[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
Robert: does this mean that bug 753707 was introduced? It seems that autologin now does not work when .ecryptfs is present in the $HOME directory of the user to be autologged in. If I can add my two cents, that seems to be a bit unfortunate, because now gdm does not ask me for password anyway (it just wants me to select myself as the user to be logged in) so the encrypted directory is not mounted anyway and autlogin does not work either. There is a README in my Private directory that reads as follows: THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA. >From the graphical desktop, click on: "Access Your Private Data" or >From the command line, run: ecryptfs-mount-private Why don't we change it so something like this (I am not a native speaker so the English might be dubious, I am not sure if autlogin can be made into a verb) : THIS DIRECTORY HAS BEEN UNMOUNTED TO PROTECT YOUR DATA. This may be because you were autologged in and thus did not enter your password. >From the graphical desktop, click on: "Access Your Private Data" or >From the command line, run: ecryptfs-mount-private -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in Ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
This bug was fixed in the package gdm - 2.32.0-0ubuntu14 --- gdm (2.32.0-0ubuntu14) natty; urgency=low * debian/patches/24_respect_system_minuid.patch: - Ignore entries from ck-history that are using system UIDs (LP: #696038) * debian/patches/42_no_ecryptfs_autologin.patch: - Don't autologin ecryptfs users (LP: #284443) -- Robert AncellFri, 01 Apr 2011 15:49:50 +1100 ** Changed in: gdm (Ubuntu) Status: Triaged => Fix Released -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
Hmm, I tried to do this properly but GDM has beaten me. So then I tried to make it look for the auto-mount file in the home directory and start the login process but still prompt the user but GDM wasn't having any of that either. I've got it now checking for the file, and just ignoring the autologin entirely if the user has ecryptfs. -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in Ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
** Branch linked: lp:~ubuntu-desktop/gdm/ubuntu -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in Ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
OK, I think the solution has to be: 1. /etc/pam.d/gdm-autologin has to force a password request if the user is using an encrypted home directory 2. GDM has to detect this, and launch the greeter if this occurs (normal case is to run without launching the greeter) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
Re: [Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
Robert Ancell [2011-02-08 6:34 -]: > This is actually non-trivial as gdmsetup is run as an unprivileged user > and so wont necessarily be able to check ~/.ecryptfs/auto-mount. Ah, ok. I thought that gdmsetup would talk to the gdm-binary D-BUS service (which runs as root), but if it's not then.. >Would it be OK for GDM to instead check for this and just select the >logged in user (i.e. prompt for a password) instead of logging in >automatically? ... this sounds just fine as well. Thanks! -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
This is actually non-trivial as gdmsetup is run as an unprivileged user and so wont necessarily be able to check ~/.ecryptfs/auto-mount. Would it be OK for GDM to instead check for this and just select the logged in user (i.e. prompt for a password) instead of logging in automatically? -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 284443] Re: gdmsetup: Don't offer autologin for ecryptfs users
The installer does the right thing these days, and in comment 4 I spoke about gdm as in the login manager. But indeed you can still select ecryptfs users in gdmsetup for autologin; this should be fixed indeed. Robert, as gdmsetup is your's, do you have a couple of minutes to check for this and remove users with an ~/.ecryptfs/auto-mount from the autologin list? Thanks! ** Summary changed: - Encrypted Private Directory is not automatically mounted when using gdm auto-login + gdmsetup: Don't offer autologin for ecryptfs users ** Changed in: gdm (Ubuntu) Status: Invalid => Triaged ** Changed in: gdm (Ubuntu) Assignee: (unassigned) => Robert Ancell (robert-ancell) -- You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gdm in ubuntu. https://bugs.launchpad.net/bugs/284443 Title: gdmsetup: Don't offer autologin for ecryptfs users -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs