Unable to upgrade my Fedora Silverblue system with ecryptfs encryption on the home directory. When upgrading, I have to manually remove 'ecryptfs' from /etc/group, upgrade the system and reboot before adding the group and its users back to the group file, which is inconvenient and poses an obvious security risk due to a much higher likelihood of unpatched software. Reproducible: Always Steps to Reproduce: 1.Install ecryptfs-utils on Fedora Silverblue (or another atomic distribution) 2. Encrypt a home directory using ecryptfs-migrate-home (man page can be found here for reference: https://manpages.ubuntu.com/manpages/focal/en/man8/ecryptfs-migrate-home.8.html) 3. Logout, log back in and add the user to the ecryptfs group (one might have to first perform the "grep -E '^libvirt:' /usr/lib/group >> /etc/group" first (this is so one does not get a permission denied error when trying to decrypt data) 4. Once user data has been decrypted, attempt to upgrade the system using "rpm-ostree upgrade" Actual Results: Command runs but stops short of completion, receiving the error: "While applying overrides for pkg ecryptfs-utils: Could not find group 'ecryptfs' in group file " Expected Results: The system upgrade should be performed successfully Additional Information: This may or may not be similar to a issue which Wireshark had: https://github.com/fedora-silverblue/issue-tracker/issues/50 (see what was performed with the pull request here: https://src.fedoraproject.org/rpms/wireshark/pull-request/6). Other packages have experienced similar issues. Ecryptfs' issues with managing groups also cause other issues (like the aforementioned issue with decryption) which may or may not be resolved by fixing this issue.
FEDORA-2025-ca334737c8 (ecryptfs-utils-111-41.fc42) has been submitted as an update to Fedora 42. https://bodhi.fedoraproject.org/updates/FEDORA-2025-ca334737c8
FEDORA-2025-deb30beb17 (ecryptfs-utils-111-41.fc41) has been submitted as an update to Fedora 41. https://bodhi.fedoraproject.org/updates/FEDORA-2025-deb30beb17
FEDORA-2025-deb30beb17 has been pushed to the Fedora 41 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-deb30beb17` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-deb30beb17 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2025-ca334737c8 has been pushed to the Fedora 42 testing repository. Soon you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-ca334737c8` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-ca334737c8 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2025-ca334737c8 (ecryptfs-utils-111-41.fc42) has been pushed to the Fedora 42 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2025-deb30beb17 (ecryptfs-utils-111-41.fc41) has been pushed to the Fedora 41 stable repository. If problem still persists, please make note of it in this bug report.