Arch Linux

LarryDave

Member

Registered: 2022-05-03

Posts: 19

fscrypt cannot properly lock folders

So I have a folder encrypted with fscrypt. It has images, videos, music and text files in it. When I unlock the folder with

fscrypt unlock test-dir/

I can access it without problems, everything is still there. The problem is that I can't lock the folder properly. I run

fscrypt lock test-dir/

and it fails to lock the folder properly.

[ERROR] fscrypt lock: Directory was incompletely locked because some files are still open. These files remain
                      accessible.

Try killing any processes using files in the directory, for example using:

     find "test-dir/" -print0 | xargs -0 fuser -k

Then re-run:

     fscrypt lock "test-dir/"

I make sure to close all the files with Ctrl+Q whenever I open them. The thumbnails for the files are already generated. I've also ran Bleachbit to clean the mesa shader cache and various stuff trying to solve this but it still won't lock properly. Running (as user):

# find "test-dir/" -print0 | xargs -0 fuser -k

Cannot stat file /proc/1025/fd/0: Permission denied
Cannot stat file /proc/1025/fd/1: Permission denied
Cannot stat file /proc/1025/fd/2: Permission denied
Cannot stat file /proc/1025/fd/3: Permission denied
Cannot stat file /proc/1025/fd/4: Permission denied
Cannot stat file /proc/1025/fd/5: Permission denied
Cannot stat file /proc/1025/fd/6: Permission denied
Cannot stat file /proc/1025/fd/7: Permission denied
Cannot stat file /proc/1025/fd/8: Permission denied
Cannot stat file /proc/1025/fd/9: Permission denied
...
Cannot stat file /proc/1025/fd/126: Permission denied

and I get that. I don't get permission denied when I run it as root, however I still can't lock it. When it is "locked" like this, I can still see the folder names and and files as if no encryption was in place, but I can't actually open or view the files. Any help?

6.7.4.arch1-1
fscrypt version v0.3.4

Last edited by LarryDave (2024-02-13 16:45:45)

ua4000

Member

Registered: 2015-10-14

Posts: 421

Re: fscrypt cannot properly lock folders

Run the command without the "-k", to get the process id number, e.g.

sudo find "test-dir/" -print0 | xargs -0 fuser

it is printed after the filename name, e.g. 19618
then identify the process, e.g.

ps -eaf | grep 19618

so we know what we are dealing with.

"-k " in the original command will kill the process directly.
Try also to re-run it several times, to see if the process has restarted again.

Last edited by ua4000 (2024-02-17 17:12:32)

LarryDave

Member

Registered: 2022-05-03

Posts: 19

Re: fscrypt cannot properly lock folders

Running as root doesn't result in anything. Running as user with sudo displays the same result.

sudo find "test-dir/" -print0 | xargs -0 fuser

Cannot stat file /proc/1032/fd/0: Permission denied
Cannot stat file /proc/1032/fd/1: Permission denied
Cannot stat file /proc/1032/fd/2: Permission denied
Cannot stat file /proc/1032/fd/3: Permission denied
Cannot stat file /proc/1032/fd/4: Permission denied
...
Cannot stat file /proc/1032/fd/124: Permission denied

Also tried:

lsof +D test-dir/

Shows nothing. Then I tried:

sudo dmesg | grep "still busy after removing key"

[46772.816597] fscrypt: dm-0: 5 inode(s) still busy after removing key with identifier c55980e00d1a61ca44e70b78639e17c1, including ino 475593
[46777.972280] fscrypt: dm-0: 5 inode(s) still busy after removing key with identifier c55980e00d1a61ca44e70b78639e17c1, including ino 475593

Searching the inode number:

sudo find test-dir/ -inum 475593

test-dir/videos

Shows a folder, not a file. I've tried deleting the folder and locking it but no success. dmesg will just show another inode as busy (the inode is always a folder, never a file). Even when I delete the new busy inode, same result, another inode is now busy, rinse and repeat.