fscrypt does not work for home directory encryption
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
fscrypt (Ubuntu) |
Confirmed
|
Undecided
|
Unassigned |
Bug Description
I am trying to use fscrypt in place of ecryptfs to encrypt my home directory, and to automatically unlock/lock it on login and logout. I am using a fresh installation of Ubuntu 18.04 done on 05/01/18. The hardware is a Dell Precision 5520 laptop. The version of the fscrypt and libpam-fscrypt packages is 0.2.2-0ubuntu2.
I began with the instructions in https:/
When I logged out and logged back in, I was presented with a blank screen. The cursor was visible and responded to trackpad motion. If I clicked the top right of the screen, I saw the usual drop-down menu containing power settings and the like. I didn't see any other responses to clicks or keypresses. Hitting ctrl-alt-fn-f1 brought me back to the login screen. If I tried to login again, this time the desktop came up normally and everything appeared to be working.
All of this suggests some sort of broken interaction here between pam_fscrypt.so and the rest of the desktop startup process. There are some open upstream bugs [1][2] about this, but I don't know enough about PAM and systemd to understand what might be at fault.
This is sufficiently inconvenient that I'd consider the "encrypt home directory via fscrypt" workflow to be broken on Ubuntu 18.04 at this time.
1. https:/
2. https:/
I built fscrypt from upstream (v0.2.3-8-g3e32282) and this issue no longer manifests. So whatever bug I'm running into has been fixed upstream.