Bug 703145

Summary: Mirgation of home directory doesn't work
Product: [Fedora] Fedora Reporter: Sven Jost <sven.jost>
Component: ecryptfs-utilsAssignee: Michal Hlavinka <mhlavink>
Status: CLOSED DUPLICATE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 15CC: artur, esandeen, mhlavink, redhat-bugzilla
Target Milestone: ---   
Target Release: ---   
Hardware: i686   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-07-29 08:31:31 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 712048    
Bug Blocks:    

Description Sven Jost 2011-05-09 12:49:51 UTC 
Version-Release number of ecryptfs-utils: 86.1.fc15 

1. installed fedora with live cd
2. logged in as root
3. added user to group ecryptfs
4. run 'ecrypt-migrate-home -u *user*'
5. logged in as user via console
6. no files, but only a README.txt and a .desktop file of ecryptfs
7. logged out and logged in with gdm

Looks like the automatical mounting after login doesn't work, neither with the Gnome login nor on the console.
Comment 1 Michal Hlavinka 2011-05-09 13:32:56 UTC 
all parts are not in place yet, so it's expected that migrate-home script won't work. I should probably add some notes in that script
Comment 2 arturj 2011-06-05 13:01:04 UTC 
I'm too affected by this bug. Is there any workaround to migrate a users home directory to ecryptfs and have it mounted on login. Is this just a regression on fedora 15 or did it never work on this distro? Can I take the scripts from ubuntu, which does this job right since years?

It seems to work for a users Private subfolder when authconfig is configured to use ecryptfs and pam-modules are updated by authconfig.
Comment 3 Michal Hlavinka 2011-07-29 08:29:32 UTC 
(In reply to comment #2)
> I'm too affected by this bug. Is there any workaround to migrate a users home
> directory to ecryptfs and have it mounted on login.

As root, or prefixed with "sudo ":
1) update ecryptfs-utils to lates version from updates-testing repository
yum update --enablerepo=updates-testing ecryptfs-utils

2) enable ecryptfs pam module
authconfig --enableecryptfs --updateall

3) make sure user is member of ecryptfs group
a) check it
id <username>
b) if user is not member of ecryptfs group, add him there
usermod -a -G ecryptfs <username>

4) migrate home directory and follow provided information

ecryptfs-migrate-home -u <username>

> Is this just a regression
> on fedora 15 or did it never work on this distro? 

it's not a regression, we've put everything in ecryptfs-utils in place, right now we need only some selinux policy changes (see "depends on" bug)

> Can I take the scripts from
> ubuntu, which does this job right since years?

no, they are incompatible

BEWARE: Before "depends on" bug is fixed, you need step 0) switch selinux to enforcing mode, change SELINUX to "permissive" in /etc/selinux/config this will change selinux mode after reboot, so a) reboot, b) use "setenforce 0" command which changes selinux mode immediately (but only until reboot) 


Also, it's not tested well yet, so data backup is probably a good idea.
Comment 4 Michal Hlavinka 2011-07-29 08:31:31 UTC 
oh, I've missed it, this is duplicate bug. We'll continue in the other bug, which is set to modified already.

*** This bug has been marked as a duplicate of bug 709158 ***