https://bugzilla.novell.com/show_bug.cgi?id=895096 https://bugzilla.novell.com/show_bug.cgi?id=895096#c0 Summary: pam-config does not add a pam_ecryptfs entry to common-password Classification: openSUSE Product: openSUSE 13.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: darin@darins.net QAContact: qa-bugs@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Firefox/31.0 the pam-config option for ecryptfs only adds entries to /etc/pam.d/common-auth and /etc/pam.d/common-session, which is required to mount an ecryptfs encrypted home directory. However because there is no entry added to /etc/pam.d/common-password when a user changes their password the new password is not rewrapped and upon next login mounting their ecryptfs encrypted home directory will fail requiring them to login on the counsel and unwrap an eCryptfs wrapped passphrase, rewrap it with a new passphrase, and write it back to file. See the ecryptfs-rewrap-passphrase(1) SYNOPSIS for details on this procedure. Adding 'password optional pam_ecryptfs.so' to /etc/pam.d/common-password will trigger the aforementioned ecryptfs-rewrap-passphrase process. Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.