From c40e53c16a16ffb49b004ece8e5db2d3edf68001 Mon Sep 17 00:00:00 2001
From: Hugo Villeneuve <hugo@hugovil.com>
Date: Thu, 8 Aug 2013 12:42:29 -0400
Subject: [PATCH] Support to automatically mount ~/Private at login

Using ecryptfs-utils and pam configuration files.
---
 stage5/misc/ecryptfs-pam.d/system-auth     | 6 ++++++
 stage5/misc/ecryptfs-pam.d/system-password | 9 +++++++++
 stage5/misc/ecryptfs-pam.d/system-session  | 6 ++++++
 stage5/pkg/ecryptfs-utils                  | 2 ++
 4 files changed, 23 insertions(+)
 create mode 100644 stage5/misc/ecryptfs-pam.d/system-auth
 create mode 100644 stage5/misc/ecryptfs-pam.d/system-password
 create mode 100644 stage5/misc/ecryptfs-pam.d/system-session

diff --git a/stage5/misc/ecryptfs-pam.d/system-auth b/stage5/misc/ecryptfs-pam.d/system-auth
new file mode 100644
index 0000000..d3d16f1
--- /dev/null
+++ b/stage5/misc/ecryptfs-pam.d/system-auth
@@ -0,0 +1,6 @@
+# Begin /etc/pam.d/system-auth
+
+auth      required    pam_unix.so
+auth      optional    pam_ecryptfs.so unwrap
+
+# End /etc/pam.d/system-auth
diff --git a/stage5/misc/ecryptfs-pam.d/system-password b/stage5/misc/ecryptfs-pam.d/system-password
new file mode 100644
index 0000000..ecb301a
--- /dev/null
+++ b/stage5/misc/ecryptfs-pam.d/system-password
@@ -0,0 +1,9 @@
+# Begin /etc/pam.d/system-password
+
+password  optional    pam_ecryptfs.so
+
+# use sha512 hash for encryption, use shadow, and try to use any previously
+# defined authentication token (chosen password) set by any prior module
+password  required    pam_unix.so       sha512 shadow try_first_pass
+
+# End /etc/pam.d/system-password
diff --git a/stage5/misc/ecryptfs-pam.d/system-session b/stage5/misc/ecryptfs-pam.d/system-session
new file mode 100644
index 0000000..d33b76c
--- /dev/null
+++ b/stage5/misc/ecryptfs-pam.d/system-session
@@ -0,0 +1,6 @@
+# Begin /etc/pam.d/system-session
+
+session   required    pam_unix.so
+session   optional    pam_ecryptfs.so unwrap
+
+# End /etc/pam.d/system-session
diff --git a/stage5/pkg/ecryptfs-utils b/stage5/pkg/ecryptfs-utils
index bfd349b..1eaaf7c 100644
--- a/stage5/pkg/ecryptfs-utils
+++ b/stage5/pkg/ecryptfs-utils
@@ -6,4 +6,6 @@ hvbuild_post()
     #   setreuid: Operation not permitted
     #   ERROR:  Could not mount private ecryptfs directory
     chmod +s /sbin/mount.ecryptfs_private
+
+    install -v -m644 ${SCRDIR}/misc/ecryptfs-pam.d/* /etc/pam.d/
 }
-- 
2.20.1