Ubuntu
ecryptfs-utils package

update-notifier says "(null)" on first boot after a release upgrade

Bug #1925840 reported by Marius Gedminas
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
New
Undecided
Unassigned

Bug Description

Upgraded my Ubuntu 20.10 to 21.04 with sudo do-release-upgrade -d, rebooted, and got this window in my face a couple of minutes after booting (see attached image).

It is shown by update-notifier and says (null), then gives me an option to [Perform this action].

lsof -p $(pidof update-notifier) shows

    ...
    update-no 4269 mg 16r REG 259,5 1025 14027136 /usr/share/ecryptfs-utils/ecryptfs-record-passphrase

so it is probably trying to tell me to record my ecryptfs recovery passphrase?

(For the record, my ~/Private is correctly unlocked and mounted.)

ProblemType: Bug
DistroRelease: Ubuntu 21.04
Package: update-notifier 3.192.40
ProcVersionSignature: Ubuntu 5.11.0-16.17-generic 5.11.12
Uname: Linux 5.11.0-16-generic x86_64
ApportVersion: 2.20.11-0ubuntu65
Architecture: amd64
CasperMD5CheckResult: unknown
CurrentDesktop: ubuntu:GNOME
Date: Fri Apr 23 19:47:59 2021
EcryptfsInUse: Yes
InstallationDate: Installed on 2019-06-12 (680 days ago)
InstallationMedia: Ubuntu 19.04 "Disco Dingo" - Release amd64 (20190416)
SourcePackage: update-notifier
UpgradeStatus: Upgraded to hirsute on 2021-04-23 (0 days ago)

Revision history for this message
Marius Gedminas (mgedmin) wrote :
Revision history for this message
Steve Langasek (vorlon) wrote :

update-notifier doesn't hook into ecryptfs-utils, it's the other way around. If the process showing the broken dialogue is /usr/share/ecryptfs-utils/ecryptfs-record-passphrase, then the bug belongs there.

affects: update-notifier (Ubuntu) → ecryptfs-utils (Ubuntu)
Revision history for this message
Marius Gedminas (mgedmin) wrote :

/usr/share/ecryptfs-utils/ecryptfs-record-passphrase appears to be a text file:

_Name: Record your encryption passphrase
Priority: High
OnlyAdminUsers: False
DisplayIf: test -e $HOME/.ecryptfs/wrapped-passphrase -a ! -e $HOME/.ecryptfs/.wrapped-passphrase.recorded
Terminal: True
GettextDomain: ecryptfs-utils
Command: "sh -c 'ecryptfs-unwrap-passphrase $HOME/.ecryptfs/wrapped-passphrase 2>/dev/null && echo [Enter] && head -n1 && touch $HOME/.ecryptfs/.wrapped-passphrase.recorded '"
_Description:
 To encrypt your home directory or "Private" folder, a strong
 passphrase has been automatically generated. Usually your directory is unlocked
 with your user password, but if you ever need to manually recover this
 directory, you will need this passphrase. Please print or write it down and
 store it in a safe location.
 If you click "Run this action now", enter your login password at the
 "Passphrase" prompt and you can display your randomly generated passphrase.
 Otherwise, you will need to run "ecryptfs-unwrap-passphrase" from the command
 line to retrieve and record your generated passphrase.

AFAIU update-manager is supposed to show the text from it, but instead it shows the (null).

I don't know exactly how ecryptfs communicates with update-notifier. Running strings on the pam_ecryptfs PAM module shows

    /var/lib/update-notifier/user.d/ecryptfs-record-passphrase
    /var/lib/update-notifier/dpkg-run-stamp

the first of those is a symlink to /usr/share/ecryptfs-utils/ecryptfs-record-passphrase, the second is a regular empty file.

I think pam_ecryptfs creates the symlink and touches the stamp file to wake up a sleeping update-notifier? Or maybe something more complicated, since I was trying to reproduce the bug with sudo touch /var/lib/update-notifier/dpkg-run-stamp and it did not work.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.