ecryptfs-setup-private 在 Centos 6 上失败

tag-icon tag-icon centos mount security disk-encryption ecryptfs
ecryptfs-setup-private 在 Centos 6 上失败 
$ ecryptfs-setup-private --force
Enter your login passphrase:
Enter your mount passphrase [leave blank to generate one]:

************************************************************************
YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION.
  ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.
************************************************************************

Done configuring.

Testing mount/write/umount/read...
Inserted auth tok with sig [a27907c11868ebc7] into the user session keyring
Inserted auth tok with sig [5ca19d6c4edfa12f] into the user session keyring
mount: No such file or directory
ERROR:  Could not mount private ecryptfs directory

知道如何解决这个问题吗?检查 ecryptfs-setup-private 源代码,这是失败的地方:

/sbin/mount.ecryptfs_private || error "$(gettext 'Could not mount private ecryptfs directory')"

该文件存在:

# which mount.ecryptfs_private
/sbin/mount.ecryptfs_private

答案1

由于某种原因,mount.ecryptfs_private调用失败,因此无法挂载它尝试设置的 eCryptfs 文件夹。

我不知道为什么,但检查man mount.ecryptfs_private它会显示一些信息,例如:

   mount.ecryptfs_private is a mount helper  utility  for  non-root  users  to
   cryptographically mount a private directory, ~/Private by default.

   This  program  optionally  takes one argument, ALIAS.  If ALIAS is omitted,
   the program will default to using "Private" using:
    - $HOME/.Private as the SOURCE
    - $HOME/Private as the DESTINATION
    - $HOME/.ecryptfs/Private.sig for the key signatures.

   If ALIAS is specified, then the program will look  for  an  fstab(5)  style
   configuration in:
    - $HOME/.ecryptfs/ALIAS.conf and for key signature(s) in:
    - $HOME/.ecryptfs/ALIAS.sig

   The mounting will proceed if, and only if:
     - the required passphrase is in their kernel keyring, and
     - the current user owns both the SOURCE and DESTINATION mount points
     - the DESTINATION is not already mounted

   This program will:
     - mount SOURCE onto DESTINATION
     - as an ecryptfs filesystem
     - using the AES cipher
     - with a key length of 16 bytes
     - using the passphrase whose signature is in ~/.ecryptfs/Private.sig

因此,请检查是否有缺失或错误的内容,查找如下文件:

  • $HOME/.Private作为来源
  • $HOME/Private作为目的地
  • $HOME/.ecryptfs/Private.sig对于调号。
  • $HOME/.ecryptfs/ALIAS.conf以及调号:
  • $HOME/.ecryptfs/ALIAS.sig

如果您的“用户同时拥有源和目标安装点”并且“目标尚未安装”。

如果一切看起来都不错,请尝试mount.ecryptfs_private自己运行并查看它告诉您什么,该ecryptfs-setup-private程序可能隐藏了潜在有用的 stdout / stderr 信息。

或者,ecryptfs-add-passphrase可能会以某种方式失败。

再检查一下,您是否使用 CentOS 的默认包管理系统安装了 eCryptfs?没有从网上下载随机文件或真正的旧/新(可能不兼容)版本或其他内容?

相关内容