cleanup

docker/x2go/xfce-debian/setup_ecryptfs.sh

@@ -21,17 +21,12 @@ if ! grep -q "${LOWER_DIR} ${UPPER_DIR} ecryptfs " /proc/mounts 2>/dev/null; the
 key="${KEY}",\
 no_sig_cache,\
 ecryptfs_cipher="${CIPHER}",\
-ecryptfs_enable_filename=y,\
-ecryptfs_enable_filename_crypto=y,\
 ecryptfs_fnek_sig="${FNEK_SIG}",\
 ecryptfs_key_bytes="${KEY_BYTES}",\
-ecryptfs_passthrough=n,\
 ecryptfs_unlink_sigs\
    "${LOWER_DIR}" "${UPPER_DIR}" >/dev/null
 
   # Overwrite sensible variables with random data
-  ECRYPTFS_KEY="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)"
-  ECRYPTFS_PASSPHRASE="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)"
   KEY="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)"
   PASSPHRASE="$(/usr/bin/base64 /dev/urandom |/usr/bin/head -c 64)"
 fi

docker/x2go/xfce-debian/setup_ecryptfs_sshagent.sh

@@ -1,9 +1,6 @@
 #!/bin/sh
 [ -n "${DEBUG}" ] && set -x
 
-# if auto-mount ecryptfs
-if [ -f "${HOME}/.ecryptfs/auto-mount" ]; then
-
 LOWER_DIR="${1:-${ECRYPTFS_LOWER_DIR:-${HOME}/Secure}}"
 UPPER_DIR="${ECRYPTFS_UPPER_DIR:-${LOWER_DIR}}"
 ALIAS="${ECRYPTFS_ALIAS:-${LOWER_DIR##*/}}"
@@ -53,15 +50,15 @@ if [ -f "${HOME}/.ecryptfs/auto-mount" ]; then
     if [ ! -f "${HOME}/.ecryptfs/${ALIAS}.sig" ]; then
       printf "%s\n" "${SIG}" > "${HOME}/.ecryptfs/${ALIAS}.sig"
       printf "%s\n" "${FNEK_SIG}" >> "${HOME}/.ecryptfs/${ALIAS}.sig"
-        # mount ecryptfs
+    fi
-        /sbin/mount.ecryptfs_private "${ALIAS}"
+
-      else
     # check authentication tokens to prevent mounting with bad ones
     if grep "${SIG}" "${HOME}/.ecryptfs/${ALIAS}.sig" >/dev/null \
      && grep "${FNEK_SIG}" "${HOME}/.ecryptfs/${ALIAS}.sig" >/dev/null; then
       # mount ecryptfs
       /sbin/mount.ecryptfs_private "${ALIAS}"
-        fi
+    else
+      echo "WARNING: Bad authentication token ${SIG} for ecryptfs mount ${ALIAS}"
     fi
 
   else
@@ -70,5 +67,3 @@ if [ -f "${HOME}/.ecryptfs/auto-mount" ]; then
   fi
 # if not already mounted
 fi
-# if auto-mount ecryptfs
-fi