ecryptfs team mailing list archive

Thread
Date

[Bug 470129] [NEW] 9.10 karmic gdm login fails after changing password (users-admin) when home folder encrypted (ecryptfs)

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Launchpad Bug Tracker <470129@xxxxxxxxxxxxxxxxxx>
Date: Sat, 05 Dec 2009 07:39:19 -0000
Reply-to: Bug 470129 <470129@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

You have been subscribed to a public bug:

1 - What I expected to happen:

In a fresh installation of Ubuntu 9.10 Karmic Koala with the encrypted
home folder option, I tried changing my user password and expected being
able to log in with my new password.

2 - What actually happened

Not only was it impossible to log in with the new password
(authentication failure), but also the decryption of my home folder
turned out to be impossible even with the previous password (successful
gdm authentication but home folder not mounted with consequent warnings
from ICEauthority, gconf-sanity-check-2, nautilus...), leading to just
the wallpaper with the mouse pointer (no toolbars nor mouse contextual
menu). Detailed warning messages:

· Could not update ICEauthority file /home/user/.ICEauthority

· There is a problem with the configuration server (/usr/lib/libgconf2-4
/gconf-sanity-check-2 exited with status 256)

· Nautilus could not create the following required folders:
/home/user/Desktop, /home/user/.nautilus. Before running Nautilus,
please create these folders, or set permissions such that Nautilus can
create them.

3 - Steps necessary to make it happen.

· Install Ubuntu 9.10 Karmic Koala, selecting option "require my password to log in and to decrypt my home folder".
· Restart.
· Login.
· Go to menu "System"->"Administration"->"Users and Groups" (users-admin).
· Double-click on user (or select user and click "Properties" button).
· Click "Change Password..." button.
· Enter current password.
· Enter new password (twice).
· Click "Change password".
· Click "Close".
· Click "OK".
· Enter new password (in the authentication prompt that appears after clicking "OK").
· Click "Close".
· Log out.
· Log in: with the new password, authentication fails; with the previous password, GDM login fails (home folder not mounted).

4 - The crux of the matter.

"Users and Groups" (users-admin) should not allow changing a user
password in the user's properties window if not authenticated first in
the main window (with the key-icon button saying "Click to make
changes"). Actually, it doesn't get to change the user password (even if
it is allowed and implied that the password was changed), but it does
modify ecryptfs' wrapped-passphrase to suit the hypothetically new
password, hence the problem. This incongruity breaks the harmony between
the current user password and ecryptfs' wrapped-passphrase, thus
preventing the home folder from being mounted.

** Affects: ecryptfs-utils (Ubuntu)
Importance: Undecided
Status: Confirmed

** Tags: 9.10 change ecryptfs gdm karmic login password users-admin wrapped-passphrase
--
9.10 karmic gdm login fails after changing password (users-admin) when home folder encrypted (ecryptfs)
https://bugs.launchpad.net/bugs/470129
You received this bug notification because you are a member of eCryptfs, which is subscribed to ecryptfs-utils in ubuntu.