ecryptfs team mailing list archive

[Dustin Kirkland <dustin.kirkland@xxxxxxxxx>]

Colin, Evan-

Is there anything we can do in the installer on upgrades, that would
look if there's data in /var/lib/ecryptfs/$USER and move that to
~$USER/.ecryptfs?

I'm afraid this might bite a few upgrading users...

:-Dustin

-- 
Karmic install renders Jaunty encrypted /home directory unusable
https://bugs.launchpad.net/bugs/405997
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “ecryptfs-utils” package in Ubuntu: Invalid

Bug description:
Binary package hint: ecryptfs-utils

After installation of Karmic Alpha 3 I was unable to access my previous Jaunty encrypted /home directory. This may only affect certain situations, in particular /home on a separate partition or LVM.

Steps followed

mv /home/stefan /home/stefan.upgrade
Installation of Karmic Alpha3
Format all partitions except /home.
Try to access /home/stefan.upgrade

I believe the problem exists as Jaunty included the ecryptfs files (wrapped-passphrase) in /var/lib/ecryptfs/home/$USER
/home/$USER/.ecryptfs was a link to this directory.

On upgrade, I formatted /var rendering my files unreadable.

If as the original jaunty installation had mentioned I recorded my unwrapped passphrase, i could regenerate this data. I suspect that not everyone has done this / understand the implication of encrypting and not recording this passphrase.

In Karmic, this situation is fixed by placing .ecryptfs on /home.

My concern is for those upgrading Jaunty and following similar steps to mine (which I believe is a fairly common way to reinstall (hence a separate /home))

I propose an SRU to Jaunty move /var/lib/ecryptfs/ to /home/.ecryptfs to prevent this happening to potentially many users who upgrade in this fashion.