Bug 457143 - RHEL5.3: misc ecryptfs fixes from 2.6.27
RHEL5.3: misc ecryptfs fixes from 2.6.27
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: kernel (Show other bugs)
5.3
All Linux
low Severity low
: rc
: ---
Assigned To: Eric Sandeen
Martin Jenner
:
: 449668 (view as bug list)
Depends On:
Blocks: RHEL5u3_relnotes
  Show dependency treegraph
 
Reported: 2008-07-29 16:42 EDT by Eric Sandeen
Modified: 2009-01-20 15:22 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
The following caveats apply to this release of eCryptfs: * Note that the eCryptfs file system will only work properly if the encrypted file system is mounted once over the underlying directory of the same name. For example: mount -t ecryptfs /mnt/secret /mnt/secret The secured portion of the file system should not be exposed, i.e. it should not be mounted to other mount points, bind mounts, and the like. * eCryptfs mounts on networked file systems (e.g. NFS, Samba) will not work properly. * This version of the eCryptfs kernel driver requires updated userspace, provided by ecryptfs-utils-56-4.el5 or newer.
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-01-20 15:22:34 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Eric Sandeen 2008-07-29 16:42:38 EDT
There are several more ecryptfs fixes from the 2.6.27 stream that we want to
pick up for RHEL5.3.  Some address other bugs already and will be checked in
under those, but for those that are still bug-less, I'd like to get them into
the kernel tree under this bug:

Harvey Harrison         ecryptfs: inode.c mmap.c use unaligned byteorder helpers
Harvey Harrison         ecryptfs: crypto.c use unaligned byteorder helpers
Miklos Szeredi          ecryptfs: string copy cleanup
Tyler Hicks             ecryptfs: discard ecryptfsd registration messages in ...
Michael Halcrow         eCryptfs: Privileged kthread for lower file opens
Comment 1 RHEL Product and Program Management 2008-07-29 16:53:00 EDT
This request was evaluated by Red Hat Product Management for inclusion in a Red
Hat Enterprise Linux maintenance release.  Product Management has requested
further review of this request by Red Hat Engineering, for potential
inclusion in a Red Hat Enterprise Linux Update release for currently deployed
products.  This request is not yet committed for inclusion in an Update
release.
Comment 4 Don Zickus 2008-09-15 10:18:21 EDT
in kernel-2.6.18-115.el5
You can download this test kernel from http://people.redhat.com/dzickus/el5
Comment 7 Linda Wang 2008-10-15 18:19:44 EDT
*** Bug 449668 has been marked as a duplicate of this bug. ***
Comment 8 Eric Sandeen 2008-10-23 13:55:56 EDT
Release note added. If any revisions are required, please set the 
"requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.

New Contents:
(Please feel free to help wordsmith this...)

The eCryptfs filesystem is a POSIX-compliant stacked cryptographic filesystem for Linux.

This release of eCryptfs is supported for a specific configuration of mount points; namely, that the encrypted filesystem is mounted once, over the underlying directory of the same name, i.e.:

# mount -t ecryptfs /mnt/secret /mnt/secret

The underlying portion of the filesystem should not be exposed for direct manipulation via mounting to other mount points, bind mounts, etc.

Also, eCryptfs mounts on networked filesystems (NFS, samba, etc) are not supported.

This version of the eCryptfs kernel driver requires updated userspace, ecryptfs-utils-56-4.el5 or newer.
Comment 10 Don Domingo 2008-11-20 21:11:53 EST
Release note updated. If any revisions are required, please set the 
"requires_release_notes"  flag to "?" and edit the "Release Notes" field accordingly.
All revisions will be proofread by the Engineering Content Services team.

Diffed Contents:
@@ -1,13 +1,11 @@
-(Please feel free to help wordsmith this...)
+The following caveats apply to this release of eCryptfs:
 
-The eCryptfs filesystem is a POSIX-compliant stacked cryptographic filesystem for Linux.
+* Note that the eCryptfs file system will only work properly if the encrypted file system is mounted once over the underlying directory of the same name. For example:
 
-This release of eCryptfs is supported for a specific configuration of mount points; namely, that the encrypted filesystem is mounted once, over the underlying directory of the same name, i.e.:
+mount -t ecryptfs /mnt/secret /mnt/secret
 
-# mount -t ecryptfs /mnt/secret /mnt/secret
+The secured portion of the file system should not be exposed, i.e. it should not be mounted to other mount points, bind mounts, and the like. 
 
-The underlying portion of the filesystem should not be exposed for direct manipulation via mounting to other mount points, bind mounts, etc.
+* eCryptfs mounts on networked file systems (e.g. NFS, Samba) will not work properly.
 
-Also, eCryptfs mounts on networked filesystems (NFS, samba, etc) are not supported.
+* This version of the eCryptfs kernel driver requires updated userspace, provided by ecryptfs-utils-56-4.el5 or newer.-
-This version of the eCryptfs kernel driver requires updated userspace, ecryptfs-utils-56-4.el5 or newer.
Comment 12 errata-xmlrpc 2009-01-20 15:22:34 EST
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2009-0225.html

Note You need to log in before you can comment on or make changes to this bug.