When creating a new user with a GID different than the UID using adduser --encrypt-home, the GID is not passed at all from adduser to ecryptfs-setup-private:
if (defined($encrypt_home)) {
printf gtx("Setting up encryption ...\n") if $verbose; &systemcall($ecryptfs_setup_private, '-b', '-u', $new_name);
}
ecryptfs-setup-private then blindly chowns to $USER:$USER assuming the GID matches the UID:
sciri@baka:~$ sudo adduser --encrypt-home --gid 2500 testuser
Adding user `testuser' ...
Adding new user `testuser' (1000) with group `warthogs' ...
Creating home directory `/home/testuser' ...
Setting up encryption ...
************************************************************************
YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION.
ecryptfs-unwrap-passphrase ~/.ecryptfs/wrapped-passphrase
THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.
************************************************************************
Done configuring.
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for testuser
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
sciri@baka:~$ sudo ls -al /home/.ecryptfs/testuser/
total 16
drwxr-xr-x 4 root root 4096 2009-10-08 10:27 .
drwxr-xr-x 3 root root 4096 2009-10-08 10:27 ..
drwx------ 2 root root 4096 2009-10-08 10:27 .ecryptfs
drwx------ 2 root root 4096 2009-10-08 10:27 .Private
When creating a new user with a GID different than the UID using adduser --encrypt-home, the GID is not passed at all from adduser to ecryptfs- setup-private:
if (defined( $encrypt_ home)) {
&systemcall( $ecryptfs_ setup_private, '-b', '-u', $new_name);
printf gtx("Setting up encryption ...\n") if $verbose;
}
ecryptfs- setup-private then blindly chowns to $USER:$USER assuming the GID matches the UID:
chown $USER:$USER "$CRYPTDIR" /dev/shm/ .ecryptfs- $USER
(multiple chowns below this)
sciri@baka:~$ sudo adduser --encrypt-home --gid 2500 testuser
Adding user `testuser' ...
Adding new user `testuser' (1000) with group `warthogs' ...
Creating home directory `/home/testuser' ...
Setting up encryption ...
******* ******* ******* ******* ******* ******* ******* ******* ******* ******* ** unwrap- passphrase ~/.ecryptfs/ wrapped- passphrase ******* ******* ******* ******* ******* ******* ******* ******* ******* **
YOU SHOULD RECORD YOUR MOUNT PASSPHRASE AND STORE IT IN A SAFE LOCATION.
ecryptfs-
THIS WILL BE REQUIRED IF YOU NEED TO RECOVER YOUR DATA AT A LATER TIME.
*******
Done configuring.
chown: invalid group: `testuser:testuser' ecryptfs/ testuser/
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
chown: invalid group: `testuser:testuser'
Copying files from `/etc/skel' ...
Enter new UNIX password:
Retype new UNIX password:
passwd: password updated successfully
Changing the user information for testuser
Enter the new value, or press ENTER for the default
Full Name []:
Room Number []:
Work Phone []:
Home Phone []:
Other []:
Is the information correct? [Y/n] y
sciri@baka:~$ sudo ls -al /home/.
total 16
drwxr-xr-x 4 root root 4096 2009-10-08 10:27 .
drwxr-xr-x 3 root root 4096 2009-10-08 10:27 ..
drwx------ 2 root root 4096 2009-10-08 10:27 .ecryptfs
drwx------ 2 root root 4096 2009-10-08 10:27 .Private