gdm autologin does not work in Natty if private ecryptfs directory used

Thank you for taking the time to report this bug and helping to make Ubuntu better. Please answer these questions:

 * Is this reproducible?
 * If so, what specific steps should we take to recreate this bug?

 This will help us to find and resolve the problem.

what is your user uid? do you use a protected user dir or a non local one?

Reproducible: always
How: reboot/start the system.

The login screen comes despite the fact the autologin has been activated.

# grep ortyl /etc/passwd
ortyl:x:1000:1000:,,,:/home/ortyl:/bin/bash

# ls -l /home
total 12
drwxr-xr-x 103 ortyl ortyl 12288 2011-04-07 19:39 ortyl

could you add your /var/log/gdm logs to the bug?

Here are also my GDM logs as I'm also affected by this bug.

Below is also an extract from /etc/gdm/custom.conf

[daemon]

TimedLoginEnable=false
AutomaticLoginEnable=true
TimedLogin=cyril
AutomaticLogin=cyril
TimedLoginDelay=30

DefaultSession=gnome

I think I nailed it down. I have a ecryptfs directory from previous install (I installed natty from a USB stick but preserved my home directory). If I move $HOME/.ecryptfs somewhere else (i.e. mv .ecryptfs Desktop), autologin starts to work. Of course, it is then no longer possible to unlock the Private directory.

Can anyone confirm this or am I experiencing different bug than others?

Following the suggestion in #9 I temporarily moved the .ecryptfs directory. And auto login did indeed start to work. Moving the directory back caused auto login to stop working again.

I upgraded the description of the bug accordingly. I think bug 284443 may be the cause if I understand that bug correctly, waiting for reaction from the developer.

Hi Tomas,

Yes, autologin cannot work if you use ecryptfs. This is because the password must be entered to decrypt the filesystem, and autologin does not prompt for a password.

Is the bug here simply that you have a ~/.ecryptfs but are not using ecryptfs? If so, the solution is to make the check more intelligent. Does anyone know what exactly we need to check for to see if ecryptfs is in use?

Hi Roert,
I know it cannot work if you encrypt your whole $HOME directory, but there is no reason it should not work if you have only one encrypted directory ("Private" it is called, I am not sure now whether it is the default or my name) in your otherwise unencrypted directory. It worked in Maverick after all.

So I think the bug is that assumption that .encryptfs means encrypted $HOME directory is invalid. Therefore, the check should be more intelligent, but I have no idea how to do that:-).

I checked the current behaviour and it checks ~/.ecryptfs/auto-mount. Can you check if you have this file?

Don't worry checking, I've updated the patch for Oneiric to check if both ~/.ecryptfs/auto-mount exists and ~/.ecryptfs/Private.mnt is set to the home directory. That appears to be the method to check if the home directory is fully encrypted.

I have this file:

$ ll .ecryptfs/
total 12
-rw-r--r-- 1 cyril cyril 0 2011-02-25 23:52 auto-mount
-rw-r--r-- 1 cyril cyril 0 2011-02-25 23:52 auto-umount
-rw------- 1 cyril cyril 20 2011-02-25 23:52 Private.mnt
-rw------- 1 cyril cyril 34 2011-02-25 23:52 Private.sig
-r-------- 1 cyril cyril 48 2011-02-25 23:52 wrapped-passphrase

Robert: thanks, that sounds great! Any chances for it to be an SRU for natty?

And by the way, is this code shared with Ubiquity? I remember that when I installed and choose to mount my home partition with .encryptfs, I was not able to select autologin (it got greyd out).

I opened bug 786985 for ubiquity, I tried it in VM and it seems to have the same problem.

BTW: it seems autologin with encryptfs can also lead to gnome unlocking screen hanging for a long time as per bug 515155 )

Robert: I just tried Alpha one and the problem still persist there?

TomasHnyk, Can you confirm what version of GDM you are running and provide a test case?

Robert: GDM in Natty is 2.32.1-0ubuntu3.2, GDM in Oneiric is 2.32.1-0ubuntu3.2. Can you reproduce the bug still?

What do you mean by a test case, a step by step uinstructions to reproduce the bug?

Steps please.

The steps I used were:
1. Make a user 'test1' (using GNOME system tools)
2. Make a user 'test2' with fully encrypted home dir
3. Make a user 'test3', log in an add a Private encrypted directory
4. Set GDM to autologin as 'test1' and reboot
OBSERVED: Go straight to the desktop of user 'test1'
EXPECTED: ^^^
5. Set GDM to autologin as 'test2' and reboot
OBSERVED: Go to greeter
EXPECTED: ^^^
6. Set GDM to autologin as 'test3' and reboot
OBSERVED: Go straight to the desktop of user 'test3', Private directory needs to be activated to access.
EXPECTED: ^^^

Hm, that is strange. I think I did the same. That is on updated oineric?

This bug was fixed in the package gdm - 3.0.4-0ubuntu1

---------------
gdm (3.0.4-0ubuntu1) oneiric; urgency=low

  [ Sebastien Bacher ]
  * New upstream version 3.0.0
  * Start cleaning for the GNOME3 update
  * debian/patches/00git_passwordless_login_crash.patch,
    debian/patches/17_use_timed_login_after_autologin.patch,
    debian/patches/19_no_greeter_for_autologin.patch,
    debian/patches/37_disable_resize_grip.patch,
    debian/patches/38_user_chooser_focus.patch,
    debian/patches/43_translate_cancel_button.patch:
    - those are fixed is in the new version
  * debian/patches/08_use_polkit_for_settings.patch,
    debian/patches/09_gdmsetup.patch:
    - drop gdmsetup, the options should be integrated in gnome-control-center
      (the autologin one is in the user account configuration for example)
  * debian/patches/09_gdmserver_gconf_settings.patch:
    - the gconf hack to turn on and off login sounds, that should be
      rewritten use gsettings if wanted, lightdm should also make that easier
  * debian/patches/10_xsplash.patch:
    - xsplash was a one cycle hack and has been deprecated since
  * debian/patches/24_respect_system_minuid.patch:
    - deprecated with the accountsservice use
  * debian/patches/25_update_gconf_directories.patch:
    - the new version use gsettings and that was useful for the
      gdmsetup configuration only
  * debian/patches/34_disable_a11y_default.patch:
    - the change was not appropriate for a sru but is fine early
      during the cycle
  * debian/%gconf-tree.xml:
    - tweaks to the default layout, those will need to be revisited with the
      new ui and gsettings if needed (no needed if lightdm is the default?)
  * Resynchronize some of the files on Debian to lower the difference

  [ Gunnar Hjalmarsson ]
  * debian/patches/36_language_environment_settings.patch:
    Set LC_CTYPE and LC_COLLATE to the same locale name as LC_MESSAGES
    (LP: #786986).
  * Patches adapted to gdm-3.0.0:
    - 15_default_session.patch
    - 30_don_t_save_failsafe_session.patch
    - 32-hide-mouse-cursor.patch
    - 45_time_display_on_greeter.patch
    - 90_register-bin-true-as-URI-scheme-handler-for-several-schemes.patch
  * debian/patches/45_time_display_on_greeter.patch:
    Display time on the greeter in a proper format also when
    /etc/default/locale assigns different locales to LANG respective
    LC_MESSAGES (LP: #777264).
  * debian/gdm.upstart:
    Export LC_MESSAGES so the weekday gets displayed in the system
    language on the greeter.
  * debian/patches/41_pt_time_format.patch:
    Patch deleted (superseded by 45_time_display_on_greeter.patch).

  [ Robert Ancell ]
  * debian/patches/42_no_ecryptfs_autologin.patch:
    - Only stop autologin if full home directory encryption is used
      (LP: #753707)

  [ Martin Pitt ]
  * New upstream version 3.0.4.
  * debian/control.in: Require accountsservice 0.6.12.
  * Drop 90_register-bin-true-as-URI-scheme-handler-for-several-schemes.patch:
    Fixed upstream in a different way.
  * debian/gdm.install: install the dummy desktop handler and the
    mimeapps.list to /usr/share/gdm/applications.
  * debian/rules: Drop installation of bonobo .server for FUSA,...