<html>
    <head>
      <base href="https://bugs.freedesktop.org/" />
    </head>
    <body><table border="1" cellspacing="0" cellpadding="8">
        <tr>
          <th>Priority</th>
          <td>medium
          </td>
        </tr>

        <tr>
          <th>Bug ID</th>
          <td><a class="bz_bug_link 
          bz_status_NEW "
   title="NEW --- - Systemd user manager interferes with ecryptfs - private directory not being unmounted"
   href="https://bugs.freedesktop.org/show_bug.cgi?id=72759">72759</a>
          </td>
        </tr>

        <tr>
          <th>Assignee</th>
          <td>systemd-bugs@lists.freedesktop.org
          </td>
        </tr>

        <tr>
          <th>Summary</th>
          <td>Systemd user manager interferes with ecryptfs - private directory not being unmounted
          </td>
        </tr>

        <tr>
          <th>QA Contact</th>
          <td>systemd-bugs@lists.freedesktop.org
          </td>
        </tr>

        <tr>
          <th>Severity</th>
          <td>normal
          </td>
        </tr>

        <tr>
          <th>Classification</th>
          <td>Unclassified
          </td>
        </tr>

        <tr>
          <th>OS</th>
          <td>Linux (All)
          </td>
        </tr>

        <tr>
          <th>Reporter</th>
          <td>rickert@ameritech.net
          </td>
        </tr>

        <tr>
          <th>Hardware</th>
          <td>x86-64 (AMD64)
          </td>
        </tr>

        <tr>
          <th>Status</th>
          <td>NEW
          </td>
        </tr>

        <tr>
          <th>Version</th>
          <td>unspecified
          </td>
        </tr>

        <tr>
          <th>Component</th>
          <td>general
          </td>
        </tr>

        <tr>
          <th>Product</th>
          <td>systemd
          </td>
        </tr></table>
      <p>
        <div>
        <pre>This is observed with opensuse 13.1, using an ecryptfs private directory.  On
one computer, I am using an encrypted home directory with ecryptfs.

On logout, the private directory remains mounted (so visible decrypted).  I see
this as a security concern.

If I remove systemd from the pam configuration, the ecryptfs reverts to working
as it should.

Example:  on my work computer, I use an encrypted home directory.
I logout when I leave work.

A remote login from home (ssh with public key authentication) shows that the
encrypted home directory is still mounted.

The command "ecryptfs-umount-private" tells me that the directory is mounted in
another session.  Repeating "ecryptfs-umount-private" does unmount it. 
Thereafter, ecryptfs works properly until the next boot.

I tried "systemctl --user exit" in a KDE exit script.  That shuts down the user
manager process, but it does not fix the problem with the ecryptfs private
directory remaining mounted.

My best guess is that the systemd is creating an additional pam session for
this user, and never exiting that session.  And this throws of the session
counting by the ecryptfs pam module.</pre>
        </div>
      </p>
      <hr>
      <span>You are receiving this mail because:</span>
      
      <ul>
          <li>You are the QA Contact for the bug.</li>
          <li>You are the assignee for the bug.</li>
      </ul>
    </body>
</html>