Hi, I have individually LUKS encrypted home dirs on my system which are mounted at login via pammount. I have one, maybe two problems that I am unable to track down, and which may be related. First of all, the encrypted dirs seem to be getting mounted twice when the user logs in. Here are the relevant lines in df output after login: /dev/mapper/_dev_sdb1 57690744 20835188 36269436 37% /home/josh /dev/sdb1 57690744 20835188 36269436 37% /home/josh Secondly, and most importantly, the encrypted home partitions are not being completely unmounted on logout. After logout, only one of the above has been unmounted, df reports: /dev/mapper/_dev_sdb1 57690744 20835284 36269340 37% /home/josh This also happens even if lsof doesn't report any open files for the user (a common cause of having the partion not unmounted, if memory serves...) The relevant line in /etc/security/pam_mount.conf.xml is: <volume user="josh" mountpoint="/home/josh" path="/dev/disk/by-uuid/967e7b41-b9cc-48f0-94e8-c2c3eb2a4dd0" fstype="crypt" /> and this is the only reference to mounting this volume, i.e. no other mounting lines somewhere in fstab or crypttab. I use disk-by-uuid because udev does not always map the devices to the same letters, so the disk the above partition is on is not always sdb (also a known issue, again if memory serves...) I consider it a serious security problem if the encrypted dirs aren't automagically unmounted on logout, which at least partially defeats the whole purpose of having them to begin with. Any Ideas? cheers, -j _______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
