[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
(unsubscribing sponsors for now, the changes need more work before being up for review again) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
nack for the pam changes. - Dynamic home directory creation is not specific to ecryptfs and should not be part of an encryptfs-specific pam config; there is an existing mkhomedir profile to use for this. - The /etc/security/ecryptfs script is not very reusable, it encodes your local policy preference to enable ecryptfs for all users logging in. It's also insecure, at a minimum because you are passing passwords to a program as commandline arguments, which are visible to all other users on the system. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
Hmm, looking at this patch and I'm quite nervous. Backslashes and dollar signs in user names -- that sounds fraught with peril. @tyhicks, @slangesek, @pitti: could you guys review the pam portions of this patch for security and safety? ** Changed in: ecryptfs-utils (Ubuntu) Importance: Undecided => Wishlist ** Changed in: ecryptfs-utils (Ubuntu) Importance: Wishlist => Low ** Changed in: ecryptfs-utils (Ubuntu) Status: New => Triaged -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
Dustin, can you review please? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
For the record: The ppa was updated to vivid. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
The attachment "45_44.diff" seems to be a debdiff. The ubuntu-sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. If the attachment isn't a patch, please remove the "patch" flag from the attachment, remove the "patch" tag, and if you are member of the ~ubuntu-sponsors, unsubscribe the team. [This is an automated message performed by a Launchpad user owned by ~brian-murray, for any issue please contact him.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
Possible patch for ecryptfs-utils package ** Patch added: "45_44.diff" https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+attachment/4290911/+files/45_44.diff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1406940] Re: ecryptfs does not work for domain users (AD, likewise/powerbroker)
Patched version of ecryptfs-utils is available here: bzr branch lp:~dominik-gierlach/+junk/ecryptfs-enterprise ppa:dominik-gierlach/enterprise Changes: - Allow backslashes in usernames - Add pam hook and scripts (see http://askubuntu.com/questions/111803/enable-ecryptfs-for-all-new-users-even-those-authenticating-through-kerberos-an) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1406940 Title: ecryptfs does not work for domain users (AD, likewise/powerbroker) To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/1406940/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
