“ecryptfs-mount-private” returns “fopen: No such file or directory”












2















Recently, we've rebooted server and got ecryptfs mount fail:




...

Signature not found in user keyring

Perhaps try the interactive 'ecryptfs-mount-private'

user@host:~$




Could that be because of password change?



Although,



1. There's no mount password
2. We might have login password


When trying to recover mount directory, it outputs:



user@host:~$ ls
Access-Your-Private-Data.desktop README.txt
user@host:~$ ecryptfs-mount-private
Enter your login passphrase:
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]
Info: Check the system log for more information from libecryptfs
ERROR: Your passphrase is incorrect
Enter your login passphrase:
user@host:~$ sudo ecryptfs-mount-private
[sudo] password for user:
Enter your login passphrase:
Inserted auth tok with sig [ad21fabcda6abfeab] into the user session keyring
fopen: No such file or directory
user@host:~$


So, as you can see, it shows such strange error: fopen: No such file or directory and, also, when running ecryptfs-mount-private without sudo - it fails.
When mounting folder using ecrypts-recover-private and login password it mounts it in temporary folder like a charm.

Also, we've tried to ecryptfs-rewrap-password and it doesn't work without sudo. So, using sudo ecryptfs-rewrap-password succeeded in rewrapping, but after reboot the same situation persists.



All in all, what could this be; how to fix this auto mount encrypted home directory at login?










share|improve this question




















  • 1





    What was in syslog (or dmesg) right after it said "Check the system log for more information from libecryptfs"?

    – Xen2050
    22 hours ago











  • @Xen2050 What a shame. I've just ignored this message because of some fear that files might be gone. You're right. That would be a right way to go. By the way, an author could add some message pointing that there's no permissions etc.

    – V.7
    20 hours ago











  • Logfiles can get saved or rotated or deleted, but that shouldn't happen right away. Also, many of the ecryptfs executables are bash scripts than can be examined and even ran one line at a time if you wanted, to see exactly what line's failing, hopefully that might help too. A quick less $(which ecryptfs-mount-private) works

    – Xen2050
    17 hours ago











  • @Xen2050 Yes, log had this message. Checked with sudo grep "Failed to detect wrapped" -r "/var/log/" and an output had /var/log/auth.log.1:Jan 11 18:31:58 host login[3739]: Failed to detect wrapped passphrase version: Permission denied Thank you. It's one of those times when log checking is definitely necessary and it would saved time.

    – V.7
    17 hours ago













  • I keep a terminal open with tail -f showing new log messages, just in case. zgrep might be handy in case the logs get zipped too. If my answer's useful, do upvote it or even select it as correct (FYI selecting your own answer as correct does not award any reputation)

    – Xen2050
    1 hour ago
















2















Recently, we've rebooted server and got ecryptfs mount fail:




...

Signature not found in user keyring

Perhaps try the interactive 'ecryptfs-mount-private'

user@host:~$




Could that be because of password change?



Although,



1. There's no mount password
2. We might have login password


When trying to recover mount directory, it outputs:



user@host:~$ ls
Access-Your-Private-Data.desktop README.txt
user@host:~$ ecryptfs-mount-private
Enter your login passphrase:
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]
Info: Check the system log for more information from libecryptfs
ERROR: Your passphrase is incorrect
Enter your login passphrase:
user@host:~$ sudo ecryptfs-mount-private
[sudo] password for user:
Enter your login passphrase:
Inserted auth tok with sig [ad21fabcda6abfeab] into the user session keyring
fopen: No such file or directory
user@host:~$


So, as you can see, it shows such strange error: fopen: No such file or directory and, also, when running ecryptfs-mount-private without sudo - it fails.
When mounting folder using ecrypts-recover-private and login password it mounts it in temporary folder like a charm.

Also, we've tried to ecryptfs-rewrap-password and it doesn't work without sudo. So, using sudo ecryptfs-rewrap-password succeeded in rewrapping, but after reboot the same situation persists.



All in all, what could this be; how to fix this auto mount encrypted home directory at login?










share|improve this question




















  • 1





    What was in syslog (or dmesg) right after it said "Check the system log for more information from libecryptfs"?

    – Xen2050
    22 hours ago











  • @Xen2050 What a shame. I've just ignored this message because of some fear that files might be gone. You're right. That would be a right way to go. By the way, an author could add some message pointing that there's no permissions etc.

    – V.7
    20 hours ago











  • Logfiles can get saved or rotated or deleted, but that shouldn't happen right away. Also, many of the ecryptfs executables are bash scripts than can be examined and even ran one line at a time if you wanted, to see exactly what line's failing, hopefully that might help too. A quick less $(which ecryptfs-mount-private) works

    – Xen2050
    17 hours ago











  • @Xen2050 Yes, log had this message. Checked with sudo grep "Failed to detect wrapped" -r "/var/log/" and an output had /var/log/auth.log.1:Jan 11 18:31:58 host login[3739]: Failed to detect wrapped passphrase version: Permission denied Thank you. It's one of those times when log checking is definitely necessary and it would saved time.

    – V.7
    17 hours ago













  • I keep a terminal open with tail -f showing new log messages, just in case. zgrep might be handy in case the logs get zipped too. If my answer's useful, do upvote it or even select it as correct (FYI selecting your own answer as correct does not award any reputation)

    – Xen2050
    1 hour ago














2












2








2








Recently, we've rebooted server and got ecryptfs mount fail:




...

Signature not found in user keyring

Perhaps try the interactive 'ecryptfs-mount-private'

user@host:~$




Could that be because of password change?



Although,



1. There's no mount password
2. We might have login password


When trying to recover mount directory, it outputs:



user@host:~$ ls
Access-Your-Private-Data.desktop README.txt
user@host:~$ ecryptfs-mount-private
Enter your login passphrase:
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]
Info: Check the system log for more information from libecryptfs
ERROR: Your passphrase is incorrect
Enter your login passphrase:
user@host:~$ sudo ecryptfs-mount-private
[sudo] password for user:
Enter your login passphrase:
Inserted auth tok with sig [ad21fabcda6abfeab] into the user session keyring
fopen: No such file or directory
user@host:~$


So, as you can see, it shows such strange error: fopen: No such file or directory and, also, when running ecryptfs-mount-private without sudo - it fails.
When mounting folder using ecrypts-recover-private and login password it mounts it in temporary folder like a charm.

Also, we've tried to ecryptfs-rewrap-password and it doesn't work without sudo. So, using sudo ecryptfs-rewrap-password succeeded in rewrapping, but after reboot the same situation persists.



All in all, what could this be; how to fix this auto mount encrypted home directory at login?










share|improve this question
















Recently, we've rebooted server and got ecryptfs mount fail:




...

Signature not found in user keyring

Perhaps try the interactive 'ecryptfs-mount-private'

user@host:~$




Could that be because of password change?



Although,



1. There's no mount password
2. We might have login password


When trying to recover mount directory, it outputs:



user@host:~$ ls
Access-Your-Private-Data.desktop README.txt
user@host:~$ ecryptfs-mount-private
Enter your login passphrase:
Error: Unwrapping passphrase and inserting into the user session keyring failed [-5]
Info: Check the system log for more information from libecryptfs
ERROR: Your passphrase is incorrect
Enter your login passphrase:
user@host:~$ sudo ecryptfs-mount-private
[sudo] password for user:
Enter your login passphrase:
Inserted auth tok with sig [ad21fabcda6abfeab] into the user session keyring
fopen: No such file or directory
user@host:~$


So, as you can see, it shows such strange error: fopen: No such file or directory and, also, when running ecryptfs-mount-private without sudo - it fails.
When mounting folder using ecrypts-recover-private and login password it mounts it in temporary folder like a charm.

Also, we've tried to ecryptfs-rewrap-password and it doesn't work without sudo. So, using sudo ecryptfs-rewrap-password succeeded in rewrapping, but after reboot the same situation persists.



All in all, what could this be; how to fix this auto mount encrypted home directory at login?







mount password ecryptfs






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited Jan 12 at 9:50







V.7

















asked Jan 11 at 11:21









V.7V.7

8919




8919








  • 1





    What was in syslog (or dmesg) right after it said "Check the system log for more information from libecryptfs"?

    – Xen2050
    22 hours ago











  • @Xen2050 What a shame. I've just ignored this message because of some fear that files might be gone. You're right. That would be a right way to go. By the way, an author could add some message pointing that there's no permissions etc.

    – V.7
    20 hours ago











  • Logfiles can get saved or rotated or deleted, but that shouldn't happen right away. Also, many of the ecryptfs executables are bash scripts than can be examined and even ran one line at a time if you wanted, to see exactly what line's failing, hopefully that might help too. A quick less $(which ecryptfs-mount-private) works

    – Xen2050
    17 hours ago











  • @Xen2050 Yes, log had this message. Checked with sudo grep "Failed to detect wrapped" -r "/var/log/" and an output had /var/log/auth.log.1:Jan 11 18:31:58 host login[3739]: Failed to detect wrapped passphrase version: Permission denied Thank you. It's one of those times when log checking is definitely necessary and it would saved time.

    – V.7
    17 hours ago













  • I keep a terminal open with tail -f showing new log messages, just in case. zgrep might be handy in case the logs get zipped too. If my answer's useful, do upvote it or even select it as correct (FYI selecting your own answer as correct does not award any reputation)

    – Xen2050
    1 hour ago














  • 1





    What was in syslog (or dmesg) right after it said "Check the system log for more information from libecryptfs"?

    – Xen2050
    22 hours ago











  • @Xen2050 What a shame. I've just ignored this message because of some fear that files might be gone. You're right. That would be a right way to go. By the way, an author could add some message pointing that there's no permissions etc.

    – V.7
    20 hours ago











  • Logfiles can get saved or rotated or deleted, but that shouldn't happen right away. Also, many of the ecryptfs executables are bash scripts than can be examined and even ran one line at a time if you wanted, to see exactly what line's failing, hopefully that might help too. A quick less $(which ecryptfs-mount-private) works

    – Xen2050
    17 hours ago











  • @Xen2050 Yes, log had this message. Checked with sudo grep "Failed to detect wrapped" -r "/var/log/" and an output had /var/log/auth.log.1:Jan 11 18:31:58 host login[3739]: Failed to detect wrapped passphrase version: Permission denied Thank you. It's one of those times when log checking is definitely necessary and it would saved time.

    – V.7
    17 hours ago













  • I keep a terminal open with tail -f showing new log messages, just in case. zgrep might be handy in case the logs get zipped too. If my answer's useful, do upvote it or even select it as correct (FYI selecting your own answer as correct does not award any reputation)

    – Xen2050
    1 hour ago








1




1





What was in syslog (or dmesg) right after it said "Check the system log for more information from libecryptfs"?

– Xen2050
22 hours ago





What was in syslog (or dmesg) right after it said "Check the system log for more information from libecryptfs"?

– Xen2050
22 hours ago













@Xen2050 What a shame. I've just ignored this message because of some fear that files might be gone. You're right. That would be a right way to go. By the way, an author could add some message pointing that there's no permissions etc.

– V.7
20 hours ago





@Xen2050 What a shame. I've just ignored this message because of some fear that files might be gone. You're right. That would be a right way to go. By the way, an author could add some message pointing that there's no permissions etc.

– V.7
20 hours ago













Logfiles can get saved or rotated or deleted, but that shouldn't happen right away. Also, many of the ecryptfs executables are bash scripts than can be examined and even ran one line at a time if you wanted, to see exactly what line's failing, hopefully that might help too. A quick less $(which ecryptfs-mount-private) works

– Xen2050
17 hours ago





Logfiles can get saved or rotated or deleted, but that shouldn't happen right away. Also, many of the ecryptfs executables are bash scripts than can be examined and even ran one line at a time if you wanted, to see exactly what line's failing, hopefully that might help too. A quick less $(which ecryptfs-mount-private) works

– Xen2050
17 hours ago













@Xen2050 Yes, log had this message. Checked with sudo grep "Failed to detect wrapped" -r "/var/log/" and an output had /var/log/auth.log.1:Jan 11 18:31:58 host login[3739]: Failed to detect wrapped passphrase version: Permission denied Thank you. It's one of those times when log checking is definitely necessary and it would saved time.

– V.7
17 hours ago







@Xen2050 Yes, log had this message. Checked with sudo grep "Failed to detect wrapped" -r "/var/log/" and an output had /var/log/auth.log.1:Jan 11 18:31:58 host login[3739]: Failed to detect wrapped passphrase version: Permission denied Thank you. It's one of those times when log checking is definitely necessary and it would saved time.

– V.7
17 hours ago















I keep a terminal open with tail -f showing new log messages, just in case. zgrep might be handy in case the logs get zipped too. If my answer's useful, do upvote it or even select it as correct (FYI selecting your own answer as correct does not award any reputation)

– Xen2050
1 hour ago





I keep a terminal open with tail -f showing new log messages, just in case. zgrep might be handy in case the logs get zipped too. If my answer's useful, do upvote it or even select it as correct (FYI selecting your own answer as correct does not award any reputation)

– Xen2050
1 hour ago










2 Answers
2






active

oldest

votes


















1














In short, user's file wrapped-passphrase had wrong permissions(should be -rw------- user user, were -rw------- root root).



Ran ecryptfs-mount-private command(entered login password) using strace like:



strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private


Contents of /tmp/strace.log:



user@host:~$ sudo strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private
[sudo] password for user:
Enter your login passphrase:
Inserted auth tok with sig [3ab5cd8e5f8c5acb] into the user session keyring
fopen: No such file or directory
user@host:~$ cat /tmp/strace.log
execve("/usr/bin/ecryptfs-mount-private", ["ecryptfs-mount-private"], [/* 13 vars */]) = 0
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
getcwd("/home/user", 4096) = 9
open("/usr/bin/ecryptfs-mount-private", O_RDONLY) = 3
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3872, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
stat("/home/user/.ecryptfs/wrapping-independent", 0x7fff65e61c30) = -1 ENOENT (No such file or directory)
open("/dev/null", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3873, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
stat("/home/user/.ecryptfs/wrapped-passphrase", {st_mode=S_IFREG|0600, st_size=58, ...}) = 0
stat("/home/user/.ecryptfs/Private.sig", {st_mode=S_IFREG|0600, st_size=34, ...}) = 0
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3874, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
stat("/usr/local/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/usr/local/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/usr/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/usr/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
stat("/bin/stty", {st_mode=S_IFREG|0755, st_size=72496, ...}) = 0
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3876, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3877, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3879, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3880, si_uid=0, si_status=0, si_utime=68, si_stime=0} ---
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3881, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
+++ exited with 1 +++


So, we see that there's not enough information. Ran the same command(entered login password), but with flag -f to trace child processes and using root's rights:



sudo strace -o /tmp/strace2.log -f -e trace=file ecryptfs-mount-private`


Part of contents of /tmp/strace2.log file:



...
3963 open("/root/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
3963 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = 3
...
3964 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
3964 open("/root/.ecryptfs/Private.mnt", O_RDONLY) = -1 ENOENT (No such file or directory)
3964 open("/dev/shm/ecryptfs-root-Private", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 3
3964 open("/root/.ecryptfs/Private.sig", O_RDONLY) = -1 ENOENT (No such file or directory)
3964 +++ exited with 1 +++
3954 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3964, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
3954 +++ exited with 1 +++


As we can see, it can't find a file Private.sig of root; it looks like it should be ran by user who encrypted directory we are trying to recover instead of running in a particular directory.



All in all, I ran this command(entered login password) with user's rights:



strace -o /tmp/strace3.log -f -e trace=file ecryptfs-mount-private`


Part of contents of /tmp/strace3.log file:



...
4137 open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
4137 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
4137 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
4137 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
4137 open("/home/user/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
4137 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = -1 EACCES (Permission denied)
4137 open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
4137 +++ exited with 1 +++
4112 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4137, si_uid=1000, si_status=1, si_utime=0, si_stime=0} ---
...


As we can see now, an ecryptfs-mount-private utility can't access user's wrapped-passphrase file which resulted in Permission denied message.



Checked /home/user/.ecryptfs/wrapped-passphrase file's permissions and they were:



-rw------- 1 root root


Changed owner of this file via sudo chown user:user /home/user/.ecryptfs/wrapped-passphrase to user and reran above (ecryptfs-mount-private) command without strace(entered login password) which resulted in success message:



INFO: Your private directory has been mounted.
INFO: To see this change in your current shell:
cd: /home/user





share|improve this answer


























  • You should accept your answer so that search results will show this question has an accepted answer.

    – L. Levrel
    Jan 12 at 10:00











  • @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

    – V.7
    Jan 12 at 10:02





















1














I set up an ecryptfs private folder, then removed the r & w permission from the wrapped-passphrase file to test... If you had checked the syslog right after seeing the message



Info: Check the system log for more information from libecryptfs


You would have seen lines like this:



Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Failed to detect wrapped passphrase version: Permission denied

Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/home/user/.ecryptfs/wrapped-passphrase]; rc = [-13]



Together those would be a pretty strong arrow pointing to check the permissions of the ~/.ecryptfs/wrapped-passphrase file. (No sudo or strace required)






share|improve this answer























    Your Answer








    StackExchange.ready(function() {
    var channelOptions = {
    tags: "".split(" "),
    id: "106"
    };
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function() {
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled) {
    StackExchange.using("snippets", function() {
    createEditor();
    });
    }
    else {
    createEditor();
    }
    });

    function createEditor() {
    StackExchange.prepareEditor({
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader: {
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    },
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    });


    }
    });














    draft saved

    draft discarded


















    StackExchange.ready(
    function () {
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493931%2fecryptfs-mount-private-returns-fopen-no-such-file-or-directory%23new-answer', 'question_page');
    }
    );

    Post as a guest















    Required, but never shown

























    2 Answers
    2






    active

    oldest

    votes








    2 Answers
    2






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    In short, user's file wrapped-passphrase had wrong permissions(should be -rw------- user user, were -rw------- root root).



    Ran ecryptfs-mount-private command(entered login password) using strace like:



    strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private


    Contents of /tmp/strace.log:



    user@host:~$ sudo strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private
    [sudo] password for user:
    Enter your login passphrase:
    Inserted auth tok with sig [3ab5cd8e5f8c5acb] into the user session keyring
    fopen: No such file or directory
    user@host:~$ cat /tmp/strace.log
    execve("/usr/bin/ecryptfs-mount-private", ["ecryptfs-mount-private"], [/* 13 vars */]) = 0
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
    open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
    getcwd("/home/user", 4096) = 9
    open("/usr/bin/ecryptfs-mount-private", O_RDONLY) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3872, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapping-independent", 0x7fff65e61c30) = -1 ENOENT (No such file or directory)
    open("/dev/null", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3873, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapped-passphrase", {st_mode=S_IFREG|0600, st_size=58, ...}) = 0
    stat("/home/user/.ecryptfs/Private.sig", {st_mode=S_IFREG|0600, st_size=34, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3874, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/usr/local/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/local/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/bin/stty", {st_mode=S_IFREG|0755, st_size=72496, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3876, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3877, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3879, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3880, si_uid=0, si_status=0, si_utime=68, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3881, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    +++ exited with 1 +++


    So, we see that there's not enough information. Ran the same command(entered login password), but with flag -f to trace child processes and using root's rights:



    sudo strace -o /tmp/strace2.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace2.log file:



    ...
    3963 open("/root/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    3963 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = 3
    ...
    3964 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    3964 open("/root/.ecryptfs/Private.mnt", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 open("/dev/shm/ecryptfs-root-Private", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 3
    3964 open("/root/.ecryptfs/Private.sig", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 +++ exited with 1 +++
    3954 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3964, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    3954 +++ exited with 1 +++


    As we can see, it can't find a file Private.sig of root; it looks like it should be ran by user who encrypted directory we are trying to recover instead of running in a particular directory.



    All in all, I ran this command(entered login password) with user's rights:



    strace -o /tmp/strace3.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace3.log file:



    ...
    4137 open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    4137 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/home/user/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    4137 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = -1 EACCES (Permission denied)
    4137 open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
    4137 +++ exited with 1 +++
    4112 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4137, si_uid=1000, si_status=1, si_utime=0, si_stime=0} ---
    ...


    As we can see now, an ecryptfs-mount-private utility can't access user's wrapped-passphrase file which resulted in Permission denied message.



    Checked /home/user/.ecryptfs/wrapped-passphrase file's permissions and they were:



    -rw------- 1 root root


    Changed owner of this file via sudo chown user:user /home/user/.ecryptfs/wrapped-passphrase to user and reran above (ecryptfs-mount-private) command without strace(entered login password) which resulted in success message:



    INFO: Your private directory has been mounted.
    INFO: To see this change in your current shell:
    cd: /home/user





    share|improve this answer


























    • You should accept your answer so that search results will show this question has an accepted answer.

      – L. Levrel
      Jan 12 at 10:00











    • @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

      – V.7
      Jan 12 at 10:02


















    1














    In short, user's file wrapped-passphrase had wrong permissions(should be -rw------- user user, were -rw------- root root).



    Ran ecryptfs-mount-private command(entered login password) using strace like:



    strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private


    Contents of /tmp/strace.log:



    user@host:~$ sudo strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private
    [sudo] password for user:
    Enter your login passphrase:
    Inserted auth tok with sig [3ab5cd8e5f8c5acb] into the user session keyring
    fopen: No such file or directory
    user@host:~$ cat /tmp/strace.log
    execve("/usr/bin/ecryptfs-mount-private", ["ecryptfs-mount-private"], [/* 13 vars */]) = 0
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
    open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
    getcwd("/home/user", 4096) = 9
    open("/usr/bin/ecryptfs-mount-private", O_RDONLY) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3872, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapping-independent", 0x7fff65e61c30) = -1 ENOENT (No such file or directory)
    open("/dev/null", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3873, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapped-passphrase", {st_mode=S_IFREG|0600, st_size=58, ...}) = 0
    stat("/home/user/.ecryptfs/Private.sig", {st_mode=S_IFREG|0600, st_size=34, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3874, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/usr/local/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/local/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/bin/stty", {st_mode=S_IFREG|0755, st_size=72496, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3876, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3877, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3879, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3880, si_uid=0, si_status=0, si_utime=68, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3881, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    +++ exited with 1 +++


    So, we see that there's not enough information. Ran the same command(entered login password), but with flag -f to trace child processes and using root's rights:



    sudo strace -o /tmp/strace2.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace2.log file:



    ...
    3963 open("/root/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    3963 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = 3
    ...
    3964 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    3964 open("/root/.ecryptfs/Private.mnt", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 open("/dev/shm/ecryptfs-root-Private", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 3
    3964 open("/root/.ecryptfs/Private.sig", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 +++ exited with 1 +++
    3954 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3964, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    3954 +++ exited with 1 +++


    As we can see, it can't find a file Private.sig of root; it looks like it should be ran by user who encrypted directory we are trying to recover instead of running in a particular directory.



    All in all, I ran this command(entered login password) with user's rights:



    strace -o /tmp/strace3.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace3.log file:



    ...
    4137 open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    4137 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/home/user/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    4137 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = -1 EACCES (Permission denied)
    4137 open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
    4137 +++ exited with 1 +++
    4112 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4137, si_uid=1000, si_status=1, si_utime=0, si_stime=0} ---
    ...


    As we can see now, an ecryptfs-mount-private utility can't access user's wrapped-passphrase file which resulted in Permission denied message.



    Checked /home/user/.ecryptfs/wrapped-passphrase file's permissions and they were:



    -rw------- 1 root root


    Changed owner of this file via sudo chown user:user /home/user/.ecryptfs/wrapped-passphrase to user and reran above (ecryptfs-mount-private) command without strace(entered login password) which resulted in success message:



    INFO: Your private directory has been mounted.
    INFO: To see this change in your current shell:
    cd: /home/user





    share|improve this answer


























    • You should accept your answer so that search results will show this question has an accepted answer.

      – L. Levrel
      Jan 12 at 10:00











    • @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

      – V.7
      Jan 12 at 10:02
















    1












    1








    1







    In short, user's file wrapped-passphrase had wrong permissions(should be -rw------- user user, were -rw------- root root).



    Ran ecryptfs-mount-private command(entered login password) using strace like:



    strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private


    Contents of /tmp/strace.log:



    user@host:~$ sudo strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private
    [sudo] password for user:
    Enter your login passphrase:
    Inserted auth tok with sig [3ab5cd8e5f8c5acb] into the user session keyring
    fopen: No such file or directory
    user@host:~$ cat /tmp/strace.log
    execve("/usr/bin/ecryptfs-mount-private", ["ecryptfs-mount-private"], [/* 13 vars */]) = 0
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
    open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
    getcwd("/home/user", 4096) = 9
    open("/usr/bin/ecryptfs-mount-private", O_RDONLY) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3872, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapping-independent", 0x7fff65e61c30) = -1 ENOENT (No such file or directory)
    open("/dev/null", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3873, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapped-passphrase", {st_mode=S_IFREG|0600, st_size=58, ...}) = 0
    stat("/home/user/.ecryptfs/Private.sig", {st_mode=S_IFREG|0600, st_size=34, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3874, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/usr/local/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/local/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/bin/stty", {st_mode=S_IFREG|0755, st_size=72496, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3876, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3877, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3879, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3880, si_uid=0, si_status=0, si_utime=68, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3881, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    +++ exited with 1 +++


    So, we see that there's not enough information. Ran the same command(entered login password), but with flag -f to trace child processes and using root's rights:



    sudo strace -o /tmp/strace2.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace2.log file:



    ...
    3963 open("/root/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    3963 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = 3
    ...
    3964 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    3964 open("/root/.ecryptfs/Private.mnt", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 open("/dev/shm/ecryptfs-root-Private", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 3
    3964 open("/root/.ecryptfs/Private.sig", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 +++ exited with 1 +++
    3954 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3964, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    3954 +++ exited with 1 +++


    As we can see, it can't find a file Private.sig of root; it looks like it should be ran by user who encrypted directory we are trying to recover instead of running in a particular directory.



    All in all, I ran this command(entered login password) with user's rights:



    strace -o /tmp/strace3.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace3.log file:



    ...
    4137 open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    4137 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/home/user/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    4137 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = -1 EACCES (Permission denied)
    4137 open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
    4137 +++ exited with 1 +++
    4112 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4137, si_uid=1000, si_status=1, si_utime=0, si_stime=0} ---
    ...


    As we can see now, an ecryptfs-mount-private utility can't access user's wrapped-passphrase file which resulted in Permission denied message.



    Checked /home/user/.ecryptfs/wrapped-passphrase file's permissions and they were:



    -rw------- 1 root root


    Changed owner of this file via sudo chown user:user /home/user/.ecryptfs/wrapped-passphrase to user and reran above (ecryptfs-mount-private) command without strace(entered login password) which resulted in success message:



    INFO: Your private directory has been mounted.
    INFO: To see this change in your current shell:
    cd: /home/user





    share|improve this answer















    In short, user's file wrapped-passphrase had wrong permissions(should be -rw------- user user, were -rw------- root root).



    Ran ecryptfs-mount-private command(entered login password) using strace like:



    strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private


    Contents of /tmp/strace.log:



    user@host:~$ sudo strace -o /tmp/strace.log -e trace=file ecryptfs-mount-private
    [sudo] password for user:
    Enter your login passphrase:
    Inserted auth tok with sig [3ab5cd8e5f8c5acb] into the user session keyring
    fopen: No such file or directory
    user@host:~$ cat /tmp/strace.log
    execve("/usr/bin/ecryptfs-mount-private", ["ecryptfs-mount-private"], [/* 13 vars */]) = 0
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
    open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
    access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
    getcwd("/home/user", 4096) = 9
    open("/usr/bin/ecryptfs-mount-private", O_RDONLY) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3872, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapping-independent", 0x7fff65e61c30) = -1 ENOENT (No such file or directory)
    open("/dev/null", O_WRONLY|O_CREAT|O_TRUNC, 0666) = 3
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3873, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    stat("/home/user/.ecryptfs/wrapped-passphrase", {st_mode=S_IFREG|0600, st_size=58, ...}) = 0
    stat("/home/user/.ecryptfs/Private.sig", {st_mode=S_IFREG|0600, st_size=34, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3874, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    stat("/usr/local/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/local/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/usr/bin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/sbin/stty", 0x7fff65e61c40) = -1 ENOENT (No such file or directory)
    stat("/bin/stty", {st_mode=S_IFREG|0755, st_size=72496, ...}) = 0
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3875, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3876, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3877, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3878, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3879, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3880, si_uid=0, si_status=0, si_utime=68, si_stime=0} ---
    --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3881, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    +++ exited with 1 +++


    So, we see that there's not enough information. Ran the same command(entered login password), but with flag -f to trace child processes and using root's rights:



    sudo strace -o /tmp/strace2.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace2.log file:



    ...
    3963 open("/root/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    3963 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = 3
    ...
    3964 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    3964 open("/root/.ecryptfs/Private.mnt", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 open("/dev/shm/ecryptfs-root-Private", O_RDWR|O_CREAT|O_NOFOLLOW, 0600) = 3
    3964 open("/root/.ecryptfs/Private.sig", O_RDONLY) = -1 ENOENT (No such file or directory)
    3964 +++ exited with 1 +++
    3954 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=3964, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
    3954 +++ exited with 1 +++


    As we can see, it can't find a file Private.sig of root; it looks like it should be ran by user who encrypted directory we are trying to recover instead of running in a particular directory.



    All in all, I ran this command(entered login password) with user's rights:



    strace -o /tmp/strace3.log -f -e trace=file ecryptfs-mount-private`


    Part of contents of /tmp/strace3.log file:



    ...
    4137 open("/lib/x86_64-linux-gnu/libnss_nis.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 access("/etc/ld.so.nohwcap", F_OK) = -1 ENOENT (No such file or directory)
    4137 open("/lib/x86_64-linux-gnu/libnss_files.so.2", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/etc/passwd", O_RDONLY|O_CLOEXEC) = 3
    4137 open("/home/user/.ecryptfsrc", O_RDONLY) = -1 ENOENT (No such file or directory)
    4137 open("/home/user/.ecryptfs/wrapped-passphrase", O_RDONLY) = -1 EACCES (Permission denied)
    4137 open("/etc/localtime", O_RDONLY|O_CLOEXEC) = 3
    4137 +++ exited with 1 +++
    4112 --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=4137, si_uid=1000, si_status=1, si_utime=0, si_stime=0} ---
    ...


    As we can see now, an ecryptfs-mount-private utility can't access user's wrapped-passphrase file which resulted in Permission denied message.



    Checked /home/user/.ecryptfs/wrapped-passphrase file's permissions and they were:



    -rw------- 1 root root


    Changed owner of this file via sudo chown user:user /home/user/.ecryptfs/wrapped-passphrase to user and reran above (ecryptfs-mount-private) command without strace(entered login password) which resulted in success message:



    INFO: Your private directory has been mounted.
    INFO: To see this change in your current shell:
    cd: /home/user






    share|improve this answer














    share|improve this answer



    share|improve this answer








    edited Jan 12 at 9:58

























    answered Jan 11 at 21:30









    V.7V.7

    8919




    8919













    • You should accept your answer so that search results will show this question has an accepted answer.

      – L. Levrel
      Jan 12 at 10:00











    • @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

      – V.7
      Jan 12 at 10:02





















    • You should accept your answer so that search results will show this question has an accepted answer.

      – L. Levrel
      Jan 12 at 10:00











    • @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

      – V.7
      Jan 12 at 10:02



















    You should accept your answer so that search results will show this question has an accepted answer.

    – L. Levrel
    Jan 12 at 10:00





    You should accept your answer so that search results will show this question has an accepted answer.

    – L. Levrel
    Jan 12 at 10:00













    @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

    – V.7
    Jan 12 at 10:02







    @L.Levrel Thank you, but, unfortunately, I can't. It shows "You can accept your own answer tomorrow"

    – V.7
    Jan 12 at 10:02















    1














    I set up an ecryptfs private folder, then removed the r & w permission from the wrapped-passphrase file to test... If you had checked the syslog right after seeing the message



    Info: Check the system log for more information from libecryptfs


    You would have seen lines like this:



    Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Failed to detect wrapped passphrase version: Permission denied

    Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/home/user/.ecryptfs/wrapped-passphrase]; rc = [-13]



    Together those would be a pretty strong arrow pointing to check the permissions of the ~/.ecryptfs/wrapped-passphrase file. (No sudo or strace required)






    share|improve this answer




























      1














      I set up an ecryptfs private folder, then removed the r & w permission from the wrapped-passphrase file to test... If you had checked the syslog right after seeing the message



      Info: Check the system log for more information from libecryptfs


      You would have seen lines like this:



      Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Failed to detect wrapped passphrase version: Permission denied

      Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/home/user/.ecryptfs/wrapped-passphrase]; rc = [-13]



      Together those would be a pretty strong arrow pointing to check the permissions of the ~/.ecryptfs/wrapped-passphrase file. (No sudo or strace required)






      share|improve this answer


























        1












        1








        1







        I set up an ecryptfs private folder, then removed the r & w permission from the wrapped-passphrase file to test... If you had checked the syslog right after seeing the message



        Info: Check the system log for more information from libecryptfs


        You would have seen lines like this:



        Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Failed to detect wrapped passphrase version: Permission denied

        Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/home/user/.ecryptfs/wrapped-passphrase]; rc = [-13]



        Together those would be a pretty strong arrow pointing to check the permissions of the ~/.ecryptfs/wrapped-passphrase file. (No sudo or strace required)






        share|improve this answer













        I set up an ecryptfs private folder, then removed the r & w permission from the wrapped-passphrase file to test... If you had checked the syslog right after seeing the message



        Info: Check the system log for more information from libecryptfs


        You would have seen lines like this:



        Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Failed to detect wrapped passphrase version: Permission denied

        Jan 15 00:21:48 sys ecryptfs-insert-wrapped-passphrase-into-keyring: Error attempting to unwrap passphrase from file [/home/user/.ecryptfs/wrapped-passphrase]; rc = [-13]



        Together those would be a pretty strong arrow pointing to check the permissions of the ~/.ecryptfs/wrapped-passphrase file. (No sudo or strace required)







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered 22 hours ago









        Xen2050Xen2050

        1,227811




        1,227811






























            draft saved

            draft discarded




















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid



            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.


            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f493931%2fecryptfs-mount-private-returns-fopen-no-such-file-or-directory%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            How to make a Squid Proxy server?

            Is this a new Fibonacci Identity?

            19世紀