Hi Mackenzie, Luis, Thanks very much for the bug report, analysis, and patch.
The encrypted home directory mount point is set to 500 to keep you from inadvertently writing unencrypted files into the mount. Should your encrypted home (or private) become unmounted for whatever reason, and some random application writes some data into your unencrypted mountpoint, it would be written to disk in plain text, and you probably wouldn't be able to find that file next time you log and your encrypted directory is mounted properly. I need to look a little deeper, but I think this is a problem in the net-installer code. Other installations perform the encrypted mount *before* such configuration files are written into the home directory (such as /etc/skel/*). Thus, these files get written to the disk encrypted. I'm going to CC Colin Watson on this bug, as he can probably point us to the correct code. :-Dustin -- netboot newuser and ecryptfs fails to login https://bugs.launchpad.net/bugs/317895 You received this bug notification because you are a member of eCryptfs, which is subscribed to ecryptfs-utils in ubuntu. Status in eCryptfs - Enterprise Cryptographic Filesystem: New Status in “ecryptfs-utils” source package in Ubuntu: Triaged Bug description: Steps to reproduce: 1. take the netboot directory from the alternate CD and setup a tftp server with it 2. boot a system over the network using the attached preseed file 3. login with that user after installation is done At login the user cannot mount it's ~/.Private directory over to ~/. I fixed this by doing: 1. login as root 2. rm -fr ~user/.ecryptfs ~user/.Private 3. su - user 4. ecrypt-setup-private 5. changed .Private/Private.mnt to point to /home/user instead of /home/user/Private There might not be a simple way to provide a password from a preseed file since the password is encrypted in this file. Note: - when using the preseed file provided, do not provide any manual input (except if something fails and you need to hit continue). _______________________________________________ Mailing list: https://launchpad.net/~ecryptfs Post to : [email protected] Unsubscribe : https://launchpad.net/~ecryptfs More help : https://help.launchpad.net/ListHelp
