Cannot mount with gocryptfs properly since upgrade to Bullseye

My YunoHost server

Hardware: VPS bought online
YunoHost version: 11.0.6 (testing)
I have access to my server : Through SSH | through the webadmin

Description of my issue

I installed gocryptfs when on YH/Debian 10 and used it to encrypt my Nextcloud’s data-dir. This worked fine. Today I upgraded to YH/Debian 11, at first it worked but I think a reboot broke this.

I have trouble with mounting the dir. I can mount it as admin (or as root) with gocryptfs encryptedatadir data and the password still works. But the other user then cannot read it. For example:

# ls -lha
ls: cannot access 'ncdata2': Permission denied
total 1.5K
drwxrwx--- 5 nextcloud nextcloud 144 Apr  1 16:44 .
drwxrwx--- 6 nextcloud nextcloud 552 Apr  1 17:06 encryptedncdata
drwx------ 2 nextcloud nextcloud   0 Mar 10 06:55 lost+found
d????????? ? ?         ?           ?            ? ncdata2

Now nextcloud of course complains that it cannot find a data-dir or no .ocdata file.
How to solve this? Could it be because gocryptfs upgraded from 1.6.1 to 1.8.0?

Never heard about gocryptfs. I will try it if I ever install a yunohost on vps.
Reading the docs I found this

May be adding the allow_other tag to the mount command helps

I have never used gocryptfs, but looking around the repository shows that v1.7 did some rework in the way the permissions were handled: Group permissions: No write access · Issue #394 · rfjakob/gocryptfs · GitHub

I would first try checking the issues there to see if it is a gocryptfs problem rather than a Debian problem

Edit: I saw you already created an issue on the repository. Do you mind posting the command you use to mount the directory?

I’m going to try again this weekend. It’s probably got something to do with the allow_other option, and/or the install location broke which may have broken my fstab.
Or it may have to do with this: Chapter 5. Issues to be aware of for bullseye

I updated again (reverted to a snapshot before), and fingers crossed, but so far so good. No idea where the problem went. I do have a new problem now that did not go away after updating.

This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.