Reopening the ecryptfs-utils bug. Adding user-setup task.
This bug is actually quite a bit more complicated than I first realized.
Fundamentally, we have two preseed options which are incompatible:
d-i passwd/user-password-crypted password $6$.1eHH0iY$ArGz...
and
d-i user-setup/encrypt-home boolean true
We cannot encrypt the home directory without having access to the
cleartext password. I'm reverting the "fix" that I had committed to
ecryptfs-utils, which persisted that cleartext password across the first
boot by storing it in /var/tmp, which was not a good idea, as this leaks
the file to disk. There's no secure way of persisting this sort of data
across a reboot, sorry.
I'm attaching a patch/branch here that adjusts the logic in the user-
setup state machine in d-i which should ensure that *if* you've
requested an encrypted home, and we only have a crypted password, then
we should throw you back into the critical dialogs to choose a password.
** Also affects: user-setup (Ubuntu)
Importance: Undecided
Status: New
** Changed in: ecryptfs-utils (Ubuntu)
Status: Fix Released => In Progress
** Changed in: user-setup (Ubuntu)
Status: New => In Progress
** Changed in: user-setup (Ubuntu)
Importance: Undecided => Medium
** Patch added: "882314.patch"
https://bugs.launchpad.net/ubuntu/+source/user-setup/+bug/882314/+attachment/2577114/+files/882314.patch
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/882314
Title:
preseeded installation fails to create .ecryptfs/wrapped-passphrase
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/882314/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
