int home_create_fscrypt(
UserRecord *h,
+ HomeSetup *setup,
char **effective_passwords,
UserRecord **ret_home) {
_cleanup_(erase_and_freep) void *volume_key = NULL;
struct fscrypt_policy policy = {};
size_t volume_key_size = 512 / 8;
- _cleanup_close_ int root_fd = -1;
_cleanup_free_ char *d = NULL;
uint32_t nr = 0;
const char *ip;
assert(h);
assert(user_record_storage(h) == USER_FSCRYPT);
+ assert(setup);
assert(ret_home);
assert_se(ip = user_record_image_path(h));
temporary = TAKE_PTR(d); /* Needs to be destroyed now */
- root_fd = open(temporary, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
- if (root_fd < 0)
+ setup->root_fd = open(temporary, O_RDONLY|O_CLOEXEC|O_DIRECTORY|O_NOFOLLOW);
+ if (setup->root_fd < 0)
return log_error_errno(errno, "Failed to open temporary home directory: %m");
- if (ioctl(root_fd, FS_IOC_GET_ENCRYPTION_POLICY, &policy) < 0) {
+ if (ioctl(setup->root_fd, FS_IOC_GET_ENCRYPTION_POLICY, &policy) < 0) {
if (ERRNO_IS_NOT_SUPPORTED(errno)) {
log_error_errno(errno, "File system does not support fscrypt: %m");
return -ENOLINK; /* make recognizable */
log_info("Uploaded volume key to kernel.");
- if (ioctl(root_fd, FS_IOC_SET_ENCRYPTION_POLICY, &policy) < 0)
+ if (ioctl(setup->root_fd, FS_IOC_SET_ENCRYPTION_POLICY, &policy) < 0)
return log_error_errno(errno, "Failed to set fscrypt policy on directory: %m");
log_info("Encryption policy set.");
STRV_FOREACH(i, effective_passwords) {
- r = fscrypt_slot_set(root_fd, volume_key, volume_key_size, *i, nr);
+ r = fscrypt_slot_set(setup->root_fd, volume_key, volume_key_size, *i, nr);
if (r < 0)
return r;
(void) home_update_quota_classic(h, temporary);
- r = home_populate(h, root_fd);
+ r = home_populate(h, setup->root_fd);
if (r < 0)
return r;
- r = home_sync_and_statfs(root_fd, NULL);
+ r = home_sync_and_statfs(setup->root_fd, NULL);
if (r < 0)
return r;
#include "user-record.h"
int home_setup_fscrypt(UserRecord *h, const PasswordCache *cache, HomeSetup *setup);
-int home_create_fscrypt(UserRecord *h, char **effective_passwords, UserRecord **ret_home);
+
+int home_create_fscrypt(UserRecord *h, HomeSetup *setup, char **effective_passwords, UserRecord **ret_home);
int home_passwd_fscrypt(UserRecord *h, HomeSetup *setup, const PasswordCache *cache, char **effective_passwords);