ecryptfs-(u-)mount-private should emit an upstart event

Bug #910341 reported by Marcus on 2011-12-31
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
Wishlist
Unassigned

Bug Description

It would be nice if ecryptfs-mount-private and ecryptfs-umount-private would emit an upstart event, thus allowing upstart to trigger jobs that require the home dir of a user to be mounted correctly.

Dustin Kirkland  (kirkland) wrote :

Can you post a patch, a branch, or at least instructions on how to do so?

Changed in ecryptfs-utils (Ubuntu):
importance: Undecided → Wishlist
status: New → Incomplete
Marcus (m-beyer5) wrote :

The easiest way would propably be to just call initct[1][2] with some meaningful parameters after the (u-)mount is successful, eg.

initctl emit ecryptfs-mounted-private USER=$USER MOUNTPOINT=$MOUNTPOINT SOMEKEY=$SOMEVALUE

[1] http://manpages.ubuntu.com/manpages/precise/en/man8/initctl.8.html
[2] http://upstart.ubuntu.com/cookbook/#initctl

Dustin Kirkland  (kirkland) wrote :

Serge/Clint,

What do you think about this suggestion? Is it a reasonable idea? Any security concerns?

Dustin

Changed in ecryptfs-utils (Ubuntu):
status: Incomplete → Triaged
Serge Hallyn (serge-hallyn) wrote :

It does make the manual use of setuid-root 'mount.ecryptfs_private' scarier...

On Mon, Jan 9, 2012 at 8:31 AM, Serge Hallyn <email address hidden> wrote:
> It does make the manual use of setuid-root 'mount.ecryptfs_private'
> scarier...

Serge, what do you mean?

Dustin Kirkland  (kirkland) wrote :

On Sun, Jan 8, 2012 at 8:46 AM, Marcus <email address hidden> wrote:
> initctl emit ecryptfs-mounted-private USER=$USER MOUNTPOINT=$MOUNTPOINT
> SOMEKEY=$SOMEVALUE

Does this have to be executed as the root user?

Marcus (m-beyer5) wrote :

@6
AFAIK yes, because upstart uses dbus methods which are by default restricted to the root user, so currently only the systemuser can register and trigger upstart jobs. Changing that will require a new upstart dbus configuration which will hopefully become the default in the future. See also http://upstart.ubuntu.com/cookbook/#user-job and /etc/dbus-1/system.d/Upstart.conf

Serge Hallyn (serge-hallyn) wrote :

Quoting Dustin Kirkland (<email address hidden>):
> On Sun, Jan 8, 2012 at 8:46 AM, Marcus <email address hidden> wrote:
> > initctl emit ecryptfs-mounted-private USER=$USER MOUNTPOINT=$MOUNTPOINT
> > SOMEKEY=$SOMEVALUE
>
> Does this have to be executed as the root user?

Yes, it does. And mount.ecryptfs-private is setuid-root, so it can be
executed by non-root. It's probably no big deal, but it means that
$USER, $MOUNTPOINT, and $SOMEVALUE will be passed to root-owned jobs,
and in the past perhaps have been assumed to come from ('trusted') root
tasks. I don't know how carefully those get sanitized along the chain.

It may be no big deal, but any time something which in the past may have
assumed 'trusted' input is going to be handed untrusted input, it's worth
worrying about.

Marcus (m-beyer5) wrote :

Any chance to see this happen in Quantal?

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers