feat: Add local gocryptfs support #1897
Conversation
|
Wow that is a big step. Awesome! Do we need the latest GoCryptFS when running TavisCI? Are there known Issues with gocryptfs from the Ubuntu repos? |
buhtz
added
External
|
I suspect that we don't need the latest version. I tested with the version in the latest Linux Mint, and it seemed to work. |
|
The code fetching the latest version was already in Germar's original branch. I haven't made many changes here, other than fixing merge conflicts. |
|
Please let me know if you prefer me to solve this merge conflicts. |
|
I'll do another rebase, and switch Travis to fetch the packaged version of gocryptfs rather than the latest release while I'm at it. |
daviewales
force-pushed
the
gocrypt-rebase
branch
from
8854b12 to
af10597
Compare
|
I've rebased on the latest I confirmed that I can still backup a file, delete it, then restore it. |
|
When my refactoring work on the manage profiles dialog is finished I think about a release candidate and release 1.5.3. |
|
FYI: I do plan a 1.5.3 release in the near future. After that release I would target your PR for a 1.6.0 release. |
|
I'll apply the suggestions above when I get a chance. There are also a few lint errors, so I'll fix those up too. |
|
The remaining lint errors are because there is similarity between the encfs and gocryptfs modules... Perhaps this can be ignored? |
Usually I would say "no" and recommend to create a base class to avoid code duplication. But we will remove encfs, so I see no problem to add an ignore clause for pylint. Not sure if this need to be place in both files. |
daviewales
force-pushed
the
gocrypt-rebase
branch
from
075f7d1 to
64404a3
Compare
|
Note to self: I need to test setting up a new EDIT: I've tested setting up a new backup profile from scratch, and the dialog needs some tweaking as it's missing a few inputs. I'll update it to match the EncFS local dialog. |
Co-authored-by: buhtz <[email protected]>
Co-authored-by: buhtz <[email protected]>
Co-authored-by: buhtz <[email protected]>
- Remove unused import - Explicitly declare class members
- It's OK to remove these checks for encfs, as we plan to deprecate and remove the encfs code.
To avoid confusion with __init__
daviewales
force-pushed
the
gocrypt-rebase
branch
from
1dbe050 to
8dab4d9
Compare
|
The gocryptfs functionality works. But Germar changed the However, the branch I rebased never updated the encfs mount backends to include this method. From my initial inspection, I think that |
|
Great! You can add your name to the header of the files (see: I promoted that PR
|
|
Thanks. I'll try to find time over the next week or two to update the EncFS module to use the new |
|
I've updated EncFS with an I've noticed one more missing feature. EDIT: There's still a bug with EncFS. I'll see if I can track it down. |
We are rebasing previous gocryptfs work from 2017. This work added an `init_backend` method which separates the concerns of first-time initialisation vs subsequent use.
daviewales
force-pushed
the
gocrypt-rebase
branch
from
42bab25 to
0ef4740
Compare
In this case I recommend to set the PR into Draft mode. If you describe the bug others might be able to help. |
|
In the branch which I've rebased, it defines a new method for MountControl, which explicitly initialises the backend. In the original branch this was called The new Gocryptfs code in this branch works with this refactored MountControl API, but the EncFS code was never updated to use it. In my latest commits, I've tried to adapt the EncFS code to use the explicit I would appreciate your thoughts about whether we should really be changing the MountControl API in this PR, or whether we should try to split these changes. For example if you agree that the API change to require explicitly initialising the backend is a good idea, perhaps we could try to get just that change working and merged first, then come back to this Gocryptfs work. On the other hand, if you feel that this |
|
Hello David, thank you for the summary.
Splitting the changes sounds the most elegant to me. First refactor/fix the mount API please. Regards, |
|
Just FYI. Debian announced their schedule for the next release. The two important dates are the 15th April (Soft Freeze) and 15th May (Hard Freeze). These dates are not written in stone and it is not uncommon for these to be postponed even further. Anyway we should try to get the next upstream release of BIT done until 1st April, which is two weeks before the Soft Freeze. In this case our Debian package maintainer has two weeks to finalize the packaging. Before the release, I would like to make a release candidate for a period as long as possible. But if there is not enough time for this, so be it. Under circumstances and with friendly Debian maintainers it might be possible for us to bring a new BIT release into Debian even after the Soft Freeze, but before the Hard Freeze. So there might be one month more for us. The EncFS removal should be a good argument, related to security, to propose this. Please don't get me wrong. This is a FOSS project with volunteers only. No one get hurt or fired if we don't reach the deadlines. So be it. We do our best with respect to our self and our private life. |
|
Note to myself: Adapt man page to new situation. |
|
No guarantees for the April deadline, but I'll see what I can do. I'm trying a more cautious incremental approach to avoid the issues above. My plan is to submit the following changes as three separate PRs:
|
buhtz
modified the milestones:
1.5.4 (upcoming release),
1.6.0 (second release from now)
Blocked by
This is a rebase of Germar Reitze's gocrypt branch on the latest
devbranch.It seems to work, so I thought we should try to merge it as a base for future gocryptfs work.
I've tested backing up a test file, deleting it, then restoring it.
Related to #1734.