Cannot login after an upgrade with Ubiquity and encrypted home directory

Bug #1308530 reported by Jean-Baptiste Lallement
64
This bug affects 12 people
Affects Status Importance Assigned to Milestone
Release Notes for Ubuntu
Fix Released
Undecided
David Sanders
ubiquity (Ubuntu)
Triaged
Medium
Unassigned

Bug Description

Trusty Desktop amd64 20140415

TEST CASE:
1. Install Saucy Desktop with encrypted home
2. Boot a Trusty ISO
3. Select upgrade to Trusty
4. Enter the same username and another password

EXPECTED RESULT:
User can log in

ACTUAL RESULT
User cannot login.
If I boot to recovery mode and "sudo -i -u ubuntu" I get
"""
$ sudo -i -u ubuntu
open: No such file or directory
Error locking counter
"""

If I unlock the home directory with ecryptfs-mount-private I get:
"""
$ ecryptfs-mount-private
Enter your login passphrase:
Inserted auth tok sig [XXXXXXX] into the user session keyring
open: No such file or directory
Error locking counter
"""

But the home directory is not unlocked and mounted

ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: ubiquity (not installed)
ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
Uname: Linux 3.13.0-24-generic x86_64
ApportVersion: 2.14.1-0ubuntu3
Architecture: amd64
Date: Wed Apr 16 14:59:42 2014
InstallCmdLine: file=/cdrom/preseed/ubuntu.seed boot=casper initrd=/casper/initrd.lz quiet splash -- maybe-ubiquity
InstallationDate: Installed on 2014-04-16 (0 days ago)
InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64 (20140415)
ProcEnviron:
 SHELL=/bin/bash
 TERM=linux
 PATH=(custom, no user)
 LANG=en_US.UTF-8
SourcePackage: ubiquity
UpgradeStatus: No upgrade log present (probably fresh install)

Revision history for this message
Jean-Baptiste Lallement (jibel) wrote :
description: updated
tags: added: rls-t-incoming
Revision history for this message
Ubuntu QA Website (ubuntuqa) wrote :

This bug has been reported on the Ubuntu ISO testing tracker.

A list of all reports related to this bug can be found here:
http://iso.qa.ubuntu.com/qatracker/reports/bugs/1308530

tags: added: iso-testing
Revision history for this message
Colin Watson (cjwatson) wrote :

The same failure happens if you "upgrade" from precise to precise using this same path (which requires modifying ubiquity in-place to permit this, but I just wanted to check the behaviour of precise's ubiquity). This therefore isn't a regression.

We probably need to arrange to hide the user-setup page in the upgrade-in-place case and instead reuse the user credentials from the pre-upgrade system; or else, if we were to allow entering a new password, we'd also need the old password to be entered so that we could rewrap the user's ecryptfs passphrase.

Changed in ubiquity (Ubuntu):
importance: Undecided → Medium
status: New → Triaged
tags: added: testcase
Revision history for this message
Nicholas Skaggs (nskaggs) wrote :

Just confirming, picking a different username but retaining the same password works fine :-) It seems to keep my old username, but changes my "name" to the new one. Meaning, whomai, and /home is still my original username.

summary: - Cannot login after an upgrade from Saucy to Trusty with Ubiquity
+ Cannot login after an upgrade from Saucy to Trusty with Ubiquity and
+ encrypted home directory
Changed in ubuntu-release-notes:
status: New → Fix Released
Revision history for this message
STEPHEN SIMPSON (steveraymadridski) wrote : Re: Cannot login after an upgrade from Saucy to Trusty with Ubiquity and encrypted home directory

Very much a newbie with Ubuntu but would like to receive fix for Bug #1308530 - regarding inability to sign in after upgrade from Saucy to Trusty. Would re-installing without encrypting home directory also work?

Changed in ubuntu-release-notes:
assignee: nobody → STEPHEN SIMPSON (steveraymadridski)
Revision history for this message
Phillip Susi (psusi) wrote :

Please don't fiddle with the assignment field; it is to indicate what developer is in the process of fixing the bug.

Changed in ubuntu-release-notes:
assignee: STEPHEN SIMPSON (steveraymadridski) → nobody
Revision history for this message
STEPHEN SIMPSON (steveraymadridski) wrote : Re: [Bug 1308530] Re: Cannot login after an upgrade from Saucy to Trusty with Ubiquity and encrypted home directory

​Hi Philip,

Won't be doing any more fiddling!

Best wishes,

Stephen​

On Sat, Apr 19, 2014 at 4:36 AM, Phillip Susi <email address hidden> wrote:

> Please don't fiddle with the assignment field; it is to indicate what
> developer is in the process of fixing the bug.
>
>
> ** Changed in: ubuntu-release-notes
> Assignee: STEPHEN SIMPSON (steveraymadridski) => (unassigned)
>
> --
> You received this bug notification because you are subscribed to the bug
> report.
> https://bugs.launchpad.net/bugs/1308530
>
> Title:
> Cannot login after an upgrade from Saucy to Trusty with Ubiquity and
> encrypted home directory
>
> Status in Release Notes for Ubuntu:
> Fix Released
> Status in “ubiquity” package in Ubuntu:
> Triaged
>
> Bug description:
> Trusty Desktop amd64 20140415
>
> TEST CASE:
> 1. Install Saucy Desktop with encrypted home
> 2. Boot a Trusty ISO
> 3. Select upgrade to Trusty
> 4. Enter the same username and another password
>
> EXPECTED RESULT:
> User can log in
>
> ACTUAL RESULT
> User cannot login.
> If I boot to recovery mode and "sudo -i -u ubuntu" I get
> """
> $ sudo -i -u ubuntu
> open: No such file or directory
> Error locking counter
> """
>
> If I unlock the home directory with ecryptfs-mount-private I get:
> """
> $ ecryptfs-mount-private
> Enter your login passphrase:
> Inserted auth tok sig [XXXXXXX] into the user session keyring
> open: No such file or directory
> Error locking counter
> """
>
> But the home directory is not unlocked and mounted
>
> ProblemType: Bug
> DistroRelease: Ubuntu 14.04
> Package: ubiquity (not installed)
> ProcVersionSignature: Ubuntu 3.13.0-24.46-generic 3.13.9
> Uname: Linux 3.13.0-24-generic x86_64
> ApportVersion: 2.14.1-0ubuntu3
> Architecture: amd64
> Date: Wed Apr 16 14:59:42 2014
> InstallCmdLine: file=/cdrom/preseed/ubuntu.seed boot=casper
> initrd=/casper/initrd.lz quiet splash -- maybe-ubiquity
> InstallationDate: Installed on 2014-04-16 (0 days ago)
> InstallationMedia: Ubuntu 14.04 LTS "Trusty Tahr" - Release amd64
> (20140415)
> ProcEnviron:
> SHELL=/bin/bash
> TERM=linux
> PATH=(custom, no user)
> LANG=en_US.UTF-8
> SourcePackage: ubiquity
> UpgradeStatus: No upgrade log present (probably fresh install)
>
> To manage notifications about this bug go to:
> https://bugs.launchpad.net/ubuntu-release-notes/+bug/1308530/+subscriptions
>

Revision history for this message
Tao Wang (twang2218) wrote : Re: Cannot login after an upgrade from Saucy to Trusty with Ubiquity and encrypted home directory

I might facing the same bug, but with different apparence.

Me too upgrade from 13.10 desktop to 14.04, 64-bit edition. However, I didn't use ISO, I just followed the prompt asking for upgrade to 14.04. My home directory is encrypted too.

And since it's just a 'do-release-upgrade', I haven't changed my password.

After upgrade, I can logged in, however, the home directory is not usable. I attached the screenshot for what I saw.

I tried switch the 'lightdm' to 'gdm', and it doesn't work.

I also tried use ssh to log in as my user, and guess what? Everything in $HOME is accessible, it's been correctly decrypted and mounted.

So, I found a temporary workaround for this. Assume my username is 'bar'

1. Create another user 'foo';
2. After reboot, first log in as 'foo';
3. Open 'terminal', and run `ssh bar@localhost`;
4. Don't log out, just SWITCH to user 'bar', and log in;
5. All Home directory is accessible, somehow;

But why 'gdm' or 'lightdm' logged in cannot decrypt my home directory as 13.10?

Revision history for this message
Tao Wang (twang2218) wrote :

I found 'samba' do affect the ecryptfs somehow.

As I said before, even when I run `ecryptfs-mount-private` as the README.txt file said, it will decrypt the HOME directory for a moment, after maybe few seconds or few minutes, the HOME directory will be encrypted/umounted again. And when this happened, I got following error in `/var/log/auth.log`:

```
Apr 20 18:48:44 wombat smbd[12728]: pam_unix(samba:session): session closed for user tao
Apr 20 18:50:17 wombat smbd[12919]: pam_unix(samba:session): session closed for user tao
Apr 20 18:53:28 wombat smbd[13118]: pam_unix(samba:session): session closed for user tao
Apr 20 18:55:03 wombat smbd[13139]: pam_unix(samba:session): session closed for user tao
Apr 20 18:56:16 wombat smbd[13321]: pam_unix(samba:session): session closed for user tao
```

So, I just tried to uninstall samba server by `sudo apt-get purge samba`, and it seems working, for now. But, I cannot use samba to share files on my system anymore...

Revision history for this message
CSRedRat (csredrat) wrote :

When this fixed in 14.04 Trusty Tahr for 14.04.1 (24 July)?

Changed in ubuntu-release-notes:
assignee: nobody → David Sanders (davidism71)
Revision history for this message
Saidulu Alli (saidulu-alli) wrote :

Is there any workaround for this issue? I have already upgraded from 12.04.05 to 14.04.1. But unable to log in into ubuntu after upgrade. Screen is flashing for 2 seconds and prompting to enter user name and password again.

But I am able to login through CTRL+ALT+F1 using same user name and password.

Is there any work around to login using GUI.

Revision history for this message
Simplehuman (simplehuman) wrote :

Actual for Xenial.
If I reinstall system with encrypted /home using the same user and use another password, I can't login in. And the system is unusable.

I think, installer should check before installation begins if there an encrypted /home for selected user and is the entered password is correct.
If not - display a warning and ask user to enter correct password.
If user can't enter correct password, display a selection: 1. Format /home folder. 2. Abandon installation.

tags: added: xenial
summary: - Cannot login after an upgrade from Saucy to Trusty with Ubiquity and
- encrypted home directory
+ Cannot login after an upgrade with Ubiquity and encrypted home directory
tags: added: yakkety
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.

Other bug subscribers