[Filesystems-devel] Bug#785013: ecryptfs-utils: ecryptfs-mount-private fails under screen

GI gi1242+debianbugs at gmail.com
Mon May 11 15:15:32 UTC 2015 

Package: ecryptfs-utils
Version: 103-5
Severity: normal

Hi There,

ecryptfs-mount-private fails when running under a screen session that
was re-attached from a different machine. (I set up my private directory
to be non-automounted, non-auto-umounted and using a login independent
wrapping passphrase.)

Here's how it can be re-produced: You need two machines (called deb1 and
deb2) to reproduce the problem. (I'm using the prompt "deb1>" to
indicate a shell prompt on deb1)

    deb1> ssh deb2
    deb2> ssh -t deb1 screen
    (starts a new screen on machine deb1, from deb2)
    screen at deb1> ecryptfs-mount-private
    (works as expected, and ~/Private is mounted)
    screen at deb1> ecryptfs-umount-private
    (works as expected, and ~/Private is unmounted)

Now press Ctrl-A Ctrl -D and detach the screen. Then start a new
terminal on deb1 (without going through the machine deb2) and re-attach
the screen:

    deb1> screen -R -D
    (Attaches to the screen session created from deb2)
    screen at deb1> ecryptfs-mount-private
    Enter your wrapping passphrase:
    Inserted auth tok with sig [bbbbbbbbbbbbbbbb] into the user session keyring
    mount: No such file or directory

Looks like /sbin/mount.ecryptfs_private is what fails and produces the
above message. The keys seem to have been added correctly however:
    screen at deb1>keyctl list @u
    2 keys in keyring:
    575554787: --alswrv  2070   100 user: aaaaaaaaaaaaaaaa
    990744347: --alswrv  2070   100 user: bbbbbbbbbbbbbbbb
    screen at deb1>cat ~/.ecryptfs/Private.sig
    bbbbbbbbbbbbbbbb
    aaaaaaaaaaaaaaaa

It's not serious, since I can work around the problem easily. However it
did take me 2 hours to realize that the problem was with running under a
re-attached screen! (It might be some other weird PAM stuff, but this is
what I can consistently reproduce.)

Best,

Gautam

-- System Information:
Debian Release: 8.0
  APT prefers stable
  APT policy: (900, 'stable'), (500, 'stable-updates'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ecryptfs-utils depends on:
ii  gettext-base    0.19.3-2
ii  keyutils        1.5.9-5+b1
ii  libassuan0      2.1.2-2
ii  libc6           2.19-18
ii  libecryptfs0    103-5
ii  libgpg-error0   1.17-3
ii  libgpgme11      1.5.1-6
ii  libkeyutils1    1.5.9-5+b1
ii  libnss3-1d      2:3.17.2-1.1
ii  libpam-runtime  1.1.8-3.1
ii  libpam0g        1.1.8-3.1
ii  libtspi1        0.3.13-3

ecryptfs-utils recommends no packages.

Versions of packages ecryptfs-utils suggests:
pn  cryptsetup  <none>

-- no debconf information

More information about the Filesystems-devel mailing list