Ubuntu
ecryptfs-utils package

Bug #259631
Comment #54

Comment 54 for bug 259631

Revision history for this message

Dustin Kirkland  (kirkland) wrote on 2008-11-04:

#54

ecryptfs-utils.259631.debdiff Edit (10.5 KiB, text/plain)

Stable Release Update Request

Per:
* https://wiki.ubuntu.com/StableReleaseUpdates

1) This bug affects any users using Intrepid's easy-to-configure "Automatic Login" option, in conjunction with Encrypted Private Directories. Encrypted Private Directories absolutely *require* that you enter your password at some point, in order to unwrap the mount passphrase and mount the encrypted Private directory. This might seem obvious to the technical among us, but it's not obvious to some of our users.

2) The proposed fix, which has been committed upstream, involves the following, in order to provide an interactive mechanism for prompting for a password when attempting to access the encrypted private directory:
  * doc/ecryptfs-mount-private.txt: new file, to be placed as
    "README.txt" in a user's unmount encrypted ~/Private directory
  * src/desktop/ecryptfs-mount-private.desktop: new desktop file,
    to be installed in each user's unmounted Private dir, providing a
    clickable way to mount (tested in Gnome and KDE)
  * src/utils/ecryptfs-setup-private: link the readme and desktop file
    into the unmount Private dir
  * src/utils/ecryptfs-mount-private: completely overhauled to
    interactively prompt for a user's login password, unwrap the mount
    passphrase and insert into the keyring, and perform the mount
  * src/utils/ecryptfs-umount-private: completely overhauled to drop the
    deprecated (and broken) counter mechanism, and very simply call
    umount.ecryptfs_private
  * src/utils/mount.ecryptfs_private.c: provide a helpful "hint" when a
    key isn't found, that perhaps they user wants to try the interactive
    ecryptfs-mount-private utility
  * See: http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=923a2e4bc05e8a6bb4a3ca836f9080b13bd84b3c

3) Patch is attached.

4) TEST CASE:
  a) install Ubuntu or Kubuntu, and configure the system for "Automatic Login"
  b) sudo apt-get install ecryptfs-utils
  c) ecryptfs-setup-private
  d) mount.ecryptfs_private
  e) copy some data into ~/Private
  f) reboot, allow the machine to automatically login
  g) try to access ~/Private, only will see symlink saying that the directory has been unmounted

5) The only regression potential I see is the overloading of the ecryptfs-mount-private and ecryptfs-umount-private utilities. These were two small, wrapper scripts which have been included in the package, but broken and deprecated. Their functionality was completely supplanted by the mount.ecryptfs_private setuid binary and the built-in counter functionality, and the hooks in pam_ecryptfs to call mount.ecryptfs_private/umount.ecryptfs_private. Before the pam module handled this, these utilities were added to .bash_profile. That never made it into Ubuntu, and these utilities have not been used. As upstream, the intention is for these utilities to become the interactive wrapper for the compact, hardened /sbin/mount.ecryptfs_private.

:-Dustin

Stable Release Update Request

Per:
 * https://wiki.ubuntu.com/StableReleaseUpdates

1) This bug affects any users using Intrepid's easy-to-configure "Automatic Login" option, in conjunction with Encrypted Private Directories.  Encrypted Private Directories absolutely *require* that you enter your password at some point, in order to unwrap the mount passphrase and mount the encrypted Private directory.  This might seem obvious to the technical among us, but it's not obvious to some of our users.

2) The proposed fix, which has been committed upstream, involves the following, in order to provide an interactive mechanism for prompting for a password when attempting to access the encrypted private directory:
  * doc/ecryptfs-mount-private.txt: new file, to be placed as
    "README.txt" in a user's unmount encrypted ~/Private directory
  * src/desktop/ecryptfs-mount-private.desktop: new desktop file,
    to be installed in each user's unmounted Private dir, providing a
    clickable way to mount (tested in Gnome and KDE)
  * src/utils/ecryptfs-setup-private: link the readme and desktop file
    into the unmount Private dir
  * src/utils/ecryptfs-mount-private: completely overhauled to
    interactively prompt for a user's login password, unwrap the mount
    passphrase and insert into the keyring, and perform the mount
  * src/utils/ecryptfs-umount-private: completely overhauled to drop the
    deprecated (and broken) counter mechanism, and very simply call
    umount.ecryptfs_private
  * src/utils/mount.ecryptfs_private.c: provide a helpful "hint" when a
    key isn't found, that perhaps they user wants to try the interactive
    ecryptfs-mount-private utility 
  * See: http://git.kernel.org/?p=linux/kernel/git/mhalcrow/ecryptfs-utils.git;a=commit;h=923a2e4bc05e8a6bb4a3ca836f9080b13bd84b3c

3) Patch is attached.

5) The only regression potential I see is the overloading of the ecryptfs-mount-private and ecryptfs-umount-private utilities.  These were two small, wrapper scripts which have been included in the package, but broken and deprecated.  Their functionality was completely supplanted by the mount.ecryptfs_private setuid binary and the built-in counter functionality, and the hooks in pam_ecryptfs to call mount.ecryptfs_private/umount.ecryptfs_private.  Before the pam module handled this, these utilities were added to .bash_profile.  That never made it into Ubuntu, and these utilities have not been used.  As upstream, the intention is for these utilities to become the interactive wrapper for the compact, hardened /sbin/mount.ecryptfs_private.

:-Dustin

Ubuntuecryptfs-utils package

Comment 54 for bug 259631

Ubuntu
ecryptfs-utils package