Forum link: http://forums.gentoo.org/viewtopic-t-846464.html Ecryptfs umounts my home directory when I exit from a console session. As you can read on the link deleting the ~/.ecryptfs/auto_umount file works around this problem however this raises another problem: when I shutdown from Gnome the system waits about 5 seconds, then (I think) GDM is killed (on the console I can see that there was a problem while GDM was stopping). Touching the auto_umount file makes GDM behave correctly however the umount problem appears again. ecryptfs version: 83 gdm version: 2.20.11 Reproducible: Always Steps to Reproduce:
I think this is an upstream bug report: https://bugs.launchpad.net/ecryptfs/+bug/525562 . However under Ubuntu I don't notice this issue...
I can confirm that this still happens with ecryptfs-utils-85.
I ran into this problem today and discovered that my umounts were related to me using sudo. Encyptfs keeps track of number of sessions open by using pam and a counter stored in /dev/shm/ecryptfs-????-Private. When the counter gets to 0 the home directory is unmounted. When you delete the "auto_umount" this stops the counter from getting decremented, which means once mounted your home directory will never be unmounted through ecryptfs. The home directory not being unmounted as expected is probably causing the gdm hang. I am not that familiar with Pam and exactly how it operates but I tracked it down to the session optional pam_ecryptfs.so unwrap line in the /etc/pam.d/system-remote-login. What I found is that exiting a sudo session was causing ecyptfs to decrement the counter in /dev/shm/ecryptfs-????-Private. I was able to resolve this by replacing the session include system-auth line from /etc/pam.d/sudo with the system-auth session paramaters (minus the pam_ecryptfs.so unwrap line). For example: Code: cat /etc/pam.d/sudo auth include system-auth account include system-auth # REMOVED #session include system-auth #added using system-auth as reference: session required pam_limits.so session required pam_env.so session required pam_unix.so session optional pam_permit.so There are a lot of files under pam.d that are including system-auth, so if you aren't using sudo then the problem is probably related to another pam session.
*** Bug 373137 has been marked as a duplicate of this bug. ***
Has anyone discussed this issue upstream?
Please take this discussion upstream[1], there is little we can do at Gentoo. I will be happy to apply any solution proposed in this regard. [1] http://ecryptfs.org/