pam_e4crypt

pam_e4crypt copied to clipboard

After upgrading PAM on one of my machines `pam_e4crypt` ceased working: apparently, the retrieval of policies in the session stage fails. I'll have to investigate whether this is a general...

neithernut

Re-introduce support for EXT4_IOC_GET_ENCRYPTION_PWSALT and iterating over mtab

3

I am very curious why support for the EXT4_IOC_GET_ENCRYPTION_PWSALT `ioctl()` and the iteration routine over mtab was removed. After reading some e2fsprogs and linux kernel source, it appears the idea...

Flowdalic

Passphrase

7

* Has a script to set up all the files you'll need for wrapped decryption * Has a hook to rewrap when you change your password Depends on #25 and...

jnvsor

PAM failed: Cannot make/remove an entry for the specified session

3

Some part of the PAM open-session step fails on my system if (and only if) I enable pam_e4crypt. The weird part is that the error occurs _before_ pam_e4crypt is executed....

samuelsadok

Implement password management function

5

We currently don't react on password changes performed by users. After an user changes his/her password, the files and directories previously encrypted are still encrypted with the old keys. We...

neithernut

Packaged for distros

1

It would be great if this was in the debian repos - it should be possible to automatically add to PAM too since the `ecryptfs-utils` package does the same

jnvsor

jnvsor

Keys not flushed from cache after logout

1

There is known issue that keys aren't cleared from inode cache automatically after user session is closed. See [here](http://blog.quarkslab.com/a-glimpse-of-ext4-filesystem-level-encryption.html) > Other issues include the filesystem cache that is not invalidated...

seebaclo

PAM modules usually come with a manual.

neithernut

... to ensure we linked agains all the things we are using. I believe CMake already supports this, but I have forgotton what I have to do to activate this.

neithernut