Support to automatically mount ~/Private at login
authorHugo Villeneuve <hugo@hugovil.com>
Thu, 8 Aug 2013 16:42:29 +0000 (12:42 -0400)
committerHugo Villeneuve <hugo@hugovil.com>
Thu, 8 Aug 2013 16:42:29 +0000 (12:42 -0400)
Using ecryptfs-utils and pam configuration files.

stage5/misc/ecryptfs-pam.d/system-auth [new file with mode: 0644]
stage5/misc/ecryptfs-pam.d/system-password [new file with mode: 0644]
stage5/misc/ecryptfs-pam.d/system-session [new file with mode: 0644]
stage5/pkg/ecryptfs-utils

diff --git a/stage5/misc/ecryptfs-pam.d/system-auth b/stage5/misc/ecryptfs-pam.d/system-auth
new file mode 100644 (file)
index 0000000..d3d16f1
--- /dev/null
@@ -0,0 +1,6 @@
+# Begin /etc/pam.d/system-auth
+
+auth      required    pam_unix.so
+auth      optional    pam_ecryptfs.so unwrap
+
+# End /etc/pam.d/system-auth
diff --git a/stage5/misc/ecryptfs-pam.d/system-password b/stage5/misc/ecryptfs-pam.d/system-password
new file mode 100644 (file)
index 0000000..ecb301a
--- /dev/null
@@ -0,0 +1,9 @@
+# Begin /etc/pam.d/system-password
+
+password  optional    pam_ecryptfs.so
+
+# use sha512 hash for encryption, use shadow, and try to use any previously
+# defined authentication token (chosen password) set by any prior module
+password  required    pam_unix.so       sha512 shadow try_first_pass
+
+# End /etc/pam.d/system-password
diff --git a/stage5/misc/ecryptfs-pam.d/system-session b/stage5/misc/ecryptfs-pam.d/system-session
new file mode 100644 (file)
index 0000000..d33b76c
--- /dev/null
@@ -0,0 +1,6 @@
+# Begin /etc/pam.d/system-session
+
+session   required    pam_unix.so
+session   optional    pam_ecryptfs.so unwrap
+
+# End /etc/pam.d/system-session
index bfd349b..1eaaf7c 100644 (file)
@@ -6,4 +6,6 @@ hvbuild_post()
     #   setreuid: Operation not permitted
     #   ERROR:  Could not mount private ecryptfs directory
     chmod +s /sbin/mount.ecryptfs_private
+
+    install -v -m644 ${SCRDIR}/misc/ecryptfs-pam.d/* /etc/pam.d/
 }