Unmounted private folder on switch user causes hang on return

Bug #402029 reported by Ian Hutchinson on 2009-07-21
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
High
Dustin Kirkland 
Karmic
High
Dustin Kirkland 

Bug Description

Binary package hint: ecryptfs-utils

Where the unlock dialog appears for a user to enter their password when they return from suspend, hibernate or switching back from another user being logged in, the dialog hangs at "Checking..." when the password is entered. This happens when the Private folder has been unmounted using the "ecryptfs-umount-private" command and then either suspend, hibernate or switch users is returned from.

If the Private folder is mounted before leaving, then the "Checking..." message only appears for a couple of seconds and the desktop appears.

A few bits of info:
Ubuntu 9.04 Jaunty 32-bit i386
Kernel 2.6.28-14-generic
ecryptfs-utils version 73-0ubuntu6.1

Dustin Kirkland  (kirkland) wrote :

Thanks for the report.

I found the problem late last night in some code I merged from another contributor. I was too bleary eyed to make a confident upload though :-) I'm on it, should be fixed later today.

:-Dustin

Changed in ecryptfs-utils (Ubuntu):
importance: Undecided → High
status: New → In Progress
assignee: nobody → Dustin Kirkland (kirkland)
milestone: none → karmic-alpha-3
Ian Hutchinson (ianhutchinson) wrote :

Any idea of a quick and dirty work around for the folks back home? :P

On Tue, Jul 21, 2009 at 10:43 AM, Ian Hutchinson<email address hidden> wrote:
> Any idea of a quick and dirty work around for the folks back home? :P

ctrl-alt-f1, drop to a tty, login, then back to ctrl-alt-f7 and login there too.

Changed in ecryptfs-utils (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ecryptfs-utils - 77-0ubuntu1

---------------
ecryptfs-utils (77-0ubuntu1) karmic; urgency=low

  [ Dustin Kirkland ]
  * src/libecryptfs/key_management.c, src/pam_ecryptfs/pam_ecryptfs.c:
    revert the zombie code removal from pam_ecryptfs as it seems this
    bit is still needed; fix the source of the problem introduced in
    commit r407; check for non-zero return codes; this problem would
    manifest itself as a) unable to unlock screensaver, b) unable to
    switch users, c) unable to mount home folder on initial login;
    LP: #402222, #402029
  * src/utils/ecryptfs-umount-private: use for loop to loop over key
    ids on removal
  * src/utils/mount.ecryptfs_private.c: return non-zero on unmount failure
    due to open sessions; handle this in ecryptfs-umount-private too; make
    the flock() blocking; use /dev/shm for counter; add an iterator to the
    counter file to prevent users from DoS'ing one another from accessing
    their encrypted directories, LP: #402745
  * debian/ecryptfs-utils.postinst: move /tmp counters to /dev/shm
  * configure.ac: link against pam, silence shlib warning
  * src/include/ecryptfs.h, src/libecryptfs/main.c,
    src/pam_ecryptfs/pam_ecryptfs.c, src/utils/Makefile.am,
    src/utils/mount.ecryptfs_private.c: move two functions from
    mount.ecryptfs_private to libecryptfs, namely is_mounted() and
    fetch_private_mnt(); use these in both pam_ecryptfs and
    mount.ecryptfs_private; also move PRIVATE to ECRYPTFS_PRIVATE in
    the ecryptfs.h headers; this will allow us to short-circuit some of the
    costly key-loading code on pam_auth if the private dir is already
    mounted, speeding up some subsequent authentications significantly,
    LP: #402748
  * doc/ecryptfs-mount-private.txt: removed the "$" to make copy-n-paste
    more user friendly
  * src/utils/ecryptfs-setup-private: when encrypting home, put the
    .ecryptfs and .Private data in /home/.ecryptfs rather than /var/lib,
    as users are forgetting to backup /var/lib, and are often putting
    /home on a separate partition; furthermore, this gives users a place
    to access their encrypted data for backup, rather than hiding the
    data below $HOME, LP: #371719

  [ Tyler Hicks ]
  * src/libecryptfs/cipher_list.c, src/libecryptfs/module_mgr.c:
    add blowfish/56-bytes to the list of ciphers we officially support,
    LP: #402790

 -- Dustin Kirkland <email address hidden> Wed, 22 Jul 2009 00:01:56 -0500

Changed in ecryptfs-utils (Ubuntu Karmic):
status: Fix Committed → Fix Released
Ryley (ryleyb) wrote :

I'm still seeing this using 81-0ubuntu3.

I generally leave my private folder unmounted.

My workaround has been just to comment out the pam_ecryptfs.so line in /etc/pam.d/common-auth

How can I help troubleshoot this? I don't see any pertinent messages in syslog, nor when running gnome-screensaver in debug mode.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers