Bug#928956: Document removal of ecryptfs-utils from Buster

To: Osamu Aoki <osamu@debian.org>
Cc: Paul Gevers <elbrus@debian.org>, 928956@bugs.debian.org, Daniel Lange <DLange@debian.org>, "Laszlo Boszormenyi (GCS)" <gcs@debian.org>
Subject: Bug#928956: Document removal of ecryptfs-utils from Buster
From: Julian Andres Klode <jak@debian.org>
Date: Mon, 1 Jul 2019 16:58:38 +0200
Message-id: <[🔎] 20190701165753.GA20035@debian.org>
Reply-to: Julian Andres Klode <jak@debian.org>, 928956@bugs.debian.org
In-reply-to: <[🔎] 20190701145242.GB11148@goofy.osamu.debian.net>
References: <9f53e5c8-36be-5418-bb05-24b5bb869527@debian.org> <20190514065448.cmxvmrw4hxb7i7mb@pine64> <9f53e5c8-36be-5418-bb05-24b5bb869527@debian.org> <2733c02d-17ac-6632-6d67-1dda438a56e5@debian.org> <20190515120052.kxxivzszuljhkxkt@jbr.me.uk> <20190515120052.kxxivzszuljhkxkt@jbr.me.uk> <6377067e-82b4-f414-2369-d0ab8587cec7@debian.org> <9f53e5c8-36be-5418-bb05-24b5bb869527@debian.org> <c7b9f935-0fa8-46df-e33e-1c5f936ea78c@debian.org> <[🔎] 20190701145242.GB11148@goofy.osamu.debian.net> <9f53e5c8-36be-5418-bb05-24b5bb869527@debian.org>

On Mon, Jul 01, 2019 at 11:52:42PM +0900, Osamu Aoki wrote:
> Hi,
> 
> On Sat, Jun 29, 2019 at 10:05:39AM +0200, Paul Gevers wrote:
> > Hi all,
> > 
> > On 01-06-2019 22:06, Paul Gevers wrote:
> > > On Wed, 15 May 2019 13:00:52 +0100 Justin B Rye
> > > <justin.byam.rye@gmail.com> wrote:
> > >> Daniel Lange wrote:
> > >>>>   * reason for removal
> > >>>>     not essential, but it helps to understand the issue
> > >>> #765854
> > >>> ecryptfs cannot unmount encrypted home directories due to systemd keeping
> > >>> the pam session active even after logout.
> > >>> Upstream bug https://github.com/systemd/systemd/issues/8598
> > >>> A work around (user unit file) has not been implemented and tested.
> ...
> > > In absence of other text, I am about to push the attached text to the
> > > release-notes. I hope this isn't the final text, but at least the draft
> > > document now mentions the problem.
> > 
> > Did anybody learn about (documented) migration paths in the mean time?
> 
> Unencrypt eCryptfs data and mount the unencrypted filesystem is one way.
> 
> But then we don't have encryption.
> 
> I can think of migration to dm-crypt/LUKS or encfs/FUSE is an technical
> possibility.  But that's something beyond this document should
> elaborate,

LUKS is the only sensible option, overlay file systems, especially
encfs are significantly less safe, which was among the reasons we
ended up here in the first place.


-- 
debian developer - deb.li/jak | jak-linux.org - free software dev
ubuntu core developer                              i speak de, en

Reply to:

References:
- Bug#928956: Document removal of ecryptfs-utils from Buster
  - From: Osamu Aoki <osamu@debian.org>

Prev by Date: Bug#928956: Document removal of ecryptfs-utils from Buster
Next by Date: Processed: Change my bugs to debian.org address
Previous by thread: Bug#928956: Document removal of ecryptfs-utils from Buster
Next by thread: Processed: Change my bugs to debian.org address
Index(es):
- Date
- Thread