ecryptfs team mailing list archive

Thread
Date

[Bug 460476] Re: ecryptfs: disabling auto-mount diables gdm login

To: ecryptfs@xxxxxxxxxxxxxxxxxxx
From: Dustin Kirkland <dustin.kirkland@xxxxxxxxx>
Date: Wed, 17 Feb 2010 19:35:43 -0000
Reply-to: Bug 460476 <460476@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Right so disabling automount is perhaps useful on a tty or ssh, where a
shell can tolerate a read-only, empty home directory (albeit with
degraded functionality).

Gnome, however, really, really dislikes an empty, readonly home
directory.

I'll add a task, and change the title of the bug accordingly, and leave
it to a Gnome developer to tell us if it's possible for Gnome to allow a
user to login with an empty and readonly home directory (perhaps
pointing Gnome to some stock template).

** Package changed: ecryptfs-utils (Ubuntu) => meta-gnome2 (Ubuntu)

** Summary changed:

- ecryptfs: disabling auto-mount diables gdm login
+ gnome dislikes a readonly, empty home directory

-- 
gnome dislikes a readonly, empty home directory
https://bugs.launchpad.net/bugs/460476
You received this bug notification because you are a member of eCryptfs,
which is subscribed to ecryptfs-utils in ubuntu.

Status in “meta-gnome2” package in Ubuntu: New

Bug description:
Binary package hint: ecryptfs-utils

ubuntu: Jaunty Jackalope 9.04
uname: Linux bjd-desktop 2.6.28-16-generic #55-Ubuntu SMP Tue Oct 20 19:48:24 UTC 2009 i686 GNU/Linux
source package: ecryptfs-utils_73-0ubuntu6.1_i386.deb (installed the common way through apt)

Is the ecryptfs 'disable auto-mount' feature supposed to work with this version (73)?
Judging from the manual and binaries' options it should.

Here's the bottom line:
Succesfully created an ecryptfs directory, with the command 'ecryptfs-setup-private --noautomount'.
Running this command, among others, one of the reported messages is
'INFO: /home/bjd/Private will not be mounted on login'.
Log out. Try to log in again.
In the gdm box, enter name, enter password. Now after hitting RETURN after entering the password,
gdm seems to hang for ~25s. Login does not succeed. Instead gdm seems to die after those ~25s,
and to immediately restart, presenting me again with the login box.

To remedy this situation, login at a VT, touch ~/.ecryptfs/auto-mount, return to the gdm login screen,
and succesfully login. Of course, at this time the ecryptfs is mounted, but the conclusion is: disabling
auto-mount apparently doesn't seem to allow me to login for some reason.

Additonal information:
- All ecryptfs directories and supporting setup seem to be in place correctly, I have ~/Private, ~/.Private,
~/.ecryptfs, and their content files, and the PAM configuration files all look good: in /etc/pam.d, the files
common-auth, common-password and common-session have their respective ecryptfs modifications:
common-auth:        auth           optional pam_ecryptfs.so unwrap
common-password: password   optional pam_ecryptfs.so 
common-session:    session     optional pam_ecryptfs.so unwrap

- Again retrying several times, manually unmounting ~/Private, removing ~/.ecryptfs/auto-mount and
then login, failed in the same way as described above.

Glad to provide any additional info.

bjd

References

[Bug 460476] [NEW] ecryptfs: disabling auto-mount diables gdm login
From: bjd, 2009-10-25