View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000674 | channel: elrepo/el7 | --elrepo--request-for-enhancement-- | public | 2016-10-14 15:39 | 2016-11-04 11:54 |
| Reporter | jcpunk | Assigned To | toracat | ||
| Priority | normal | Severity | feature | Reproducibility | N/A |
| Status | resolved | Resolution | fixed | ||
| Summary | 0000674: kmod-ecryptfs | ||||
| Description | Is it possible to build the ecryptfs module for the EL7 kernel? https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/tree/fs/ecryptfs?id=refs/tags/v3.10.103 | ||||
| Additional Information | There is also a user space component, packages exist in fedora (http://koji.fedoraproject.org/koji/packageinfo?packageID=4676) but would need to be built for el7. | ||||
| Tags | No tags attached. | ||||
| Reported upstream | |||||
|
|
We will try. (memo: our kernel-lt, kernel-ml and CentOS' plus kernel have ecryptfs enabled) |
|
|
@jcpunk I was able to build the kmod-ecryptfs package using the files from the EL-7 kernel (3.10.0-327). However if I use those from the v3.10.103 branch, build fails with errors. Is it important to backport from that particular kernel branch? Or will the code from the EL 7.2 kernel suffice for you? |
|
|
Also... If ECRYPT_FS_MESSAGING is enabled, the build fails even with 3.10.0-327. So, this cannot be turned on. |
|
|
Any version of ecryptfs should be fine. I was hopeful that the linked version would be the least effort. |
|
|
OK, we will start with the current EL 7.2 code. Backporting from newer kernels can be tried as an update. Regarding ecryptfs-utils, version 111 from .fc23 built fine on EL 7.2 (with EPEL enabled). However it 'Requires' cryptsetup-luks to run. |
|
|
Changing cryptsetup-luks to cryptsetup for Requires should do it. :) The cryptsetup package provides cryptsetup-luks in el7. |
|
|
Test install of kmod-ecryptfs (built against -327) shows it weak-links against the -229 and -327 kernels. So, this is good to go. Turns out ecrypt-utils requires libpkcs11-helper. This was not in the spec and has to be built from Fedora srpm. |
|
|
Awesome! I'm able to run a quick test once things sync up to elrepo-testing. |
|
|
The libpkcs11-helper package available from EPEL works. I suppose we (ELRepo) do not have to provide it as an elrepo package. The following packages have been released to the elrepo-testing repository. They are currently syncing to the mirrors. kmod-ecryptfs-0.0-1.el7.elrepo.x86_64.rpm ecryptfs-utils-111-1.el7.elrepo.x86_64.rpm ecryptfs-utils-devel-111-1.el7.elrepo.x86_64.rpm ecryptfs-utils-python-111-1.el7.elrepo.x86_64.rpm ecryptfs-kmod-0.0-1.el7.elrepo.src.rpm ecryptfs-utils-111-1.el7.elrepo.src.rpm |
|
|
I'd agree, EPEL is a fine place to leave libpkcs11-helper. My limited test went well. One point of feedback: should kmod-ecryptfs require ecryptfs-utils? I'm not sure how the kmod would be useful without the utils package.... Beyond that my limited use case worked as expected! |
|
|
Thanks for reporting back with the test result. Glad to learn things worked fine. Regarding kmod-ecryptfs requiring ecryptfs-utils, that's a good point. Just checked our kmod-drbd package and found it does not have Requires for -utils. Following this "tradition", I think we can go ahead with the current version. :) I will now promote the packages to the main repository. |
| Date Modified | Username | Field | Change |
|---|---|---|---|
| 2016-10-14 15:39 | jcpunk | New Issue | |
| 2016-10-14 15:39 | jcpunk | Status | new => assigned |
| 2016-10-14 15:39 | jcpunk | Assigned To | => toracat |
| 2016-10-14 16:04 | toracat | Note Added: 0004868 | |
| 2016-10-14 17:16 | burakkucat | Note Edited: 0004868 | |
| 2016-10-15 01:17 | toracat | Note Added: 0004871 | |
| 2016-10-15 01:40 | toracat | Note Added: 0004872 | |
| 2016-10-15 09:17 | jcpunk | Note Added: 0004873 | |
| 2016-10-15 12:07 | toracat | Note Added: 0004874 | |
| 2016-10-15 12:18 | toracat | Note Added: 0004875 | |
| 2016-10-17 15:42 | toracat | Note Added: 0004877 | |
| 2016-10-17 15:46 | jcpunk | Note Added: 0004878 | |
| 2016-10-17 18:15 | toracat | Note Added: 0004879 | |
| 2016-10-17 18:19 | toracat | Status | assigned => feedback |
| 2016-10-18 08:58 | jcpunk | Note Added: 0004881 | |
| 2016-10-18 10:43 | toracat | Note Added: 0004882 | |
| 2016-11-04 11:54 | toracat | Status | feedback => resolved |
| 2016-11-04 11:54 | toracat | Resolution | open => fixed |
