Milestone 2 for Leap 42.1 was announced on Friday. So, naturally, I downloaded the install DVD iso, and attempted an install.
Both the download and the install went quite well. As usual, I wrote the iso to a USB flash drive, and used that for installing. I installed Leap on its own (unencrypted) partition, but with swap and home coming from an existing encrypted LVM. I mounted the home volume from the LVM as “/xhome”, so that “/home” is actually part of the root partition. The idea was that users could symlink back to files in “/xhome” to make their usual files/directories available. But desktop configuration would be kept separate to avoid conflicts between different desktop versions.
Trouble began with the first boot. I was prompted for the encryption key, but the system was not reading the keyboard and this prevented entering the key.
I have briefly mentioned this in an earlier post.
When I look around, while running 13.1, I notice that there are some systemd user manager processes:
% ps -ef | grep '[/]systemd' root 377 1 0 10:29 ? 00:00:00 /usr/lib/systemd/systemd-journald root 418 1 0 10:29 ? 00:00:00 /usr/lib/systemd/systemd-udevd root 749 1 0 10:29 ? 00:00:00 /usr/lib/systemd/systemd-logind lightdm 3258 1 0 10:29 ? 00:00:00 /usr/lib/systemd/systemd --user root 3421 1 0 10:30 ? 00:00:00 /usr/lib/systemd/systemd --user rickert 3443 1 0 10:30 ? 00:00:00 /usr/lib/systemd/systemd --user
The last three of those are user manager processes, as shown by the “–user” flag to the process. There is also an additional process that seems to be PAM related:
% ps -ef | grep '[p]am' lightdm 3259 3258 0 10:29 ? 00:00:00 (sd-pam) croot 3423 3421 0 10:30 ? 00:00:00 (sd-pam) rickert 3447 3443 0 10:30 ? 00:00:00 (sd-pam)
It is now a little more than a week since 13.1 was released. There are things that one only notices with sustained use. So, here, I’ll mention some of what I have been noticing since switching my main desktop over to 13.1.
This one is really good news. Konqueror has been running continuously for over three days, with nary a problem. Previously, it was likely to crash after 12 hours or less, and sometimes it would crash when minimized. It looks as if a long standing bug has finally been fixed.
Normally, I close and reopen the browser once per day, as a way of deleting session cookies (and thus reducing tracking). But I’ve kept it open to see how long it lasts. I will close it shortly after posting this.
In my previous post, I indicated that I would report on any glitches.
This will be a short post. I have installed on four different machines. The install went as smoothly as any.
I did run into one glitch, with ecryptfs. And that showed up on all of the installs. When installing from the DVD (which I did, except I “burned” to a USB), you cannot directly include “ecryptfs”. That software is in the repos, but not on the DVD. So, technically, this was a post-install glitch.
I used Yast software manager to add ecryptfs. After adding it, I noticed that the pam configuration had not been updated. The result is that login does not automatically decrypt the Private directory.
The problem is easily corrected by running (as root)
# pam-config -a --ecryptfs
With that change, everything has been just about perfect. Well, Apper is still a bit flaky, so I’ll probably turn it off.
In a recent post, I reviewed how to setup ecryptfs for providing a private directory. In that scenario, the directory “$HOME/Private” is the private directory. The files in that directory are stored on disk as encrypted files, but you see them as if unencrypted. The actual encrypted files are stored in “$HOME/.Private”, and what you see is a virtual unencrypted version of those files, mounted on “$HOME/Private”. The virtual unencrypted file system is only mounted while you are logged in. If properly setup, it is automatically mounted on login and automatically umounted on logout.
In this post, I want to describe how to have your actual home directory encrypted in this way. That amounts to having the virtual unencrypted file system mounted as “$HOME” instead of as “$HOME/Private”. Read More…