encryptfs auto-mounting script

Question

I'm trying to make a script, that creates and mounts encrypted directory using ecryptfs(on ssh logons(with passphrase sent via pipe) and by some other scripts). I know about ecryptfs-setup-private already.

What I'm trying to do:

#!/bin/bash

mkdir 1 &> /dev/null
mkdir 2 &> /dev/null

echo "passphrase_passwd=zxc" > ecryptfs_passphrase_passwd

OPTS="ecryptfs_cipher=aes,ecryptfs_key_bytes=32,ecryptfs_enable_filename_crypto=y,ecryptfs_fnek_sig=7513645981364589,ecryptfs_passthrough=n"

cat ecryptfs_passphrase_passwd | \
mount -t ecryptfs -o ${OPTS},key=passphrase:passphrase_passwd_fd=0 1 2

And it fails for some reason with following output:

# ./mountit              
Error attempting to evaluate mount options: [-22] Invalid argument
Check your system logs for details on why this happened.
Try updating your ecryptfs-utils package, and/or
submit a bug report on https://launchpad.net/ecryptfs

# tail /var/log/syslog
...
Apr 27 19:28:23 debian mount.ecryptfs: Error initializing key module [/usr/lib/ecryptfs/libecryptfs_key_mod_gpg.so];
Apr 27 19:28:23 debian mount.ecryptfs: parse_options_file: mmap failed on fd [0]; rc = [-22]
Apr 27 19:28:23 debian mount.ecryptfs: tf_pass_file: Error parsing file for passwd; rc = [-22]

What am I doing wrong?

Answer 1

What version of eCryptfs are you using?

I believe we released a fix to this bug in ecryptfs-utils-94:

  * src/libecryptfs/cmd_ln_parser.c: LP: #683535
    - fix passphrase_passwd_fd for pipes        
    - handle memory allocation failures         
    - free memory in error paths   

See bug #683535.

Full disclosure: I'm one of the authors and maintainers of eCryptfs.