fingerprint login can't access encrypted home user account
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Fingerprint GUI |
Invalid
|
Undecided
|
Unassigned | ||
Light Display Manager |
Invalid
|
Undecided
|
Unassigned | ||
ecryptfs-utils (Ubuntu) |
Won't Fix
|
Undecided
|
Unassigned | ||
libfprint (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
In Ubuntu 12.04 (and maybe in 11.10 too) if you have an encrypted home directory then logging in from GDM by fingerprint does not work, the home directory cannot be decrypted. For non-encrypted users works fine but for encrypted after the fingerprint is recognized, it tries to start Ubuntu but seems to break and comes back to the lightDM login. With the password works fine.
I have libfprint0: Installed: 1:0.4.0+
Normally it should allow to login but it can access and comes back to the ligthDM.
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: libfprint0 20110418git-2build1
ProcVersionSign
Uname: Linux 3.2.0-24-
NonfreeKernelMo
ApportVersion: 2.0.1-0ubuntu7
Architecture: amd64
Date: Sat May 12 10:41:58 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
SourcePackage: libfprint
UpgradeStatus: Upgraded to precise on 2012-05-03 (8 days ago)
According to Gilles (http:// linux.derkeiler .com/Mailing- Lists/Ubuntu/ 2012-05/ msg00053. html)
There are 2 issues at hand, here...
1) The .fprint directory, which stores the fingerprint database of a user, is stored in the encrypted home directory. So is not available to the greeter application to recognize prints. This is what causes the "Could not locate any suitable fingerprints matched with available hardware" message on the login prompt.
2) If you decide to copy these files to /home/YourUser from a command line, without the encrypted home there, then you can actually login from the greeter session, with recognized prints. But then a second phenomenon appears. Since you didn't type your password, there is nothing to unlock your home directory encryption key... which means it doesn't get decrypted... which means you get kicked out of your session immediately as no configuration files are available.