ecryptfs team mailing list archive

[Leo <507150@xxxxxxxxxxxxxxxxxx>]

I could partially reproduce it.

As long as there was a user inside /home/USER (root in my case), the
user logged out but his homefolder was not completely umounted.

Running "mount" didn't show it. Running "ls", "cd", etc would show all
the files. Further tests:

USER LOG IN
ROOT CD /HOME/USER
USER LOG OUT
# ls
[see user's files!]
# df .
Filesystem           1K-blocks      Used Available Use% Mounted on
-                      8254272   5523548   2311428  71% /
# cat /dev/shm/ecryptfs-USER-Private
0
# sudo -u USER keyctl list @u
2 keys in keyring:
...
...
# cd /
# ls /home/USER
[nothing]
# sudo -u USER keyctl list @u
keyring is empty

But the second time I tried the same tests, it was worse:
USER LOG IN
ROOT CD /HOME/USER
USER LOG OUT
#ls
[see user's files!]
# cd /
# ls /home/USER
[nothing]
# sudo -u USER keyctl list @u
2 keys in keyring:
...
...
# ps gaux | grep USER
USER  3788  0.0  0.0   6460   724 pts/2    S    13:17   0:00 login         
# kill -9 3788
# sudo -u USER keyctl list @u
keyring is empty

So I tried the same thing again, but more nasty. I could see USER's
files!!!

USER LOG IN
ROOT CD /HOME/USER
USER LOG OUT
# cd /
# ls /home/USER
[nothing]
# sudo -u USER keyctl list @u
2 keys in keyring:
...
...
# ps gaux | grep USER
USER  3788  0.0  0.0   6460   724 pts/2    S    13:17   0:00 login
# sudo -u anaclara ecryptfs-mount-private
# kill -9 3788
# sudo -u USER keyctl list @u
keyring is empty
# ls /home/USER
[See user files!!!]
# mount
...
/home/USER/.Private on /home/USER type ecryptfs (...)
# df /home/USER
Filesystem           1K-blocks      Used Available Use% Mounted on
/home/USER/.Private
                      90606688  81207632   9399056  90% /home/USER

Now when I had another user rather than root that had CDed into USER's home, it was a bit different...
When USER logged out it had the message
$ exit
logout
Sessions still open, not unmounting
$$ ps gaux | grep USER
USER  4497  0.0  0.0   6460   720 pts/2    S    13:32   0:00 login
$$ ls ~USER
[See files!]
$$ mount
[See mounted!]
$$ sudo -u USER keyctl list @u
Sudo password: *****
2 keys in keyring:
...
...
$$ sudo umount /home/USER
$$ sudo -u USER keyctl list @u
keyring is empty
$$

So, I could reproduce all sorts of behavior, and it is apparently not
deterministic.

** Tags added: apport-collected

-- 
You received this bug notification because you are a member of eCryptfs,
which is a direct subscriber.
https://bugs.launchpad.net/bugs/507150

Title:
  Encrypted home directory doesn't always dismount after logout.

Status in eCryptfs - Enterprise Cryptographic Filesystem:
  Confirmed
Status in “ecryptfs-utils” package in Ubuntu:
  Confirmed

Bug description:
  I have my full home directories encrypted for each user.

  I've noticed that sometimes if I logout and then login in with another
  user with sudo privileges I can still browse through my home
  directory, i.e. ecryptfs hasn't dismounted my home directory.

  It seems to be happening in about one third of instances and so far
  it's only happened with my own account. I'm totally unable to reliably
  reproduce this at the moment and can't see anything untoward in the
  logs.

  I could do with some tips on how to diagnose this.

  Thanks.

  Using Ubuntu 9.10, fully up to date. Ecryptfs-utils version
  81-0ubuntu3.