There are several more ecryptfs fixes from the 2.6.27 stream that we want to pick up for RHEL5.3. Some address other bugs already and will be checked in under those, but for those that are still bug-less, I'd like to get them into the kernel tree under this bug: Harvey Harrison ecryptfs: inode.c mmap.c use unaligned byteorder helpers Harvey Harrison ecryptfs: crypto.c use unaligned byteorder helpers Miklos Szeredi ecryptfs: string copy cleanup Tyler Hicks ecryptfs: discard ecryptfsd registration messages in ... Michael Halcrow eCryptfs: Privileged kthread for lower file opens
This request was evaluated by Red Hat Product Management for inclusion in a Red Hat Enterprise Linux maintenance release. Product Management has requested further review of this request by Red Hat Engineering, for potential inclusion in a Red Hat Enterprise Linux Update release for currently deployed products. This request is not yet committed for inclusion in an Update release.
in kernel-2.6.18-115.el5 You can download this test kernel from http://people.redhat.com/dzickus/el5
*** Bug 449668 has been marked as a duplicate of this bug. ***
Release note added. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: (Please feel free to help wordsmith this...) The eCryptfs filesystem is a POSIX-compliant stacked cryptographic filesystem for Linux. This release of eCryptfs is supported for a specific configuration of mount points; namely, that the encrypted filesystem is mounted once, over the underlying directory of the same name, i.e.: # mount -t ecryptfs /mnt/secret /mnt/secret The underlying portion of the filesystem should not be exposed for direct manipulation via mounting to other mount points, bind mounts, etc. Also, eCryptfs mounts on networked filesystems (NFS, samba, etc) are not supported. This version of the eCryptfs kernel driver requires updated userspace, ecryptfs-utils-56-4.el5 or newer.
Release note updated. If any revisions are required, please set the "requires_release_notes" flag to "?" and edit the "Release Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. Diffed Contents: @@ -1,13 +1,11 @@ -(Please feel free to help wordsmith this...) +The following caveats apply to this release of eCryptfs: -The eCryptfs filesystem is a POSIX-compliant stacked cryptographic filesystem for Linux. +* Note that the eCryptfs file system will only work properly if the encrypted file system is mounted once over the underlying directory of the same name. For example: -This release of eCryptfs is supported for a specific configuration of mount points; namely, that the encrypted filesystem is mounted once, over the underlying directory of the same name, i.e.: +mount -t ecryptfs /mnt/secret /mnt/secret -# mount -t ecryptfs /mnt/secret /mnt/secret +The secured portion of the file system should not be exposed, i.e. it should not be mounted to other mount points, bind mounts, and the like. -The underlying portion of the filesystem should not be exposed for direct manipulation via mounting to other mount points, bind mounts, etc. +* eCryptfs mounts on networked file systems (e.g. NFS, Samba) will not work properly. -Also, eCryptfs mounts on networked filesystems (NFS, samba, etc) are not supported. +* This version of the eCryptfs kernel driver requires updated userspace, provided by ecryptfs-utils-56-4.el5 or newer.- -This version of the eCryptfs kernel driver requires updated userspace, ecryptfs-utils-56-4.el5 or newer.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-0225.html