#!/bin/bash
set -ex
PW_FILE="${PWD}/ecryptfs-pw"
function cleanup {
set +e
rm -f "$PW_FILE"
sudo umount lower/home
sudo umount lower-ovl/home
sudo umount lower-ovl
sudo umount tmpfs
rm -r lower tmpfs lower-ovl
}
trap cleanup EXIT
mkdir -p lower/home lower/.ecryptfs tmpfs lower-ovl
ln -s "${PWD}/lower/.ecryptfs" lower/home/.ecryptfs
sudo mount -t tmpfs nodev tmpfs
mkdir tmpfs/upper tmpfs/work
ls -l lower/home/.ecryptfs
ls -l lower/home/.ecryptfs/
echo "passwd=test" >"$PW_FILE"
sudo mount -t ecryptfs -o rw,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y,passphrase_passwd_file="$PW_FILE",no_sig_cache lower/home/.ecryptfs lower/home
touch lower/home/foo
stat lower/home/foo
sudo umount lower/home
sudo mount -t overlayfs -o lowerdir=lower,upperdir=tmpfs/upper,workdir=tmpfs/work nodev lower-ovl
sudo mount -t ecryptfs -o rw,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_passthrough=n,ecryptfs_enable_filename_crypto=y,passphrase_passwd_file="$PW_FILE",no_sig_cache lower-ovl/home/.ecryptfs lower-ovl/home
stat lower-ovl/home/foo