Eric Biggers

> Since the login protector can stay the same when upgrading a policy from v1 to v2, does that mean that technically a directory created with a v1 policy can...

> What I do. I go from machine A to machine B via ssh. Machine B has a user "sec", who has set-up home directory encryption. I login the first...

My kernel patchset to improve fscrypt key management hasn't been merged yet. Currently other kernel filesystem features are higher priority. However, it will not solve #132. The solution to #132...

I created a page on the Arch Linux wiki about fscrypt, including how to encrypt a home directory: https://wiki.archlinux.org/index.php/Fscrypt The only part that really differs between the distros is the...

If you have enough free disk space for a copy of your home directory alongside the original, the best thing to do (assuming it's okay for your directory to only...

The encryption policy is tied to the directory inode, so yes that will be the general process to migrate to a v2 policy --- it's what I meant by "create...

Does this reproduce with the latest version of `fscrypt` (v0.3.1)? If so, can you append the `debug` argument to the lines for `pam_fscrypt.so` in your PAM configuration files, and provide...

Yes, this issue is still open. No one has done this yet.

I haven't tested `fscrypt` on Fedora. PAM configuration differs between distributions, so issues like this are expected to some extent. If you can put together a working configuration on Fedora,...

> So, there are two additional parameters: drop_caches and lock_policies I don't know if that matters, but, if you have a chance, can you check that? The `drop_caches` and `lock_policies`...