It's been requested I file a bugreport for this package a few times now, so I'm gettin around to it. pam_encfs is a pam module for auto mounting/unmounting encfs drives on login. http://hollowtube.mine.nu/wiki/index.php/PAM/PamEncfs
Created attachment 65657 [details] pam_encfs-0.1.1.ebuild
Created attachment 73632 [details] pam_encfs-0.1.3.ebuild ebuild for 0.1.2, now installs pam_encfs.conf (commented out by default), some sed job in Makefile as well (hardcoded gcc and ld).
new version out, 0.1.3, see no reason why cp pam_encfs-0.1.2 pam_encfs-0.1.3 wouldn't work.
(In reply to comment #3) > new version out, 0.1.3, see no reason why cp pam_encfs-0.1.2 pam_encfs-0.1.3 > wouldn't work. The ebuild indeed works, however I'm having major problem w/ this module. The only way I could make this do anything was: #USERNAME SOURCE TARGET PATH ENCFS Options FUSE Options j__m /home/jakub/test-crypt /home/jakub/test -v allow_other (all the rest of config file commented out). However, it mismounts the encrypted directory so that it's not writeable by the user at all! With anything else I tried, it doesn't get mounted at all. :-( For illustration, mount output - when mounted manually (encfs ~/test-crypt ~/test): encfs on /home/jakub/test type fuse (rw,nosuid,nodev,default_permissions,user=j__m) - when mounted via pam_encfs: encfs on /home/jakub/test type fuse (rw,nosuid,nodev,default_permissions,allow_other) The permissions for ~/test are 0700 jakub:users in both cases, however when pam_encfs is used to mount the directory, I cannot write there at all. :-(
Perhaps not a problem with pam_encfs, but I can't get it to work at all. No error messages, no nothing. /etc/security/pam_encfs.conf: shirosaki /home/.shirosaki /home/shirosaki -v allow_other --- /etc/pam.d/system-auth: auth required pam_env.so auth sufficient pam_unix.so likeauth nullok auth required pam_deny.so account required pam_unix.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password sufficient pam_unix.so nullok md5 shadow use_authtok password required pam_deny.so session required pam_limits.so session required pam_unix.so auth required /lib/security/pam_encfs.so session required /lib/security/pam_encfs.so --- ls /lib/security/pam_encfs.so -la -rwxr-xr-x 1 root root 10480 14 mar 22.11 /lib/security/pam_encfs.so
Well, it sort of works when one first logs in with the specified user and then run "su - <user>". The file system is mounted, but the login fails (since the user isn't in the wheel group). But if the user is in the wheel group, then it doesn't work. Most obviously a PAM misconfiguration. We'll see if I manage to solve it or not.
Most obviously a PAM misconfiguration. We'll see if I manage to > solve it or not. > A misconfiguration from my side, just to clearify. ;)
Now I think I start to understand PAM a bit better now. At least it works now. :) /etc/pam.d/system-auth: auth required pam_env.so auth sufficient /lib/security/pam_encfs.so auth sufficient pam_unix.so likeauth nullok use_first_pass auth required pam_deny.so account required pam_unix.so password required pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 password sufficient pam_unix.so nullok md5 shadow use_authtok password required pam_deny.so session required /lib/security/pam_encfs.so session required pam_limits.so session required pam_unix.so
Added the ability for pam_encfs to mount multiple encfs mount points per user instead of just one. https://joshua.haninge.kth.se/~sachankara/pam_encfs-0.1.3-multiple-mount-points.patch
Sorry folks, I give up on this. The thing fails to produce any useful results here. Poor men's pam_encfs: ~/.bashrc # mount encfs if [[ -f $HOME/data/.mounted ]] ; then echo "EncFS already mounted." return else encfs ~/data-private ~/data fi ~/.bash_logout # unmount encfs [[ -f $HOME/data/.mounted ]] && fusermount -u ~/data Touch .mounted w/ with your encfs mounted (~/data-private in the example) for the above to work. This way you can also have a password different from your normal login for the mounts (which is impossible w/ pam_encfs AFAIK). Good luck w/ this anyway. ;)
Created attachment 208067 [details] bump to 0.1.4.2 version
I started having trouble with pam_encfs after upgrading sys-fs/fuse 2.8.1 -> 2.8.5. The login just freezes (gdm AND commandline). Does anyone have the same problem? Should this be reported upstream? Thanks
