Le jeudi 23 juillet 2009 à 13:47 -0500, Dustin Kirkland a écrit : > On Tue, Jun 2, 2009 at 8:11 AM, Milan Bouchet-Valat<[email protected]> wrote: > > I'd like to raise a discussion about bug 295429 [1], which all of us > > must have experienced since Intrepid, though not all have tracked its > > cause down. When enabled, eCryptfs private dir needs to perform some > > work on each login to mount the encrypted dir. This requires between 2-4 > > seconds on not brand new 32 CPUs (e.g. here a Pentium M 1,6 GHz), maybe > > less on more recent Dual/Quad Cores. > > Thank you for bringing this up, however, I would prefer to have these > sorts of discussions in Launchpad as bugs in the future. So do I. I wrote to the list because I was seeing no response on the bug. Thanks for answering!
> Earlier this week, I uploaded ecryptfs-utils-78 to karmic, which > should address the issue you mention. > > The fix first detects if your encrypted home or private directory is > already mounted, and if so, it bypasses the most performance intensive > work. > > This means that all subsequent authentications that go through > pam_ecryptfs should be significantly faster. This includes sudo, ssh, > gnome, kde, xfce, screensavers, etc. The first login is not affected, > and it will have to do the initial key loading and decryption, etc, > but subsequent logins are much, much faster. That's a really good improvement that should help with sudo, thanks! Though I still believe we can do better: the decryption should occur in a completely separate process, and not block the authentication at all. Is there any reason why the current code does not fork and return immediately to PAM? Cheers -- ubuntu-desktop mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-desktop
