func pathfsFrontend(key []byte, cipherdir string, mountpoint string, debug bool, openssl bool) *fuse.Server {
finalFs := pathfs_frontend.NewFS(key, cipherdir, openssl)
pathFsOpts := &pathfs.PathNodeFsOptions{ClientInodes: true}
pathFs := pathfs.NewPathNodeFs(finalFs, pathFsOpts)
fuseOpts := &nodefs.Options{
// These options are to be compatible with libfuse defaults,
// making benchmarking easier.
NegativeTimeout: time.Second,
AttrTimeout: time.Second,
EntryTimeout: time.Second,
}
conn := nodefs.NewFileSystemConnector(pathFs.Root(), fuseOpts)
var mOpts fuse.MountOptions
mOpts.AllowOther = false
// Set values shown in "df -T" and friends
// First column, "Filesystem"
mOpts.Options = append(mOpts.Options, "fsname="+cipherdir)
// Second column, "Type", will be shown as "fuse." + Name
mOpts.Name = "gocryptfs"
srv, err := fuse.NewServer(conn.RawFS(), mountpoint, &mOpts)
if err != nil {
fmt.Printf("Mount failed: %v", err)
os.Exit(ERREXIT_MOUNT)
}
srv.SetDebug(debug)
return srv
}
// pathfsFrontend - initialize gocryptfs/pathfs_frontend
// Calls os.Exit on errors
func pathfsFrontend(key []byte, args argContainer, confFile *cryptfs.ConfFile) *fuse.Server {
// Reconciliate CLI and config file arguments into a Args struct that is passed to the
// filesystem implementation
frontendArgs := pathfs_frontend.Args{
Cipherdir: args.cipherdir,
Masterkey: key,
OpenSSL: args.openssl,
PlaintextNames: args.plaintextnames,
DirIV: args.diriv,
EMENames: args.emenames,
GCMIV128: args.gcmiv128,
}
// confFile is nil when "-zerokey" or "-masterkey" was used
if confFile != nil {
// Settings from the config file override command line args
frontendArgs.PlaintextNames = confFile.IsFeatureFlagSet(cryptfs.FlagPlaintextNames)
frontendArgs.DirIV = confFile.IsFeatureFlagSet(cryptfs.FlagDirIV)
frontendArgs.EMENames = confFile.IsFeatureFlagSet(cryptfs.FlagEMENames)
frontendArgs.GCMIV128 = confFile.IsFeatureFlagSet(cryptfs.FlagGCMIV128)
}
// EMENames implies DirIV, both on the command line and in the config file.
if frontendArgs.EMENames {
frontendArgs.DirIV = true
}
// PlainTexnames disables both EMENames and DirIV
if frontendArgs.PlaintextNames {
frontendArgs.DirIV = false
frontendArgs.EMENames = false
}
cryptfs.Debug.Printf("frontendArgs: ")
cryptfs.Debug.JSONDump(frontendArgs)
finalFs := pathfs_frontend.NewFS(frontendArgs)
pathFsOpts := &pathfs.PathNodeFsOptions{ClientInodes: true}
pathFs := pathfs.NewPathNodeFs(finalFs, pathFsOpts)
fuseOpts := &nodefs.Options{
// These options are to be compatible with libfuse defaults,
// making benchmarking easier.
NegativeTimeout: time.Second,
AttrTimeout: time.Second,
EntryTimeout: time.Second,
}
conn := nodefs.NewFileSystemConnector(pathFs.Root(), fuseOpts)
var mOpts fuse.MountOptions
mOpts.AllowOther = false
// Set values shown in "df -T" and friends
// First column, "Filesystem"
mOpts.Options = append(mOpts.Options, "fsname="+args.cipherdir)
// Second column, "Type", will be shown as "fuse." + Name
mOpts.Name = "gocryptfs"
srv, err := fuse.NewServer(conn.RawFS(), args.mountpoint, &mOpts)
if err != nil {
fmt.Printf("Mount failed: %v", err)
os.Exit(ERREXIT_MOUNT)
}
srv.SetDebug(args.fusedebug)
// All FUSE file and directory create calls carry explicit permission
// information. We need an unrestricted umask to create the files and
// directories with the requested permissions.
syscall.Umask(0000)
return srv
}