Issues Fixed in Cloudera Navigator Encrypt

The following sections describe issues fixed in each Cloudera Navigator Encrypt release.

Issues Fixed in Cloudera Navigator Encrypt 3.16.0

See New Features and Changes in Cloudera Navigator Encrypt for new features in Cloudera Navigator Encrypt 3.16.0.

Issues Fixed in Cloudera Navigator Encrypt 3.15.0

See New Features and Changes in Cloudera Navigator Encrypt for new features in Cloudera Navigator Encrypt 3.15.0.

Issues Fixed in Cloudera Navigator Encrypt 3.14.0

See New Features and Changes in Cloudera Navigator Encrypt for new features in Cloudera Navigator Encrypt 3.14.0.

Issues Fixed in Cloudera Navigator Encrypt 3.13.0

See New Features and Changes in Cloudera Navigator Encrypt for new features in Cloudera Navigator Encrypt 3.13.0

Issues Fixed in Cloudera Navigator Encrypt 3.12.2

Cryptsetup Password Quality Check Skipped

The Navigator Encrypt prepare operation was failing on systems running RHEL 7.x because the 'Password quality check' of cryptsetup was enabled by default. It is possible that this could impact other operating systems.

The navencrypt-prepare command now skips the 'Password quality check' whenever it is enabled by default. This update has been implemented for all distributions supported by Navigator Encrypt.

Build makefile Fix

This patch fixes the build makefile and supports for following kernels:
  • 3.10.0-514.2.2.el7.x86_64
  • 3.10.0-514.16.1.el7.x86_64
  • 3.10.0-327.el7.x86_64
  • 3.10.0-514.10.2.el7.x86_64

Issues Fixed in Cloudera Navigator Encrypt 3.12.0

See What's New in Cloudera Navigator Encrypt 3.12.0 for new features in Cloudera Navigator Encrypt 3.12.0.

Issues Fixed in Cloudera Navigator Encrypt 3.11.0

See What's New in Cloudera Navigator Encrypt 3.11.0 for new features in Cloudera Navigator Encrypt 3.11.0.

Issues Fixed in Cloudera Navigator Encrypt 3.10.0

See What's New in Cloudera Navigator Encrypt 3.10.0 for new features in Cloudera Navigator Encrypt 3.10.0.

Issues Fixed in Cloudera Navigator Encrypt 3.9.0

The software-signing GPG key is missing from the repository tarball for Navigator Encrypt

The GPG key used to sign the Navigator Encrypt packages is missing from the repository tarball, and must be imported from archive.gazzang.com.

Cloudera Bug: KT-2207

Issues Fixed in Cloudera Navigator Encrypt 3.8.0

Encrypting or decrypting a file or folder with a space in the name generates extraneous message

Running navencrypt-move to encrypt or decrypt a file or folder with a space in the name generates the following message at the command line: 
/usr/sbin/navencrypt-move: line 233: [: /root/encrypt: binary operator expected

This message can be safely ignored.

Cloudera Bug: KT-1335

Running navencrypt-move twice on the same file does not fail properly

Running navencrypt-move twice on the same file succeeds on files with long paths with a message similar to the following: 
ln: creating symbolic link '/path/to/file/to/encrypt' to '/path/to/mountpoint/category/path/to/file/to/encrypt': File exists

Cloudera Bug: KT-1707

Running navencrypt-prepare --undo removes all similar entries from /etc/navencrypt/ztab

Running navencrypt-prepare --undo /path/to/mountpoint removes all similar entries from /etc/navencrypt/ztab. For example, if you have mountpoints named /mnt/data, /mnt/data1, and /mnt/data2, running navencrypt-prepare --undo /mnt/data removes /mnt/data, /mnt/data1, and /mnt/data2 from the Navigator Encrypt mount table (/etc/navencrypt/ztab).

Cloudera Bug: KT-1928

Encrypting or decrypting in parallel fails

Running navencrypt-move simultaneously in multiple terminals results in failure to encrypt or decrypt all of the specified data, with the following error message: 
keyctl_unlink: Required key not available
No data is lost, because the source data is not removed, but you must re-run the failed operations sequentially.

Cloudera Bug: KT-1036

Restarting navencrypt-mount service after running navencrypt-prepare sometimes fails

Running service navencrypt-mount restart after navencrypt-prepare sometimes fails with the following error message: 
WARNING: Another navencrypt-mount start process is currently running.

Cloudera Bug: KT-1206

Issues Fixed in Cloudera Navigator Encrypt 3.7.1

Pressing Ctrl + C during rule creation corrupts rule file

Pressing Ctrl + C before rule addition completes results in a corrupted rule file. Attempting to add further ACL rules fails with the following error: 
[ERROR] Cannot parse ACL format: ACL header is not found: Did you type an incorrect key?

Intermittent Key Trustee Server communication errors

Intermittently, communication with the Key Trustee Server fails with an error similar to the following: 
[error] UnicodeDecodeError: 'utf8' codec can't decode byte 0x80 in position 1: invalid start byte

The navencrypt-move --per-file option works only if the source and destination are on the same device

Using the navencrypt-move --per-file fails if the source and destination are on different devices.

Issues Fixed in Cloudera Navigator Encrypt 3.7.0

Kernel module reported by SLES as tainted kernel

The Navigator Encrypt kernel module is identified as a tainted kernel by SLES.

Navigator Encrypt does not always detect all processes accessing data to encrypt

Navigator Encrypt sometimes fails to detect all running processes that are accessing data that you want to encrypt.

Using navencrypt-move improperly fills storage device completely

Running navencrypt-move to encrypt a directory which contains the encryption mount point results in an infinite loop that fills the storage device.