Description of problem: Mounting from the first time produces error/warning msg "Unable to get the version number of the kernel..." and then loads ecryptfs.ko module. The weird is it complaints on missing module and then it loads the module. Not mentioning that the error """ Error mounting eCryptfs; rc = [-22]; strerr = [Invalid argument]. Check your system logs; visit <http://ecryptfs.sourceforge.net/ecryptfs-faq.html>. """ says really nothing useful... dhcp-lab-198 kernel-oops # modprobe -r ecryptfs dhcp-lab-198 kernel-oops # lsmod | grep ecr dhcp-lab-198 kernel-oops # /sbin/mount.ecryptfs secret/ secret/ -o key=openssl:openssl_keyfile=/root/.ecryptfs/pki/openssl/mykey.pem:passphrase_passwd_file=passfile.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 Unable to get the version number of the kernel module. Please make sure that you have the eCryptfs kernel module loaded, you have sysfs mounted, and the sysfs mount point is in /etc/mtab. This is necessary so that the mount helper knows which kernel options are supported. Make sure that your system is set up to auto-load your filesystem kernel module on mount. Enabling passphrase-mode only for now. Attempting to mount with the following options: ecryptfs_key_bytes=16 ecryptfs_cipher=aes Error mounting eCryptfs; rc = [-22]; strerr = [Invalid argument]. Check your system logs; visit <http://ecryptfs.sourceforge.net/ecryptfs-faq.html>. dhcp-lab-198 kernel-oops # lsmod | grep ecr ecryptfs 79693 0 dhcp-lab-198 kernel-oops # dmesg | tail ... ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README Error parsing options; rc = [-22] dhcp-lab-198 kernel-oops # /sbin/mount.ecryptfs secret/ secret/ -o key=openssl:openssl_keyfile=/root/.ecryptfs/pki/openssl/mykey.pem:passphrase_passwd_file=passfile.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 Method of providing the passphrase: 1) openssl_passwd: Enter on Console 2) openssl_passwd_file: File Containing Passphrase 3) openssl_passwd_fd: File Descriptor for File Containing Passphrase Selection [openssl_passwd]: Version-Release number of selected component (if applicable): kernel-2.6.18-105.el5.i686 (ecryptfs is not running at all for me...) kernel-2.6.18-92.1.9.el5.i686 (the test case from bottom was effective while running this kernel) ecryptfs-utils-56-2.el5.i386 How reproducible: always Actual results: Complaint on missing module. Expected results: Load the module when missing and no-complain.
this needs to be 'openssl_passwd_file=passfile.txt'
man says: """ passphrase_passwd_file=(filename) The password should be specified in a file with passwd=(passphrase). It is highly reccomended that the file be stored on a secure medium such as a personal usb key. """ Please fix the man page. BUT still with openssl_passphrase_passwd_file --------------------------------------------- newman@dhcp-lab-198 /tmp $ sudo modprobe -r ecryptfs newman@dhcp-lab-198 /tmp $ lsmod | grep ecr newman@dhcp-lab-198 /tmp $ sudo /sbin/mount.ecryptfs secret/ secret/ -o key=openssl:openssl_keyfile=/root/.ecryptfs/pki/openssl/mykey.pem:openssl_passphrase_passwd_file=passfile.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 Unable to get the version number of the kernel module. Please make sure that you have the eCryptfs kernel module loaded, you have sysfs mounted, and the sysfs mount point is in /etc/mtab. This is necessary so that the mount helper knows which kernel options are supported. Make sure that your system is set up to auto-load your filesystem kernel module on mount. Enabling passphrase-mode only for now. Attempting to mount with the following options: ecryptfs_key_bytes=16 ecryptfs_cipher=aes Error mounting eCryptfs; rc = [-22]; strerr = [Invalid argument]. Check your system logs; visit <http://ecryptfs.sourceforge.net/ecryptfs-faq.html>. HERE ---- >>>> newman@dhcp-lab-198 /tmp $ lsmod | grep ecr >>>> ecryptfs 79693 0 newman@dhcp-lab-198 /tmp $ sudo /sbin/mount.ecryptfs secret/ secret/ -o key=openssl:openssl_keyfile=/root/.ecryptfs/pki/openssl/mykey.pem:openssl_passphrase_passwd_file=passfile.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 Method of providing the passphrase: 1) openssl_passwd: Enter on Console 2) openssl_passwd_file: File Containing Passphrase 3) openssl_passwd_fd: File Descriptor for File Containing Passphrase Selection [openssl_passwd]: It 1) fails, 2) loads the kernel module (*because which it failed*), 3) ends, 4) another run of the same mount command is OK (at first glance).
please use openssl_passwd_file instead of openssl_passphrase_passwd_file and you shouldn't get this menu at all. openssl_passphrase_passwd_file is an unknown parameter to mount.ecryptfs and ignored (or handled over to mount). But even with your commandline 1) works 2) works, but the input is hidden 3) continues, but I haven't found a way yet how to use this as pipes don't seem to work. I'm running a Fedora 2.6.27 kernel here, what's the output of uname -a on your system ? Does the directory 'secret' in your working directory exist ?
dhcp-lab-198 kernel-oops # ll total 64K drwxr-xr-x 2 newman newman 4.0K Aug 28 10:31 CVS -rwxr-xr-x 1 newman newman 2.0K Aug 28 10:57 kernel-oops.sh -rw-r--r-- 1 newman newman 1.7K Feb 28 2008 Makefile -rw-r--r-- 1 newman newman 986 Feb 27 2008 mykey.pem -rw-r--r-- 1 newman newman 14 Aug 28 12:18 passfile.txt -rw-r--r-- 1 newman newman 197 Feb 28 2008 PURPOSE -rwxr-xr-x 1 newman newman 1.6K Mar 10 12:52 runtest.sh drwxr-xr-x 2 root root 4.0K Aug 28 10:39 secret dhcp-lab-198 kernel-oops # lsmod | grep ecr dhcp-lab-198 kernel-oops # /sbin/mount.ecryptfs secret/ secret/ -o key=openssl:openssl_keyfile=/root/.ecryptfs/pki/openssl/mykey.pem:openssl_passwd_file=passfile.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 Unable to get the version number of the kernel module. Please make sure that you have the eCryptfs kernel module loaded, you have sysfs mounted, and the sysfs mount point is in /etc/mtab. This is necessary so that the mount helper knows which kernel options are supported. Make sure that your system is set up to auto-load your filesystem kernel module on mount. Enabling passphrase-mode only for now. Attempting to mount with the following options: ecryptfs_key_bytes=16 ecryptfs_cipher=aes Error mounting eCryptfs; rc = [-22]; strerr = [Invalid argument]. Check your system logs; visit <http://ecryptfs.sourceforge.net/ecryptfs-faq.html>. dhcp-lab-198 kernel-oops # lsmod | grep ecr ecryptfs 79693 0 dhcp-lab-198 kernel-oops # /sbin/mount.ecryptfs secret/ secret/ -o key=openssl:openssl_keyfile=/root/.ecryptfs/pki/openssl/mykey.pem:openssl_passwd_file=passfile.txt,ecryptfs_cipher=aes,ecryptfs_key_bytes=16 Attempting to mount with the following options: Error mounting eCryptfs; rc = [-22]; strerr = [Invalid argument]. Check your system logs; visit <http://ecryptfs.sourceforge.net/ecryptfs-faq.html>. dhcp-lab-198 kernel-oops # dmesg | tail ecryptfs_parse_options: You must supply at least one valid auth tok signature as a mount parameter; see the eCryptfs README Error parsing options; rc = [-22] dhcp-lab-198 kernel-oops # uname -a Linux dhcp-lab-198.englab.brq.redhat.com 2.6.18-92.1.9.el5 #1 SMP Wed Jul 16 07:35:57 EDT 2008 i686 i686 i386 GNU/Linux dhcp-lab-198 kernel-oops # file /root/.ecryptfs/pki/openssl/mykey.pem /root/.ecryptfs/pki/openssl/mykey.pem: ASCII text I guess it does not mount because of the old kernel (I'll install one when is some available). But still: """ Unable to get the version number of the kernel module. Please make sure that you have the eCryptfs kernel module loaded, you have sysfs mounted, and the sysfs mount point is in /etc/mtab. This is necessary so that the mount helper knows which kernel options are supported. """ because of not loaded kernel module -> then it loads it -> when issuing the same mount command it fails in expected way (old kernel). I dunno whether is it still parsing problem or kernel (the error msgs are so confusing and meaning less to me...).
Created attachment 330453 [details] against v. 69 - try to load module on get version failure
Committed against upstream git, 850444b. Thanks for the patch, Michal. :-Dustin
Created attachment 330649 [details] move the change to better place Maybe it's good idea to add "2>/dev/null" to the modprobe system call, to suppress something like "FATAL: Error inserting ecryptfs (/lib/modules/2.6.27.12-170.2.5.fc10.x86_64/kernel/fs/ecryptfs/ecryptfs.ko): Operation not permitted" previous patch fixed only one place, this brings the change to all other places calling ecryptfs_get_version
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2009-1307.html