[systemd-devel] systemd-homed: can't activate home
Ehud Cseresnyes
ehud at posteo.de
Sun Aug 30 10:23:52 UTC 2020
Hey everyone,
I'm running into issues regarding systemd-homed. I couldn't find an
answer in the manuals, any forums and nobody could help me in #systemd
either, which is why I turned to this list.
Basically, I have a valid ehud.home file that uses LUKS as storage, to
which I know the password of. Due to some mistakes on my part, I
deleted the ehud.identity file located in /var/lib/systemd/home/.
My question now is: Do I need that identity file to access my home
again?
I'm hoping no because of three things:
- In the manual it says "The user's password is identical to the
encryption passphrase of the LUKS2 volume."
- When I try "homectl activate ehud", it asks for my password and in
the logs it says: "systemd-homework[4855]: Provided password unlocks
user record."
- Afterwards, it says in the logs "Failed to validate disk label:
Package not installed" (I couldn't figure out which package?) but
nonetheless a new (to me fine-looking) ehud.identity file is placed in
/var/lib/systemd/home/
This seems to align with my understanding that there's also an
(encrypted) ~/.identity file in my (encrypted) home that can only be
retrieved with the user password. Am I correct in this?
My issue is that the home cannot be mounted through homectl. It always
asks for my password and then fails with "Operation on home ehud
failed: Failed to execute operation: Package not installed".
When I use a wrong password, it says password incorrect, so the
password must be correct.
I also tried mounting the .home file manually (as it appears to be a
MBR) but had no success either.
I am suspecting this issue has something to do with the signature of
the identity file somehow? (Everything worked fine until I removed the
identity file originally)
But if so, does that mean to migrate one has to always migrate the
.home and the .identity file?
If this is a signature issue, is there an option to run systemd-homed
in "unsafe" mode just ignoring those signatures and mounting anyway?
Thanks for reading and I appreciate any help! Can provide more details
if requested.
Cheers
Ehud
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20200830/f2bf4326/attachment.sig>
More information about the systemd-devel
mailing list