Fscrypt on Rocky9.6

Hi all, I did a clean install of Rocky9.6 (minimal install iso) on a physical system.

Created an ext4 file system with encryption enabled: mkfs.ext4 -O encrypt /dev/sda5

Checked if encryption is enabled:

# grep -i fs_encryption /boot/config-$(uname -r)
CONFIG_FS_ENCRYPTION=y
CONFIG_FS_ENCRYPTION_ALGS=m
#

# tune2fs -l /dev/sda5 | grep encrypt
Filesystem features:      has_journal ext_attr resize_inode dir_index filetype needs_recovery extent 64bit flex_bg encrypt sparse_super large_file huge_file dir_nlink extra_isize metadata_csum
#

# cat /sys/fs/ext4/features/encryption
supported
#

# df -hT /mnt/ext4fs
Filesystem     Type  Size  Used Avail Use% Mounted on
/dev/sda5      ext4  3.9G   40K  3.7G   1% /mnt/ext4fs
#

Setup fscrypt:

# fscrypt setup
# fscrypt setup /mnt/ext4fs
# mkdir /mnt/ext4fs/root_dir1
# fscrypt encrypt /mnt/ext4fs/root_dir1
[ERROR] fscrypt encrypt: encryption not enabled on filesystem /mnt/ext4fs (/dev/sda5).

To enable encryption support on this filesystem, run:

     sudo tune2fs -O encrypt "/dev/sda5"

Also ensure that your kernel has CONFIG_FS_ENCRYPTION=y. See the documentation for more details.
#

What am I missing?

Thank you,

– Peter

Did you do that?

(I realize that your post shows encryption is enabled but since it says that’s it’s not and there’s a command to fix it provided so….)

Hi FrankCox, Thank you for the reply.

Yes, I followed the suggested solution but it didn’t work:

# umount /mnt/ext4fs
# tune2fs -O encrypt "/dev/sda5"
tune2fs 1.46.5 (30-Dec-2021)
# mount /dev/sda5 /mnt/ext4fs
# ll /mnt/ext4fs/
total 20
drwx------. 2 root root 16384 Nov  4 12:22 lost+found
drwxr-xr-x. 2 root root  4096 Nov  4 12:26 root_dir1
# fscrypt encrypt /mnt/ext4fs/root_dir1
[ERROR] fscrypt encrypt: encryption not enabled on filesystem /mnt/ext4fs
                         (/dev/sda5).

To enable encryption support on this filesystem, run:

     sudo tune2fs -O encrypt "/dev/sda5"

Also ensure that your kernel has CONFIG_FS_ENCRYPTION=y. See the documentation
for more details.
#