# [solved] ecryptfs unmounts even though the session is active

## 82303

Hi,

I have ecryptfs'd my home partition. And it mounts on login, I can read, write, aso just fine. But the partitions gets unmounted every time I exit a console session even though there are others open and I'm logged in to my DE.

Thing is I do not want to unmount until i completely log off. It's kind of impractical to enter "su - <user>" every couple of minutes to be able read and write my files ^^

my config is as follows (according to gentoo wiki):

ecryptfs-utils are version 83

```

cat /etc/pam.d/system-auth

auth      required   pam_env.so 

auth      required   pam_unix.so try_first_pass likeauth nullok 

auth      optional   pam_ecryptfs.so unwrap

account      required   pam_unix.so 

password   required   pam_cracklib.so difok=2 minlen=8 dcredit=2 ocredit=2 retry=3 

password   optional   pam_ecryptfs.so

password   required   pam_unix.so try_first_pass use_authtok nullok sha512 shadow 

session      required   pam_limits.so 

session      required   pam_env.so 

session      required   pam_unix.so 

session    optional   pam_ecryptfs.so unwrap

session      optional   pam_permit.so

```

Is there a way to fix this issue or disable just automatic unmounting?

Thx for your help.

Cheers,

StefanLast edited by 82303 on Tue Sep 28, 2010 12:55 pm; edited 1 time in total

----------

## 82303

Well,

fixed problem myself.

In the directory /home/<user>/.ecryptfs/ was an empty file called "auto_umount", which I deleted.

Since then, no unwanted unmountings anymore.

Cheers,

Stefan

----------

## muczy

I also have this problem and deleting auto-unmount solves the issue however this workaround makes gdm wait for about 5 seconds on shutdown...

I think I will report this as a bug.

----------

## KingBeeXC

I ran into this problem today and discovered that my umounts were related to me using sudo. Encyptfs keeps track of number of sessions open by using pam and a counter stored in /dev/shm/ecryptfs-????-Private. When the counter gets to 0 the home directory is unmounted. When you delete the "auto_umount" this stops the counter from getting decremented, which means once mounted your home directory will never be unmounted through ecryptfs. The home directory not being unmounted as expected is probably causing the gdm hang.

I am not that familiar with Pam and exactly how it operates but I tracked it down to the session    optional   pam_ecryptfs.so unwrap line in the /etc/pam.d/system-remote-login. What I found is that exiting a sudo session was causing ecyptfs to decrement the counter in /dev/shm/ecryptfs-????-Private. I was able to resolve this by replacing the session   include         system-auth line from /etc/pam.d/sudo with the system-auth session paramaters (minus the pam_ecryptfs.so unwrap line). For example:

```

cat /etc/pam.d/sudo

auth    include         system-auth

account include         system-auth

# REMOVED #session        include         system-auth

#added using system-auth as reference:

session         required        pam_limits.so

session         required        pam_env.so

session         required        pam_unix.so

session         optional        pam_permit.so

```

There are a lot of files under pam.d that are including system-auth, so if you aren't using sudo then the problem is probably related to another pam session.

----------

## muczy

Nice find!

I'm using dm-crypt for a while but please feel free to report this new information to the opened bugzilla ticket:

https://bugs.gentoo.org/show_bug.cgi?id=343393

----------

