You are not logged in.

So I installed Arch to play around and familiarise myself with, and I'd now like to use it full time. My company require that either home dir or full disk encryption is used, so I need to migrate my home directory using ecryptfs. Followed the wiki (created a test user to break first though), but it fails as lsof seems to see its own process checking for open files as an open file: cue much 
INFO:  Checking disk space, this may take a few moments.  Please be patient.
INFO:  Checking for open files in /home/shw
INFO:  The following files are in use:
    COMMAND PID USER   FD   TYPE DEVICE SIZE/OFF  NODE NAME
    systemd   1 root   19r  FIFO    0,8      0t0  8339 pipe
    lsof    428 root    1w  FIFO    0,8      0t0 10969 pipe
    lsof    428 root    4w  FIFO    0,8      0t0  9076 pipe
    lsof    428 root    5r  FIFO    0,8      0t0  9077 pipe
    sed     429 root    0r  FIFO    0,8      0t0 10969 pipe
    lsof    430 root    3r  FIFO    0,8      0t0  9076 pipe
    lsof    430 root    6w  FIFO    0,8      0t0  9077 pipe
ERROR:  Cannot proceed.Any suggestions?
Last edited by analbeard (2014-11-20 08:24:39)
Offline
Can you tell us what command produced that output? The fact that lsof detects itself sounds like a bug somewhere to me. Although, I'm not sure it's possible to migrate the home directory of a logged-in user. Try logging out and running the command as root. Alternatively, you might be better off creating a new user with an encrypted home directory and mv'ing your old home dir to your new. Note that this will only protect new files though, as there's no reliable way to securely erase files without a low-level-format of the partition (or at all, depending on whom you ask).
You might also consider encrypting your entire system as it is far more secure, but use ecryptfs if that suits you. dm-crypt would require reformatting one or more of your partitions, but you already have your home directory backed up, right? 
Offline

Can you tell us what command produced that output? The fact that lsof detects itself sounds like a bug somewhere to me. Although, I'm not sure it's possible to migrate the home directory of a logged-in user. Try logging out and running the command as root. Alternatively, you might be better off creating a new user with an encrypted home directory and mv'ing your old home dir to your new. Note that this will only protect new files though, as there's no reliable way to securely erase files without a low-level-format of the partition (or at all, depending on whom you ask).
You might also consider encrypting your entire system as it is far more secure, but use ecryptfs if that suits you. dm-crypt would require reformatting one or more of your partitions, but you already have your home directory backed up, right?
I ran:
ecryptfs-migrate-private -u shwIt comes from here: https://wiki.archlinux.org/index.php/EC … _directory
I booted into single user mode so my user definitely wasn't logged in. I used to use full disk encryption but it was a PITA if I broke something and needed to use a liveUSB to fix it, so I've stuck with just $HOME encrypted.
There are no major customisations made yet, so the contents of home aren't critical 
Offline

I logged in as root and got the same output as analbeard when I tried to encrypt my /home. I followed every step of the wiki but "ecryptfs-migratem-home -u user" refused to proceed. Any ideas??
Offline
Have you tried to do this manually instead of using the migration program?
Offline

I will give it try tomorrow and inform you about the outcome. I will use the guide by anarxc http://sysphere.org/~anrxc/j/articles/e … index.html
Just to complete the information. When I logged in as root, (right after the boot) I got this
[root@notebook ~]$ ecryptfs-migrate-home -u user
INFO:  Checking disk space, this may take a few moments.  Please be patient.
INFO:  Checking for open files in /home/shw
INFO:  The following files are in use:
    COMMAND   PID USER   FD   TYPE DEVICE SIZE/OFF  NODE NAME
    systemd     1 root   22r  FIFO    0,8      0t0  1196 pipe
    systemd     1 root   23u  FIFO   0,15      0t0  1198 /run/dmeventd-server
    systemd     1 root   24u  FIFO   0,15      0t0  1199 /run/dmeventd-client
    systemd     1 root   26u  FIFO   0,15      0t0  1203 /run/systemd/initctl/fifo
    NetworkMa 258 root   20w  FIFO   0,15      0t0 10093 /run/systemd/inhibit/1.ref
    systemd-l 260 root   19r  FIFO   0,15      0t0 10093 /run/systemd/inhibit/1.ref
    systemd-l 260 root   26r  FIFO   0,15      0t0 14800 /run/systemd/sessions/c2.ref
    login     527 root    6w  FIFO   0,15      0t0 14800 /run/systemd/sessions/c2.ref
    ecryptfs- 669 root    1w  FIFO    0,8      0t0 16695 pipe
    tee       670 root    0r  FIFO    0,8      0t0 16695 pipe
    lsof      692 root    1w  FIFO    0,8      0t0 16798 pipe
    lsof      692 root    4w  FIFO    0,8      0t0 15619 pipe
    lsof      692 root    5r  FIFO    0,8      0t0 15620 pipe
    sed       693 root    0r  FIFO    0,8      0t0 16798 pipe
    sed       693 root    1w  FIFO    0,8      0t0 16695 pipe
    lsof      694 root    3r  FIFO    0,8      0t0 15619 pipe
    lsof      694 root    6w  FIFO    0,8      0t0 15620 pipe 
ERROR: cannot proceedLast edited by macaco (2014-11-17 23:43:45)
Offline

Okay... yesterday I did a pacman -Syu and - whoa - also lsof was part of the update - and this did the trick! Obviously it was a lsof related problem...
ecryptfs-migrate-home -u user did exactly what it should and I am already broadcasting from an encrypted /home 
Guess we can mark the topic as solved now.
Offline

Okay... yesterday I did a pacman -Syu and - whoa - also lsof was part of the update - and this did the trick! Obviously it was a lsof related problem...
ecryptfs-migrate-home -u user did exactly what it should and I am already broadcasting from an encrypted /home
Guess we can mark the topic as solved now.
Ah awesome, thanks for updating this! Looks like I picked a bad time to try my first Arch install 
I ended up using setting up a Luks encrypted partition to get around it.
Edit: I should also point out that where I said I used 'ecryptfs-migrate-private -u shw' earlier, I of course meant 'ecryptfs-migrate-home' 
Last edited by analbeard (2014-11-20 08:25:57)
Offline

Offline