Home is unmounted even if processes still access it

Bug #525562 reported by Nikolaus Rath on 2010-02-22
This bug affects 3 people
Affects Status Importance Assigned to Milestone

Bug Description

Ecrypts unmounts the home directory even if there are still processes accessing it. These programs than crash nastily for apparently no reason at all.

How to reproduce (with Ubuntu Karmic):

1. Log into the system, make sure this is the only active session
2. Start screen
3. In screen, start a program that runs for a while and accessess the home directory. For testing, "sleep 10; echo Bla /home/$USER/test" will do
4. Detach the screen session with C-d
5. Log out

Now the home directory will be unmounted. Since processes running under screen still have the home directory as their working directory, ecryptsfs must be doing a lazy unmount for some reason.

6. Wait 10 seconds, log in again
7. Observe that the file "test" is missing - it has been created in the home directory without encryption

So there are two kinds of problems. Firstly, programs that try to read files from the home directory will fail mysteriously (the files will be present once you log in again to examine the situation). Secondly, programs that write files into the home directory will bypass the encryption layer.

I think this would be easy to fix if ecrypts would do an ordinary unmount instead of a lazy unmount. The ordinary umount will fail if there are still processes accessing the directory. This would also relieve ecrypts from having to track the number of active sessions.

Alternatively, one could fix the session tracking of ecryptfs to also include screen sessions.

Nathan Charles (ncharles-gmail) wrote :

My dirty work around is to ssh to localhost on another window in the screen session.

Dustin Kirkland  (kirkland) wrote :

During your "sleep" in your test, the mount point is not being used, so the lazy unmount occurs. Unfortunately, we cannot do away with the lazy unmount. Otherwise, you wouldn't be able to logout of your system until everything is done running. This would be pretty poor from a user experience perspective. Sorry. Not much better we can do here :-(

Changed in ecryptfs:
status: New → Opinion
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers