Comments (11)
Can you spawn the securefs instance without going into the background?
Alternatively, you can set the log file with --log xxxxx
option, and read from xxxxx
the logging messages, whether foreground or background. A named pipe may be able to save disk access.
from securefs.
I once thought to separate securefs
into a library and a frontend, but the design of fuse
really prevents that. You have to run securefs
in another process, not in the least to prevent your GUIs from crashing along if it has any bugs.
from securefs.
It will very much appreciated if you could document how external tools like SiriKali should interface with securefs and have tests that make sure the interface does not change.
Rather, you should tell me about what functionality you need, and I will implement those.
from securefs.
Maybe I can provide a --json
option, where all interaction are doing with JSON format, just like those Web APIs.
from securefs.
Can you spawn the securefs instance without going into the background?
I think this will require SiriKali to always be running for the duration of the unlocked volume and it will be a fundamental change of its behavior and will make securefs behave differently from all other supported backends. Both are not good options.
Alternatively, you can set the log file with --log xxxxx option, and read from xxxxx the logging messages, whether foreground or background. A named pipe may be able to save disk access.
The problem will still be there because SiriKali will still get confused if it checks for certain strings in the log file and those strings change(like what is being reported here)
I once thought to separate securefs into a library and a frontend, but the design of fuse really prevents that.
The library could be just a front end to the CLI calling it through fork()/exec()/waitpid(). Biggest benefit for third party tools is that they will be able to enforce minimum version of securefs and i think its easier to formalize a C API than a CLI interface.
Rather, you should tell me about what functionality you need, and I will implement those.
Right now,the functionality i need is for securefs to have a string that says "Invalid password" when a wrong password is used when attempting to unlock a volume.
In the a future,it will be better if different return values are reported to represent different error messages. Right now,"1" is returned for all errors forcing string parsing to figure out what error occurred and its not very front end friendly..
Below output is an example of how SiriKali creates and unlocks securefs volume
/usr/bin/securefs create "/home/mtz/qqqq"
/usr/bin/securefs mount -b -o rw -o fsname=securefs@"/home/mtz/qqqq" -o subtype=securefs "/home/mtz/qqqq" "/home/_/qqqq"
When creating a volume,it interpret a return status of zero as success and anything else as "backend failed".
When unlocking a volume,it interprets a return value of zero as success. On non zero return value,it parses the output looking for "Invalid password" and reports a wrong password when it finds it and "backend failed" when it doesnt. This means,the latest version of SiriKali will report "backend failed" with the latest version of securefs when a wrong password is entered.
from securefs.
Basically you want a table of exit codes for different kinds of failures?
from securefs.
What i want is a securefs documentation for front end developers that documents what the tool expects from its front ends and what results it gives under what circumstances.
A table of exit codes will work best for front ends. I think strings that says what error occurred should still be there and maybe documented as being unreliable and subject to change without any notice if you cant guarantee their consistency.
Backward compatibility should also be important as interfacing with CLI tools that have different behaviors in different version is not easy.
What made it necessary to require a log file to observe securefs outputs?
from securefs.
Logging is essential to securefs. In fact, in the future, run securefs in the background without a log file will be a hard error, rather than a warning these days.
Backward compatibility should also be important as interfacing with CLI tools that have different behaviors in different version is not easy.
The messages are meant for humans, not for CLI tools.
from securefs.
Can you explain the rationale for forcing output to a log file?
What was wrong with printing log messages to stdout/stderror and let users redirect them to a log file if they want it there? Or print to stdout/stderror if the log file is not given?
The new behavior can easily be reversed to the old behavior as seen below:
[mtz@ink ~]$ securefs mount -b --log /dev/stdout cipher plain
Password:
[Error] [0x7f706a253740] [2017-02-10 05:54:45.822273226 UTC] Invalid password
[mtz@ink ~]$
Will you object to somebody doing the equivalent of above? if yes,why?
from securefs.
securefs mount -b --log /dev/stdout cipher plain
When securefs
daemonizes, stdin
, stdout
and stderr
will be redirected to /dev/null
, and you will lose all error messages.
from securefs.
On second thought, I decide to let the error message appear on the standard error regardless of settings, until securefs
actually mounts the directory (at which point the log file will be opened, if any).
from securefs.
Related Issues (20)
- SecureFS through crypto wallet? HOT 2
- Share encrypted file HOT 5
- Issue while compiling on raspberry pi 4b or cross-compile HOT 1
- How to deal with long file names HOT 2
- 希望能帮助完成一些工作 HOT 4
- brew install failing on MBP M2 Apple Silicon HOT 2
- Add the option to NOT encrypt filenames HOT 2
- Failing to compile on FreeBSD 13.2 HOT 23
- CryptoppConfig.cmake not found HOT 12
- Use with SFTP HOT 15
- I Forgot the password HOT 3
- followed build instructions, still getting "--vcpkg_root must point to a directory." HOT 3
- Crash. libc++abi: terminating due to uncaught exception... HOT 3
- How to build on Windows? HOT 16
- Destination Path Too Long HOT 5
- Has securefs been proven or analyzed for security? HOT 2
- 有关format 3存储时间戳的作用问题 HOT 2
- Consider not using the string "securefs" in metafiles HOT 3
- Install on Windows HOT 7
- mount in daemon mode like gocryptfs HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from securefs.