how to reproduce:
1) su -
2) useradd ecryptfstest
3) passwd ecryptfstest #add any passphrase
4) logout root
5) log in as ecryptfstest
6) ecryptfs-setup-private
7) log out and log in
8) mount # confirm ~/Private is mounted
9) log out
10) mount # confirm ~/Private is not mounted
11) su -
12) su - ecryptfstest
result:
~/Private is mounted (no passphrase was entered - because key is still in keyring)
expected:
~/Private is not mounted (key not in keyring)
in short: after logout, key is not removed from keyring
how to reproduce: setup-private
1) su -
2) useradd ecryptfstest
3) passwd ecryptfstest #add any passphrase
4) logout root
5) log in as ecryptfstest
6) ecryptfs-
7) log out and log in
8) mount # confirm ~/Private is mounted
9) log out
10) mount # confirm ~/Private is not mounted
11) su -
12) su - ecryptfstest
result:
~/Private is mounted (no passphrase was entered - because key is still in keyring)
expected:
~/Private is not mounted (key not in keyring)
in short: after logout, key is not removed from keyring