= Main Inclusion Report for ecryptfs-utils =

== Requirements ==

 0. ''Availability:'' 
  * [[http://archive.ubuntu.com/ubuntu/pool/universe/e/ecryptfs-utils/]]
  * binary packages needed in ''main'': '''ecryptfs-utils, libecryptfs0, libecryptfs-dev'''
  * available for all supported architectures.
 0. ''Rationale:''
  * encryptfs-utils is the key package for implementing a ~/Private/ encrypted directory as talked at UDS-Intrepid 
  * EncryptedPrivateDirectory
  * [[https://blueprints.edge.launchpad.net/ubuntu/+spec/encrypted-private-directories]]. 
 0. ''Security:''
  * [[http://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=ecryptfs-utils|CVE entries]] - '''none'''
  * [[http://secunia.com/search/?search=ecryptfs-utils|Secunia history]] - '''none'''
  * Binaries running as root or suid/sgid: ''mount.ecryptfs_private'', audited by KeesCook and MartinPitt, used to mount/umount a user's ~/Private directory.
  * Daemons: '''/usr/bin/ecryptfsd''', but not used by default, used for advanced key management
  * Network activity: '''no ports opened'''
  * Does '''not'' handle incoming network data
  * Does '''not'' directly (not through a library) process binary (video, audio, etc) or structured (PDF, etc) data
  * Source code review performed by:  DustinKirkland, familiar with a fair amount of the code; KeesCook/MartinPitt have reviewed the setuid program
 0. ''Quality assurance:''
  * Package '''works''' out of the box without configuration
  * The package '''does not''' ask any debconf questions higher than priority 'medium'
  * [[http://bugs.debian.org/src:ecryptfs-utils|Debian bugs]]: '''none'''
  * [[http://packages.qa.debian.org/e/ecryptfs-utils.html|Maintenance in Debian]] is '''vigorous'''
  * [[http://ecryptfs.sourceforge.net/|Upstream]] is '''vigorous'''
  * [[http://sourceforge.net/tracker/?group_id=133988&atid=728799|Upstream bug tracker]] - No major problems with this userspace package, a few kernel bugs of interest
   * [[http://sourceforge.net/tracker/index.php?func=detail&aid=1639562&group_id=133988&atid=728799|ecryptfs over NFS kernel bug]]
   * [[http://sourceforge.net/tracker/index.php?func=detail&aid=1618254&group_id=133988&atid=728799|bind/chroots don't work right in ecryptfs]]
  * Hardware: Does this package deal with hardware? - '''no'''
  * A simple test suite '''is''' in the upstream source/packaging, compiled but not run in debuild
 0. ''Standards compliance:'' 
  * [[http://www.pathname.com/fhs/|FHS]], [[http://www.de.debian.org/doc/debian-policy/|Debian Policy]] compliant
  * [[http://www.netfort.gr.jp/~dancer/column/libpkg-guide/libpkg-guide.html|Debian library packaging guide]] standards compliant
  * Packaging system (debhelper/cdbs/dbs) is '''debhelper'''
  * Patch system is '''dpatch'''
  * '''No''' packaging oddities
 0. ''Dependencies:''
  * Runtime
   * libecryptfs0 (= ${binary:Version}), libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libgtk2.0-dev, libkeyutils-dev, libopencryptoki-dev [i386], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [i386]
  * Build
   * debhelper (>= 7), dpatch, autotools-dev, autoconf, automake, libtool, libgcrypt11-dev, libgpg-error-dev, libgpgme11-dev, libgtk2.0-dev, libkeyutils-dev, libopencryptoki-dev [i386], libpam0g-dev, libpkcs11-helper1-dev, libssl-dev, libtspi-dev [i386]
  * Are these all in main? - '''no, see'''
   * MainInclusionReportPkcs11Helper
   * MainInclusionReportTrousers
   * MainInclusionReportOpencryptoki
   * Bug:247389 contains a patch that removes the build dependencies on libtspi-dev and libopencryptoki-dev
 0. ''Background information:''
  * The general purpose and context of the package is clear from the package's debian/control file.  '''Quoting debian/control''':
   * Description: ecryptfs cryptographic filesystem (utilities) eCryptfs is a POSIX-compliant enterprise-class stacked cryptographic filesystem for Linux. It provides advanced key management and policy features. eCryptfs stores cryptographic metadata in the header of each file written, so that encrypted files can be copied between hosts; the file will be decryptable with the proper key, and there is no need to keep track of any additional information aside from what is already in the encrypted file itself. Think of eCryptfs as a sort of "gnupgfs". eCryptfs is a native Linux filesystem. The kernel module component of eCryptfs is part of the Linux kernel since 2.6.19. This package contains the userland utilities. Homepage: http://ecryptfs.sourceforge.net/ Bugs: mailto:ubuntu-users@lists.ubuntu.com

  * Upstream calls this software: '''ecryptfs-utils'''
  * It '''has not''' had different names in the past

== Reviewers ==

MIR bug: Bug:247400

 * DustinKirkland
 * ChuckShort