← Back to team overview

ecryptfs team mailing list archive

  1. ecryptfs team
  2. Mailing list archive
  3. Message #00587

Re: [Bug 317895] Re: netboot newuser and ecryptfs fails to login

  Thread PreviousDate PreviousThread Next 
Whole story:

On one laptop, I installed from the mini iso (and chose kubuntu-desktop, the 
mini iso is the same for all *buntu) and found I couldn't login to KDE fully 
because it couldn't write configs (rebooted and tried to login multiple times, 
was driving people #kubuntu-devel nuts trying to figure out if it was KDE's 
fault because KDE was throwing errors).  I logged into the VT and saw that ~ 
had 500 permissions (while logged in as the only user on there).  I did a 
chmod 700 /home/maco  ...and all worked well.

On this laptop, I was trying to figure out why that occurred, and here is where 
I edited the ecryptfs-setup-private script.  The first user I created with 
adduser --encrypt-home was test3.  When that user is not logged in the 
permissions are 755.  When that user is logged in, the permissions are 700.

Then after what you said I did some more testing.  I commented out the if 
statement I had added (so back to the original code) and did adduser --
encrypt-home test5.  When this user is not logged in, the permissions are 500.  
When this user is logged in the permissions are 700.

-- 
netboot newuser and ecryptfs fails to login
https://bugs.launchpad.net/bugs/317895
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in eCryptfs - Enterprise Cryptographic Filesystem: New
Status in “ecryptfs-utils” source package in Ubuntu: Triaged

Bug description:
Steps to reproduce:

1. take the netboot directory from the alternate CD and setup a tftp server with it
2. boot a system over the network using the attached preseed file
3. login with that user after installation is done

At login the user cannot mount it's ~/.Private directory over to ~/.

I fixed this by doing:

1. login as root
2. rm -fr ~user/.ecryptfs ~user/.Private
3. su - user
4. ecrypt-setup-private
5. changed .Private/Private.mnt to point to /home/user instead of /home/user/Private

There might not be a simple way to provide a password from a preseed file since the password is encrypted in this file.


Note:
- when using the preseed file provided, do not provide any manual input (except if something fails and you need to hit continue).

Follow ups

References

  Thread PreviousDate PreviousThread Next