Package: fscrypt Version: 0.2.9-1 Severity: normal Tags: patch Dear Maintainer,
I wanted to use fscrypt to encrypt my home, and unlock it automatically by using my login username/password on a lightDM session. Unlocking does work, but it seems some services, like pulseaudio, fails to start because of reading errors to the filesystem. After my lightdm session is started I can restart the failed services to make them work again. To me it seems the home is not opened "quick enough" for systemd service unit. My default common-session is: .... # and here are more per-package modules (the "Additional" block) session required pam_unix.so session optional pam_systemd.so session optional pam_fscrypt.so drop_caches lock_policies # end of pam-auth-update config My /etc/fscrypt.conf: { "source": "custom_passphrase", "hash_costs": { "time": "59", "memory": "131072", "parallelism": "32" }, "options": { "padding": "32", "contents": "AES_256_XTS", "filenames": "AES_256_CTS", "policy_version": "2" }, "use_fs_keyring_for_v1_policies": false } I can fix this issue temporarily by manually moving fscrypt to a higher priority, like so: ... # and here are more per-package modules (the "Additional" block) session optional pam_fscrypt.so drop_caches lock_policies session required pam_unix.so session optional pam_systemd.so # end of pam-auth-update config Doing so makes all user system units start without errors. Am I on the wrong track, or can we make this permanent for libpam-fscrypt? -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (940, 'testing'), (920, 'stable'), (910, 'stable-updates'), (900, 'stable'), (51, 'unstable'), (20, 'oldstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.7.0-1-amd64 (SMP w/32 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US:en (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages fscrypt depends on: ii libc6 2.30-8 ii libpam0g 1.3.1-5 fscrypt recommends no packages. Versions of packages fscrypt suggests: ii libpam-fscrypt 0.2.9-1 -- no debconf information