Bug 418668

Summary: cannot find the button for per-user encrypted home directory in yast2
Product: [openSUSE] openSUSE 11.0 Reporter: robert spitzenpfeil <rs.opensuse>
Component: YaST2Assignee: Jiří Suchomel <jsuchome>
Status: RESOLVED FIXED QA Contact: Jiri Srain <jsrain>
Severity: Normal    
Priority: P5 - None    
Version: Final   
Target Milestone: ---   
Hardware: x86-64   
OS: openSUSE 11.0   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: image of yast2 user add, no encrypted home checkbox
y2logs
logfile

Description robert spitzenpfeil 2008-08-20 11:21:07 UTC 
In yast2 user installer there's a reference for installing a per user encrypted home directory (help info) that gets mounted when a user is logging in. 

But i just cannot find a button to click for activation. Setting up an encrypted home partition with the partitioner module / cryptsetup works though.
Comment 1 Martin Vidner 2008-08-20 11:29:36 UTC 
I can see the check box Use Encrypted Home Directory in the Details tab after selecting yast2 users / Add.
Comment 2 robert spitzenpfeil 2008-08-20 13:07:01 UTC 
Created attachment 234442 [details]
image of yast2 user add, no encrypted home checkbox

Well, I can't :-(
Comment 3 Jiří Suchomel 2008-08-21 06:02:19 UTC 
Hm, what's your hardware? Do you have a laptop with fingerprint reader authentication activated?

(Otherwise, please attach yast2 log files: http://en.opensuse.org/Bugs/YaST#I_reported_a_YaST2_bug.2C_and_now_I_am_asked_to_.22attach_y2logs.22._What_does_that_mean.2C_and_how_do_I_do_that.3F)
Comment 4 robert spitzenpfeil 2008-08-21 12:17:03 UTC 
Created attachment 234707 [details]
y2logs

No, this is not a laptop. It is a pretty crappy Fujitsu Siemens PC - which is known to not like linux at all. AMD64, 64bit kernel, sata, 2GB ram, ATI graphics.
I don't have a fingerprint reader, nor do I use ldap/nis/cifs... auth, just the plain old shadow system.

Find attached the requested yast logfiles. The last action was adding a user called 'tester'.
Comment 5 Jiří Suchomel 2008-08-21 12:26:57 UTC 
Nothing strange. 
Please backup your log files, remove them and run 'Y2DEBUG=1 /sbin/yast2 users' again (see also http://en.opensuse.org/Bugs/YaST#The_y2logs_don.27t_seem_to_show_my_problem._Can_that_logging_be_made_any_more_verbose.3F). Edit the user, open the Details tab and attach the fresh log file.
Comment 6 robert spitzenpfeil 2008-08-21 13:38:29 UTC 
Created attachment 234720 [details]
logfile
Comment 7 Jiří Suchomel 2008-08-22 07:08:12 UTC 
Hm, what does "pam-config -q --thinkfinger" return?
Is pam_thinkfinger installed? What happens when you uninstall it?
Comment 8 robert spitzenpfeil 2008-08-22 11:51:50 UTC 
victory!

The pam module was installed, just removed it. The checkbox is now visible.
Comment 9 Jiří Suchomel 2008-08-25 05:43:18 UTC 
Do you remember if you installed pam_thinkfinger intentionaly or do you think it was selected automatically for installation?
Comment 10 robert spitzenpfeil 2008-08-26 15:05:41 UTC 
Hmmm. I think I might have installed yast2-fingerprint-reader just to see what it looks like. But that only triggers installation of libthinkfinger, not the pam module.

Maybe it would be better not to remove "Use Encrypted Home Directory", but to grey it. Then add some info about pam_thinkfinger interference to /usr/share/YaST2/include/users/helps.ycp
Comment 11 Jiří Suchomel 2008-09-01 08:17:15 UTC 
OK, I updated the help text ("Home directories cannot be encrypted when fingerprint reader device is used. To encrypt the user's home directory, disable fingerprint configuration first."). More is written in manual and in release notes, so this is just a hint.