preseeded installation fails to create .ecryptfs/wrapped-passphrase

Bug #882314 reported by Timo Aaltonen on 2011-10-26
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
user-setup (Ubuntu)
Colin Watson

Bug Description

Tried to look through ecrypt-setup-private, but couldn't find out where it goes wrong.. will attach the sanitized syslog.

Timo Aaltonen (tjaalton) wrote :
Changed in ecryptfs-utils (Ubuntu):
importance: Undecided → High
status: New → In Progress
Changed in ecryptfs-utils (Ubuntu):
status: In Progress → Fix Committed
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ecryptfs-utils - 93-0ubuntu1

ecryptfs-utils (93-0ubuntu1) precise; urgency=low

  * src/utils/ecryptfs-verify, src/utils/
    - add an ecryptfs-verify utility, LP: #845738
  * src/testcases/
    - added a write/read test utility
  * doc/manpage/ecryptfs-mount-private.1, doc/manpage/ecryptfs-setup-
    private.1, doc/manpage/mount.ecryptfs_private.1,
    doc/manpage/umount.ecryptfs_private.1: LP: #882267
    - remove inaccurate documentation about being a member of the ecryptfs
  * src/utils/ecryptfs-setup-private: LP: #882314
    - fix preseeded encrypted home Ubuntu installations (thanks Timo!)
  * oneiric
 -- Dustin Kirkland <email address hidden> Thu, 27 Oct 2011 10:55:04 -0500

Changed in ecryptfs-utils (Ubuntu):
status: Fix Committed → Fix Released
Changed in ecryptfs-utils (Ubuntu):
status: Fix Released → In Progress
Changed in user-setup (Ubuntu):
status: New → In Progress
importance: Undecided → Medium
Dustin Kirkland  (kirkland) wrote :

Reopening the ecryptfs-utils bug. Adding user-setup task.

This bug is actually quite a bit more complicated than I first realized.

Fundamentally, we have two preseed options which are incompatible:
  d-i passwd/user-password-crypted password $6$.1eHH0iY$ArGz...
  d-i user-setup/encrypt-home boolean true

We cannot encrypt the home directory without having access to the cleartext password. I'm reverting the "fix" that I had committed to ecryptfs-utils, which persisted that cleartext password across the first boot by storing it in /var/tmp, which was not a good idea, as this leaks the file to disk. There's no secure way of persisting this sort of data across a reboot, sorry.

I'm attaching a patch/branch here that adjusts the logic in the user-setup state machine in d-i which should ensure that *if* you've requested an encrypted home, and we only have a crypted password, then we should throw you back into the critical dialogs to choose a password.

Dustin Kirkland  (kirkland) wrote :

Okay, I've tested and verified that my fix works in r96 of lp:ubuntu/user-setup.

I've committed and pushed it to bzr, but I'm refraining from uploading to Precise until Colin gets a chance to look at it first. Assigning this bug to Colin until he gets around to doing so. Thanks!

Changed in user-setup (Ubuntu):
assignee: nobody → Colin Watson (cjwatson)

The attachment "882314.patch" of this bug report has been identified as being a patch. The ubuntu-reviewers team has been subscribed to the bug report so that they can review the patch. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu-sponsors please also unsubscribe the team from this bug report.

[This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.]

tags: added: patch
Launchpad Janitor (janitor) wrote :
Download full text (7.6 KiB)

This bug was fixed in the package user-setup - 1.39ubuntu1

user-setup (1.39ubuntu1) precise; urgency=low

  * Merge from Debian testing, remaining changes:
    - Add the initial user to the adm, lpadmin, and sambashare groups
      too. Do not add them to the audio, video, floppy, netdev, powerdev,
      scanner, or bluetooth groups.
    - Default passwd/root-login to false.
    - Create the spu group on powerpc/ps3 and powerpc/cell.
    - Make is_system_user always return false if OVERRIDE_SYSTEM_USER is
    - Add preseedable passwd/auto-login question; if set to true, configure
      gdm, kdm, lxdm, and lightdm for automatic login. Add
      passwd/auto-login-backup question which backs up the previous contents
      of the files as well.
    - Ask whether the user wants to encrypt their home directory.
    - Allow forcing the encrypted home option.
    - user-setup-ask: if a user requests an encrypted-home, we must have
      their login passphrase, in order to wrap their mount passphrase; its
      fundamentally incompatible to preseed encrypted-home AND a crypted
      password; if this happens, send the user back to the password
      selection in the user-setup state machine
    - Zero out swap devices at the end of install when encryption is
    - Provide a progress message for wiping swap space.
    - If user-setup/allow-password-empty is preseeded to true, allow empty
    - Disable installation of pre-pkgsel.d/10kdesudo; it does nothing for
      Ubuntu, and causes a confusing message that worries some people.
    - Add weak password detection (purely length-based for now, matching
    - Consider a password of '!' in shadow for root to be unset.
    - Update Ubuntu-specific translations from Launchpad.
    - Don't restrict guest login from login screen if autologin was configured,
      just restrict autologin for guest specifically.
  * Dropped changes:
    - Add the initial user to the dip group after all, not dialout; per
      Debian bug #568895, dip is for pppd and dialout is for raw tty access
      which users don't need.
    - Don't set up the admin group or add the user to it; the sudo package
      now always sets up the sudo group on install, so we can as well use
      this group as the admin group. This will be inconsistent with
      previous Ubuntu releases, but consistent with Debian and compatible
      with sudo.

user-setup (1.39) unstable; urgency=low

  * Bump Standards to 3.9.2

  [ Updated translations ]
  * Bulgarian (bg.po) by Damyan Ivanov
  * Czech (cs.po) by Miroslav Kure
  * Esperanto (eo.po) by Felipe Castro
  * Spanish (es.po) by Javier Fernández-Sanguino
  * Korean (ko.po) by Changwoo Ryu
  * Romanian (ro.po) by Eddy Petrișor
  * Russian (ru.po) by Yuri Kozlov
  * Northern Sami (se.po) by Børre Gaup
  * Slovak (sk.po) by Ivan Masár
  * Swedish (sv.po) by Daniel Nylander
  * Telugu (te.po) by Arjuna Rao Chavala
  * Thai (th.po) by Theppitak Karoonboonyanan
  * Uyghur (ug.po) by Sahran

user-setup (1.38) unstable; urgency=low

  [ Updated translations ]
  * Russian (ru.po) by Yuri Kozlov

user-setup (1.37) unstable; urge...


Changed in user-setup (Ubuntu):
status: In Progress → Fix Released
Changed in ecryptfs-utils (Ubuntu):
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Bug attachments