Public bug reported:
Binary package hint: adduser
I'm currently adding support for bootstrapping an encrypted home
directory to the ecryptfs-setup-private utility in the ecryptfs-utils
package.
This requires a simple patch to the adduser utility, to support an
"--encrypt-home" option, which would call:
# ecryptfs-setup-private -b -u $USER
The call to ecryptfs-setup-private uses the existing code to setup an
encrypted home directory. It will generate a mount passphrase from
/dev/urandom, establish the user's ecryptfs configuration files, mount
the home directory, and return 0. With the home directory mounted,
adduser can proceed to copy the /etc/skel files into the mounted,
encrypted mountpoint. The adduser utility then needs to unmount that
home directory. The "passwd" call within adduser will trigger the
password-change code within pam_ecryptfs.so, which will detect the
cleartext, randomly generated mount passphrase written to file, and wrap
(ie, encrypt) that file using the chosen passphrase.
This patch also adds documentation to the manpage regarding the new
--encrypt-home option.
Finally, this patch modifies the control file to "Recommend" a version
of ecryptfs-utils with the required new functionality. Note that Colin
said he needs to think about the appropriate level (Recommends vs.
Suggests).
:-Dustin
** Affects: adduser (Ubuntu)
Importance: Undecided
Status: New
--
add support for setting up encrypted home directory on user creation
https://bugs.launchpad.net/bugs/302870
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
