Comment 15 for bug 313812

Revision history for this message
Dustin Kirkland  (kirkland) wrote : Re: umount of ecryptfs does not automatically clear the keyring (was: ecryptfs can be mounted with any passphrase)

Okay, so I can't quite commit the fix yet, as there's some controversy about it.

However, I want to attach the patches here so that they don't get lost.

In the current solution, there's two small patches.

Basically, instead of loading the keys into the User keyring, we should load them into the Session keyring. The session keyring is automatically cleared on logout, whereas the User keyring hangs around.

To do this, we need a minor patch to pam adding a couple of stubs for pam_keyutils, and we need to modify key_management.c and mount.ecryptfs_private.c to work with the session keyring. All in all, two simple patches.

However, when I asked Steve Langasek to review the pam code, he suggested that pam_ecryptfs should be doing its work in pam session, rather than pam authenticate. As such, the current patches are not acceptable. It's a fair amount of work (and a *lot* of testing) to move the pam_ecryptfs code around. Not impossible, will just take some time.