Bug#765854: ecryptfs-utils: Private directory not automatically unmounted anymore on logout

Julian Andres Klode jak at debian.org
Sat Oct 18 20:13:05 BST 2014

(adding pkg-systemd-maintainers at lists.alioth.debian.org to CC)

On Sat, Oct 18, 2014 at 08:31:38PM +0200, Julian Andres Klode wrote:
> Package: ecryptfs-utils
> Version: 103-3+b1
> Severity: important
> Tags: security
> Previously, a Private directory was automatically unmounted on logout. This
> does not happen anymore. One problem could be that the systemd user instance
> is not bound to logins and will most likely only exit after the last login,
> leaving a process running as that user, and thus causing ecryptfs-utils to
> think the user is still active.
> This is a regression from wheezy as far as I am aware.

So the reason appears to be that systemd keeps another PAM session around for
running its (sd-pam) and systemd --user processes, causing ecryptfs-umount-private
to think one session is still remaining. This means we have to run 
ecryptfs-umount-private before exiting the systemd --user session.

The following user unit does this (called it ecryptfs-umount-private.service),
but I'm not sure if that's the best solution, if something in there is broken,
or how to correctly install that globally.

-- ecryptfs-umount-private.service:

Description=Umount Private directory



Julian Andres Klode  - Debian Developer, Ubuntu Member

See http://wiki.debian.org/JulianAndresKlode and http://jak-linux.org/.

Be friendly, do not top-post, and follow RFC 1855 "Netiquette".
    - If you don't I might ignore you.

More information about the Pkg-systemd-maintainers mailing list