Re: ecryptfs is unmaintained and untested

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2024-10-28 21:33:28, Theodore Ts'o wrote:
> On Mon, Oct 28, 2024 at 09:50:37PM +0000, Arnd Bergmann wrote:
> > On Mon, Oct 28, 2024, at 15:02, Matthew Wilcox wrote:
> > >
> > > This comment has been there since June 2021, so I think we can just
> > > delete ecryptfs now?
> > 
> > I have no opinion on removing ecryptfs, but I don't how possibly
> > removing it is related to the patch I sent, as far as I can tell
> > it just means it relies on both CONFIG_BLOCK and CONFIG_BUFFER_HEAD
> > then.
> > 
> > Is there any indication that the last users that had files on
> > ecryptfs are unable to update their kernels?
> 
> Debian is still shipping ecryptfs-utils and is building and including
> the ecryptfs kernel module in their distro kernel.`
> 
> So it seems likely that there are probably a non-zero (although
> probably relatively small) number of ecryptfs users out there.

It would be good to discuss how we can get the message out to users to
migrate off of eCryptfs so that functionality can be reduced and
eventually it can be removed.

What do folks think about the following?

1. Print loud warnings at mount time that eCryptfs is deprecated and
   give a specific date when write support will be removed.
2. Remove write support at that date, while retaining read-only support
   to allow any lagging users to move their data to fscrypt or other
   alternatives.
3. Print loud warnings at mount that eCryptfs will be removed and give a
   specific date.
4. Remove it.

Suggestions on lead times for #2 and #4 would be appreciated.

Tyler




[Index of Archives]     [Linux Crypto]     [Device Mapper Crypto]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux