I have installed ecryptfs-utils and recompile kerenl with ecryptfs support
after I create -new user and using ecryptfs-migrate-home -u user
I reboot and press ctrl alt f1 to enter consle mode
I login with user and check it works well,
then I enter gui mode after login all file can’t be written or read.
I check dmesg and found this:
anyone can help or give me some advice? thanks very much, I have spend 3 days to fingure out this question!!!
[ 449.838155] tegra-se-nvhost 15820000.se: no free key slot
[ 449.838156] crypt_scatterlist: Error setting key; rc = [-12]
[ 449.838158] crypt_extent: Error attempting to crypt page with page_index = [0], extent_offset = [0]; rc = [-22]
[ 449.838159] ecryptfs_encrypt_page: Error encrypting extent; rc = [-22]
[ 449.838160] ecryptfs_write_end: Error encrypting page (upper index [0x0000000000000000])
how do you enter the GUI mode?
I mean desktop environment, ubuntu desktop
do you use reboot or startx or init5 to enter the GUI mode after the cntrl+alt+f1?
Try adding the user to the group “video”, e.g.:
sudo usermod the_new_user_name -a -G video
source
WARNING: Make a complete backup copy of the non-encrypted data to
another system or external media. This script is dangerous and in case
of an error, could result in data lost, or USER locked out of the
system!
This program must be executed by root.
This program will attempt to migrate a user's home directory to an
encrypted home directory.
This program requires free disk space 2.5x the current size of the home
directory to be migrated. Once successful, you can recover most of
this space by deleting the cleartext directory.
The USER must be logged out of all sessions in order to perform the
migration, and have no open files according to lsof(1).
[b] Once the migration has completed, the USER must login immediately,
BEFORE THE NEXT REBOOT in order to complete the migration.
[/b]
After logging in, if USER can read and write files in their home
directory successfully, then the migration has completed successfully
and can remove the cleartext backup in /home/.
After a successful migration, the USER really must run ecryptfs-unwrap-
passphrase(1) or zescrow(1) and record their randomly generated mount
passphrase.
If swap is not already encrypted, it is highly recommended that your
administrator setup encrypted swap using ecryptfs-setup-swap(1).
http://manpages.ubuntu.com/manpages/xenial/man8/ecryptfs-migrate-home.8.html
thanks Andrey
I have add user to many groups before I use ecryptfs-migrate-home -u user
I doesn’t work so far.
I am wondering why it works on console but failed on X mode,
I don’t know if it because gnome-keying or something else keying problem
and from log error it call tegra-se-nvhost, the drive in the kernel.
thanks for your reply again!
according to my test:
every time after I create 29 files in ecrypt directory it will fail to create new file and error log as above