ecryptfs team mailing list archive

Thread
Date

[Bug 302870] Re: add support for setting up encrypted home directory on user creation

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Martin Pitt <martin.pitt@xxxxxxxxxx>
Date: Fri, 05 Dec 2008 20:13:01 -0000
Reply-to: Bug 302870 <302870@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Thanks, Dustin.

At the moment it looks like adduser doesn't have a very good failure
case handling. What happens if ecryptfs-setup-private doesn't exist
(it's only recommended, and this is a good thing)? Or if it fails? IMHO
it should make adduser fail gracefully with a proper error message,
instead of silently working without an encrypted home dir.

A kind of Christmas wishlist thing is adding an option for this into
adduser.conf, so that sysadmins can set it as default and thus every
program calling adduser would create an encrypted home directory. What
do you think about that? (Not a blocker for upload, of course)

-- 
add support for setting up encrypted home directory on user creation
https://bugs.launchpad.net/bugs/302870
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: Fix Released
Status in “adduser” source package in Ubuntu: In Progress
Status in “ecryptfs-utils” source package in Ubuntu: Fix Released
Status in “gnome-system-tools” source package in Ubuntu: Triaged
Status in “system-tools-backends” source package in Ubuntu: Invalid

Bug description:
Binary package hint: adduser

I'm currently adding support for bootstrapping an encrypted home directory to the ecryptfs-setup-private utility in the ecryptfs-utils package.

This requires a simple patch to the adduser utility, to support an "--encrypt-home" option, which would call:
 # ecryptfs-setup-private -b -u $USER

The call to ecryptfs-setup-private uses the existing code to setup an encrypted home directory.  It will generate a mount passphrase from /dev/urandom, establish the user's ecryptfs configuration files, mount the home directory, and return 0.  With the home directory mounted, adduser can proceed to copy the /etc/skel files into the mounted, encrypted mountpoint.  The adduser utility then needs to unmount that home directory.  The "passwd" call within adduser will trigger the password-change code within pam_ecryptfs.so, which will detect the cleartext, randomly generated mount passphrase written to file, and wrap (ie, encrypt) that file using the chosen passphrase.

This patch also adds documentation to the manpage regarding the new --encrypt-home option.

Finally, this patch modifies the control file to "Recommend" a version of ecryptfs-utils with the required new functionality.  Note that Colin said he needs to think about the appropriate level (Recommends vs. Suggests).

:-Dustin