-
ecryptfs-utils (103-0ubuntu2) raring; urgency=low
* fix an empty update-notifier window (LP: #1107650)
- needed part was dropped accidentally at 102-0ubuntu1
-- Nobuto MURATA <email address hidden> Wed, 20 Feb 2013 14:05:42 +0900
-
ecryptfs-utils (103-0ubuntu1) raring; urgency=low
[ Tyler Hicks ]
* debian/rules:
- Use dpkg-buildflags to inject distro compiler hardening flags into the
build. This also fixes the hardening-no-fortify-functions lintian
warnings.
[ Dustin Kirkland ]
* doc/manpage/ecryptfs-add-passphrase.1, doc/manpage/ecryptfsd.8,
doc/manpage/ecryptfs-find.1, doc/manpage/ecryptfs-generate-tpm-
key.1, doc/manpage/ecryptfs-insert-wrapped-passphrase-into-
keyring.1, doc/manpage/ecryptfs-manager.8, doc/manpage/ecryptfs-
migrate-home.8, doc/manpage/ecryptfs-mount-private.1,
doc/manpage/ecryptfs-recover-private.1, doc/manpage/ecryptfs-rewrap-
passphrase.1, doc/manpage/ecryptfs-rewrite-file.1,
doc/manpage/ecryptfs-setup-private.1, doc/manpage/ecryptfs-setup-
swap.1, doc/manpage/ecryptfs-stat.1, doc/manpage/ecryptfs-umount-
private.1, doc/manpage/ecryptfs-unwrap-passphrase.1,
doc/manpage/ecryptfs-verify.1, doc/manpage/ecryptfs-wrap-
passphrase.1, doc/manpage/Makefile.am, doc/manpage/mount.ecryptfs.8,
doc/manpage/mount.ecryptfs_private.1, doc/manpage/pam_ecryptfs.8,
doc/manpage/umount.ecryptfs.8,
doc/manpage/umount.ecryptfs_private.1, src/desktop/ecryptfs-find =>
src/utils/ecryptfs-find, src/desktop/Makefile.am,
src/utils/Makefile.am:
- add 3 new manpages, for ecryptfs-find, ecryptfs-verify, and
ecryptfs-migrate-home
- Add SEE ALSO section to manpages which were missing it
- Mention "Debian and Ubuntu" in license location
- move the ecryptfs-find utility to the proper location in src/utils
* src/utils/Makefile.am:
- fix broken build
* debian/ecryptfs-utils.links:
- link no longer needed for ecryptfs-find
[ Colin King ]
* === added directory tests/kernel/mmap-bmap, === added directory
tests/kernel/xattr, tests/kernel/link.sh, tests/kernel/Makefile.am,
tests/kernel/mknod.sh, tests/kernel/mmap-bmap.sh, tests/kernel/mmap-
bmap/test.c, tests/kernel/tests.rc, tests/kernel/xattr.sh,
tests/kernel/xattr/test.c:
- ran the current eCryptfs tests on 3.8-rc4 with kernel gcov enabled
and spotted a few trivial areas where it would be useful to up the
test coverage on the code
- so here are a few very simple additional tests to exercise eCryptfs
a little further
-- Dustin Kirkland <email address hidden> Fri, 25 Jan 2013 12:58:56 -0600
-
ecryptfs-utils (102-0ubuntu1) raring; urgency=low
[ Dustin Kirkland ]
* debian/control:
- bump standards, no change
* precise
[ Tyler Hicks ]
* autogen.sh, scripts/release.sh, Makefile.am:
- Break out the autoreconf and intltoolize commands from release.sh into
an executable autogen.sh
- Use the --copy option when invoking intltoolize
- Include the new autogen.sh script in the release tarball
* debian/rules, debian/control:
- Use dh-autoreconf so that upstream sources can easily be used to build
packages for all the stable Ubuntu releases in the ecryptfs-utils daily
build PPA
- Override the dh_autoreconf target by running the autogen.sh script
- Drop Build-Depends on autotools-dev since dh-autoreconf is a superset of
autotools-dev
- Drop Build-Depends on autoconf, automake, and libtool since
dh-autoreconf depends on all of these packages
* m4/ac_python_devel.m4:
- Fix FTBFS in Raring Ringtail due to multiarch Python. Be sure to include
platform specific Python include directions in SWIG_PYTHON_CPPFLAGS.
* src/utils/mount.ecryptfs_private.c:
- Fix conditionals when checking whether to remove authentication tokens
from the kernel keyring upon umount. This conditional was incorrectly
modified in ecryptfs-utils-101, yet the authentication tokens still seem
to be removed from the kernel keyring so it isn't clear if there was
actually a user-facing regression.
- Pass the FEKEK sig, rather than the FNEK sig, to
ecryptfs_private_is_mounted()
- Restore behavior of not printing error messages to syslog when
unmounting and keys cannot be found in the kernel keyring.
- Restore behavior of printing a useful error message about
ecryptfs-mount-private when mounting and keys cannot be found in the
kernel keyring
- Fix memory leak and clean up free()'s in an error path
- Use pointer assignment tests, rather than strlen(), to determine which
key signatures were fetched
* src/daemon/main.c, src/include/ecryptfs.h,
src/libecryptfs/{Makefile.am,messaging.c,miscdev.c,netlink.c,sysfs.c},
doc/manpage/ecryptfsd.8, doc/design_doc/ecryptfs_design_doc_v0_2.tex:
- Remove netlink messaging interface support
- Netlink messaging support was superceded by the miscdev interface
(/dev/ecryptfs) in upstream kernel version 2.6.26 in July, 2008
- Netlink messaging support was completely removed from the upstream
kernel starting with version 2.6.32 in December, 2009
* src/jprobes/*, scripts/delete-cruft.sh:
- Remove all jprobes code, as I don't use jprobes to debug eCryptfs kernel
issues and I don't like the idea of maintaining these jprobes outside of
the kernel tree
* src/escrow/*:
- Remove all escrow code, as it isn't used or maintained
* tests/kernel/llseek.sh, tests/kernel/llseek/test.c,
tests/userspace/wrap-unwrap.sh, tests/userspace/wrap-unwrap/test.c:
- Migrate some old testcases over to the modern test framework
* tests/lib/etl_funcs.sh:
- Update etl_create_test_dir() to allow a parent directory to be specified
when creating the directory
* src/testcases:
- Delete old testcases that were either too basic, covered by more
extensive tests in the modern test framework, or just didn't work
[ Nobuto MURATA ]
* src/desktop/ecryptfs-record-passphrase:
-- Dustin Kirkland <email address hidden> Tue, 22 Jan 2013 16:04:11 -0600
-
ecryptfs-utils (101-0ubuntu3) raring; urgency=low
* Fix FTBFS: multiarched python2.7 paths.
-- Dmitrijs Ledkovs <email address hidden> Mon, 24 Dec 2012 14:24:56 +0200
-
ecryptfs-utils (101-0ubuntu2) raring; urgency=low
* debian/patches/record-passphrase-dialogue-translatable.patch:
- make "Record your encryption passphrase" dialogue translatable
(LP: #982924)
- to workaround lp bug 1075304, removing line breaks(.) in the
dialogue
-- Nobuto MURATA <email address hidden> Thu, 06 Dec 2012 23:37:38 +0900
-
ecryptfs-utils (101-0ubuntu1) raring; urgency=low
[ Eric Lammerts ]
* src/libecryptfs/sysfs.c: LP: #1007880
- Handle NULL mnt pointer when sysfs is not mounted
[ Tyler Hicks ]
* src/utils/ecryptfs-migrate-home: LP: #1026180
- Correct minor misspelling
* src/utils/ecryptfs-recover-private: LP: #1004082
- Fix option parsing when --rw is specified
* src/utils/ecryptfs-recover-private: LP: #1028923
- Simplify success message to prevent incorrectly reporting that a
read-only mount was performed when the --rw option is specified
* tests/lib/etl_func.sh:
- Add test library function to return a lower path from an upper path,
based on inode numbers
* tests/kernel/mmap-close.sh, tests/kernel/mmap-close/test.c:
- Add regression test for open->mmap()->close()->dirty memory->munmap()
pattern
* tests/kernel/lp-561129.sh:
- Add test for checking that a pre-existing target inode is properly
evicted after a rename
* tests/README:
- Add documentation on the steps to take when adding new test cases
[ Colin King ]
* tests/kernel/lp-911507.sh:
- Add test case for initializing empty lower files during open()
* tests/kernel/lp-872905.sh:
- Add test case to check for proper unlinking of lower files when
lower file initialization fails
* src/key_mod/ecryptfs_key_mod_openssl.c,
src/key_mod/ecryptfs_key_mod_pkcs11_helper.c,
src/libecryptfs/key_management.c,
src/utils/mount.ecryptfs_private.c, src/utils/umount.ecryptfs.c:
- address some issues raised by smatch static analysis
- fix some memory leaks with frees
- fix some pointer refs and derefs
- fix some comment typos
[ Dustin Kirkland ]
* src/libecryptfs/key_management.c:
- silence pam error message when errno == EACCES
+ "Error attempting to parse .ecryptfsrc file; rc = [-13]"
* src/utils/mount.ecryptfs_private.c: LP: #1052038
- fix race condition, which typically manifests itself with a user
saying that their home directory is not accessible, or that their
filenames are not decrypted
- the root of the problem is that we were reading the signature file,
~/.ecryptfs/Private.sig, twice; in some cases, the first one succeeds,
so the file encryption signature is read and key is loaded, but then
some other process (usually from PAM, perhaps a cron job or a
subsequent login) mounts the home directory before the filename
encryption key is loaded; thus, $HOME is mounted but filenames are
not decrypted, so the second read of ~/.ecryptfs/Private.sig fails
as that file is not found
- the solution is to rework the internal fetch_sig() function and read
one or both signatures within a single open/read/close operation of
the file
- free memory used by char **sig on failure
* debian/copyright:
- fix lintian warning
* precise
-- Dustin Kirkland <email address hidden> Thu, 25 Oct 2012 16:13:28 -0500
-
ecryptfs-utils (100-0ubuntu1) quantal; urgency=low
[ Tyler Hicks ]
* src/pam_ecryptfs/pam_ecryptfs.c, src/libecryptfs/key_management.c:
LP: #1024476
- fix regression introduced in ecryptfs-utils-99 when Encrypted
Home/Private is in use and the eCryptfs kernel code is compiled as a
module
- drop check for kernel filename encryption support in pam_ecryptfs, as
appropriate privileges to load the eCryptfs kernel module may not be
available and filename encryption has been supported since 2.6.29
- always add filename encryption key to the kernel keyring from pam mount
[ Colin King ]
* tests/kernel/inode-race-stat/test.c:
- limit number of forks based on fd limits
* tests/kernel/enospc.sh, tests/kernel/enospc/test.c,
tests/kernel/Makefile.am, tests/kernel/tests.rc:
- add test case for ENOSPC
[ Tim Harder ]
* m4/ac_python_devel.m4: LP: #1029217
- properly save and restore CPPFLAGS and LIBS when python support is
enabled
-- Dustin Kirkland <email address hidden> Thu, 02 Aug 2012 16:33:55 -0500
