--- Log opened Thu Sep 29 18:52:15 201118:52 -!- Laanders [anlag@suiko.acc.umu.

1. --- Log opened Thu Sep 29 18:52:15 2011
2. 18:52 -!- Laanders [anlag@suiko.acc.umu.se] has joined #ecryptfs
3. 18:52 -!- Irssi: #ecryptfs: Total of 22 nicks [0 ops, 0 halfops, 0 voices, 22 normal]
4. 18:52 -!- Irssi: Join to #ecryptfs was synced in 1 secs
5. 18:54 < Laanders> I'm experiencing a problem with ecryptfs on ubuntu, where the encrypted directory won't mount, neither automatically on login nor when I try it manually
6. 18:54 < Laanders> anyone able to give me a hand?
7. 18:55 < jjohansen> what is the error message
8. 18:56 < Laanders> don't believe I'm getting one
9. 18:57 < Laanders> actually, now I'm getting
10. 18:57 < Laanders> Error mounting eCryptfs: [-2] No such file or directory
11. 18:57 < Laanders> on trying a manual mount
12. 18:59 -!- kirkland [~kirkland@74.126.19.140.static.a2webhosting.com] has left #ecryptfs [Ex-Chat]
13. 18:59 -!- kirkland [~kirkland@74.126.19.140.static.a2webhosting.com] has joined #ecryptfs
14. 19:00 < jjohansen> what does your manual mount command look like
15. 19:01 < Laanders> sudo mount -t ecryptfs /home/anlag/.Private /home/anlag/Private
16. 19:01 < Laanders> having previously done: sudo ecryptfs-add-passphrase --fnek
17. 19:04 < jjohansen> hrmm, and ecryptfs exists in /proc/filesystems, and both /home/analag/.Private and /home/analag/Private exist
18. 19:05 < jjohansen> is there a message in dmesg?
19. 19:05 < Laanders> yes to the first three questions, I created ~/Private
20. 19:05 < Laanders> dmesg... how do I check that again?
21. 19:06 < jjohansen> dmesg
22. 19:08 < Laanders> ah
23. 19:08 < Laanders> [ 3997.244395] Could not find key with description: [978c3a85e7ab7a73]
24. 19:08 < Laanders> [ 3997.244405] process_request_key_err: No key
25. 19:08 < Laanders> [ 3997.244411] Could not find valid key in user session keyring for sig specified in mount option: [978c3a85e7ab7a73]
26. 19:08 < Laanders> [ 3997.244418] One or more global auth toks could not properly register; rc = [-2]
27. 19:08 < Laanders> [ 3997.244426] Error parsing options; rc = [-2]
28. 19:14 < tyhicks> Laanders: when doing your manual mount, did you accept the default fnek key or did you specify the correct key?
29. 19:15 < Laanders> I gave the one I got on the second line of the final output from the add-passphrase command
30. 19:15 < Laanders> so not the default
31. 19:15 < tyhicks> Laanders: So is 978c3... your fnek or fek key?
32. 19:17 < Laanders> I'm not sure what those terms mean exactly, but that's what I got on the second of two lines output from 'sudo ecryptfs-add-passphrase --fnek'
33. 19:17 < Laanders> Inserted auth tok with sig [978c3a85e7ab7a73] into the user session keyring
34. 19:18 < Laanders> that was preceded by a similar line, with another key
35. 19:18 < tyhicks> hmm... so why can't the kernel request it...
36. 19:19 < Laanders> the first time I tried to mount, the mounting itself worked, but the ~/Private directory was still empty
37. 19:19 < Laanders> or, it had some directories but not the anticipated contents
38. 19:20 < Laanders> what if I redo the add-passphrase thing and try again?
39. 19:22 < tyhicks> Laanders: does `keyctl list @u` show both of the keys?
40. 19:23 < Laanders> indeed it does
41. 19:28 < tyhicks> Laanders: oh... just realized what is going on
42. 19:29 < Laanders> that sounds promising
43. 19:29 < tyhicks> Laanders: you're adding the keys to the user's keyring and then using `sudo mount ...`, which is this going to search the root user's keyring
44. 19:29 < tyhicks> Laanders: that's why it can't find the keys
45. 19:29 < Laanders> aah, so interactive sudo from the start might be more successful?
46. 19:29 < tyhicks> Laanders: yeah, that would let you do the mount
47. 19:30 < tyhicks> Laanders: What is your end goal here? To do manual mounts from here on out or get automount working at login?
48. 19:31 < Laanders> either get automount working at login, or move away from home dir encryption, I don't strictly need it
49. 19:32 < Laanders> if I can do the former without too much hassle that would be the preferred choice...
50. 19:32 < tyhicks> Laanders: what files are in .ecryptfs/ ?
51. 19:32 < Laanders> my entire home directory, about 130 gb of stuff
52. 19:32 < tyhicks> Laanders: that shouldn't be in .ecryptfs/
53. 19:33 < Laanders> my bad... ~/.ecryptfs links to /home/.ecryptfs/anlag/.ecryptfs/
54. 19:33 < Laanders> which contains:
55. 19:33 < Laanders> auto-mount auto-umount Private.mnt Private.sig wrapped-passphrase
56. 19:34 < tyhicks> ok, that looks right
57. 19:34 < tyhicks> Laanders: have you changed anlag's password lately?
58. 19:34 < Laanders> no
59. 19:35 < tyhicks> Laanders: have any ideas as to what event may have caused automount to stop working?
60. 19:35 < tyhicks> (moving files around, system update, etc.)
61. 19:36 < Laanders> no, nothing specific. but it's probably worth mentioning that it's occcasionally happened in the past as well, perhaps once every 20-30 boots, that when I logged into my system I'd get the default appearance, some error messages, and the home dir contents unavailable
62. 19:36 < Laanders> I'd just log out and log back in again and it would work
63. 19:36 < Laanders> as of last night though, I've tried 7-10 times with no success
64. 19:37 < kirkland> does 'ecryptfs-mount-private' work?
65. 19:37 < Laanders> haven't done anything now that I can think of as would be particularly significant
66. 19:37 -!- feldmaus_ [~markus@dslb-092-076-252-208.pools.arcor-ip.net] has quit [Quit: Lost terminal]
67. 19:37 < Laanders> I execute it and it doesn't give an error, but doesn't seem to do anything either
68. 19:38 < Laanders> ah, that should be run with root I suppose...
69. 19:39 < tyhicks> Laanders: no, it is setuid root
70. 19:40 < tyhicks> Laanders: You should be fine running it as your normal user
71. 19:40 < Laanders> right. it doesn't seem to do anything... nothing in dmseg either
72. 19:41 < tyhicks> well, mount.ecryptfs_private is setuid root
73. 19:41 < tyhicks> kirkland: He should be able to run ecryptfs-mount-private as an unprived user, right?
74. 19:41 < kirkland> tyhicks: he absolutely *should* run unprivileged
75. 19:42 < kirkland> Laanders: run:
76. 19:42 < kirkland> Laanders: sh -x /usr/bin/ecryptfs-mount-private
77. 19:42 < kirkland> Laanders: and pastebin the result
78. 19:43 < Laanders> http://pastebin.com/UrS6sgUS
79. 19:43 < kirkland> Laanders: mount | grep ecryptfs
80. 19:43 < kirkland> Laanders: and pastebin the output
81. 19:44 < Laanders> http://pastebin.com/N3L7yLVp
82. 20:15 < kirkland> Laanders: sure looks like you're mounted
83. 20:15 < tyhicks> Laanders: Why do you think the mount isn't working?
84. 20:16 < Laanders> I really don't have any theories, went from working yesterday at the office, took the laptop home and started it there, and it didn't
85. 20:19 < tyhicks> Laanders: Sorry, I don't mean what are your theories on what broke the automount functionality. I mean why do you think it is broken?
86. 20:19 < tyhicks> Laanders: It looks to be working from your pastebins
87. 20:21 < Laanders> well there's nothing in my ~/Private folder, du -sh says it's 4K big. if it were working I'd expect to see my entire "normal" home directory's contents in there
88. 20:23 < Laanders> okay... this is perhaps odd.
89. 20:25 < Laanders> after adding the keys and mounting as root to another directory, I see some of the directories, with files in them. for instance my dropbox folder. however other folders that are default in ubuntu such as pictures or documents, are empty
90. 20:25 < Laanders> it's as if the empth, unencrypted home directory subfolders are showing on top of my "real", encrypted, ones
91. 20:25 < Laanders> *empty
92. 20:26 < tyhicks> Laanders: `cd $HOME` and try again
93. 20:27 < Laanders> hm, okay my $HOME is now showing some directories twice
94. 20:28 < Laanders> guess that means I'm mounted at least
95. 21:23 < kirkland> Laanders: tyhicks: according to: /home/anlag/.Private on /home/anlag type ecryptfs (ecryptfs_check_dev_ruid,ecryptfs_cipher=aes,ecryptfs_key_bytes=16,ecryptfs_unlink_sigs,ecryptfs_sig=cf242001905e2af7,ecryptfs_fnek_sig=978c3a85e7ab7a73)
96. 21:23 < kirkland> you're mounted on top of $HOME
97. 21:23 < kirkland> not $HOME/Private
98. 21:27 < Laanders> that would explain why I'm getting double directories on top of one another I suppose
99. 21:29 -!- feldmaus [~markus@dslb-092-076-252-208.pools.arcor-ip.net] has joined #ecryptfs
100. 21:41 < Laanders> or perhaps not... I tried booting from a live usb stick, and mounted it from there to a newly created /home/anlag... it works, but I've still got double entries for Documents, Pictures, Templates etc. no idea how that's even possible...
101. 21:42 < Laanders> but it seems those double directories exist already inside of the encrypted directory, and not as I thought earlier that one set is the encrypted and the other the default unencrypted dirs
102. 21:45 < Laanders> either way, those empty copies of certain directories are very much in the way of accessing my files
103. 21:57 -!- Netsplit resistance.oftc.net <-> charm.oftc.net quits: jjohansen, gcwilson, thieule, tyhicks
104. 21:58 -!- Netsplit over, joins: jjohansen, gcwilson, tyhicks, thieule
105. 22:00 -!- tyhicks` [~tyhicks@ip98-186-177-164.ks.ks.cox.net] has joined #ecryptfs
106. 22:00 -!- tyhicks [~tyhicks@ip98-186-177-164.ks.ks.cox.net] has quit [Ping timeout: 481 seconds]
107. 22:01 -!- tyhicks` is now known as tyhicks
108. 22:02 -!- pa4wdh [~pa4wdh@lt51327-lnx.ipv6.pa4wdh.nl.eu.org] has quit [Quit: Leaving]
109. 22:03 -!- feldmaus [~markus@dslb-092-076-252-208.pools.arcor-ip.net] has quit [Quit: Lost terminal]
110. 22:07 -!- Netsplit resistance.oftc.net <-> charm.oftc.net quits: jjohansen, thieule, gcwilson
111. 22:12 -!- Netsplit over, joins: jjohansen
112. 22:13 -!- gcwilson [~gcwilson@cpe-70-112-30-210.austin.res.rr.com] has joined #ecryptfs
113. 22:13 -!- thieule [~thieule@216-239-45-4.google.com] has joined #ecryptfs
114. 22:14 -!- feldmaus_ [~markus@dslb-092-076-252-208.pools.arcor-ip.net] has joined #ecryptfs
115. --- Day changed Fri Sep 30 2011
116. 00:07 -!- feldmaus_ [~markus@dslb-092-076-252-208.pools.arcor-ip.net] has quit [Quit: Lost terminal]
117. 00:55 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has quit [Quit: Leaving.]
118. 01:05 -!- jjohansen [~jj@75-94-21-57.war.clearwire-wmx.net] has joined #ecryptfs
119. 01:11 -!- ccolorado [~ccolorado@187.138.74.107] has quit [Remote host closed the connection]
120. 01:11 < Laanders> right so I've tried also the ecryptfs-recover-private utility now and it equally well mounts the directory, but I've still got the double directories and simply can't access most of my data. not finding any indication of such case anywhere either, quite frustrating
121. 01:12 < Laanders> df shows 127G used on the partition in question, but du -sh in the directory shows only 55G, presumably because it also doesn't read inside of the duplicate named directories
122. 01:33 < tyhicks> Laanders: Do you have unencrypted file names mixed in with encrypted file names?
123. 01:34 < tyhicks> Laanders: look through /home/.ecryptfs/anlag/.Private
124. 01:34 < tyhicks> Laanders: pick a duplicated dir name (we'll call it foo), and do `find /home/.ecryptfs/anlag/.Private | grep foo`
125. 01:38 < Laanders> hm, the find/grep on the .ecryptfs dir shows only one Documents, for example
126. 01:39 < Laanders> however looking in that folder, .ecryptfs/anlag/.Private I actually see both encrypted and non-encrypted directories
127. 01:39 < tyhicks> Laanders: Right - that's the problem
128. 01:39 < Laanders> most of then encrypted names, but a few directories, corresponding to the ones I see duplicated, are there in clear text too
129. 01:39 < Laanders> can I safely delete the non-encrypted ones?
130. 01:40 < tyhicks> Laanders: Tough for me to say
131. 01:40 < tyhicks> Laanders: you need to look them over
132. 01:40 -!- jjohansen [~jj@75-94-21-57.war.clearwire-wmx.net] has quit [Ping timeout: 480 seconds]
133. 01:40 < tyhicks> Laanders: are they empty?
134. 01:40 < Laanders> they are indeed quite empty
135. 01:41 < Laanders> well nearly, the Videos one contains a single small encrypted file for some reason
136. 01:41 < Laanders> I saw that file when I had mounted before, actually. it's not important
137. 01:42 < tyhicks> Laanders: If it was my data, I wouldn't delete them while the eCryptfs directory was mounted and I'd save off any of the directories that weren't empty
138. 01:43 < Laanders> I can as well copy them to a usb stick or some such, they take nearly no space
139. 01:44 < Laanders> but I'll unmount first
140. 01:45 < Laanders> there are some hidden directories there too, .compiz, .config etc. looks like a bunch of default directories got tossed into the ecryptfs directory on top of what was there before.
141. 01:46 < tyhicks> Laanders: Yes - sorry about that - really not sure what happened there :/
142. 01:46 < tyhicks> Laanders: any plaintext directory names could potentially collide with an encrypted name, so you probably want to get rid of them all
143. 01:47 < Laanders> yeah, I'll move them all out of there to be on the safe side
144. 01:47 < Laanders> and so long as I can retrieve my data I'm all good... obviously this sort of thing always happens when your backup solution is somehwat out of order...
145. 02:24 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has joined #ecryptfs
146. 02:46 < Laanders> alright, sweet, now I can access my data! that's the main thing. it seems permissions and ownerships are a bit messed up when I move them elsewhere, but I can always fix that later...
147. 03:07 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has quit [Ping timeout: 480 seconds]
148. 03:12 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has joined #ecryptfs
149. 03:21 < Laanders> actually doing it from inside my system rather than from the livecd took care of that, now ownerships look fine too as I'm moving stuff off the drive. that just leaves some legwork to sort out the directory from scratch and move the contents back on it again.
150. 03:21 < Laanders> thanks a lot to everyone who helped, much appreciated!
151. 03:29 -!- gcwilson [~gcwilson@cpe-70-112-30-210.austin.res.rr.com] has quit [Quit: Leaving.]
152. 04:33 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has quit [Ping timeout: 480 seconds]
153. 04:43 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has joined #ecryptfs
154. 04:58 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has quit [Remote host closed the connection]
155. 05:39 < tyhicks> Laanders: great to hear - sorry we were all a little busy earlier
156. 05:39 < tyhicks> Laanders: glad that you got it all straightened out
157. 05:45 < tyhicks> Laanders: Is there any chance that you manually mounted your encrypted home dir without a filename encryption key and then logged in?
158. 05:46 < tyhicks> Laanders: I'm trying to get a handle on what the actual cause of this was (bug vs. misconfiguration)
159. 05:57 -!- jjohansen [~jj@static-50-53-42-114.bvtn.or.frontiernet.net] has joined #ecryptfs
160. 06:21 < Laanders> tyhicks: I can't see it really, I didn't even know how to mount ecryptfs manually until I ran into this issues
161. 06:24 < Laanders> possibly if ubuntu did that on its own. the fact that I kept running into it occasionally before, that it wouldn't mount on login, but worked again when I logged out and logged back in again, indicates there was something iffy somewhere in my setup. I'd never touched it manually before, at least not intentionally...
162. 06:25 < Laanders> my ecryptfs installation comes from the default ubuntu installation for either 10.10 or 11.04 which I did a clean install on a few months ago. I then reinstalled after that without changing anything with the home directory, just keeping the original encryption setup