Thursday, November 11, 2010

Ecryptfs and profile errors

I recently had an Ubuntu fail on ecryptfs. I would log into the system and it would present a default empty home dir with the Access-ecrypt-fs file. The problem was similar to these discussions on lost ecrypt profiles.


https://answers.launchpad.net/ecryptfs/+question/46307

http://ubuntuforums.org/showthread.php?t=1459250

My profile looked like this:

$ ls
Access-Your-Private-Data.desktop  README.txt

$ ecryptfs-mount-private
ERROR: Encrypted private directory is not setup properly

After running an strace, I finally discovered that my movement of the /home directory contents had upset the delicate balance of ecryptfs. The program was not finding the .ecryptfs files it was looking for. ecryptfs profiles are not stored in your home directory, but rather are linked to another profile store.

$ ls -la
lrwxrwxrwx 1 user user   31 2010-09-07 21:51 .ecryptfs -> /home/.ecryptfs/user/.ecryptfs

The system had lost its way to /home/.ecryptfs/user/.ecryptfs. Fixing the links in /home recovered my encrypted profile.

$ ls -la /data1/home
total 16
drwxr-xr-x  4 root  root  4096 2010-09-07 21:51 .
drwxrwxrwx 11 root  root  4096 2010-09-26 10:42 ..
drwx------  4 user user 4096 2010-09-25 22:00 user
drwxr-xr-x  3 root  root  4096 2010-09-07 21:51 .ecryptfs

$ cd /
$ sudo rm -rf home
$ sudo ln -s /data1/home home

No comments: