Bug 1217517

Summary: Use ext4 encryption to encrypt users' home directories
Product: [Fedora] Fedora Reporter: Bastien Nocera <bnocera>
Component: anacondaAssignee: Anaconda Maintenance Team <anaconda-maint-list>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 23CC: anaconda-maint-list, g.kaviyarasu, jonathan, kparal, vanmeeuwen+fedora
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2015-07-23 19:05:23 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Bastien Nocera 2015-04-30 14:34:30 UTC 
Instead of relying on the slower LVM stacking, use ext4's new encryption feature to separately encrypt each user's home directory:

See http://lwn.net/Articles/639427/ for details
Comment 1 Ondrej Kozina 2015-07-09 12:20:38 UTC 
(In reply to Bastien Nocera from comment #0)
> Instead of relying on the slower LVM stacking

First, disk encryption has nothing to do with LVM as of now (device-mapper and lvm2 are not in equivalence relation), second, do you have any numbers to prove the slowness claim?

The referenced article lacks these numbers IIRC.

From the same article, purpose of ext4 encryption and goals of that feature aim different target than the speed in a first place. Especially authentication is stressed out but missing so far from short-term TODO list
Comment 2 Jan Kurik 2015-07-15 14:12:47 UTC 
This bug appears to have been reported against 'rawhide' during the Fedora 23 development cycle.
Changing version to '23'.

(As we did not run this process for some time, it could affect also pre-Fedora 23 development
cycle bugs. We are very sorry. It will help us with cleanup during Fedora 23 End Of Life. Thank you.)

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora23
Comment 3 David Shea 2015-07-23 19:05:23 UTC 
There's nothing here to backup the claims, as noted in comment 1, and there's not even support for this in Fedora's utilities.