diff --git a/cmd/fscrypt/commands.go b/cmd/fscrypt/commands.go index e807d46c..4a59d302 100644 --- a/cmd/fscrypt/commands.go +++ b/cmd/fscrypt/commands.go @@ -105,7 +105,7 @@ var Encrypt = cli.Command{ immediately be used.`, directoryArg, shortDisplay(policyFlag), shortDisplay(protectorFlag), mountpointArg), Flags: []cli.Flag{policyFlag, unlockWithFlag, protectorFlag, sourceFlag, - userFlag, nameFlag, keyFileFlag, skipUnlockFlag}, + userFlag, nameFlag, keyFileFlag, skipUnlockFlag, noRecoveryFlag}, Action: encryptAction, } @@ -239,13 +239,16 @@ func encryptPath(path string) (err error) { } }() - // Automatically generate a recovery passphrase if the protector - // is on a different filesystem from the policy. In practice, - // this happens for login passphrase-protected directories that + // Ask to generate a recovery passphrase if the protector is on + // a different filesystem from the policy. In practice, this + // happens for login passphrase-protected directories that // aren't on the root filesystem, since login protectors are // always stored on the root filesystem. - if ctx.Mount != protector.Context.Mount { - fmt.Printf("Generating recovery passphrase because protector is on a different filesystem.\n") + var needRecovery bool + if ctx.Mount != protector.Context.Mount && !noRecoveryFlag.Value { + needRecovery, err = askQuestion("Protector is on a different filesystem! Generate a recovery passphrase (recommended)?", true) + } + if needRecovery { var recoveryProtector *actions.Protector if recoveryPassphrase, recoveryProtector, err = actions.AddRecoveryPassphrase( policy, filepath.Base(path)); err != nil { diff --git a/cmd/fscrypt/flags.go b/cmd/fscrypt/flags.go index b7933c99..ce2f30ed 100644 --- a/cmd/fscrypt/flags.go +++ b/cmd/fscrypt/flags.go @@ -116,7 +116,7 @@ var ( allFlags = []prettyFlag{helpFlag, versionFlag, verboseFlag, quietFlag, forceFlag, legacyFlag, skipUnlockFlag, timeTargetFlag, sourceFlag, nameFlag, keyFileFlag, protectorFlag, - unlockWithFlag, policyFlag, allUsersFlag} + unlockWithFlag, policyFlag, allUsersFlag, noRecoveryFlag} // universalFlags contains flags that should be on every command universalFlags = []cli.Flag{verboseFlag, quietFlag, helpFlag} ) @@ -178,6 +178,10 @@ var ( different from the one you're locking it as. This flag is only implemented for v2 encryption policies.`, } + noRecoveryFlag = &boolFlag{ + Name: "no-recovery", + Usage: `Don't ask to generate a recovery passphrase.`, + } ) // Option flags: used to specify options instead of being prompted for them