ecryptfs-migrate-home with ldap users: nopwcheck necessary

Bug #1630477 reported by Dominik Gierlach
This bug affects 6 people
Affects Status Importance Assigned to Milestone
Fix Committed

Bug Description

The password check of ecryptfs-setup-private fails for ldap/sssd users.
ecryptfs-setup-private implements the "--nopwcheck" option for this reason.

This option is not available for ecryptfs-migrate-home, which makes it impossible to use ecryptfs to encrypt the home directories of domain users.

ecryptfs-migrate-home is a wrapper for ecryptfs-setup-private, but the "--nopwcheck" option cannot be used.
If the option is added to the call of ecryptfs-setup-private, ecryptfs-migrate-home can easily be used for ldap users.

Is there any reason why the option should not be implemented for ecryptfs-migrate-home?

Related branches

Revision history for this message
Dominik Gierlach (dominik-gierlach) wrote :
Revision history for this message
Tyler Hicks (tyhicks) wrote :

Fix committed to lp:ecryptfs as r891.

Changed in ecryptfs:
status: New → Fix Committed
Revision history for this message
Murz (murznn) wrote :

Thanks for fixing, seems work, but not available in most of Linux repositories. Does this patch included in last release of ecryptfs-utils?

Revision history for this message
Murz (murznn) wrote :

Still did't work on Ubuntu 20.04:
$ sudo ecryptfs-migrate-home -u myuser --nopwcheck


/usr/bin/ecryptfs-migrate-home -u USER

 -u,--user Migrate USER's home directory to an encrypted home directory

WARNING: Make a complete backup copy of the non-encrypted data to
another system or external media. This script is dangerous and, in
case of an error, could result in data lost, or lock you out of your

This program must be executed by root.
Package ecryptfs-utils at version 111-0ubuntu7

Maybe I need to do some additional manual actions for make this work?

Revision history for this message
Alexander Fieroch (fieroch) wrote :

Unfortunately, this fix is still not in Ubuntu 22.04 with ecryptfs-utils 111-5ubuntu1.

Is there any reason, why a fix committed a long time ago is still not in the current release?

Revision history for this message
Alexander Fieroch (fieroch) wrote :

This fix is already in the source repository for 5 years but still not in current Ubuntu packages (22.04)!
Please update the deb-packages for Ubuntu to use the current release! Thanks!

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.