eCryptfs

Merge lp:~dominik-gierlach/ecryptfs/ecryptfs into lp:ecryptfs

  1. ecryptfs
  2. Merge into trunk
Proposed by Dominik Gierlach
Status: Merged
Merged at revision: 891
Proposed branch: lp:~dominik-gierlach/ecryptfs/ecryptfs
Merge into: lp:ecryptfs
Diff against target: 63 lines (+12/-3)
2 files modified
doc/manpage/ecryptfs-migrate-home.8 (+3/-0)
src/utils/ecryptfs-migrate-home (+9/-3)
To merge this branch: bzr merge lp:~dominik-gierlach/ecryptfs/ecryptfs
Reviewer Review Type Date Requested Status
Tyler Hicks Approve
Review via email: mp+307669@code.launchpad.net

Description of the change

Pass through --nopwcheck option from ecryptfs-migrate-home to ecryptfs-setup-private

Might be a fix for issue #1630477

To post a comment you must log in.
lp:~dominik-gierlach/ecryptfs/ecryptfs updated
887. By Dominikus Gierlach <email address hidden>

Updated manpages with new option for ecryptfs-migrate-home

Revision history for this message
Tyler Hicks (tyhicks) wrote :

This looks reasonable to me. Thanks for the fix!

review: Approve
Revision history for this message
suoko (suoko) wrote :

Hi,

I'm trying this --nopwcheck with a domain user after the ubuntu 18.04 was joined to AD domain with the centrify tool.
If I use --nopwcheck , ecryptfs-migrate-home does not work, it shows instructions on how to use the command.
Without nopwcheck option, the passphrase is not recognized.
Can you suggest a solution ?
Here is a solution which is not working either in my case.

https://community.centrify.com/t5/Centrify-Express/Encrypt-Home-directories-for-domain-Users/td-p/17510

Revision history for this message
suoko (suoko) wrote :

Centrify guys suggest:
"Is there any chance to modify the script to interact with PAM and use "adinfo -A <domain> -u <user> -p <password>" for user password checking?"

Revision history for this message
Murz (murznn) wrote :

@suoko did you find a working solution for this problem?

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'doc/manpage/ecryptfs-migrate-home.8'
--- doc/manpage/ecryptfs-migrate-home.8 2015-11-23 14:17:48 +0000
+++ doc/manpage/ecryptfs-migrate-home.8 2016-10-06 13:08:13 +0000
@@ -9,6 +9,9 @@
9.TP9.TP
10.B -u, --user USER10.B -u, --user USER
11Migrate USER's home directory to an encrypted home directory11Migrate USER's home directory to an encrypted home directory
12.TP
13.B \-\-nopwcheck
14Do not check the validity of the specified login password (useful for LDAP user accounts)
1215
13.SH DESCRIPTION16.SH DESCRIPTION
14\fBWARNING\fP: Make a complete backup copy of the non-encrypted data to another system or external media. This script is dangerous and in case of an error, could result in data lost, or USER locked out of the system!17\fBWARNING\fP: Make a complete backup copy of the non-encrypted data to another system or external media. This script is dangerous and in case of an error, could result in data lost, or USER locked out of the system!
1518
=== modified file 'src/utils/ecryptfs-migrate-home'
--- src/utils/ecryptfs-migrate-home 2012-08-04 05:37:11 +0000
+++ src/utils/ecryptfs-migrate-home 2016-10-06 13:08:13 +0000
@@ -25,6 +25,7 @@
25set -e25set -e
2626
27PRIVATE_DIR="Private"27PRIVATE_DIR="Private"
28PWCHECK_OPTION=
2829
29usage() {30usage() {
30 echo "31 echo "
@@ -33,6 +34,8 @@
33$0 -u USER34$0 -u USER
3435
35 -u,--user Migrate USER's home directory to an encrypted home directory36 -u,--user Migrate USER's home directory to an encrypted home directory
37 --nopwcheck Do not check the validity of the specified
38 login password (useful for LDAP user accounts)
3639
37WARNING: Make a complete backup copy of the non-encrypted data to40WARNING: Make a complete backup copy of the non-encrypted data to
38another system or external media. This script is dangerous and, in41another system or external media. This script is dangerous and, in
@@ -145,7 +148,7 @@
145 ECRYPTFS_SETUP_PRIVATE_ARGS="$ECRYPTFS_SETUP_PRIVATE_ARGS -m $MOUNTPASS"148 ECRYPTFS_SETUP_PRIVATE_ARGS="$ECRYPTFS_SETUP_PRIVATE_ARGS -m $MOUNTPASS"
146 fi149 fi
147 export ECRYPTFS_MIGRATE="1"150 export ECRYPTFS_MIGRATE="1"
148 if ! ecryptfs-setup-private -u "$USER_NAME" -b $ECRYPTFS_SETUP_PRIVATE_ARGS; then151 if ! ecryptfs-setup-private -u "$USER_NAME" $PWCHECK_OPTION -b $ECRYPTFS_SETUP_PRIVATE_ARGS; then
149 # too bad, something went wrong, we'll try to recover152 # too bad, something went wrong, we'll try to recover
150 rm -rf "$USER_HOME"153 rm -rf "$USER_HOME"
151 mv "$orig" "$USER_HOME"154 mv "$orig" "$USER_HOME"
@@ -177,14 +180,17 @@
177}180}
178181
179DO_ENCRYPT=182DO_ENCRYPT=
180while true; do183while [ ! -z "$1" ]; do
181 [ -z "$1" ] && break
182 case "$1" in184 case "$1" in
183 -u|--user)185 -u|--user)
184 DO_ENCRYPT=1186 DO_ENCRYPT=1
185 USER_NAME="$2"187 USER_NAME="$2"
186 shift 2188 shift 2
187 ;;189 ;;
190 --nopwcheck)
191 PWCHECK_OPTION="--nopwcheck"
192 shift 1
193 ;;
188 *)194 *)
189 usage195 usage
190 ;;196 ;;

Subscribers

People subscribed via source and target branches