(adding [email protected] to CC) On Sat, Oct 18, 2014 at 08:31:38PM +0200, Julian Andres Klode wrote: > Package: ecryptfs-utils > Version: 103-3+b1 > Severity: important > Tags: security > > Previously, a Private directory was automatically unmounted on logout. This > does not happen anymore. One problem could be that the systemd user instance > is not bound to logins and will most likely only exit after the last login, > leaving a process running as that user, and thus causing ecryptfs-utils to > think the user is still active. > > This is a regression from wheezy as far as I am aware. >
So the reason appears to be that systemd keeps another PAM session around for running its (sd-pam) and systemd --user processes, causing ecryptfs-umount-private to think one session is still remaining. This means we have to run ecryptfs-umount-private before exiting the systemd --user session. The following user unit does this (called it ecryptfs-umount-private.service), but I'm not sure if that's the best solution, if something in there is broken, or how to correctly install that globally. -- ecryptfs-umount-private.service: [Unit] Description=Umount Private directory Before=systemd-exit.service DefaultDependencies=no Requires=shutdown.target After=shutdown.target [Service] Type=oneshot ExecStart=/usr/bin/ecryptfs-umount-private [Install] WantedBy=exit.target -- Julian Andres Klode - Debian Developer, Ubuntu Member See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/. Be friendly, do not top-post, and follow RFC 1855 "Netiquette". - If you don't I might ignore you. -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
