Hi, I'm affected too and would like to provide some additional information:
I suspect this bug is not caused by _how often_ pam_mount is called but rather a mixup of the user it is run under.
When running sudoedit, before the editor component is started, pam_mount always tries to mount the partition. So while the editor is shown, the partition is always mounted. Either because it has been mounted before or because it got mounted here.
pam_mount also increases the login-count of the normal user (not root!) issuing the sudoedit command.
After you close the editor pam_mount decreases the login count for root (not the above user!) and as there are no counted logins for root, it always decides to unmount the partition. So after sudoedit is finished the partition is always unmounted regardless of its state before running sudoedit. So after using sudoedit for the first time after kdm/whatever login the mount is gone.
It seems to me, sudoedit is opening a new session for user $USER but then closing one for user "root".
See the following log produced with pam_mount debugging enabled:
[BEGIN OF LOG]
USER@USER:~$ cat /var/run/pam_mount/USER
0x3
File /var/tmp/foo.XXOuqivj not changed so no update needed
pam_mount(pam_mount.c:691): received order to close things
pam_mount(misc.c:38): Session close: (ruid/rgid=0/2000, e=0/2000)
command: 'pmvarrun' '-u' 'root' '-o' '-1'
pam_mount(misc.c:38): set_myuid<pre>: (ruid/rgid=0/2000, e=0/2000)
pam_mount(misc.c:38): set_myuid<post>: (ruid/rgid=0/2000, e=0/2000)
pmvarrun(pmvarrun.c:252): parsed count value 0
pam_mount(pam_mount.c:438): error reading login count from pmvarrun
pam_mount(mount.c:749): going to unmount
pam_mount(mount.c:218): Mount info: globalconf, user=USER <volume fstype="crypt" server="(null)" path="/dev/disk/by-uuid/UUID_OF_LUKS_PARTITION" mountpoint="/media/data" cipher="(null)" fskeypath="(null)" fskeycipher="(null)" fskeyhash="(null)" options="fsck,acl,user_xattr,relatime" /> fstab=0 ssh=0
command: 'pmt-ofl' '-k0' '/media/data'
command: 'umount' '/media/data'
pam_mount(misc.c:38): set_myuid<pre>: (ruid/rgid=0/2000, e=0/2000)
pam_mount(misc.c:38): set_myuid<post>: (ruid/rgid=0/2000, e=0/2000)
pam_mount(pam_mount.c:728): pam_mount execution complete
pam_mount(pam_mount.c:115): Clean global config (1073741824)
pam_mount(pam_mount.c:132): clean system authtok=0x14bbd70 (1073741824)
sudoedit: foo unchanged
USER@USER:~$ cat /var/run/pam_mount/USER
0x4
[END OF LOG]
One can see that "pmvarrun" is run with different user names before and after the editor.
By the way: Whether sudoedit is called for the first time requiring a password or with cached password does not change anything, except for the prompt "reenter password for pam_mount:" instead of the sudo password prompt right at the start.
Hi, I'm affected too and would like to provide some additional information:
I suspect this bug is not caused by _how often_ pam_mount is called but rather a mixup of the user it is run under.
When running sudoedit, before the editor component is started, pam_mount always tries to mount the partition. So while the editor is shown, the partition is always mounted. Either because it has been mounted before or because it got mounted here.
pam_mount also increases the login-count of the normal user (not root!) issuing the sudoedit command.
After you close the editor pam_mount decreases the login count for root (not the above user!) and as there are no counted logins for root, it always decides to unmount the partition. So after sudoedit is finished the partition is always unmounted regardless of its state before running sudoedit. So after using sudoedit for the first time after kdm/whatever login the mount is gone.
It seems to me, sudoedit is opening a new session for user $USER but then closing one for user "root".
See the following log produced with pam_mount debugging enabled: pam_mount/ USER
[BEGIN OF LOG]
USER@USER:~$ cat /var/run/
0x3
USER@USER:~$ LC_ALL=C sudoedit foo pam_mount. c:364): pam_mount 2.10: entering auth stage pam_mount. c:553): pam_mount 2.10: entering session stage misc.c: 38): Session open: (ruid/rgid=0/2000, e=0/2000) mount.c: 218): Mount info: globalconf, user=USER <volume fstype="crypt" server="(null)" path="/ dev/disk/ by-uuid/ UUID_OF_ LUKS_PARTITION" mountpoint= "/media/ data" cipher="(null)" fskeypath="(null)" fskeycipher= "(null) " fskeyhash="(null)" options= "fsck,acl, user_xattr, relatime" /> fstab=0 ssh=0 acl,user_ xattr,relatime' '/dev/disk/ by-uuid/ UUID_OF_ LUKS_PARTITION' '/media/data' misc.c: 38): set_myuid<pre>: (ruid/rgid=0/2000, e=0/2000) misc.c: 38): set_myuid<post>: (ruid/rgid=0/2000, e=0/2000) misc.c: 380): ... [List of all previously active mounts ...] misc.c: 380): 21 20 252:5 / /media/data rw,relatime - ext4 /dev/mapper/ _dev_dm_ 2 rw,user_ xattr,acl, barrier= 1,data= ordered misc.c: 38): set_myuid<pre>: (ruid/rgid=0/2000, e=0/2000) misc.c: 38): set_myuid<post>: (ruid/rgid=0/2000, e=0/2000) pmvarrun. c:252): parsed count value 3 pam_mount. c:440): pmvarrun says login count is 4 pam_mount. c:645): done opening session (ret=0) editorrc' ...Processing '/etc/joe/ ftyperc' ...done
[sudo] password for USER:
pam_mount(
pam_mount(
pam_mount(
pam_mount(
command: 'mount' '-t' 'crypt' '-ofsck,
pam_mount(
pam_mount(
[... pam_mount(
[the newly mounted partition:]
pam_mount(
command: 'pmvarrun' '-u' 'USER' '-o' '1'
pam_mount(
pam_mount(
pmvarrun(
pam_mount(
pam_mount(
Processing '/etc/joe/
done
[... editor opens. close it without saving ...]
File /var/tmp/ foo.XXOuqivj not changed so no update needed pam_mount. c:691): received order to close things misc.c: 38): Session close: (ruid/rgid=0/2000, e=0/2000) misc.c: 38): set_myuid<pre>: (ruid/rgid=0/2000, e=0/2000) misc.c: 38): set_myuid<post>: (ruid/rgid=0/2000, e=0/2000) pmvarrun. c:252): parsed count value 0 pam_mount. c:438): error reading login count from pmvarrun mount.c: 749): going to unmount mount.c: 218): Mount info: globalconf, user=USER <volume fstype="crypt" server="(null)" path="/ dev/disk/ by-uuid/ UUID_OF_ LUKS_PARTITION" mountpoint= "/media/ data" cipher="(null)" fskeypath="(null)" fskeycipher= "(null) " fskeyhash="(null)" options= "fsck,acl, user_xattr, relatime" /> fstab=0 ssh=0 misc.c: 38): set_myuid<pre>: (ruid/rgid=0/2000, e=0/2000) misc.c: 38): set_myuid<post>: (ruid/rgid=0/2000, e=0/2000) pam_mount. c:728): pam_mount execution complete pam_mount. c:115): Clean global config (1073741824) pam_mount. c:132): clean system authtok=0x14bbd70 (1073741824)
pam_mount(
pam_mount(
command: 'pmvarrun' '-u' 'root' '-o' '-1'
pam_mount(
pam_mount(
pmvarrun(
pam_mount(
pam_mount(
pam_mount(
command: 'pmt-ofl' '-k0' '/media/data'
command: 'umount' '/media/data'
pam_mount(
pam_mount(
pam_mount(
pam_mount(
pam_mount(
sudoedit: foo unchanged
USER@USER:~$ cat /var/run/ pam_mount/ USER
0x4
[END OF LOG]
One can see that "pmvarrun" is run with different user names before and after the editor.
By the way: Whether sudoedit is called for the first time requiring a password or with cached password does not change anything, except for the prompt "reenter password for pam_mount:" instead of the sudo password prompt right at the start.