Main Inclusion Report for ecryptfs-utils
Requirements
Availability:
http://archive.ubuntu.com/ubuntu/pool/universe/e/ecryptfs-utils/
binary packages needed in main: ecryptfs-utils, libecryptfs0, libecryptfs-dev
- available for all supported architectures.
Rationale:
- encryptfs-utils is the key package for implementing a ~/Private/ encrypted directory as talked at UDS-Intrepid
https://blueprints.edge.launchpad.net/ubuntu/+spec/encrypted-private-directories.
Security:
CVE entries - none
Secunia history - none
Binaries running as root or suid/sgid: mount.ecryptfs_private, audited by KeesCook and MartinPitt, used to mount/umount a user's ~/Private directory.
Daemons: /usr/bin/ecryptfsd, but not used by default, used for advanced key management
Network activity: no ports opened
Does not handle incoming network data
Does not directly (not through a library) process binary (video, audio, etc) or structured (PDF, etc) data
Source code review performed by: DustinKirkland, familiar with a fair amount of the code; KeesCook/MartinPitt have reviewed the setuid program
Quality assurance:
Package works out of the box without configuration
The package does not ask any debconf questions higher than priority 'medium'
Debian bugs: none
Maintenance in Debian is vigorous
Upstream is vigorous
Upstream bug tracker - No major problems with this userspace package, a few kernel bugs of interest
Hardware: Does this package deal with hardware? - no
A simple test suite is in the upstream source/packaging, compiled but not run in debuild
Standards compliance:
FHS, Debian Policy compliant
Debian library packaging guide standards compliant
Packaging system (debhelper/cdbs/dbs) is debhelper
Patch system is dpatch
No packaging oddities
Dependencies:
- Runtime
- libecryptfs0 (= ${binary:Version}), libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libgtk2.0-dev, libkeyutils-dev, libopencryptoki-dev [i386], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [i386]
- Build
debhelper (>= 7), dpatch, autotools-dev, autoconf, automake, libtool, libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libgtk2.0-dev, libkeyutils-dev, libopencryptoki-dev [i386], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [i386]
Are these all in main? - no, see
247389 contains a patch that removes the build dependencies on libtspi-dev and libopencryptoki-dev
- Runtime
Background information:
The general purpose and context of the package is clear from the package's debian/control file. Quoting debian/control:
Description: ecryptfs cryptographic filesystem (utilities) eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. It provides advanced key management and policy features. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decryptable with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. Think of eCryptfs as a sort of "gnupgfs". eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs is part of the Linux kernel since 2.6.19. This package contains the userland utilities. Homepage: http://ecryptfs.sourceforge.net/ Bugs: mailto:ubuntu-users@lists.ubuntu.com
Upstream calls this software: ecryptfs-utils
It has not had different names in the past
Reviewers
MIR bug: 247400