there still a desire to have it backported to Natty? As Andy stated, this is a fairly large patch to backport.

tags: added: patch
Stefan Bader (smb) wrote :

Setting to incomplete to mark this waiting on some feedback.

Changed in linux (Ubuntu):
status: Triaged → Incomplete
Launchpad Janitor (janitor) wrote :

[Expired for linux (Ubuntu) because there has been no activity for 60 days.]

Changed in linux (Ubuntu):
status: Incomplete → Expired
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers