You are not logged in.
Pages: 1
Hello. I was able to adjust automatically mount at login.
But after logging out encrypted /home/k4misiek is still mounted.
I forgot about something?
[k4misiek@Asus-PC ~]$ cat /etc/pam.d/login
#%PAM-1.0
auth required pam_securetty.so
auth requisite pam_nologin.so
auth required pam_unix.so nullok
auth optional pam_ecryptfs.so unwrap
auth required pam_tally.so onerr=succeed file=/var/log/faillog
# use this to lockout accounts for 10 minutes after 3 failed attempts
#auth required pam_tally.so deny=2 unlock_time=600 onerr=succeed file=/var/log/faillog
account required pam_access.so
account required pam_time.so
account required pam_unix.so
#password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3
password optional pam_ecryptfs.so
#password required pam_unix.so sha512 shadow use_authtok
session required pam_unix.so
session optional pam_ecryptfs.so unwrap
session required pam_env.so
session required pam_motd.so
session required pam_limits.so
session optional pam_mail.so dir=/var/spool/mail standard
session optional pam_lastlog.so
session optional pam_loginuid.so
-session optional pam_ck_connector.so nox11
-session optional pam_systemd.so
[k4misiek@Asus-PC ~]$ cat /etc/pam.d/kde
#%PAM-1.0
auth required pam_unix.so
auth optional pam_ecryptfs.so unwrap
auth required pam_nologin.so
auth required pam_env.so
account required pam_unix.so
password optional pam_ecryptfs.so
password required pam_unix.so
session required pam_unix.so
session optional pam_ecryptfs.so unwrap
session required pam_limits.so
-session optional pam_systemd.so
[k4misiek@Asus-PC ~]$ cat /home/.ecryptfs/k4misiek/.ecryptfs/auto-umount
session required pam_limits.so
session optional pam_ecryptfs.so
Last edited by k4misiek (2012-05-15 10:34:47)
Offline
I never did this with PAM, if memory serves me existance of ~/.ecryptfs/auto-umount tells the eCryptfs PAM module to try and umount.
But that may be failing in your case if at least one process is left which is keeping your $HOME mount busy, ie. emacs daemon, some
KDE service/daemon, fetchmail, gpg agent and so on.
You need to install an RTFM interface.
Offline
I use the GDM 3.2 method (because I use GDM), and that option only, no messing with pam.d/login, I'm not an expert, but it looks like you may be using two methods there (the KDM option in addition to the pam.d/login option), and they could be conflicting?. But, I don't have my entire home directory encrypted, I just opted for the private folder method, so maybe thats why my folder unmounts at logout, even so there is no harm trying just the KDM method, backup of course >.<.
Offline
Hello! Just now I managed to find a solution
Two symlinks solved the whole thing
$ ln -sf /home/.ecryptfs/$USER/.ecryptfs/ /home/$USER/.ecryptfs
$ ln -sf /home/.ecryptfs/$USER/.Private /home/$USER/.Private
Maybe someone add this to wiki?
Last edited by k4misiek (2012-05-15 10:36:36)
Offline
It makes sense. Of course you need ~/.ecryptfs/auto-umount it's the PAM module semaphore. And the path it tries to umount is probably hard-coded to some Ubuntu default, which we now see is ~/.Private.
You need to install an RTFM interface.
Offline
I am still having problems with this, symlinks added and everything else done. Still doesn't unmount after logout?
Offline
Same here. The simlinks are already present and also two empty files : "auto-mount" "auto-umount"
Any ideas what is missing?
Offline
I have an idea, some debugging, instead of just crossing fingers it will work
In my first reply I mentioned umount could be happening but failing because
the mount is locked by a process. I still think it's the most likely reason this
would fail. Try to determine if that is happening.
Ie. after a logout login on another console as root and run: fuser -v /home/me
Last edited by anrxc (2012-05-30 01:28:02)
You need to install an RTFM interface.
Offline
@anrxc Thanks! I found out that the pulseaudio process of my user is not shutting down and has some files left open in my home. No i just have to find out why it doesn't shut down.
Offline
Pages: 1