Ubuntu
ecryptfs-utils package

prevent ecryptfs-utils from being uninstalled if in use

Bug #331085 reported by Dustin Kirkland 
10
This bug affects 1 person
Affects Status Importance Assigned to Milestone
ecryptfs-utils (Ubuntu)
Fix Released
High
Dustin Kirkland 

Bug Description

Binary package hint: ecryptfs-utils

It's very easy to do:
 $ sudo apt-get remove ecryptfs-utils

In Ubuntu jaunty, if your account is set up with an encrypted home directory, this will make it impossible (okay, very, very difficult) to even log in to your system.

The ecryptfs-utils packaging needs a prerm check to determine if ecryptfs-utils is in use, before allowing the remove to continue.

:-Dustin

Revision history for this message
Dustin Kirkland  (kirkland) wrote :

From #ubuntu-installer...

Feb 17 17:02:34 <cjwatson> kirkland: so, to summarise, exiting in 'prerm remove' is the right answer and you should do it
...
Feb 17 17:03:18 <cjwatson> kirkland: you should do it as early as possible in 'prerm remove' before cleaning up anything else (if applicable). If you do it after something else, make sure that 'postinst abort-remove' undoes it.

:-Dustin

Changed in ecryptfs-utils:
assignee: nobody → kirkland
importance: Undecided → High
status: New → Triaged
Revision history for this message
Dustin Kirkland  (kirkland) wrote :

I'm attaching a debdiff here. I'd really like some comments from Colin before I commit this...

I've tested that this prerm script does in fact prevent the removal of ecryptfs-utils if any of the following are true:
 a) there's an active ecryptfs mount
 b) there's an ecryptfs filesystem in /etc/fstab
 c) there's at least one user with a .ecryptfs directory in /home

I don't think is necessarily comprehensive, but it should catch the vast majority of situations.

:-Dustin

Changed in ecryptfs-utils:
status: Triaged → In Progress
Revision history for this message
Colin Watson (cjwatson) wrote :

Replace '[ -d "/home/$i/.ecryptfs" -o -L "/home/$i/.ecryptfs" ]' with '[ -d "/home/$i/.ecryptfs" ] || [ -L "/home/$i/.ecryptfs" ]' for portability. (Actually, do you even need to do both checks? -d returns true if given a symlink to a directory.)

Otherwise I think this is fine.

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ecryptfs-utils - 71-0ubuntu2

---------------
ecryptfs-utils (71-0ubuntu2) jaunty; urgency=low

  * debian/ecryptfs-utils.prerm: perform some cursory checks, to ensure that
    there are no obvious, current users of ecryptfs before allowing package
    removal, LP: #331085

 -- Dustin Kirkland <email address hidden> Mon, 23 Feb 2009 15:55:57 -0600

Changed in ecryptfs-utils:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.