Encrypted home folder still accessible after logout
I you have an account with an encrypted home folder, you can't access the user's plain text data in their home folder if that user hasn't logged in, yet, since the system last booted up. This is what I expected because it should in fact not be practically feasible to access a user's home folder without their password being entered.
However, I found that when a user with an encrypted home folder logs in and then logs out, the plain text data in their home folder still is accessible to other users. Sufficient access privileges are required, of course.
w
doesn't list the user and the output of sudo pgrep -u <username>
is empty, indicating that the user doesn't have any running processes.
What is the reason for this behavior? Why not just lock the user's home folder after they logged out?
Known bug
If I understand correctly, this is a known bug.
See this link: wiki.archlinux.org/index.php/ECryptfs
Scroll down to the pink paragraph
Warning: Unfortunately the automatic unmounting is susceptible to break with systemd and bugs are filed against it ...
Work-around
As it is now, you had better shut down or reboot in order to remove the traces (It is not enough to log out).
I have been researching this issue for quite some time, i.e., unecrypted file system remains mounted after user logout.
I used "ecryptfs-migrate-home -u user" to create mount. followed directions and all works except no auto-unmount at logout.
I compared the config files in /etc/pam.d/ to pam_ecryptfs documentation and found the some differences. ecryptfs was in 4 of the pam.d config files whereas the pam_ecryptfs docs indicate just 2 files need/should/support ecryptfs, e.g.,
/etc/pam.d/common-auth: auth required pam_ecryptfs.so unwrap /etc/pam.d/common-session: session optional pam_ecryptfs.so unwrap
So, I commented out the other 2 instances, rebooted, and it all worked, auto-mounts at login and auto-unmounts on logout for both graphical and console logins. (I used alternate tty's to verify from root account)
This is on 18.04 Lubuntu on laptop, desktop and virtualbox guest (windows host).
I am interested in others experience.
edit_1: improved wording. edit_2: added desktop and VB test results.
I can't test or confirm this, but assuming that you are using ecryptfs
(which is what Ubuntu offers during install, IIRC), the encrypted data is stored in a hidden folder /home/.encryptfs/$USER
and mounted to your actual home folder's location using the ecryptfs
driver when you log in.
Most likely, then, what is happening is that when you log out, it fails to automatically unmount that directory, so the files are still accessible. This could be caused by...
- a bad config (perhaps it was supposed to be configured to unmount on logout but wasn't)
- unexpected logout type (sometimes these solutions work for the DM login/out but don't work well otherwise)
- if the unmounting is handled by a logout script (not necessarily the case), something preceding the unmount command could fail and cause the script to exit early.
One thing that can help you check this would be to run sudo mount | grep home
before login, after login, and after logout to see if anything involving home
is being mounted. You could also look in /etc/fstab
for relevant entries. Finally, there is some config in /home/.ecryptfs/$USER/.ecryptfs/
with pertinent settings to automounting/unmounting.
Useful information about ecryptfs
can be found in this answer and in the ever-helpful ArchWiki.