If you are download the latest version of libewf and try to do a simple ./configure, make, make install, you may be greeted with the following message when you go to use ewfmount:
Unable to open EWF file(s).I exchanged e-mails with the project's developer who responded in less than 12 hours and suggested I check the output of .configure for missing packages (apologies in advance if this is obvious knowledge). I found it was missing multiple:
libewf_decompress_data: missing support for deflate compression
string_read: unable to decompress string.
section_data: unable to read header file object string.
segment_files: unable to read section data from segment file: 1.
pool: unable to read segment files.
libewf_handle_open: unable to open handle using a file IO pool.
ADLER32 checksum support: NOWell, the FUSE one is obvious - Joachim clearly states in his documentation that it's required (http://code.google.com/p/libewf/wiki/Mounting). The other three are not so obvious.
DEFLATE compression support: NO
BZIP2 compression support: NO
FUSE support: NO
Running the following should resolve those dependencies:
apt-get updateThe last line may be unnecessary. After this, you should be able to navigate to your unTARed libewf directory and perform a ./configure, make, make install (followed by ldconfig or you will receive messages about a missing libewf.so.2 dependancy!) and begin mounting E01s.
apt-get install zlib1g-dev
apt-get install libbz2-dev
apt-get install libfuse-dev
Again this may be common knowledge but I hope this helps some other investigators out there.