Shouldn't allow autologin for ecryptfs users

Bug #576133 reported by DarrenShare on 2010-05-05
30
This bug affects 3 people
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
Low
Unassigned
Oneiric
Low
Unassigned

Bug Description

Binary package hint: ecryptfs-utils

When setting up a new user, if you choose to both encrypt the home directory and automatically logon this prevents the account from being used. I.E when trying to logon you get errors such as "cannot update .ICEauthority", "can't create Nautilus directories" etc. eventually resulting in a blank desktop and having to do a forced reboot.

IMO, the two options should be mutually exclusive anyway as encrypting your ~/ is utterly pointless with a passwordless logon. At the very least, there should be some kind of warning (e.g. "Don't be an idiot" :) ).

Using a fully up-to-date install of Ubuntu 10.04.

ProblemType: Bug
DistroRelease: Ubuntu 10.04
Package: ecryptfs-utils 83-0ubuntu3
ProcVersionSignature: Ubuntu 2.6.32-22.33-generic-pae 2.6.32.11+drm33.2
Uname: Linux 2.6.32-22-generic-pae i686
NonfreeKernelModules: nvidia
Architecture: i386
Date: Thu May 6 00:46:38 2010
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 10.04 "Lucid Lynx" - Alpha i386 (20100224.1)
ProcEnviron:
 LANG=en_GB.utf8
 SHELL=/bin/bash
SourcePackage: ecryptfs-utils

DarrenShare (darren-moorstreet) wrote :

They absolutely are mutually exclusive.

By what mechanism are you adding the user?

Dustin Kirkland  (kirkland) wrote :

Thanks for the bug. Yes I confirmed this bug, talked to Martin Pitt. Definitely something we should fix.

affects: ecryptfs-utils (Ubuntu) → gnome-control-center (Ubuntu)
Changed in gnome-control-center (Ubuntu):
importance: Undecided → Medium
status: New → Confirmed

Because of https://bugs.launchpad.net/ubuntu/+source/gnome-control-center/+bug/798962 it is impossible to check if this is still as big a problem in Oneiric as it was before. Once that is fixed this bug can be investigated further.

---
Ubuntu Bug Squad volunteer triager
http://wiki.ubuntu.com/BugSquad

Changed in gnome-control-center (Ubuntu):
importance: Medium → Low
status: Confirmed → Triaged
summary: - Problem creating a user with encrypted home directory and automatic
- logon.
+ Shouldn't allow autologin for ecryptfs users
Michael Terry (mterry) wrote :

The code for this actually got put into oneiric's gnome-control-center. But due to a miscommunication, the required ecryptfs-verify never got a FFe filed for it and never got into oneiric.

So I think the easiest solution is to SRU ecryptfs-verify from precise into oneiric. Looking into that now.

affects: gnome-control-center (Ubuntu) → ecryptfs-utils (Ubuntu)
Michael Terry (mterry) wrote :

Uploaded a new ecryptfs-utils with ecryptfs-verify. Will subscribe ubuntu-sru. This is a good SRU candidate because it can cause severe problems for the user if they enabled ecryptfs at installation time and later went into their user preferences and enabled autologin. They would then not be able to login.

Reproduction steps:
 * Install with ecryptfs for your user
 * Open the User Accounts preference screen
 * Note that the autologin switch is visible; it should not be

Michael Terry (mterry) wrote :

Fixed in precise with version 93.

Changed in ecryptfs-utils (Ubuntu):
status: Triaged → Fix Released

Hello DarrenShare, or anyone else affected,

Accepted ecryptfs-utils into oneiric-proposed, the package will build now and be available in a few hours. Please test and give feedback here. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Changed in ecryptfs-utils (Ubuntu Oneiric):
status: Triaged → Fix Committed
tags: added: verification-needed
Dustin Kirkland  (kirkland) wrote :

The package in -proposed works like a champ.

Verified:
 - installed Ubuntu 11.10, encrypted home user
 - opened the user account preferences and the switch for auto login is present
 - upgraded to the proposed package
 - opened the user account preferences and the switch for auto login is gone!

Martin Pitt (pitti) on 2012-07-15
tags: added: verification-done
removed: verification-needed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ecryptfs-utils - 92-0ubuntu1.1

---------------
ecryptfs-utils (92-0ubuntu1.1) oneiric-proposed; urgency=low

  [ Serge Hallyn ]
  * fix infinite loop on arm: fgetc returns an int, and -1 at end of
    options. Arm makes char unsigned. (LP: #884407)

  [ Michael Terry ]
  * debian/local/ecryptfs-verify, debian/rules:
    - Backport ecryptfs-verify from version 93. Required to support
      gnome-control-center's check to see if it should display
      the autologin controls. LP: #576133
 -- Michael Terry <email address hidden> Thu, 10 Nov 2011 10:33:01 -0500

Changed in ecryptfs-utils (Ubuntu Oneiric):
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers