Bug#765854: ecryptfs-utils: Private directory not automatically unmounted anymore on logout

Michael Biebl email at michaelbiebl.de
Sun Jan 8 18:32:19 GMT 2017


/usr/lib/systemd/user, please 

Am 8. Januar 2017 19:13:24 MEZ schrieb Julian Andres Klode <jak at debian.org>:
>On Sun, Jan 08, 2017 at 04:58:35PM +0100, László Böszörményi (GCS)
>wrote:
>> Hi Julian,
>> 
>> On Fri, Jan 6, 2017 at 3:06 PM, Julian Andres Klode <jak at debian.org>
>wrote:
>> > Second ping, more than 2 years later.
>> >
>> > Seriously, that's more than 2 years old now, with a simple
>workaround, and
>> > security implications (private data remaining accessible after
>logout).
>>  Sure, I don't know how it was flying under my radar. :( Updated the
>> package[1], but seems still failing to umount. Going to check it
>> again, but may you check it as well?
>
>Two points:
>
>(1) Seems you install to lib/systemd/system - but the service would
>have to be
>    in lib/systemd/user to work (it's a user service)
>
>(2) We found out on IRC later yesterday that the cause for this is that
>    pam_ecryptfs is in common-auth and common-session. The systemd
>    --user instance runs with the systemd-user pam configuration, which
>    only includes common-account and common-session-noninteractive
>
>So while my workaround definitely works a more correct solution might
>be to adjust the pam config and add ecryptfs to
>common-session-noninteractive
>as well?
>
>I'm not sure why there is a common-session-noninteractive and a
>common-session - the latter is supposedly for both interactive
>and non-interactive sessions, but not included by the former...

-- 
Diese Nachricht wurde von meinem Android-Mobiltelefon mit K-9 Mail gesendet.




More information about the Pkg-systemd-maintainers mailing list