# Solved: ecryptfs fails: do_hash: PK11_HashBuf() error

## Flow__

I have a ecryptfs home dir. Today I did a "emerge -auDN world", followed by a system reboot and after the gdm login, I found a fresh gnome desktop. This showed me that the ecryptfs mount failed. Error Log:[/u]

```

Jan 17 19:33:39 flo-pc gdm[2980]: pam_sm_authenticate: Called

Jan 17 19:33:39 flo-pc gdm[2980]: pam_sm_authenticate: username = [X]

Jan 17 19:33:39 flo-pc gdm[3017]: Passphrase file wrapped

Jan 17 19:33:39 flo-pc gdm[3017]: do_hash: PK11_HashBuf() error; SECFailure = [-1]; PORT_GetError() = [-8128]

Jan 17 19:33:39 flo-pc gdm[3017]: Error generating passphrase signature; rc = [-22]

Jan 17 19:33:39 flo-pc gdm[3017]: Error attempting to unwrap passphrase from file [/home/flo/.ecryptfs/wrapped-passphrase]; rc = [-22]

Jan 17 19:33:39 flo-pc gdm[3017]: Error adding passphrase key token to user session keyring; rc = [-5]

```

I suspect that disabling the use flag static-libs on libgcrypt by the emerge caused this. As this its the only dependency of ecryptfs-utils. But re-enabling showed no effect.  :Sad: 

So I am stuck, I don't know further. Any help appreciated.

Flow

Emerge Log:

```

Mon Jan 17 14:31:09 2011 >>> dev-libs/icu-4.6

Mon Jan 17 14:31:53 2011 >>> dev-libs/pth-2.0.7-r2

Mon Jan 17 14:32:26 2011 >>> dev-java/java-config-2.1.11-r3

Mon Jan 17 14:32:56 2011 >>> dev-python/pyxdg-0.19

Mon Jan 17 14:40:57 2011 >>> dev-python/numpy-1.5.1

Mon Jan 17 14:41:35 2011 >>> dev-python/twisted-10.2.0

Mon Jan 17 14:42:04 2011 >>> dev-python/twisted-web-10.2.0

Mon Jan 17 14:50:24 2011 >>> dev-lang/perl-5.12.2-r6

Mon Jan 17 14:51:14 2011 >>> dev-util/global-5.9.3

Mon Jan 17 14:52:18 2011 >>> dev-libs/libgcrypt-1.4.6 

Mon Jan 17 14:52:39 2011 >>> dev-perl/Error-0.170.160

Mon Jan 17 14:55:27 2011 >>> app-editors/nano-2.2.5

Mon Jan 17 14:56:01 2011 >>> app-admin/sudo-1.7.4_p5

Mon Jan 17 14:57:07 2011 >>> dev-java/swt-3.6.1

```

Last edited by Flow__ on Tue Jan 18, 2011 9:58 am; edited 2 times in total

----------

## Flow__

Ok. It seems that PK11_HashBuf() is the pitfall. As it comes from dev-libs/nss: Sorry libgcrypt for blaming you.  :Wink: 

```

Jan 17 23:25:20 flo-pc mount.ecryptfs: Could not open library handle

Jan 17 23:25:20 flo-pc mount.ecryptfs: Could not open library handle

Jan 17 23:25:20 flo-pc mount.ecryptfs: Could not open library handle

Jan 17 23:25:22 flo-pc mount.ecryptfs: do_hash: PK11_HashBuf() error; SECFailure = [-1]; PORT_GetError() = [-8128]

Jan 17 23:25:22 flo-pc mount.ecryptfs: Error generating passphrase signature; rc = [-22]

Jan 17 23:25:22 flo-pc mount.ecryptfs: ecryptfs_add_passphrase_key_to_keyring: Error attempting to generate the passphrase auth tok payload; rc = [-22]

```

----------

## Flow__

I solved it by emerging:

1. icu

2. sqlite

3. nss 

and enabling the "suid" use flag on ecryptfs-utils

----------

