“ecryptfs-mount-private”返回“fopen：没有这样的文件或目录”

我设置了一个 ecryptfs 私有文件夹，然后从包装的密码文件中删除了读写权限来测试...如果您在看到该消息后立即检查了系统日志

Info: Check the system log for more information from libecryptfs

你会看到这样的行：

Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring：无法检测包装的密码版本：没有权限
1 月 15 日 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring：错误尝试解开密码来自文件 [/home/user/.ecryptfs/wrapped-passphrase]; rc = [-13]

这些一起将成为一个非常强大的箭头，指向检查 ~/.ecryptfs/wrapped-passphrase 文件的权限。 （不需要 sudo 或 strace）

总而言之，只需确保您正在运行的ecryptfs-mount-private命令与您尝试挂载的同一用户的目录相同并且wrapped-passphrase文件具有-rw--------或者 （600）权限和与加密目录相同的所有者。

简而言之，用户的文件wrapped-passphrase有错误的权限（应该是-rw------- user user，是-rw------- root root）。

使用如下命令运行ecryptfs-mount-private命令（输入登录密码）strace：

strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private

内容/tmp/strace.log：

user@host:~$ sudo strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private
[sudo] password for user:
Enter your login passphrase:
Inserted auth tok with sig [3ab5cd8e5f8c5acb] into the user session keyring
fopen: No such file or directory
user@host:~$ cat /tmp/strace.log
execve("/usr/bin/ecryptfs-mount-private", ["ecryptfs-mount-private"], [/* 13 vars */]) = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
getcwd("/home/user", 4096)                = 9
open("/usr/bin/ecryptfs-mount-private", O_RDONLY) = 3
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3872, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
stat("/home/user/.ecryptfs/wrapping-independent", 0x7fff65e61c30) = -1 ENOENT (No such file or directory)
open("/dev/null", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3873, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
stat("/home/user/.ecryptfs/wrapped-passphrase", {st_mode=S_IFREG|0600, st_size=58, ...}) = 0
stat("/home/user/.ecryptfs/Private.sig", {st_mode=S_IFREG|0600, st_size=34, ...}) = 0
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3874, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
stat("/usr/local/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/usr/local/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/usr/sbin/stty", 0x7fff65e61c40)  = -1 ENOENT (No such file or directory)
stat("/usr/bin/stty", 0x7fff65e61c40)   = -1 ENOENT (No such file or directory)
stat("/sbin/stty", 0x7fff65e61c40)      = -1 ENOENT (No such file or directory)
stat("/bin/stty", {st_mode=S_IFREG|0755, st_size=72496, ...}) = 0
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3876, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3877, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3879, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3880, si_uid=0, si_status=0, si_utime=68, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3881, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
+++ exited with 1 +++

所以，我们看到没有足够的信息。运行相同的命令（输入登录密码），但带有-f跟踪子进程的标志并使用根的权利：

sudo strace -o /tmp/strace2.log -f -e trace=file ecryptfs-mount-private`

文件的部分内容/tmp/strace2.log：

...
3963  open("/root/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
3963  open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = 3
...
3964  open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
3964  open("/root/.ecryptfs/Private.mnt", O_RDONLY) = -1 ENOENT (No such file or directory)
3964  open("/dev/shm/ecryptfs-root-Private", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 3
3964  open("/root/.ecryptfs/Private.sig", O_RDONLY) = -1 ENOENT (No such file or directory)
3964  +++ exited with 1 +++
3954  --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3964, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
3954  +++ exited with 1 +++

正如我们所看到的，它找不到Private.sig文件根;看起来它应该由我们尝试恢复的加密目录的用户运行，而不是在特定目录中运行。

总而言之，我使用用户权限运行了此命令（输入登录密码）：

strace -o /tmp/strace3.log -f -e trace=file ecryptfs-mount-private`

文件的部分内容/tmp/strace3.log：

...
4137  open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
4137  access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
4137  open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
4137  open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
4137  open("/home/user/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
4137  open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = -1 EACCES (Permission denied)
4137  open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
4137  +++ exited with 1 +++
4112  --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4137, si_uid=1000, si_status=1, si_utime=0, si_stime=0} ---
...

正如我们现在所看到的，ecryptfs-mount-private实用程序无法访问用户的wrapped-passphrase文件，这导致没有权限信息。

检查/home/user/.ecryptfs/wrapped-passphrase文件的权限，它们是：

-rw------- 1 root root

sudo chown user:user /home/user/.ecryptfs/wrapped-passphrase通过用户更改了该文件的所有者并重新运行上面的 ( ecryptfs-mount-private) 命令而不使用 strace（输入登录密码），这导致成功信息：

INFO: Your private directory has been mounted.
INFO: To see this change in your current shell:
  cd: /home/user