mirror of
https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git
synced 2025-01-03 19:55:31 +00:00
c44166fe5f
Changeset58ad30cf91
("docs: fix reference to core-api/namespaces.rst") enabled a new feature at Sphinx: it will now generate index for each document title, plus to each chapter inside it. There's a drawback, though: one document cannot have two sections with the same name anymore. A followup patch will change the logic of autosectionlabel to avoid most creating references for every single section title, but still we need to be able to reference the chapters inside a document. There are a few places where there are two chapters with the same name. This patch renames one of the chapters, in order to avoid symbol conflict within the same document. PS.: as I don't speach Chinese, I had some help from a friend (Wen Liu) at the Chinese translation for "publishing patches" for this document: Documentation/translations/zh_CN/process/5.Posting.rst Fixes:58ad30cf91
("docs: fix reference to core-api/namespaces.rst") Signed-off-by: Mauro Carvalho Chehab <mchehab+huawei@kernel.org> Link: https://lore.kernel.org/r/2bffb91e4a63d41bf5fae1c23e1e8b3bba0b8806.1584716446.git.mchehab+huawei@kernel.org Signed-off-by: Jonathan Corbet <corbet@lwn.net>
87 lines
2.5 KiB
ReStructuredText
87 lines
2.5 KiB
ReStructuredText
.. SPDX-License-Identifier: GPL-2.0
|
|
|
|
======================================================
|
|
eCryptfs: A stacked cryptographic filesystem for Linux
|
|
======================================================
|
|
|
|
eCryptfs is free software. Please see the file COPYING for details.
|
|
For documentation, please see the files in the doc/ subdirectory. For
|
|
building and installation instructions please see the INSTALL file.
|
|
|
|
:Maintainer: Phillip Hellewell
|
|
:Lead developer: Michael A. Halcrow <mhalcrow@us.ibm.com>
|
|
:Developers: Michael C. Thompson
|
|
Kent Yoder
|
|
:Web Site: http://ecryptfs.sf.net
|
|
|
|
This software is currently undergoing development. Make sure to
|
|
maintain a backup copy of any data you write into eCryptfs.
|
|
|
|
eCryptfs requires the userspace tools downloadable from the
|
|
SourceForge site:
|
|
|
|
http://sourceforge.net/projects/ecryptfs/
|
|
|
|
Userspace requirements include:
|
|
|
|
- David Howells' userspace keyring headers and libraries (version
|
|
1.0 or higher), obtainable from
|
|
http://people.redhat.com/~dhowells/keyutils/
|
|
- Libgcrypt
|
|
|
|
|
|
.. note::
|
|
|
|
In the beta/experimental releases of eCryptfs, when you upgrade
|
|
eCryptfs, you should copy the files to an unencrypted location and
|
|
then copy the files back into the new eCryptfs mount to migrate the
|
|
files.
|
|
|
|
|
|
Mount-wide Passphrase
|
|
=====================
|
|
|
|
Create a new directory into which eCryptfs will write its encrypted
|
|
files (i.e., /root/crypt). Then, create the mount point directory
|
|
(i.e., /mnt/crypt). Now it's time to mount eCryptfs::
|
|
|
|
mount -t ecryptfs /root/crypt /mnt/crypt
|
|
|
|
You should be prompted for a passphrase and a salt (the salt may be
|
|
blank).
|
|
|
|
Try writing a new file::
|
|
|
|
echo "Hello, World" > /mnt/crypt/hello.txt
|
|
|
|
The operation will complete. Notice that there is a new file in
|
|
/root/crypt that is at least 12288 bytes in size (depending on your
|
|
host page size). This is the encrypted underlying file for what you
|
|
just wrote. To test reading, from start to finish, you need to clear
|
|
the user session keyring:
|
|
|
|
keyctl clear @u
|
|
|
|
Then umount /mnt/crypt and mount again per the instructions given
|
|
above.
|
|
|
|
::
|
|
|
|
cat /mnt/crypt/hello.txt
|
|
|
|
|
|
Notes
|
|
=====
|
|
|
|
eCryptfs version 0.1 should only be mounted on (1) empty directories
|
|
or (2) directories containing files only created by eCryptfs. If you
|
|
mount a directory that has pre-existing files not created by eCryptfs,
|
|
then behavior is undefined. Do not run eCryptfs in higher verbosity
|
|
levels unless you are doing so for the sole purpose of debugging or
|
|
development, since secret values will be written out to the system log
|
|
in that case.
|
|
|
|
|
|
Mike Halcrow
|
|
mhalcrow@us.ibm.com
|