Comment 7 for bug 1406940

nack for the pam changes.

 - Dynamic home directory creation is not specific to ecryptfs and should not be part of an encryptfs-specific pam config; there is an existing mkhomedir profile to use for this.
 - The /etc/security/ecryptfs script is not very reusable, it encodes your local policy preference to enable ecryptfs for all users logging in. It's also insecure, at a minimum because you are passing passwords to a program as commandline arguments, which are visible to all other users on the system.