[Bug 1817689] Re: [16.04.6 Desktop] Cannot log in after installation with encrypted home enabled

Łukasz Zemczak 1817689 at bugs.launchpad.net
Tue Feb 26 16:43:04 UTC 2019 

Observations so far: the issue can only be seen during ubiquity install
in user-setup. If you run something like `adduser --encrypt-home user`
on the installed system or on the live system, everything just works.

Apparently adduser fails on ecryptfs with "user-setup: Error: Your
kernel does not support filename encryption". This string comes from
ecryptfs_add_passphrase.c in ecryptfs-tools and is only printed if
there's a problem in reading /sys/fs/ecryptfs/version or if the version
doesn't support filename encryption (it's a binary flag on the version
number). Checking /sys/fs/ecryptfs/version at any time of the
installation process (either in the live part or in /target), the
version seems to support what's needed.

Could it be that for some reason user-setup runs before sysfs is mounted
in /target/sys/ ? And therefore unable to perform the setup since the
version path does not exist? Or maybe some permission error? Why does
that only happen now and not on .5?

** Changed in: ubiquity (Ubuntu Xenial)
    Milestone: None => ubuntu-16.04.6

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to ubiquity in Ubuntu.
https://bugs.launchpad.net/bugs/1817689

Title:
  [16.04.6 Desktop] Cannot log in after installation with encrypted home
  enabled

Status in ubiquity package in Ubuntu:
  Confirmed
Status in ubiquity source package in Xenial:
  Confirmed

Bug description:
  Ubuntu Desktop 16.04.6 20190222

  Test Case
  Do an entire disk installation and on the 'Who are you' page select "encrypt home", reboot and log in from lightdm

  Actual Result
  The log in is rejected. There are permission denied in the logs (journal attached)

  This is a *regression* in 16.04.6. It works fine on 16.04.5.

  The following message appears in the logs:
  """"
  user-setup: Error: Your kernel does not support filename encryption
  user-setup: ERROR:  Could not add passphrase to the current keyring
  user-setup: adduser: `/usr/bin/ecryptfs-setup-private -b -u u' returned error code 1. Exiting.
  """"

  This is with kernel 4.15.0-45-generic
  16.04.5 uses kernel 4.15.0-29-generic

  
  ProblemType: Bug
  DistroRelease: Ubuntu 16.04
  Package: ubiquity (not installed)
  ProcVersionSignature: Ubuntu 4.15.0-45.48~16.04.1-generic 4.15.18
  Uname: Linux 4.15.0-45-generic x86_64
  ApportVersion: 2.20.1-0ubuntu2.18
  Architecture: amd64
  Date: Tue Feb 26 06:10:00 2019
  InstallCmdLine: file=/cdrom/preseed/ubuntu.seed boot=casper initrd=/casper/initrd quiet splash ---  apt-setup/restricted=false apt-setup/multiverse=false
  InstallationDate: Installed on 2019-02-26 (0 days ago)
  InstallationMedia: Ubuntu 16.04.6 LTS "Xenial Xerus" - Release amd64 (20190222)
  ProcEnviron:
   TERM=linux
   PATH=(custom, no user)
   LANG=en_US.UTF-8
   SHELL=/bin/bash
  SourcePackage: ubiquity
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ubiquity/+bug/1817689/+subscriptions

More information about the foundations-bugs mailing list