gcsf
gcsf copied to clipboard
harababurel
Docker and encrypted file/filename with eCryptfs error
First, thank you very much for this awesome project. I don't know if it's a Docker mounting error or a gcsf error with encrypted filenames. Don't blame me for doing crazy stuff here :D
I use a Docker container with gcsf installed and mount a host directory into the container. Then I mount the google drive folder via gcsf like described in the docs. I can create successfully an encrypted folder (e.g. ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGy83GFz4yGEAiKGAxkyBL4k--) and it is synced to Google Drive.
But I can't create an encrypted file (e.g. ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--). If I use touch test.txt I get the error touch: cannot touch 'test.txt': Function not implemented. vim can't also create/write the file. Any idea if it is gcsf related or not? Maybe someone can test it without Docker?
I can't see any special in the gcsf logs:
DEBUG gcsf::gcsf::filesystem > Could not perform sync: Not enough time has passed since last sync. Will do nothing.
DEBUG fuse::request > RELEASEDIR(1002) ino 0x0000000000000008, fh 0, flags 0x18800, release flags 0x0, lock owner 0
DEBUG fuse::request > LOOKUP(1003) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--"
DEBUG fuse::request > MKNOD(1004) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--", mode 0o100644, rdev 0
DEBUG fuse::request > LOOKUP(1005) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--"
DEBUG fuse::request > LOOKUP(1006) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--"
DEBUG fuse::request > MKNOD(1007) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--", mode 0o100644, rdev 0
DEBUG fuse::request > LOOKUP(1008) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGFZOUXF5.ijMuVpWlW9cgCE--"
DEBUG fuse::request > LOOKUP(1009) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGeE4I73bXfaSp04mOrrYE2U--"
DEBUG fuse::request > LOOKUP(1010) parent 0x0000000000000008, name "ECRYPTFS_FNEK_ENCRYPTED.FWajKz29vL--AkZjsw01mylGaO1nGCzLS3XGeE4I73bXfaSp04mOrrYE2U--"
Docker
The Dockerfile looks like:
FROM base/archlinux
RUN pacman -Sy --noconfirm pkg-config rust gcc fuse2 \
&& mkdir -p /opt \
&& cargo -v install --root /opt gcsf \
&& echo "user_allow_other" >> /etc/fuse.conf \
&& pacman -Rs --noconfirm rust gcc \
&& pacman -Scc --noconfirm
ENTRYPOINT ["/opt/bin/gcsf"]
The special Docker mount options is --mount=type=bind,source="$HOME/data/googledrive",target="$HOME/data/googledrive",bind-propagation=shared --device=/dev/fuse. The bind-propagation=shared option must be used, otherwise I don't see the mounted files from fuse inside the Docker container on my host system.
Resources
Nice to hear that you found a cool and unusual use for this project :-).
I think the issue stems from this:
fn create(...)[...] If this method is not implemented or under Linux kernel versions earlier than 2.6.15, the mknod() and open() methods will be called instead.
It seems that docker opts for the mknod system call for creating a new file, instead of using create. This is not implemented in gcsf, so it returns the standard Function not implemented error.
It might be possible to simply map mknod to call create internally and be done with it, or it might require a different implementation altogether. I will look more into this over the weekend.
