cryfs / cryfs Goto Github PK

View Code? Open in Web Editor NEW

1.9K 67.0 155.0 24.19 MB

Cryptographic filesystem for the cloud

Home Page: https://www.cryfs.org

License: GNU Lesser General Public License v3.0

CMake 4.36% C++ 90.81% Shell 0.40% C 0.19% Python 4.23%

cryfs osxfuse filesystem crypto cloud encryption cloud-storage cryptography fuse fuse-filesystem

cryfs's Introduction

CryFS

CryFS encrypts your files, so you can safely store them anywhere. It works well together with cloud services like Dropbox, iCloud, OneDrive and others. See https://www.cryfs.org.

Install latest release

Linux

CryFS is available through apt, but depending on which version of Ubuntu or Debian you're using, you may get an old version.

sudo apt install cryfs

The following should work on Arch and Arch-based distros:

sudo pacman -S cryfs

If you use homebrew-core, using the following instruction you should be able to install CrysFS:

brew install cryfs/tap/cryfs

Additionally, the following would work for any Linux distro with the Nix package manager:

nix-env -iA nixpkgs.cryfs

OSX

CryFS is distributed via Homebrew, MacPorts, and Nix.

If you use Homebrew:

brew install --cask macfuse
brew install cryfs/tap/cryfs

If you use MacPorts:

port install cryfs

For Nix, the macOS build for cryfs is available in the Nixpkgs channel 21.05 and later:

brew install --cask macfuse # or download from https://osxfuse.github.io/
nix-env -iA nixpkgs.cryfs

Windows (experimental)

CryFS has experimental Windows support since the 0.10 release series. To install it, do:

Install DokanY
Install Microsoft Visual C++ Redistributable for Visual Studio 2019
Install CryFS

GUI

There are some GUI applications with CryFS support. You usually have to install the GUI and also CryFS itself for it to work.

SiriKali
Plasma Vault in KDE Plasma >= 5.11

Stability / Production readiness

CryFS 0.10 or later is stable for most use cases, but has a couple of known issues that can corrupt your file system. They don't happen in normal day to day use, but can happen if you don't pay attention or aren't aware of them. This is why the version number hasn't reached 1.0 yet.

If you kill the CryFS process while it was in the middle of writing data (either intentionally or unintentionally by losing power to your PC), your file system could get corrupted. CryFS does not do journaling. Note that in 0.10.x, read accesses into a CryFS file system can cause writes because file timestamps get updated. So if you're unlucky, your file system could get corrupted if you lose power while you were reading files as well. Read accesses aren't an issue in CryFS 0.11.x anymore, because it mounts the filesystem with noatime by default.
The same corruption mentioned above can happen when CryFS is trying to write data but your disk ran out of space, causing the write to fail.
CryFS does not currently support concurrent access, i.e. accessing a file system from multiple devices at the same time. CryFS works very well for storing data in a cloud and using it from multiple devices, but you need to make sure that only one CryFS process is active at any point in time, and you also need to make sure that the cloud synchronization client (e.g. Dropbox) finishes its synchronization before you switch devices. There are some ideas on how concurrent access could be supported in future versions, but it's a hard problem to solve. If you do happen to access the file system from multiple devices at the same time, it will likely go well most of the time, but it can corrupt your file system.
In addition to the scenarios above that can corrupt your file system, note that there is currently no fsck-like tool for CryFS that could recover your data. Although such a tool is in theory, possible, it hasn't been implemented yet and a corrupted file system will most likely cause a loss of your data.

If the scenarios mentioned above don't apply to you, then you can consider CryFS 0.10.x as stable. The 0.9.x versions are not recommended anymore.

Building from source

Requirements

Git (for getting the source code)
GCC version >= 7 or Clang >= 7
CMake version >= 3.10
pkg-config (on Unix)
Conan package manager (version 1.x)
libFUSE version >= 2.9 (including development headers), on Mac OS X instead install macFUSE from https://osxfuse.github.io/
Python >= 3.5
OpenMP

You can use the following commands to install these requirements

    # Ubuntu
    $ sudo apt install git g++ cmake make pkg-config libfuse-dev python3 python3-pip
    $ sudo pip3 install conan==1.60.1

    # Fedora
    $ sudo dnf install git gcc-c++ cmake make pkgconf fuse-devel python3 python3-pip
    $ sudo pip3 install conan==1.60.1

    # Macintosh
    $ brew install cmake pkg-config libomp macfuse
    $ sudo pip3 install conan==1.60.1

Build & Install

Clone repository

$ git clone https://github.com/cryfs/cryfs.git cryfs
$ cd cryfs

Build

$ mkdir build && cd build
$ cmake ..
$ make

Install
```
$ sudo make install
```

You can pass the following variables to the cmake command (using -Dvariablename=value):

-DCMAKE_BUILD_TYPE=[Release|Debug]: Whether to run code optimization or add debug symbols. Default: Release
-DBUILD_TESTING=[on|off]: Whether to build the test cases (can take a long time). Default: off
-DCRYFS_UPDATE_CHECKS=off: Build a CryFS that doesn't check online for updates and security vulnerabilities.

Building on Windows (experimental)

Install conan. If you want to use "pip install conan", you may have to install Python first.
Install DokanY 2.0.6.1000. Other versions may not work.
Run CMake to generate Visual Studio 2019 project files (this may not be necessary, but it makes sure everything works as expected and you can see potential errors happening during this step)

$ mkdir build && cd build $ cmake .. -G "Visual Studio 16 2019" -DDOKAN_PATH=[dokan library location, e.g. "C:\Program Files\Dokan\DokanLibrary-2.0.6"]

Potentially modify CMakeSettings.json file to fit your needs
Open the cryfs source folder with Visual Studio 2019, or alternatively build on command line using

$ cd build && cmake --build . --config RelWithDebInfo

Troubleshooting

On most systems, CMake should find the libraries automatically. However, that doesn't always work.

Fuse library not found

Pass in the library path with

 PKG_CONFIG_PATH=/path-to-fuse-or-macFUSE/lib/pkgconfig cmake ..

Fuse headers not found

Pass in the include path with

 PKG_CONFIG_PATH=/path-to-fuse-or-macFUSE/lib/pkgconfig cmake ..

Openssl headers not found

Pass in the include path with

 cmake .. -DCMAKE_C_FLAGS="-I/path/to/openssl/include"

OpenMP not found (osx)

Either build it without OpenMP
```
 cmake .. -DDISABLE_OPENMP=on
```
but this will cause slower file system mount times (performance after mounting will be unaffected). If you installed OpenMP with homebrew or macports, it will be autodetected. If that doesn't work for some reason (or you want to use a different installation than the autodetected one), pass in these flags:
```
 cmake .. -DOpenMP_CXX_FLAGS='-Xpreprocessor -fopenmp -I/path/to/openmp/include' -DOpenMP_CXX_LIB_NAMES=omp -DOpenMP_omp_LIBRARY=/path/to/libomp.dylib
```

Using local dependencies

Starting with CryFS 0.11, Conan is used for dependency management. When you build CryFS, Conan downloads the exact version of each dependency library that was also used for development. All dependencies are linked statically, so there should be no incompatibility with locally installed libraries. This is the recommended way because it has the highest probability of working correctly.

However, some distributions prefer software packages to be built against dependencies dynamically and against locally installed versions of libraries. So if you're building a package for such a distribution, you have the option of doing that, at the cost of potential incompatibilities. If you follow this workflow, please make sure to extensively test your build of CryFS. You're using a setup that wasn't tested by the CryFS developers.

To use local dependencies, you need to tell the CryFS build how to get these dependencies. You can do this by writing a small CMake configuration file and passing it to the CryFS build using -DDEPENDENCY_CONFIG=filename. This configuration file needs to define a cmake target for each of the dependencies.

Here's an example config file that gets the dependencies from conan. And here's another example config file that works for getting dependencies that are locally installed in Ubuntu. You can create your own configuration file to tell the build how to get its dependencies and, for example, mix and match. Get some dependencies from Conan and others from the local system.

Creating .deb and .rpm packages

It is recommended to install CryFS using packages, because that allows for an easy way to uninstall it again once you don't need it anymore.

If you want to create a .rpm package, you need to install rpmbuild.

Clone repository

$ git clone https://github.com/cryfs/cryfs.git cryfs
$ cd cryfs

Build

$ mkdir cmake && cd cmake
$ cmake .. -DCMAKE_BUILD_TYPE=RelWithDebInfo -DBUILD_TESTING=off
$ make package

Disclaimer

In the event of a password leak, you are strongly advised to create a new filesystem and copy all the data over from the previous one. Then, remove all copies of the compromised filesystem and config file(e.g, from the "previous versions" feature of your cloud system) to prevent access to the key (and, as a result, your data) using the leaked password.

cryfs's People

Contributors

Stargazers

Watchers

Forkers

smessmer s-bayer neuroradiology gitborter mhogomchungu saint13 franciscoluiz teotikalki jriversnow thacoon ilium007 davesteele cloudxtreme vgough enderfrias bluepine gnanaoly darknighte tproenca mohitrgiit 14roiron z80020100 putolov dasisdormax yang123vc samarium womfoo mouse07410 jar1karp christophgysin gertoe vdt tchen0123 intfrr ricefryegg splat landonb thezedwards stlcours timfw mohammedal-mahdawi bill1316 louwangzhiyuy rowhit lukw00heck dd-repo 0x4d616e75 bedros arcezd szxyks antymat zhoug2 adiadi80 jcshaw awesome-nfv zarelit sts0mrg0 webmalc choman attackgithub hacker-steroids iaiting victory78 joaopizani sepppenner tparvu secure-codenator sbtoosb angelsomar sticker592 galaxy001 naphatrb davidmankin joka921 sim6 stonewell paulyc jolan78 rollicks-c mc222222 yangboyd florianthonig vforks n1ghtshade wb1t ninjayoto 5l1v3r1 netdebug fengjixuchui xzvb12 suvrajeet01 jmpq jeremymeadows jxliu2016 moneytech richmisat richmi deepin-mozart x1g1 boogiewookie

cryfs's Issues

rsync with '--delete' fails

During testing of cryfs I found the following issue:

I ran rsync as follows and half way through I hit ctrl-C as I realized I didn't want to sync the ".cache" folder
rsync -av pers1/ test1

I then ran rsync again and to ensure the '.cache' folder in the target is deleted I used the '--delete" option
rsync -av --delete --exclude ".cache" pers1/ test1

This gave errors similar to the following (many files) and rsync doesn't seem to finish
rsync: rename "/home/llist/test1/.mozilla/firefox/1n4g9hau.default-1340632271469/datareporting/archived/2016-02/.1456276674690.78145361-bbd4-49e5-9653-d4a6ac368687.main.jsonlz4.Dp2r7y" -> ".mozilla/firefox/1n4g9hau.default-1340632271469/datareporting/archived/2016-02/1456276674690.78145361-bbd4-49e5-9653-d4a6ac368687.main.jsonlz4": File exists (17)

Gather all sub-packages into the main

IMHO it doesn't make sense to spread CryFS all over the Github as a ton of small sub-packages that probably have no independent use or life of their own. It only makes the build preparation more tedious.

Separating sub-packages could make sense if (and only if):

a sub-package is optional, not required for build, and not needed in most cases;
a sub-package has an independent value and use - somebody could build and use it (e.g., you could depend on OpenSSL that is an independent package that can be used without CryFS).

Modified local files should not be overwritten by the build

When a local configuration file (such as CMakeLists.txt) is modified - the build process should not overwrite it with the unmodified copy from the cryfs Github repo. Reasons should be obvious.

Temporary directory references show up in packaged binaries

Here, /pkgbuilds/cryfs-git/src is a temporary chroot dir created during arch's build process.

[2016-03-24 20:14:50.744] [Log] [error] Assertion [block->size() == _layout.blocksizeBytes()] failed in /pkgbuilds/cryfs-git/src/cryfs/src/blobstore/implementations/onblocks/datanodestore/DataNodeStore.cpp:31: Loading block of wrong size

git and mercurial repos fail within mounted cryfs dir on linux

Using 0.9.3-alpha release

git:

$ cryfs basedir mountdir # accept defaults
$ cd mountdir
$ git init
warning: unable to unlink /path/to/mountdir/.git/config.lock: Input/output error
error: could not write config file /path/to/mountdir/.git/config: File exists
error: could not lock config file /path/to/mountdir/.git/config: File exists
fatal: Could not set 'core.bare' to 'false'

mercurial:

$ cryfs basedir mountdir # accept defaults
$ cd mountdir
$ hg init
$ echo 123 > 123.txt
$ hg add
$ hg commit -m 'added 123'
transaction abort!
rollback failed - please run hg recover
abort: File exists

Option: Wrap volume key with smart card (enhancement)

AFAIK, traditionally both EncFS and CryFS store the volume key encrypted with a key derived from user's password, in its config file. That makes sense.

However, nowadays better (IMHO) and more convenient (IMHO) mechanisms exist: secure hardware tokens. These are usually interfaced programmatically via PKCS#11, and conform to either PIV standard, or OpenPGP standard, or both.

I request the option to have the volume key "wrapped" not by something generated from a password - but by a public key on a smart card (all the standard popular additions like salting, etc., apply). The "unwrapping" (aka decrypting, or mounting of the encrypted filesystem) can be done only on this card and nowhere else, because private keys cannot be extracted from the card.

Being able to protect multiple filesystems with a hardware token rather than a password is important to at least some people, including myself. The lack of this feature is my biggest gripe with EncFS (I don't really store CDs in EncFS, so not particularly worried that file size and directory patterns could leak :).

Recognization of other Distributions / LMDE

Just like to log here what has been discussed via email already (thx for your reply)
Please enable install.sh to recognize other derivates like Linux Mint Debian 2 edition , lsb_release -a in this specific case returns

Distributor ID: LinuxMint
Description: LMDE 2 Betsy
Release: 2
Codename: betsy

I found that's possible to install by altering install.sh , however the post-install cryfs --config still fails.

File modified - creation date/time remains unchanged - Linux

Using Manjaro Linux.

Upon changing an existing file and saving it, the modified date/timestamp remains unchanged. (so basically keeps the date of original creation)
Sync software has difficulties detecting a change in this file if you only use the modified date/timestamp as filter.

EDIT:
It seems to happen only with files produced/changed by LibreOffice or WPS-Office. (didn't try other office suites)
Editing a simple text-file with vi seems to be changing the timestamp fine.

Cannot download cryfs package in Ubuntu 15.10

Hi,

Have added the repository and key, but get the following error in "upt-get update"

`Hit http://security.ubuntu.com wily-security/universe Translation-en
Err http://apt.cryfs.org wily/main amd64 Packages
403 Forbidden [IP: 104.31.95.227 80]
Err http://apt.cryfs.org wily/main i386 Packages
403 Forbidden [IP: 104.31.95.227 80]
Ign http://apt.cryfs.org wily/main Translation-en_AU
Ign http://apt.cryfs.org wily/main Translation-en
W: Failed to fetch http://apt.cryfs.org/debian/dists/wily/main/binary-amd64/Packages 403 Forbidden [IP: 104.31.95.227 80]

W: Failed to fetch http://apt.cryfs.org/debian/dists/wily/main/binary-i386/Packages 403 Forbidden [IP: 104.31.95.227 80]

E: Some index files failed to download. They have been ignored, or old ones used instead.

Make it work for Mac OS X

CryFS doesn't work for Mac OS X yet. We're working on it.

rsync fails on enrypted folder

Testing cryfs as a replacement for encfs and found the following issue.
I'm running this on Ubuntu 15.10 Desktop 64bit and the latest cryfs
rsync -av pers1/AICourse/ /home/llist/newPers1/AICourse/

sending incremental file list created directory /home/llist/newPers1/AICourse rsync: failed to set times on "/home/llist/newPers1/AICourse/.": Operation not supported (95)

I then get the same error for every file to be copied. The files end up in /home/llist/newPers1/AICourse, but cannot be accessed or deleted

If I dismount /home/llist/newPers1 and remount, the files are gone

Thanks

mv operation fails within mounted cryfs dir on linux

Using 0.9.3-alpha release

to reproduce:

$ cryfs basedir mountdir # accept defaults
$ cd mountdir
$ echo 123 > 123.txt
$ echo 123 > one-two-three.txt
$ mv one-two-three.txt 123.txt
mv: overwrite '123.txt'? y
mv: cannot move 'one-two-three.txt' to '123.txt': File exists

fusermount: failed to unmount: Invalid argument

Installed cryfs using wget -O - https://www.cryfs.org/install.sh | sudo bash

Trying to unmount the encrypted directory using fusermount -u mountdir (cleandir) as per tutorial on https://www.cryfs.org/tutorial

Command line responding with:
fusermount: failed to unmount /root/cleandir: Invalid argument

Also tried

umount ~/cleandir - umount: /root/cleandir: not mounted
unmount /cleandir - umount: /cleandir: not found

Thanks in advance,
Phil

scalling issues.

I just tried cryfs by adding 36 files that takes a total of 3.8GB and noticed that the encrypted folder contains 202947 files and takes 7GB.

How much space will be taken and how many files will be created when i add 17095 files that takes a total of 17GB? This is a rhetorical question i am asking to show concerns about cryfs usage of disk space.

Has there been any thoughts or discussions about how much extra space and number of files cryfs uses and creates?

Set encrypted file size.

Hello,
is it possible to set the encrypted file size? Because currently i have 10GB of data, and i get ~300.000x 32KB files, which isn't optimal in my opinion. An option which would allow to set the encrypted file size would be a good solution.

Consider using a better-established build system

Move from bii to plain cmake, or better yet - something simpler (that could be easily manually modified or tweaked). That would help with resolving portability issues as well.

git version fail to build

build error is below:

[ 28%] Built target blobstore
Scanning dependencies of target cryfs_lib
[ 28%] Building CXX object src/cryfs/CMakeFiles/cryfs_lib.dir/config/CryConfigLoader.cpp.o
/home/mtz/Downloads/cryfs-develop/src/cryfs/config/CryConfigLoader.cpp: In static member function ‘static void cryfs::CryConfigLoader::_checkVersion(const cryfs::CryConfig&)’:
/home/mtz/Downloads/cryfs-develop/src/cryfs/config/CryConfigLoader.cpp:48:50: error: ‘VERSION_COMPONENTS’ is not a member of ‘version’
   const string allowedVersionPrefix = string() + version::VERSION_COMPONENTS[0] + "." + version::VERSION_COMPONENTS[1] + ".";
                                                  ^
/home/mtz/Downloads/cryfs-develop/src/cryfs/config/CryConfigLoader.cpp:48:89: error: ‘VERSION_COMPONENTS’ is not a member of ‘version’
   const string allowedVersionPrefix = string() + version::VERSION_COMPONENTS[0] + "." + version::VERSION_COMPONENTS[1] + ".";
                                                                                         ^
src/cryfs/CMakeFiles/cryfs_lib.dir/build.make:376: recipe for target 'src/cryfs/CMakeFiles/cryfs_lib.dir/config/CryConfigLoader.cpp.o' failed
make[2]: *** [src/cryfs/CMakeFiles/cryfs_lib.dir/config/CryConfigLoader.cpp.o] Error 1
CMakeFiles/Makefile2:1675: recipe for target 'src/cryfs/CMakeFiles/cryfs_lib.dir/all' failed
make[1]: *** [src/cryfs/CMakeFiles/cryfs_lib.dir/all] Error 2
Makefile:117: recipe for target 'all' failed
make: *** [all] Error 2
[mtz@ink build]$

$BUILD/src/cryfs/messmer_gitversion/gitversion/version.h has below contents in it


// ---------------------------------------------------
// This file is autogenerated by git-version.
// DO NOT MODIFY!
// ---------------------------------------------------

#pragma once
#ifndef MESSMER_GITVERSION_VERSION_H
#define MESSMER_GITVERSION_VERSION_H

namespace version {
  constexpr const char *VERSION_STRING = "-modified";
  constexpr const char *GIT_TAG_NAME = "HEAD";
  constexpr const unsigned int GIT_COMMITS_SINCE_TAG = 0;
  constexpr const char *GIT_COMMIT_ID = "0";
  constexpr bool MODIFIED_SINCE_COMMIT = true;
  constexpr bool IS_DEV_VERSION = true;

  constexpr bool IS_STABLE_VERSION = false;

}

#endif

I commented out the offending function and the build process finish successfully and below is what was installed and i think these gmock and gtest stuff should not be installed.

Install the project...
-- Install configuration: "RELEASE"
-- Installing: /usr/lib/libgmock.a
-- Installing: /usr/lib/libgmock_main.a
-- Installing: /usr/include/gmock
-- Installing: /usr/include/gmock/gmock-spec-builders.h
-- Installing: /usr/include/gmock/gmock-actions.h
-- Installing: /usr/include/gmock/gmock-more-actions.h
-- Installing: /usr/include/gmock/gmock.h
-- Installing: /usr/include/gmock/gmock-generated-actions.h.pump
-- Installing: /usr/include/gmock/gmock-generated-matchers.h.pump
-- Installing: /usr/include/gmock/gmock-generated-function-mockers.h.pump
-- Installing: /usr/include/gmock/gmock-cardinalities.h
-- Installing: /usr/include/gmock/gmock-generated-nice-strict.h.pump
-- Installing: /usr/include/gmock/gmock-generated-matchers.h
-- Installing: /usr/include/gmock/gmock-generated-function-mockers.h
-- Installing: /usr/include/gmock/gmock-generated-actions.h
-- Installing: /usr/include/gmock/gmock-generated-nice-strict.h
-- Installing: /usr/include/gmock/gmock-matchers.h
-- Installing: /usr/include/gmock/gmock-more-matchers.h
-- Installing: /usr/include/gmock/internal
-- Installing: /usr/include/gmock/internal/gmock-port.h
-- Installing: /usr/include/gmock/internal/gmock-internal-utils.h
-- Installing: /usr/include/gmock/internal/gmock-generated-internal-utils.h.pump
-- Installing: /usr/include/gmock/internal/custom
-- Installing: /usr/include/gmock/internal/custom/gmock-port.h
-- Installing: /usr/include/gmock/internal/custom/gmock-generated-actions.h.pump
-- Installing: /usr/include/gmock/internal/custom/gmock-generated-actions.h
-- Installing: /usr/include/gmock/internal/custom/gmock-matchers.h
-- Installing: /usr/include/gmock/internal/gmock-generated-internal-utils.h
-- Installing: /usr/lib/libgtest.a
-- Installing: /usr/lib/libgtest_main.a
-- Installing: /usr/include/gtest
-- Installing: /usr/include/gtest/gtest-typed-test.h
-- Installing: /usr/include/gtest/gtest-param-test.h
-- Installing: /usr/include/gtest/gtest_prod.h
-- Installing: /usr/include/gtest/gtest-param-test.h.pump
-- Installing: /usr/include/gtest/gtest-spi.h
-- Installing: /usr/include/gtest/gtest.h
-- Installing: /usr/include/gtest/gtest-death-test.h
-- Installing: /usr/include/gtest/gtest-printers.h
-- Installing: /usr/include/gtest/gtest_pred_impl.h
-- Installing: /usr/include/gtest/gtest-test-part.h
-- Installing: /usr/include/gtest/gtest-message.h
-- Installing: /usr/include/gtest/internal
-- Installing: /usr/include/gtest/internal/gtest-tuple.h.pump
-- Installing: /usr/include/gtest/internal/gtest-param-util-generated.h.pump
-- Installing: /usr/include/gtest/internal/gtest-string.h
-- Installing: /usr/include/gtest/internal/gtest-filepath.h
-- Installing: /usr/include/gtest/internal/gtest-linked_ptr.h
-- Installing: /usr/include/gtest/internal/gtest-tuple.h
-- Installing: /usr/include/gtest/internal/gtest-param-util-generated.h
-- Installing: /usr/include/gtest/internal/gtest-param-util.h
-- Installing: /usr/include/gtest/internal/gtest-type-util.h
-- Installing: /usr/include/gtest/internal/gtest-type-util.h.pump
-- Installing: /usr/include/gtest/internal/gtest-internal.h
-- Installing: /usr/include/gtest/internal/gtest-port.h
-- Installing: /usr/include/gtest/internal/gtest-death-test-internal.h
-- Installing: /usr/include/gtest/internal/gtest-port-arch.h
-- Installing: /usr/include/gtest/internal/custom
-- Installing: /usr/include/gtest/internal/custom/gtest.h
-- Installing: /usr/include/gtest/internal/custom/gtest-printers.h
-- Installing: /usr/include/gtest/internal/custom/gtest-port.h
-- Installing: /usr/bin/cryfs
[root@ink build]#

give version i have installed is 2.7.1

Make config file readable (XML, JSON, ASCII), or provide a tool to read (and maybe edit) it

I find it very uncomfortable that I cannot read what's in the cryfs.config file. Occasionally I might want to manually modify its content (not something I expect to do, but sometimes the need might be there).

Thus I'd like to have a tool that at a minimum allows me to print/view the content of cryfs.config, and ideally - to both view and modify when needed.

unlocking cryfs volumes using a GUI solution.

This is not a bug report but an information report :-)

zuluMount-gui,a GUI component of zuluCrypt[1] can now unlock cryfs volume.

After you have zuluCrypt installed and cryfs installed(must be at /usr/bin),you can unlock your cryfs volume by:

Starting zuluMount-gui and then clicking "Mount Encfs/Cryfs" button.
Drag and drop a cryfs encrypted folder on zuluMount-gui window.
Right click on a cryfs folder and set zuluMount-gui to open it.
Set the volume as a favorite through zuluMount-gui->menu->favorites->manage favorites and access your volume through zuluMount-gui as an easier alternative to the first method.

Packages for debian,ubuntu,fedora,opensuse can be downloaded from here: http://download.opensuse.org/repositories/home:/mhogomchungu/

Arch linux package is here: https://aur.archlinux.org/packages/zulucrypt-git/

Fedora and opensuse users can install their respective packages from this link: http://software.opensuse.org/download.html?project=home%3Amhogomchungu&package=zuluCrypt

Just click your distribution and follow instructions that are application to your version.

[1] http://mhogomchungu.github.io/zuluCrypt/

Parametrize dependencies

Dependencies such as locations of various packages (like osxfuse) should be user-modifiable explicit configuration parameters.

Man page

As requested I open a separate topic for this, can you please consider to add a man page for cryfs

Thanks

Current Github cmake config broken!

The problem is with gitversion (WTF did you need it here at all?!)

$ cmake .. -DBoost_USE_STATIC_LIBS=off
-- The C compiler identification is AppleClang 7.0.2.7000181
-- The CXX compiler identification is AppleClang 7.0.2.7000181
-- Check for working C compiler: /opt/local/bin/clang
-- Check for working C compiler: /opt/local/bin/clang -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /opt/local/bin/clang++
-- Check for working CXX compiler: /opt/local/bin/clang++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
Checking if compiler supports X86 CPUID feature... yes
Checking if compiler supports X86 SSE2 feature... yes
Checking if compiler supports X86 AESNI feature... yes
-- Building version Warning: build in /Users/ur20980/Src/cryfs/src/gitversion is using versioneer.py from /Users/ur20980/src/cryfs/src/gitversion/versioneer.py
0.9.3-alpha+5.g5579270
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Performing Test COMPILER_HAS_CPP14_SUPPORT
-- Performing Test COMPILER_HAS_CPP14_SUPPORT - Success
-- Found cryptopp in system location
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
--   chrono
-- Found osxfuse in system location
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   program_options
--   chrono
-- Configuring done
-- Generating done
-- Build files have been written to: /Users/ur20980/src/cryfs/build
$ time make all
CMake Error: Parse error in cache file /Users/ur20980/src/cryfs/build/CMakeCache.txt. Offending entry: 0.9.3-alpha+5.g5579270
Checking if compiler supports X86 CPUID feature... yes
Checking if compiler supports X86 SSE2 feature... yes
Checking if compiler supports X86 AESNI feature... yes
-- Building version Warning: build in /Users/ur20980/Src/cryfs/src/gitversion is using versioneer.py from /Users/ur20980/src/cryfs/src/gitversion/versioneer.py
0.9.3-alpha+5.g5579270
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found cryptopp in system location
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
--   chrono
-- Found osxfuse in system location
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   filesystem
--   system
--   thread
-- Boost will be dynamically linked
-- Boost version: 1.59.0
-- Found the following Boost libraries:
--   program_options
--   chrono
-- Configuring incomplete, errors occurred!
See also "/Users/ur20980/src/cryfs/build/CMakeFiles/CMakeOutput.log".
make: *** [cmake_check_build_system] Error 1

real    0m0.546s
user    0m0.357s
sys 0m0.144s
$ cat CMakeFiles/CMakeOutput.log 
The system is: Darwin - 14.5.0 - x86_64
Compiling the C compiler identification source file "CMakeCCompilerId.c" succeeded.
Compiler: /opt/local/bin/clang 
Build flags: -maes;-mpclmul;-mrdrnd;-msse2;-mssse3;-msse4;-msse4.2
Id flags: 

The output was:
0


Compilation of the C compiler identification source "CMakeCCompilerId.c" produced "a.out"

The C compiler identification is AppleClang, found in "/Users/ur20980/src/cryfs/build/CMakeFiles/3.4.3/CompilerIdC/a.out"

Compiling the CXX compiler identification source file "CMakeCXXCompilerId.cpp" succeeded.
Compiler: /opt/local/bin/clang++ 
Build flags: -maes;-mpclmul;-mrdrnd;-msse2;-mssse3;-msse4;-msse4.2;-std=c++11
Id flags: 

The output was:
0


Compilation of the CXX compiler identification source "CMakeCXXCompilerId.cpp" produced "a.out"

The CXX compiler identification is AppleClang, found in "/Users/ur20980/src/cryfs/build/CMakeFiles/3.4.3/CompilerIdCXX/a.out"

Determining if the C compiler works passed with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_11e73/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_11e73.dir/build.make CMakeFiles/cmTC_11e73.dir/build
Building C object CMakeFiles/cmTC_11e73.dir/testCCompiler.c.o
/opt/local/bin/clang    -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2     -o CMakeFiles/cmTC_11e73.dir/testCCompiler.c.o   -c /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp/testCCompiler.c
Linking C executable cmTC_11e73
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_11e73.dir/link.txt --verbose=1
/opt/local/bin/clang  -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_11e73.dir/testCCompiler.c.o  -o cmTC_11e73  


Detecting C compiler ABI info compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_98a25/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_98a25.dir/build.make CMakeFiles/cmTC_98a25.dir/build
Building C object CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o
/opt/local/bin/clang    -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2     -o CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o   -c /opt/local/share/cmake-3.4/Modules/CMakeCCompilerABI.c
Linking C executable cmTC_98a25
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_98a25.dir/link.txt --verbose=1
/opt/local/bin/clang  -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2   -Wl,-search_paths_first -Wl,-headerpad_max_install_names  -v -Wl,-v CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o  -o cmTC_98a25   
Apple LLVM version 7.0.2 (clang-700.1.81)
Target: x86_64-apple-darwin14.5.0
Thread model: posix
 "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -dynamic -arch x86_64 -macosx_version_min 10.10.0 -o cmTC_98a25 -search_paths_first -headerpad_max_install_names -v CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a
@(#)PROGRAM:ld  PROJECT:ld64-253.9
configured to support archs: armv6 armv7 armv7s arm64 i386 x86_64 x86_64h armv6m armv7k armv7m armv7em (tvOS)
Library search paths:
    /usr/lib
    /usr/local/lib
Framework search paths:
    /Library/Frameworks/
    /System/Library/Frameworks/


Parsed C implicit link information from above output:
  link line regex: [^( *|.*[/\])(ld|([^/\]+-)?ld|collect2)[^/\]*( |$)]
  ignore line: [Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp]
  ignore line: []
  ignore line: [Run Build Command:"/usr/bin/make" "cmTC_98a25/fast"]
  ignore line: [/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_98a25.dir/build.make CMakeFiles/cmTC_98a25.dir/build]
  ignore line: [Building C object CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o]
  ignore line: [/opt/local/bin/clang    -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2     -o CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o   -c /opt/local/share/cmake-3.4/Modules/CMakeCCompilerABI.c]
  ignore line: [Linking C executable cmTC_98a25]
  ignore line: [/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_98a25.dir/link.txt --verbose=1]
  ignore line: [/opt/local/bin/clang  -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2   -Wl,-search_paths_first -Wl,-headerpad_max_install_names  -v -Wl,-v CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o  -o cmTC_98a25   ]
  ignore line: [Apple LLVM version 7.0.2 (clang-700.1.81)]
  ignore line: [Target: x86_64-apple-darwin14.5.0]
  ignore line: [Thread model: posix]
  link line: [ "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -dynamic -arch x86_64 -macosx_version_min 10.10.0 -o cmTC_98a25 -search_paths_first -headerpad_max_install_names -v CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
    arg [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld] ==> ignore
    arg [-demangle] ==> ignore
    arg [-dynamic] ==> ignore
    arg [-arch] ==> ignore
    arg [x86_64] ==> ignore
    arg [-macosx_version_min] ==> ignore
    arg [10.10.0] ==> ignore
    arg [-o] ==> ignore
    arg [cmTC_98a25] ==> ignore
    arg [-search_paths_first] ==> ignore
    arg [-headerpad_max_install_names] ==> ignore
    arg [-v] ==> ignore
    arg [CMakeFiles/cmTC_98a25.dir/CMakeCCompilerABI.c.o] ==> ignore
    arg [-lSystem] ==> lib [System]
    arg [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a] ==> lib [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
  Library search paths: [;/usr/lib;/usr/local/lib]
  Framework search paths: [;/Library/Frameworks/;/System/Library/Frameworks/]
  remove lib [System]
  collapse lib [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a] ==> [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
  collapse library dir [/usr/lib] ==> [/usr/lib]
  collapse library dir [/usr/local/lib] ==> [/usr/local/lib]
  collapse framework dir [/Library/Frameworks/] ==> [/Library/Frameworks]
  collapse framework dir [/System/Library/Frameworks/] ==> [/System/Library/Frameworks]
  implicit libs: [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
  implicit dirs: [/usr/lib;/usr/local/lib]
  implicit fwks: [/Library/Frameworks;/System/Library/Frameworks]




Detecting C [-std=c11] compiler features compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_97421/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_97421.dir/build.make CMakeFiles/cmTC_97421.dir/build
Building C object CMakeFiles/cmTC_97421.dir/feature_tests.c.o
/opt/local/bin/clang    -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2     -std=c11 -o CMakeFiles/cmTC_97421.dir/feature_tests.c.o   -c /Users/ur20980/src/cryfs/build/CMakeFiles/feature_tests.c
Linking C executable cmTC_97421
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_97421.dir/link.txt --verbose=1
/opt/local/bin/clang  -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_97421.dir/feature_tests.c.o  -o cmTC_97421  


    Feature record: C_FEATURE:1c_function_prototypes
    Feature record: C_FEATURE:1c_restrict
    Feature record: C_FEATURE:1c_static_assert
    Feature record: C_FEATURE:1c_variadic_macros


Detecting C [-std=c99] compiler features compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_414d4/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_414d4.dir/build.make CMakeFiles/cmTC_414d4.dir/build
Building C object CMakeFiles/cmTC_414d4.dir/feature_tests.c.o
/opt/local/bin/clang    -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2     -std=c99 -o CMakeFiles/cmTC_414d4.dir/feature_tests.c.o   -c /Users/ur20980/src/cryfs/build/CMakeFiles/feature_tests.c
Linking C executable cmTC_414d4
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_414d4.dir/link.txt --verbose=1
/opt/local/bin/clang  -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_414d4.dir/feature_tests.c.o  -o cmTC_414d4  


    Feature record: C_FEATURE:1c_function_prototypes
    Feature record: C_FEATURE:1c_restrict
    Feature record: C_FEATURE:0c_static_assert
    Feature record: C_FEATURE:1c_variadic_macros


Detecting C [-std=c90] compiler features compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_8c73d/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_8c73d.dir/build.make CMakeFiles/cmTC_8c73d.dir/build
Building C object CMakeFiles/cmTC_8c73d.dir/feature_tests.c.o
/opt/local/bin/clang    -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2     -std=c90 -o CMakeFiles/cmTC_8c73d.dir/feature_tests.c.o   -c /Users/ur20980/src/cryfs/build/CMakeFiles/feature_tests.c
Linking C executable cmTC_8c73d
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_8c73d.dir/link.txt --verbose=1
/opt/local/bin/clang  -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_8c73d.dir/feature_tests.c.o  -o cmTC_8c73d  


    Feature record: C_FEATURE:1c_function_prototypes
    Feature record: C_FEATURE:0c_restrict
    Feature record: C_FEATURE:0c_static_assert
    Feature record: C_FEATURE:0c_variadic_macros
Determining if the CXX compiler works passed with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_df1ab/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_df1ab.dir/build.make CMakeFiles/cmTC_df1ab.dir/build
Building CXX object CMakeFiles/cmTC_df1ab.dir/testCXXCompiler.cxx.o
/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11     -o CMakeFiles/cmTC_df1ab.dir/testCXXCompiler.cxx.o -c /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp/testCXXCompiler.cxx
Linking CXX executable cmTC_df1ab
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_df1ab.dir/link.txt --verbose=1
/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_df1ab.dir/testCXXCompiler.cxx.o  -o cmTC_df1ab  


Detecting CXX compiler ABI info compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_d74ea/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_d74ea.dir/build.make CMakeFiles/cmTC_d74ea.dir/build
Building CXX object CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o
/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11     -o CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o -c /opt/local/share/cmake-3.4/Modules/CMakeCXXCompilerABI.cpp
Linking CXX executable cmTC_d74ea
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_d74ea.dir/link.txt --verbose=1
/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11   -Wl,-search_paths_first -Wl,-headerpad_max_install_names  -v -Wl,-v CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o  -o cmTC_d74ea   
Apple LLVM version 7.0.2 (clang-700.1.81)
Target: x86_64-apple-darwin14.5.0
Thread model: posix
 "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -dynamic -arch x86_64 -macosx_version_min 10.10.0 -o cmTC_d74ea -search_paths_first -headerpad_max_install_names -v CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o -lc++ -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a
@(#)PROGRAM:ld  PROJECT:ld64-253.9
configured to support archs: armv6 armv7 armv7s arm64 i386 x86_64 x86_64h armv6m armv7k armv7m armv7em (tvOS)
Library search paths:
    /usr/lib
    /usr/local/lib
Framework search paths:
    /Library/Frameworks/
    /System/Library/Frameworks/


Parsed CXX implicit link information from above output:
  link line regex: [^( *|.*[/\])(ld|([^/\]+-)?ld|collect2)[^/\]*( |$)]
  ignore line: [Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp]
  ignore line: []
  ignore line: [Run Build Command:"/usr/bin/make" "cmTC_d74ea/fast"]
  ignore line: [/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_d74ea.dir/build.make CMakeFiles/cmTC_d74ea.dir/build]
  ignore line: [Building CXX object CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o]
  ignore line: [/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11     -o CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o -c /opt/local/share/cmake-3.4/Modules/CMakeCXXCompilerABI.cpp]
  ignore line: [Linking CXX executable cmTC_d74ea]
  ignore line: [/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_d74ea.dir/link.txt --verbose=1]
  ignore line: [/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11   -Wl,-search_paths_first -Wl,-headerpad_max_install_names  -v -Wl,-v CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o  -o cmTC_d74ea   ]
  ignore line: [Apple LLVM version 7.0.2 (clang-700.1.81)]
  ignore line: [Target: x86_64-apple-darwin14.5.0]
  ignore line: [Thread model: posix]
  link line: [ "/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld" -demangle -dynamic -arch x86_64 -macosx_version_min 10.10.0 -o cmTC_d74ea -search_paths_first -headerpad_max_install_names -v CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o -lc++ -lSystem /Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
    arg [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/ld] ==> ignore
    arg [-demangle] ==> ignore
    arg [-dynamic] ==> ignore
    arg [-arch] ==> ignore
    arg [x86_64] ==> ignore
    arg [-macosx_version_min] ==> ignore
    arg [10.10.0] ==> ignore
    arg [-o] ==> ignore
    arg [cmTC_d74ea] ==> ignore
    arg [-search_paths_first] ==> ignore
    arg [-headerpad_max_install_names] ==> ignore
    arg [-v] ==> ignore
    arg [CMakeFiles/cmTC_d74ea.dir/CMakeCXXCompilerABI.cpp.o] ==> ignore
    arg [-lc++] ==> lib [c++]
    arg [-lSystem] ==> lib [System]
    arg [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a] ==> lib [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
  Library search paths: [;/usr/lib;/usr/local/lib]
  Framework search paths: [;/Library/Frameworks/;/System/Library/Frameworks/]
  remove lib [System]
  collapse lib [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/bin/../lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a] ==> [/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
  collapse library dir [/usr/lib] ==> [/usr/lib]
  collapse library dir [/usr/local/lib] ==> [/usr/local/lib]
  collapse framework dir [/Library/Frameworks/] ==> [/Library/Frameworks]
  collapse framework dir [/System/Library/Frameworks/] ==> [/System/Library/Frameworks]
  implicit libs: [c++;/Applications/Xcode.app/Contents/Developer/Toolchains/XcodeDefault.xctoolchain/usr/lib/clang/7.0.2/lib/darwin/libclang_rt.osx.a]
  implicit dirs: [/usr/lib;/usr/local/lib]
  implicit fwks: [/Library/Frameworks;/System/Library/Frameworks]




Detecting CXX [-std=c++14] compiler features compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_210f7/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_210f7.dir/build.make CMakeFiles/cmTC_210f7.dir/build
Building CXX object CMakeFiles/cmTC_210f7.dir/feature_tests.cxx.o
/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11     -std=c++14 -o CMakeFiles/cmTC_210f7.dir/feature_tests.cxx.o -c /Users/ur20980/src/cryfs/build/CMakeFiles/feature_tests.cxx
Linking CXX executable cmTC_210f7
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_210f7.dir/link.txt --verbose=1
/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_210f7.dir/feature_tests.cxx.o  -o cmTC_210f7  


    Feature record: CXX_FEATURE:1cxx_aggregate_default_initializers
    Feature record: CXX_FEATURE:1cxx_alias_templates
    Feature record: CXX_FEATURE:1cxx_alignas
    Feature record: CXX_FEATURE:1cxx_alignof
    Feature record: CXX_FEATURE:1cxx_attributes
    Feature record: CXX_FEATURE:1cxx_attribute_deprecated
    Feature record: CXX_FEATURE:1cxx_auto_type
    Feature record: CXX_FEATURE:1cxx_binary_literals
    Feature record: CXX_FEATURE:1cxx_constexpr
    Feature record: CXX_FEATURE:1cxx_contextual_conversions
    Feature record: CXX_FEATURE:1cxx_decltype
    Feature record: CXX_FEATURE:1cxx_decltype_auto
    Feature record: CXX_FEATURE:1cxx_decltype_incomplete_return_types
    Feature record: CXX_FEATURE:1cxx_default_function_template_args
    Feature record: CXX_FEATURE:1cxx_defaulted_functions
    Feature record: CXX_FEATURE:1cxx_defaulted_move_initializers
    Feature record: CXX_FEATURE:1cxx_delegating_constructors
    Feature record: CXX_FEATURE:1cxx_deleted_functions
    Feature record: CXX_FEATURE:1cxx_digit_separators
    Feature record: CXX_FEATURE:1cxx_enum_forward_declarations
    Feature record: CXX_FEATURE:1cxx_explicit_conversions
    Feature record: CXX_FEATURE:1cxx_extended_friend_declarations
    Feature record: CXX_FEATURE:1cxx_extern_templates
    Feature record: CXX_FEATURE:1cxx_final
    Feature record: CXX_FEATURE:1cxx_func_identifier
    Feature record: CXX_FEATURE:1cxx_generalized_initializers
    Feature record: CXX_FEATURE:1cxx_generic_lambdas
    Feature record: CXX_FEATURE:1cxx_inheriting_constructors
    Feature record: CXX_FEATURE:1cxx_inline_namespaces
    Feature record: CXX_FEATURE:1cxx_lambdas
    Feature record: CXX_FEATURE:1cxx_lambda_init_captures
    Feature record: CXX_FEATURE:1cxx_local_type_template_args
    Feature record: CXX_FEATURE:1cxx_long_long_type
    Feature record: CXX_FEATURE:1cxx_noexcept
    Feature record: CXX_FEATURE:1cxx_nonstatic_member_init
    Feature record: CXX_FEATURE:1cxx_nullptr
    Feature record: CXX_FEATURE:1cxx_override
    Feature record: CXX_FEATURE:1cxx_range_for
    Feature record: CXX_FEATURE:1cxx_raw_string_literals
    Feature record: CXX_FEATURE:1cxx_reference_qualified_functions
    Feature record: CXX_FEATURE:1cxx_relaxed_constexpr
    Feature record: CXX_FEATURE:1cxx_return_type_deduction
    Feature record: CXX_FEATURE:1cxx_right_angle_brackets
    Feature record: CXX_FEATURE:1cxx_rvalue_references
    Feature record: CXX_FEATURE:1cxx_sizeof_member
    Feature record: CXX_FEATURE:1cxx_static_assert
    Feature record: CXX_FEATURE:1cxx_strong_enums
    Feature record: CXX_FEATURE:1cxx_template_template_parameters
    Feature record: CXX_FEATURE:0cxx_thread_local
    Feature record: CXX_FEATURE:1cxx_trailing_return_types
    Feature record: CXX_FEATURE:1cxx_unicode_literals
    Feature record: CXX_FEATURE:1cxx_uniform_initialization
    Feature record: CXX_FEATURE:1cxx_unrestricted_unions
    Feature record: CXX_FEATURE:1cxx_user_literals
    Feature record: CXX_FEATURE:1cxx_variable_templates
    Feature record: CXX_FEATURE:1cxx_variadic_macros
    Feature record: CXX_FEATURE:1cxx_variadic_templates


Detecting CXX [-std=c++11] compiler features compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_0bbeb/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_0bbeb.dir/build.make CMakeFiles/cmTC_0bbeb.dir/build
Building CXX object CMakeFiles/cmTC_0bbeb.dir/feature_tests.cxx.o
/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11     -std=c++11 -o CMakeFiles/cmTC_0bbeb.dir/feature_tests.cxx.o -c /Users/ur20980/src/cryfs/build/CMakeFiles/feature_tests.cxx
Linking CXX executable cmTC_0bbeb
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_0bbeb.dir/link.txt --verbose=1
/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_0bbeb.dir/feature_tests.cxx.o  -o cmTC_0bbeb  


    Feature record: CXX_FEATURE:0cxx_aggregate_default_initializers
    Feature record: CXX_FEATURE:1cxx_alias_templates
    Feature record: CXX_FEATURE:1cxx_alignas
    Feature record: CXX_FEATURE:1cxx_alignof
    Feature record: CXX_FEATURE:1cxx_attributes
    Feature record: CXX_FEATURE:0cxx_attribute_deprecated
    Feature record: CXX_FEATURE:1cxx_auto_type
    Feature record: CXX_FEATURE:0cxx_binary_literals
    Feature record: CXX_FEATURE:1cxx_constexpr
    Feature record: CXX_FEATURE:0cxx_contextual_conversions
    Feature record: CXX_FEATURE:1cxx_decltype
    Feature record: CXX_FEATURE:0cxx_decltype_auto
    Feature record: CXX_FEATURE:1cxx_decltype_incomplete_return_types
    Feature record: CXX_FEATURE:1cxx_default_function_template_args
    Feature record: CXX_FEATURE:1cxx_defaulted_functions
    Feature record: CXX_FEATURE:1cxx_defaulted_move_initializers
    Feature record: CXX_FEATURE:1cxx_delegating_constructors
    Feature record: CXX_FEATURE:1cxx_deleted_functions
    Feature record: CXX_FEATURE:0cxx_digit_separators
    Feature record: CXX_FEATURE:1cxx_enum_forward_declarations
    Feature record: CXX_FEATURE:1cxx_explicit_conversions
    Feature record: CXX_FEATURE:1cxx_extended_friend_declarations
    Feature record: CXX_FEATURE:1cxx_extern_templates
    Feature record: CXX_FEATURE:1cxx_final
    Feature record: CXX_FEATURE:1cxx_func_identifier
    Feature record: CXX_FEATURE:1cxx_generalized_initializers
    Feature record: CXX_FEATURE:0cxx_generic_lambdas
    Feature record: CXX_FEATURE:1cxx_inheriting_constructors
    Feature record: CXX_FEATURE:1cxx_inline_namespaces
    Feature record: CXX_FEATURE:1cxx_lambdas
    Feature record: CXX_FEATURE:0cxx_lambda_init_captures
    Feature record: CXX_FEATURE:1cxx_local_type_template_args
    Feature record: CXX_FEATURE:1cxx_long_long_type
    Feature record: CXX_FEATURE:1cxx_noexcept
    Feature record: CXX_FEATURE:1cxx_nonstatic_member_init
    Feature record: CXX_FEATURE:1cxx_nullptr
    Feature record: CXX_FEATURE:1cxx_override
    Feature record: CXX_FEATURE:1cxx_range_for
    Feature record: CXX_FEATURE:1cxx_raw_string_literals
    Feature record: CXX_FEATURE:1cxx_reference_qualified_functions
    Feature record: CXX_FEATURE:0cxx_relaxed_constexpr
    Feature record: CXX_FEATURE:0cxx_return_type_deduction
    Feature record: CXX_FEATURE:1cxx_right_angle_brackets
    Feature record: CXX_FEATURE:1cxx_rvalue_references
    Feature record: CXX_FEATURE:1cxx_sizeof_member
    Feature record: CXX_FEATURE:1cxx_static_assert
    Feature record: CXX_FEATURE:1cxx_strong_enums
    Feature record: CXX_FEATURE:1cxx_template_template_parameters
    Feature record: CXX_FEATURE:0cxx_thread_local
    Feature record: CXX_FEATURE:1cxx_trailing_return_types
    Feature record: CXX_FEATURE:1cxx_unicode_literals
    Feature record: CXX_FEATURE:1cxx_uniform_initialization
    Feature record: CXX_FEATURE:1cxx_unrestricted_unions
    Feature record: CXX_FEATURE:1cxx_user_literals
    Feature record: CXX_FEATURE:0cxx_variable_templates
    Feature record: CXX_FEATURE:1cxx_variadic_macros
    Feature record: CXX_FEATURE:1cxx_variadic_templates


Detecting CXX [-std=c++98] compiler features compiled with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_83462/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_83462.dir/build.make CMakeFiles/cmTC_83462.dir/build
Building CXX object CMakeFiles/cmTC_83462.dir/feature_tests.cxx.o
/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11     -std=c++98 -o CMakeFiles/cmTC_83462.dir/feature_tests.cxx.o -c /Users/ur20980/src/cryfs/build/CMakeFiles/feature_tests.cxx
Linking CXX executable cmTC_83462
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_83462.dir/link.txt --verbose=1
/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11   -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_83462.dir/feature_tests.cxx.o  -o cmTC_83462  


    Feature record: CXX_FEATURE:0cxx_aggregate_default_initializers
    Feature record: CXX_FEATURE:0cxx_alias_templates
    Feature record: CXX_FEATURE:0cxx_alignas
    Feature record: CXX_FEATURE:0cxx_alignof
    Feature record: CXX_FEATURE:0cxx_attributes
    Feature record: CXX_FEATURE:0cxx_attribute_deprecated
    Feature record: CXX_FEATURE:0cxx_auto_type
    Feature record: CXX_FEATURE:0cxx_binary_literals
    Feature record: CXX_FEATURE:0cxx_constexpr
    Feature record: CXX_FEATURE:0cxx_contextual_conversions
    Feature record: CXX_FEATURE:0cxx_decltype
    Feature record: CXX_FEATURE:0cxx_decltype_auto
    Feature record: CXX_FEATURE:0cxx_decltype_incomplete_return_types
    Feature record: CXX_FEATURE:0cxx_default_function_template_args
    Feature record: CXX_FEATURE:0cxx_defaulted_functions
    Feature record: CXX_FEATURE:0cxx_defaulted_move_initializers
    Feature record: CXX_FEATURE:0cxx_delegating_constructors
    Feature record: CXX_FEATURE:0cxx_deleted_functions
    Feature record: CXX_FEATURE:0cxx_digit_separators
    Feature record: CXX_FEATURE:0cxx_enum_forward_declarations
    Feature record: CXX_FEATURE:0cxx_explicit_conversions
    Feature record: CXX_FEATURE:0cxx_extended_friend_declarations
    Feature record: CXX_FEATURE:0cxx_extern_templates
    Feature record: CXX_FEATURE:0cxx_final
    Feature record: CXX_FEATURE:0cxx_func_identifier
    Feature record: CXX_FEATURE:0cxx_generalized_initializers
    Feature record: CXX_FEATURE:0cxx_generic_lambdas
    Feature record: CXX_FEATURE:0cxx_inheriting_constructors
    Feature record: CXX_FEATURE:0cxx_inline_namespaces
    Feature record: CXX_FEATURE:0cxx_lambdas
    Feature record: CXX_FEATURE:0cxx_lambda_init_captures
    Feature record: CXX_FEATURE:0cxx_local_type_template_args
    Feature record: CXX_FEATURE:0cxx_long_long_type
    Feature record: CXX_FEATURE:0cxx_noexcept
    Feature record: CXX_FEATURE:0cxx_nonstatic_member_init
    Feature record: CXX_FEATURE:0cxx_nullptr
    Feature record: CXX_FEATURE:0cxx_override
    Feature record: CXX_FEATURE:0cxx_range_for
    Feature record: CXX_FEATURE:0cxx_raw_string_literals
    Feature record: CXX_FEATURE:0cxx_reference_qualified_functions
    Feature record: CXX_FEATURE:0cxx_relaxed_constexpr
    Feature record: CXX_FEATURE:0cxx_return_type_deduction
    Feature record: CXX_FEATURE:0cxx_right_angle_brackets
    Feature record: CXX_FEATURE:0cxx_rvalue_references
    Feature record: CXX_FEATURE:0cxx_sizeof_member
    Feature record: CXX_FEATURE:0cxx_static_assert
    Feature record: CXX_FEATURE:0cxx_strong_enums
    Feature record: CXX_FEATURE:1cxx_template_template_parameters
    Feature record: CXX_FEATURE:0cxx_thread_local
    Feature record: CXX_FEATURE:0cxx_trailing_return_types
    Feature record: CXX_FEATURE:0cxx_unicode_literals
    Feature record: CXX_FEATURE:0cxx_uniform_initialization
    Feature record: CXX_FEATURE:0cxx_unrestricted_unions
    Feature record: CXX_FEATURE:0cxx_user_literals
    Feature record: CXX_FEATURE:0cxx_variable_templates
    Feature record: CXX_FEATURE:0cxx_variadic_macros
    Feature record: CXX_FEATURE:0cxx_variadic_templates
Performing C++ SOURCE FILE Test COMPILER_HAS_CPP14_SUPPORT succeded with the following output:
Change Dir: /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp

Run Build Command:"/usr/bin/make" "cmTC_0be5a/fast"
/Applications/Xcode.app/Contents/Developer/usr/bin/make -f CMakeFiles/cmTC_0be5a.dir/build.make CMakeFiles/cmTC_0be5a.dir/build
Building CXX object CMakeFiles/cmTC_0be5a.dir/src.cxx.o
/opt/local/bin/clang++     -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11  -DCOMPILER_HAS_CPP14_SUPPORT   -std=c++14 -o CMakeFiles/cmTC_0be5a.dir/src.cxx.o -c /Users/ur20980/src/cryfs/build/CMakeFiles/CMakeTmp/src.cxx
Linking CXX executable cmTC_0be5a
/opt/local/bin/cmake -E cmake_link_script CMakeFiles/cmTC_0be5a.dir/link.txt --verbose=1
/opt/local/bin/clang++   -maes -mpclmul -mrdrnd -msse2 -mssse3 -msse4 -msse4.2 -std=c++11  -DCOMPILER_HAS_CPP14_SUPPORT -Wl,-search_paths_first -Wl,-headerpad_max_install_names   CMakeFiles/cmTC_0be5a.dir/src.cxx.o  -o cmTC_0be5a  

Source file was:
int main() { return 0; }
$

If you manually edit build/CMakeCache.txt file (bad idea!) to get through the above, the build bombs later in gitversion:

Scanning dependencies of target spdlog
[ 11%] Building CXX object vendor/spdlog/CMakeFiles/spdlog.dir/dummy.cpp.o
[ 12%] Linking CXX static library libspdlog.a
/opt/local/bin/ranlib: file: libspdlog.a(dummy.cpp.o) has no symbols
/opt/local/bin/ranlib: file: libspdlog.a(dummy.cpp.o) has no symbols
warning: /opt/local/bin/ranlib: warning for library: libspdlog.a the table of contents is empty (no object file members in the library define global symbols)
[ 12%] Built target spdlog
src/gitversion/CMakeFiles/gitversion.dir/flags.make:8: *** missing separator.  Stop.
make[1]: *** [src/gitversion/CMakeFiles/gitversion.dir/all] Error 2
make: *** [all] Error 2

Are we again trying to win the medal for the largest amount of untested packages thrown into the heap?

When will cryfs be considered stable

As I'm using encfs right now I'm keen to move to something more secure and I really like cryfs.

When will you consider this to be available other than Beta

Thanks

Permission on mounted dir

Hi,

Not sure if it's a bug or expected FUSE behavior but when I mount my directory using cryfs, the permissions on this directory are modified (to 700). Original permissions (755) are recovered after unmount.

Now if I try to chmod this directory while mounted I get an I/O error.

If this is the proper behavior, is there a solution to change permissions on this dir ?

Log:

tklein@r580:~$ ls -l . | grep Pro
drwxr-xr-x  2 tklein tklein 4096 avril 19 10:15 Pro
tklein@r580:~$ cryfs /basedir Pro
tklein@r580:~$ ls -l . | grep Pro
drwx------  1 tklein tklein 4096 avril 19 10:34 Pro
tklein@r580:~$ chmod 755 Pro/
chmod: changing permissions of ‘Pro/’: Input/output error

System: Ubuntu 15.10

Unable to unmount volume on OSX el capitan

Although I know that osx is still not officially supported, I downloaded and compiled the source and got it working. The only problem I got is when I try to unmount a volume I get an error and the volume is not unmounted.

Mount :
cryfs@osxfuse0 on /Users/localadmin/cryfs/cmake/mountdir (osxfuse, nodev, nosuid, synchronous, mounted by User)

diskutil umount /Users/localadmin/cryfs/cmake/mountdir
Unmount failed for /Users/localadmin/cryfs/cmake/mountdir

I'm willing to assist with (beta) testing on osx if you need any help there.

Loading block of wrong size

after upgrading to latest Git version, I am unable to mount a cryfs directory created with 0.9.3-alpha:

$ cryfs basedir mountdir
CryFS Version 0.9.3-alpha+38.g7b5970a
WARNING! This is a development version based on git commit 7b5970a. Please do not use in production!
Automatic checking for security vulnerabilities and updates is disabled.

Password:
Loading config file (this can take some time)...done
[2016-03-24 20:14:50.744] [Log] [error] Assertion [block->size() == _layout.blocksizeBytes()] failed in /pkgbuilds/cryfs-git/src/cryfs/src/blobstore/implementations/onblocks/datanodestore/DataNodeStore.cpp:31: Loading block of wrong size

cpputils::backtrace[abi:cxx11](): (cryfs+0x2b) [0x5aa07b]
cpputils::_assert::format(char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*, int): (cryfs+0x3e) [0x4dfd3e]
cpputils::_assert::assert_fail_release(char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*, int): (cryfs+0x32) [0x4e8c22]
blobstore::onblocks::datanodestore::DataNodeStore::load(cpputils::unique_ref<blockstore::Block>): (cryfs+0xfb) [0x55c27b]
blobstore::onblocks::datanodestore::DataNodeStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x72) [0x55c392]
blobstore::onblocks::datatreestore::DataTreeStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x2b) [0x56215b]
parallelaccessstore::ParallelAccessStore<blobstore::onblocks::datatreestore::DataTree, blobstore::onblocks::parallelaccessdatatreestore::DataTreeRef, cpputils::FixedSizeData<16ul> >::load(cpputils::FixedSizeData<16ul> const&, std::function<cpputils::unique_ref<blobstore::onblocks::parallelaccessdatatreestore::DataTreeRef> (blobstore::onblocks::datatreestore::DataTree*)>): (cryfs+0xb7) [0x565d07]
blobstore::onblocks::parallelaccessdatatreestore::ParallelAccessDataTreeStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x36) [0x563a16]
blobstore::onblocks::BlobStoreOnBlocks::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x29) [0x55ab89]
cryfs::fsblobstore::FsBlobStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x31) [0x558b21]
cryfs::cachingfsblobstore::CachingFsBlobStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x168) [0x551bf8]
parallelaccessstore::ParallelAccessStore<cryfs::cachingfsblobstore::FsBlobRef, cryfs::parallelaccessfsblobstore::FsBlobRef, cpputils::FixedSizeData<16ul> >::load(cpputils::FixedSizeData<16ul> const&, std::function<cpputils::unique_ref<cryfs::parallelaccessfsblobstore::FsBlobRef> (cryfs::cachingfsblobstore::FsBlobRef*)>): (cryfs+0xb7) [0x550247]
cryfs::parallelaccessfsblobstore::ParallelAccessFsBlobStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x3a) [0x54ee0a]
cryfs::CryDevice::LoadBlob(cpputils::FixedSizeData<16ul> const&): (cryfs+0x30) [0x540540]
cryfs::CryNode::LoadBlob() const: (cryfs+0x25) [0x54db95]
cryfs::CryDir::LoadBlob() const: (cryfs+0x24) [0x53e5a4]
cryfs::CryDir::children() const: (cryfs+0x23b) [0x53ed3b]
cryfs::Cli::_sanityCheckFilesystem(cryfs::CryDevice*): (cryfs+0xa1) [0x4f0371]
cryfs::Cli::_runFilesystem(cryfs::program_options::ProgramOptions const&): (cryfs+0x112) [0x4f0602]
cryfs::Cli::main(int, char**): (cryfs+0x8e) [0x4ca4be]
main: (cryfs+0x104) [0x4c9824]
__libc_start_main: (/usr/lib/libc.so.6+0xf0) [0x7f43999a8710]
_start: (cryfs+0x29) [0x4dda39]

[2016-03-24 20:14:50.746] [Log] [error] Crashed: Assertion [block->size() == _layout.blocksizeBytes()] failed in /pkgbuilds/cryfs-git/src/cryfs/src/blobstore/implementations/onblocks/datanodestore/DataNodeStore.cpp:31: Loading block of wrong size

cpputils::backtrace[abi:cxx11](): (cryfs+0x2b) [0x5aa07b]
cpputils::_assert::format(char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*, int): (cryfs+0x3e) [0x4dfd3e]
cpputils::_assert::assert_fail_release(char const*, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, char const*, int): (cryfs+0x32) [0x4e8c22]
blobstore::onblocks::datanodestore::DataNodeStore::load(cpputils::unique_ref<blockstore::Block>): (cryfs+0xfb) [0x55c27b]
blobstore::onblocks::datanodestore::DataNodeStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x72) [0x55c392]
blobstore::onblocks::datatreestore::DataTreeStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x2b) [0x56215b]
parallelaccessstore::ParallelAccessStore<blobstore::onblocks::datatreestore::DataTree, blobstore::onblocks::parallelaccessdatatreestore::DataTreeRef, cpputils::FixedSizeData<16ul> >::load(cpputils::FixedSizeData<16ul> const&, std::function<cpputils::unique_ref<blobstore::onblocks::parallelaccessdatatreestore::DataTreeRef> (blobstore::onblocks::datatreestore::DataTree*)>): (cryfs+0xb7) [0x565d07]
blobstore::onblocks::parallelaccessdatatreestore::ParallelAccessDataTreeStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x36) [0x563a16]
blobstore::onblocks::BlobStoreOnBlocks::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x29) [0x55ab89]
cryfs::fsblobstore::FsBlobStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x31) [0x558b21]
cryfs::cachingfsblobstore::CachingFsBlobStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x168) [0x551bf8]
parallelaccessstore::ParallelAccessStore<cryfs::cachingfsblobstore::FsBlobRef, cryfs::parallelaccessfsblobstore::FsBlobRef, cpputils::FixedSizeData<16ul> >::load(cpputils::FixedSizeData<16ul> const&, std::function<cpputils::unique_ref<cryfs::parallelaccessfsblobstore::FsBlobRef> (cryfs::cachingfsblobstore::FsBlobRef*)>): (cryfs+0xb7) [0x550247]
cryfs::parallelaccessfsblobstore::ParallelAccessFsBlobStore::load(cpputils::FixedSizeData<16ul> const&): (cryfs+0x3a) [0x54ee0a]
cryfs::CryDevice::LoadBlob(cpputils::FixedSizeData<16ul> const&): (cryfs+0x30) [0x540540]
cryfs::CryNode::LoadBlob() const: (cryfs+0x25) [0x54db95]
cryfs::CryDir::LoadBlob() const: (cryfs+0x24) [0x53e5a4]
cryfs::CryDir::children() const: (cryfs+0x23b) [0x53ed3b]
cryfs::Cli::_sanityCheckFilesystem(cryfs::CryDevice*): (cryfs+0xa1) [0x4f0371]
cryfs::Cli::_runFilesystem(cryfs::program_options::ProgramOptions const&): (cryfs+0x112) [0x4f0602]
cryfs::Cli::main(int, char**): (cryfs+0x8e) [0x4ca4be]
main: (cryfs+0x104) [0x4c9824]
__libc_start_main: (/usr/lib/libc.so.6+0xf0) [0x7f43999a8710]
_start: (cryfs+0x29) [0x4dda39]

Ownership of mount directory

The mount directory (i.e. root directory of the file system) doesn't have correct permissions set (i.e. is owned by root and has no permissions for anyone).
It should be owned by the user running CryFS and also give them permissions.

Make update checks optional

Taken from #19

Proposal:
If there haven't been any update checks for 30 days, CryFS will ask you whether it should check for updates. You can answer "yes", "no" or "never". Tools can pass in "--no-update-check" to disable any update checks. I don't think we need a "--update-check" flag. Once a cryfs-manager is built, this functionality will be removed from cryfs-mount and put into the manager.

Implementation:
I propose the following steps for implementing this (the steps are designed so after each step we have a working version that is already better than the previous version):

Implement a "--no-update-check" flag that just disables update checking.
Use a local config file to store the last update-check and only check updates if the last check is more than 30 days ago.
Implement CryFS asking before it does the update check and store it to the config file. Possible answers are "yes", "no".
Implement a "never" option as a possible answer to the question.
Once a cryfs-manager is built, move the functionality to there.

Current and old cryfs stopped working on Mac OS X 10.11.4

Here's what I get:


$ src/cryfs-cli/cryfs ~/cryfs-raw/ ~/cryfs-crypt/
CryFS Version 0.9.4
WARNING! This version is not considered stable. Please backup your data frequently!
Automatic checking for security vulnerabilities and updates is disabled.

Password:
Loading config file (this can take some time)...done

Mounting filesystem. To unmount, call:
$ umount "/Users/uri/cryfs-crypt/"

$ mount_osxfusefs: failed to mount /Users/uri/cryfs-crypt@/dev/osxfuse0: Input/output error

And here's what system log says:

5/1/16 22:01:47.802 cryfs[84198]: Exception thrown: boost::filesystem::directory_iterator::construct: Not a directory: "/Users/uri/cryfs-raw/cryfs.config"

This is what ~/cryfs-raw/ looks like:

$ ll ~/cryfs-raw
total 8
drwxr-xr-x   14 uri  staff    476 May  1 22:01 ./
drwxr-xr-x+ 336 uri  staff  11424 Apr 27 23:57 ../
drwxr-xr-x    3 uri  staff    102 May  1 21:48 4A5/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 528/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 9D2/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 9E0/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 B1E/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 B34/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 BAF/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 BFB/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 C36/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 C52/
drwxr-xr-x    3 uri  staff    102 May  1 21:48 E36/
-rw-r--r--    1 uri  staff   1134 May  1 21:48 cryfs.config
$

Boost:

$ port installed boost
The following ports are currently installed:
  boost @1.59.0_2+clang37+no_single+no_static+python27 (active)
$

Attempts to create a new cryfs directory fails the same way:

$ build/src/cryfs-cli/cryfs ~/cryfs-raw2 ~/cryfs-crypt
CryFS Version 0.9.4
WARNING! This version is not considered stable. Please backup your data frequently!
Automatic checking for security vulnerabilities and updates is disabled.

Could not find base directory. Do you want to create it?
Your choice [y/n]: y
Use default settings?
Your choice [y/n]: y

Generating secure encryption key. This might take some time..done
Password:
Confirm Password:
Creating config file (this can take some time)...done

Mounting filesystem. To unmount, call:
$ umount "/Users/uri/cryfs-crypt"

$ mount_osxfusefs: failed to mount /Users/uri/cryfs-crypt@/dev/osxfuse0: Input/output error

And with the same syslog error:

5/1/16 23:23:26.644 cryfs[15900]: Exception thrown: boost::filesystem::directory_iterator::construct: Not a directory: "/Users/uri/cryfs-raw2/cryfs.config"

Interesting that in this last case of creating a new cryfs filesystem, the actual (physical) creation seemed to succeed - it's the mounting itself that appears to fail:

$ ll ~/cryfs-raw2
total 8
drwxr-xr-x    4 uri  staff    136 May  1 23:23 ./
drwxr-xr-x+ 337 uri  staff  11458 May  1 23:23 ../
drwxr-xr-x    3 uri  staff    102 May  1 23:23 C4F/
-rw-r--r--    1 uri  staff   1134 May  1 23:23 cryfs.config
$

I suspect that some options passed along to fuse point at a cryfs.config file instead of the directory that's supposed to contain it???

exposing project's functionality through a shared library.

Its always easier to integrate projects through a shared library because using the functionality offered by the library becomes as simple as making a function call.

Currently,the only way to integrate the project is through calling the binary and the fork()/execv()/write() dance maybe a bit too advance for those want the functionality from C/C++ without using any frameworks or external libraries that can abstract the steps.

Add OCB mode (enhancement)

OCB currently is the best-performing AEAD mode, particularly with AES on Intel CPUs. It would be great if in addition to GCM (also good, but somewhat slower) CryFS offered OCB, at least for AES.

have "/proc/self/mountinfo" host full path of cipher text folder

After unlocking a cryfs volume,"/proc/self/mountinfo" entry for the volume will look like:

29 26 0:22 / /run/media/private/mtz/cryfs ro,nosuid,nodev,relatime - fuse.cryfs cryfs ro,user_id=500,group_id=500

Entries are separated by a space character and "cryfs" entry takes the place a cipher text folder path and "/run/media/private/mtz/cryfs" is the entry for the plain text folder path.

Will it be possible to have the full path of the cipher text folder instead of just "cryfs"? This info is necessary for front ends to map plain text folders to their respective cipher text folders.

Can it work in reverse (unencrypted storage, encrypted mountpoint)?

It may be easier to temporarily run filesystem when doing backup/restore, not filtering all file usages though it.

Can CryFS's mount provide encrpyted version of files instead of decrypted?

Supposed scenario:

Mount reverse-cryfs from ~ to /tmp/encrypted_home
Backup /tmp/encrypted_home somewhere
Unmount.

Changing (i.e. restoring) encrypted files in /tmp/encrypted_home should restore plain files in home.

Hangs on concurrent truncate

Running two parallel truncate loops hangs after a few seconds:

( set -e; while true; do truncate -s $RANDOM b; echo -n 1; done ) &
( set -e; while true; do truncate -s $RANDOM b; echo -n 2; done ) &

Information on cryfs.config / man page / AES-NI

I'd like to encourage two enhancements

in particular as cryfs.config in contrast to .encfs6.xml is binary I personally lack the capabilities of encfsctl thus displaying information about the actually used algorithm etc, so sth similar to 👍

% encfsctl info ~/.crypt

Version 5 configuration; created by EncFS 1.1 (revision 20040504)
Filesystem cipher: "ssl/aes" , version 2:1:1
Filename encoding: "nameio/block" , version 3:0:1
Key Size: 192 bits
Block Size: 512 bytes
Each file contains 8 byte header with unique IV data.
Filesname encoded using IV chaining mode.

-Secondly, unless I missed it, a man page would be nice to have

Finally, which of the aes-ciphers are supported by AES-NI please ?

thanks

Version 0.9.3-rc1 does not work

I tried to use mentioned version and it fails with the following output

[mtz@ink ~]$ cryfs ../images/cryfs ee
CryFS Version 0.9.3-rc1
WARNING! This is an experimental version. Please backup your data frequently!
Could not check for updates.

Password: 
Loading config file (this can take some time)...done
Error: Invalid version information: Missing delimiter after commitsSinceTag.
[mtz@ink ~]$

git version fails to configure on Mac OS X

Mac OS X 10.11.3, Xcode-7.2.1, cmake-3.4.3, boost-1.59.0. I suspect that cmake got confused by the fact that boost libraries installed by Macports are named libboost_system-mt.a (as in multi-threaded) rather than libboost_system.a (cmake correctly figured out that they're in /opt/local/lib).

In a normal build system, I'd just manually edit the Makefile, changing -lboost_system to -lboost_system-mt (as I'm doing when I build Botan, which is Makefile-based). How would you recommend addressing this with cmake? (Note: modifying boost is out of question, and so in downloading and building boost-1.56.)

$ git clone https://github.com/cryfs/cryfs.git
Cloning into 'cryfs'...
remote: Counting objects: 13377, done.
remote: Compressing objects: 100% (146/146), done.
remote: Total 13377 (delta 51), reused 0 (delta 0), pack-reused 13230
Receiving objects: 100% (13377/13377), 2.87 MiB | 3.03 MiB/s, done.
Resolving deltas: 100% (7986/7986), done.
Checking connectivity... done.
$ cd cryfs
$ mkdir build
$ vi CMakeLists.txt
$ cd build
$ cmake ../
-- The C compiler identification is AppleClang 7.0.2.7000181
-- The CXX compiler identification is AppleClang 7.0.2.7000181
-- Check for working C compiler: /opt/local/bin/clang
-- Check for working C compiler: /opt/local/bin/clang -- works
-- Detecting C compiler ABI info
-- Detecting C compiler ABI info - done
-- Detecting C compile features
-- Detecting C compile features - done
-- Check for working CXX compiler: /opt/local/bin/clang++
-- Check for working CXX compiler: /opt/local/bin/clang++ -- works
-- Detecting CXX compiler ABI info
-- Detecting CXX compiler ABI info - done
-- Detecting CXX compile features
-- Detecting CXX compile features - done
Checking if compiler supports X86 CPUID feature... yes
Checking if compiler supports X86 SSE2 feature... yes
Checking if compiler supports X86 AESNI feature... yes
-- Found cryptopp in system location
CMake Error at /opt/local/share/cmake-3.4/Modules/FindBoost.cmake:1247 (message):
  Unable to find the requested Boost libraries.

  Boost version: 1.59.0

  Boost include path: /opt/local/include

  Could not find the following static Boost libraries:

          boost_filesystem
          boost_thread

  Some (but not all) of the required Boost libraries were found.  You may
  need to install these additional Boost libraries.  Alternatively, set
  BOOST_LIBRARYDIR to the directory containing Boost libraries or BOOST_ROOT
  to the location of Boost.
Call Stack (most recent call first):
  utils.cmake:44 (find_package)
  src/cpp-utils/CMakeLists.txt:44 (target_add_boost)


-- Performing Test COMPILER_HAS_CPP14_SUPPORT
-- Performing Test COMPILER_HAS_CPP14_SUPPORT - Success
CMake Error at /opt/local/share/cmake-3.4/Modules/FindBoost.cmake:1247 (message):
  Unable to find the requested Boost libraries.

  Boost version: 1.59.0

  Boost include path: /opt/local/include

  Could not find the following static Boost libraries:

          boost_filesystem
          boost_thread

  Some (but not all) of the required Boost libraries were found.  You may
  need to install these additional Boost libraries.  Alternatively, set
  BOOST_LIBRARYDIR to the directory containing Boost libraries or BOOST_ROOT
  to the location of Boost.
Call Stack (most recent call first):
  utils.cmake:44 (find_package)
  src/fspp/CMakeLists.txt:14 (target_add_boost)


-- Found osxfuse in system location
CMake Error at /opt/local/share/cmake-3.4/Modules/FindBoost.cmake:1247 (message):
  Unable to find the requested Boost libraries.

  Boost version: 1.59.0

  Boost include path: /opt/local/include

  Could not find the following static Boost libraries:

          boost_filesystem
          boost_thread

  Some (but not all) of the required Boost libraries were found.  You may
  need to install these additional Boost libraries.  Alternatively, set
  BOOST_LIBRARYDIR to the directory containing Boost libraries or BOOST_ROOT
  to the location of Boost.
Call Stack (most recent call first):
  utils.cmake:44 (find_package)
  src/blockstore/CMakeLists.txt:36 (target_add_boost)


CMake Error at /opt/local/share/cmake-3.4/Modules/FindBoost.cmake:1247 (message):
  Unable to find the requested Boost libraries.

  Boost version: 1.59.0

  Boost include path: /opt/local/include

  Could not find the following static Boost libraries:

          boost_filesystem
          boost_thread

  Some (but not all) of the required Boost libraries were found.  You may
  need to install these additional Boost libraries.  Alternatively, set
  BOOST_LIBRARYDIR to the directory containing Boost libraries or BOOST_ROOT
  to the location of Boost.
Call Stack (most recent call first):
  utils.cmake:44 (find_package)
  src/blobstore/CMakeLists.txt:23 (target_add_boost)


CMake Error at /opt/local/share/cmake-3.4/Modules/FindBoost.cmake:1247 (message):
  Unable to find the requested Boost libraries.

  Boost version: 1.59.0

  Boost include path: /opt/local/include

  Could not find the following static Boost libraries:

          boost_program_options

  Some (but not all) of the required Boost libraries were found.  You may
  need to install these additional Boost libraries.  Alternatively, set
  BOOST_LIBRARYDIR to the directory containing Boost libraries or BOOST_ROOT
  to the location of Boost.
Call Stack (most recent call first):
  utils.cmake:44 (find_package)
  src/cryfs/CMakeLists.txt:52 (target_add_boost)


Creating git version information from /Users/uri/src/cryfs/src/cryfs
-- Version from git: 0.9.0.dev13+revc889366
-- Configuring incomplete, errors occurred!
See also "/Users/uri/src/cryfs/build/CMakeFiles/CMakeOutput.log".
$

CMakeOutput.txt

CryFS should use subdirectories to store block files

Currently CryFS stores all ciphered block files at the same level. When storing relatively large archives (100+ GB), this quickly leads to he creation of several hundreds of thousands files in a single directory.

Recent file-systems allow such use. However, this remains a very specific use-case which require specific care from developer's side (using the right system calls in the right order, + other techniques like sorting the files to access depending on their inode number, etc.).

Common third-party tools (I think mainly of system-wide monitoring and maintenance tools) are most probably not prepared to handle such a specific case. Actually, it seems empirically that issues begin to appear when there are more than 10.000 files stored in a single directory.

To avoid any incompatibilities, CryFS should therefore distribute its ciphered block files into subdirectories in order to stay below this limit as long as possible.

The most convenient way should be to use a single nesting level and use the first three characters of the file name as directory name. This would provide a maximum of 4096 directories, reducing the dangerous situation mentioned above to a trivial situation of few hundred files in each directory.

From a usability perspective, I suppose that users having just a few small files to store may not want to handle 4096 mostly empty directories. These directories should therefore be created on-the-fly.

From performance point-of-view:

I do not think that accessing a file stored either as /home/foo/basedir/01ABCDEF or as /home/foo/basedir/01A/01ABCDEF will make any significant difference in terms of access time, even more if we take the OS's disk cache in account,
I am not a fluent developer, but I've read a suggestion for such situation to "blindly" call the mkdir(2) function when wanting to create a new file and let it handle the case of an already existing directory, it may be more efficient than checking for the directory existence in user-space in order to implement on-the-fly directory creation.

At last, from sustainability perspective, this nesting scheme would allow to safely store more than 40 million block files, leading us to a bit more than a TB of storage. I do not know if there is any use-case requiring CryFS to ensure safety above this limit in a single container? Personally I would think it as a reasonable limitation. Handling such volume of data would certainly cause other kind of issues more properly solved using some alternative data protection system or by using more than one CryFS base directory. If this is not the case and CryFS has to handle more than a TB of storage safely, then either adding second nesting level or setting the nesting level as a configurable option may need to be considered.

add more effort in processing passwords.

The process of unlocking a volume or discovering that a used password is wrong seems pretty fast.

Are you using a key derivation function with an iteration number? If yes then what is the default iteration number.

The current minimum recommended is 10,000.VeraCrypt uses 50,000 by default and i think thats too high and this is the most complained thing with VeraCrypt.

TrueCrypt uses 2,000 and that is too low.

LUKS uses a configurable number and i think this is the best way to do it You can do what cryptsetup does and that is when creating a new volume,calculate how many iterations will be required to unlock a volume in 2 seconds for example and use that.Best thing about this is that the effort to unlock a volume will automatically adopt to more powerful computers as users start using them.

failed to check for updates.

cryfs starts with below string:

CryFS Version 0.9.0.dev24+rev009e5b7
WARNING! This is a development version based on git commit 009e5b7. Please do not use in production!
Could not connect to cryfs.org to check for updates.

My internet works fine so there must be an error somewhere about how cryfs checks for updates.

I think there should be an option not to check for updates since front ends may choose to ignore the info generated leading to unnecessary bandwidth use.

Hard Links

Is it possible to support hard links? This would be useful for applications such as rsnapshot.

Currently, when I try:

cryfs backend mount
echo "test" > mount/test.txt
ln mount/test.txt mount/link.txt

I get the following error:

ln: failed to create hard link 'mount/link.txt' => 'mount/test.txt': Numerical result out of range

If it matters, I'm running CryFS Version 0.9.3-alpha+38.g7b5970a

cryfs-gui

I am creating a Qt/C++ front end to cryfs and i am calling it "cryfs-gui"[0] for lack of
creativity on my part on project name but i can change the name to something else
if you want to create an official GUI and name it "cryfs-gui".

This GUI is stripped down version of zuluMount-gui[1] and i plan to make it support all cryfs features.

For now,all it can do is unlock encfs and cryfs volume.This is all the support it will get for encfs volumes.

screenshot of the application is here[2]

Comments and suggestions are welcomed.

[0] https://github.com/mhogomchungu/cryfs-gui

[1] https://github.com/mhogomchungu/zuluCrypt/tree/master/zuluMount-gui

[2] https://github.com/mhogomchungu/cryfs-gui/blob/master/images/cryfs-gui.jpeg

experiencing lockups

Can you try something,have a folder with about 5 files in it with each file taking about 600MB of data and then add the folder to a cryfs encrypted folder.

Did it work just fine for you? It seems to always lock up on me when i add too many files that are too large or when the copying process takes too long and one of these two or both seems to cause the locking up.

"mv" fails

Running mv where the destination file already exists isn't clobbering and replacing it with the origin file as expected. Instead the destination file is left as is, and the origin file is deleted.

I'm using a version I compiled myself from the 0.9.2 tag:

[user@acv-template cryfs]$ git status
HEAD detached at 0.9.2
nothing to commit, working directory clean

Below are the commands I ran which hopefully reproduce the problem.

[user@vault cryfs]$ mkdir data
[user@vault cryfs]$ mkdir private
[user@vault cryfs]$ cryfs data private
CryFS Version 0.9.2
WARNING! This version is not considered stable. Please backup your data frequently!
Could not connect to cryfs.org to check for updates.

Use default settings?
Your choice [y/n]: y

Generating secure encryption key. This might take some time..done
Password: 
Confirm Password: 
Creating config file (this can take some time)...done

Mounting filesystem. To unmount, call:
$ fusermount -u "/home/user/test/cryfs/private"

[user@vault cryfs]$ cd private
[user@vault private]$ cat > x 
foo
[user@vault private]$ cat > y
bar
[user@vault private]$ mv x y
mv: cannot move 'x' to 'y': File exists
[user@vault private]$ ls -l
total 1
-rw-r--r-- 1 user user 4 Apr  3 10:32 y
[user@vault private]$ cat y
bar

Birth time on files created on OSX mount is wrong

$ stat -f "%B" mount/testfile
0

Perhaps could be some issue with OSXFUSE but have not managed to find any other report on this kind behavior though.

Allow building from tarball (without git)

Taken from #14

Currently, the build process accesses the git environment to figure out the version number (i.e. last git tag). The tarball downloaded from GitHub will crash because it doesn't contain a .git directory and won't find this information. It should be possible to build from the tarball without having a .git directory available.

add an ability to create a volume without auto mounting it on success.

Right now,when creating a volume,cryfs wants both cipher and plain folder paths and it auto mounts the volume when a volume is successfully created.

Sometimes,a user may want to just create a new volume without mounting it and i think this usecase should be supported.

Cannot delete symlink

Deleting symlinks fails with "Is a directoroy"

$ ln -s / link1
$ rm link1
rm: cannot remove ‘link1’: Is a directory

removal of --extpass="cat filename"

What's the alternative for scripting?

disclaimer: I'm not a shell nerd, but googling suggested to use expect

Because of that change, I was forced to use expect script, thus adding to dependencies list cryfs runs inside a docker container

having this:

export passwd=$(cat /my/passwd.txt)

and running expect:

spawn cryfs /.exports /exports -- -o allow_other
expect ": " {send "y\r"}
expect "Password: " {send "${passwd}\r"}
expect "Confirm Password: " {send "${passwd}\r"}

This still works, when there's an existing config:

echo $(cat /my/passwd.txt) | cryfs /src /dst

but, i need to be able to create a new config, if the "/src" is empty, ie:

! [[ -r /src/cryfs.config ]] && \
yes y | cryfs --extpass="cat /my/passwd.txt" /src /dst || \
cryfs --extpass="cat /my/passwd.txt" /src /dst

dont unlock a volume if the initial/starting block is not present.

A newly created cryfs volume starts with a single initial block.If this block is removed,cryfs will unlock the volume successfully but will refuse to add any entries into the volume.

I think cryfs should check for this initial block when unlocking a volume and if it founds it to be missing,it should either recreate it or refuse to proceed with the unlocking process with an error message explaining the problem.

cryfs / cryfs Goto Github PK

cryfs's Introduction

CryFS

Install latest release

Linux

OSX

Windows (experimental)

GUI

Stability / Production readiness

Building from source

Requirements

Build & Install

Building on Windows (experimental)

Troubleshooting

Using local dependencies

Creating .deb and .rpm packages

Disclaimer

cryfs's People

Contributors

Stargazers

Watchers

Forkers

cryfs's Issues

What's the alternative for scripting?

Recommend Projects

Recommend Topics

Recommend Org