Closed JP-Ellis closed 1 year ago
systemd-homed
is unrelated to the fscrypt
userspace tool, other than both using Linux native filesystem encryption (which is sometimes called "fscrypt" as well). As this issue deals with the systemd-homed
specific key management, we can't help you here. Please file this issue with systemd at https://github.com/systemd/systemd.
It was unclear to me where the error might lie, though I thought that given I am able to partially decrypt my home directory (at least, the first directory), I assumed that the issue isn't with the key management.
Since my original post, I have also tried booting from the dd
-copied drive, and I in fact get the same error whereby I am able to decrypt the root directory, but cannot decrypt any subdirectories. @ebiggers Does this present as an fscrypt
error? Or still an systemd-homed
error?
I don't believe you are using this project at all. You are using systemd-homed
.
I recently made a full copy of a hard drive (using
dd
) to an external drive, expecting that this should have all of the data for me to restore. In the backup, my home directory is encrypted using fscrypt and homectl (all other files are fine).I am now trying to restore my old home directory, unsuccessfully so far. Here are the steps I have followed:
I have restored all files from the backup except for the homedirectory (including files in
/var/lib/systemd/home
). The home directory could not be copied as it is encrypted.Booted the new system perfectly fine into root, and mounted the
dd
backup to/mnt/bkp
I have modified the identity file to point to
/mnt/bkp/home/me
and/mnt/bkp/home/me.homedir
After a reboot, I can successfully activate the user, and I can access
/mnt/bkp/home/me
and file in that directoryWhat I cannot do is access any files in any subdirectories of
/mnt/bkp/home/me
. They are all in their fscrypt encrypted form (that is, 30 or so characters)I have tried having the identity file mount to
/home/me
instead of/mnt/bkp/home/me
in case that was an issue, but the same thing happens. The fact that I can decrypt the home directory and files within it is promising, but I'm unsure why I am not able to decrypt any of the directories/files in any subdirectories. Does anyone have an idea as to what I can do?I did see the other issue, but it shouldn't be an issue here as I can access the
.identity
file in the home directory.