我正在尝试使用ecryptfs在C中的程序中安装fs.

但我没有设法给内核部分提供密钥

int mount_crypt(char* source)
{
  int   r     = -1;
  char  opt[1024] = "ecryptfs_sig=f83de0de4ecccbb1,ecryptfs_cipher=aes,ecryptfs_key_bytes=16";

  r = mount(source, source, "ecryptfs", MS_MGC_VAL, opt);
  if (r != 0)
    {
      perror("EErrr mount cry");
      printf("Error mount cry: %d\n", r);
    }
  return (r);
}

在/ var / log / messages中：

process_request_key_err: No key
One or more global auth toks could not properly register; rc = [-2]

我在opt字符串中尝试使用它：

key=passphrase:passphrase_passwd=MYPASSS

但它不起作用

用：

int  icloud_mount_crypt(char* source)
{
  int   r     = -1;
  char  opt[1024] = "key=passphrase:passphrase_passwd=XXXXXX,ecryptfs_sig=f83de0de4ecccbb1,ecryptfs_cipher=aes,ecryptfs_key_bytes=16";

  r = mount(source, source, "ecryptfs", MS_MGC_VAL, opt);
  if (r != 0)
    {
      perror("EErrr mount cry");
      printf("Error mount cry: %d\n", r);
    }
  return (r);
}

这里的日志：

Feb 15 11:15:41 nightmare kernel: [2847133.493005] ecryptfs_parse_options: eCryptfs: unrecognized option [key=passphrase:passphrase_passwd=XXXXXX]
Feb 15 11:15:41 nightmare kernel: [2847133.493022] Could not find key with description: [f83de0de4ecccbb1]
Feb 15 11:15:41 nightmare kernel: [2847133.493028] process_request_key_err: No key
Feb 15 11:15:41 nightmare kernel: [2847133.493032] Could not find valid key in user session keyring for sig specified in mount option: [f83de0de4ecccbb1]
Feb 15 11:15:41 nightmare kernel: [2847133.493035] One or more global auth toks could not properly register; rc = [-2]
Feb 15 11:15:41 nightmare kernel: [2847133.493039] Error parsing options; rc = [-2]

感谢帮助

最佳答案 您可能会发现mount.ecryptfs_private.c的源代码很有用,因为它构建了挂载字符串,然后执行挂载.这是Ubuntu中pam_ecryptfs用来挂载用户加密主目录的setuid二进制文件.

> https://bazaar.launchpad.net/~ecryptfs/ecryptfs/trunk/view/head:/src/utils/mount.ecryptfs_private.c

完全披露：我是mount.ecryptfs_private.c和eCryptfs维护者的作者.