From Bugzilla Helper: User-Agent: Mozilla/5.0 Galeon/1.2.6 (X11; Linux i686; U;) Gecko/20020830 Description of problem: Encrypted file system support is becoming a feature necessary in securing systems - it's being adopted by other distributions and is a standard feature available on many operating systems (especially the dominant Windows 2000/XP). This is particularly handy for the enterprise in adopting Red Hat Linux installed on laptops and mobile computing devices that could potentially handle important data that should not fall into the wrong hands. There are various methods and drivers that currently work with the Linux kernel - some are non-interference implementations (mostly reside in the user level and are easily modified/setup via the loopback device). Some are on the low-level parts of the kernel - which could cause problems in kernel maintenance and platform independence. As it stands, adding a kernel "hook" for a usermode driver, and adding user-land utilities to setup loopback devices and a simple loopback file to store encrypted data would be a big plus, since the operating system itself does not necessarily be encrypted (for speed purposes). Only sections of the operating system needs to be encrypted, as well as some installed applications (/etc/passwd, /opt/secure??) would need to be encrypted. I believe a nicely streamlined setup application combined with this module would help Red Hat Linux adoption for mobile computing devices and laptops. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1. see description. Actual Results: No existence of a method to encrypt file system data. Expected Results: kernel level support for encrypted file systems. user-level applications to setup encrypted file systems. Additional info:
ehm please check again; the 8.0 kernel HAS loop encryption support
In reference to Bug 56698, the distribution should have a method of configuring an encrypted file system. I am currently working on a GTK2 application that will handle this on a per-user level (configurable by root) - however, non-functional (out-of-the-box) loopback encryption support for filesystems _in the distribution_ prevents this capability (as it stands). Should this be Bill's RFE bug?
Elliot, can we pull in the util-linux bits?
Would like to use whatever the upstream util-linux maintainer decides to accept. I will e-mail him again to find out what the status is. Until there's a util-linux with crypto support included, I don't want to add support in the RH package by choosing from the umpteen patch sets out there. *** This bug has been marked as a duplicate of 56698 ***