Hi fediverse,
I'm hoping someone can give me some advice on an issue that means I can't access the main user account on my Linux Mint (Cinnamon) operating system.
Context:
I'm using a dual boot setup of windows and mint on my laptop. I use mint (or used to, when I could access my user) for pretty much anything that doesn't require things* only my windows instance has. (*things such as support for video games that support windows but not linux, for example)
When creating my main user account, I made a mistake in the username. It was irritating enough for me to want to change it, and as doing so seemed like it should have been fine, I settled upon three guides and ended up (mostly?) just following this one:
https://www.linuxuprising.com/2019/04/how-to-change-username-on-ubuntu-debian.html
I cant remember all of what happened anymore, but I have the following screenshots, along with the stuff I do remember.
(note: red blocks represent the new username, blue blocks represent the old username)
At the used-by-process error, I first tried following the guide precisely, then hoped that "PID" was Process ID, and that the guide expected me to put the ID that usermod stated after "PID", and tried doing that.
Idk if that fvcked something up...
Then I guess I fixed that somehow, idk if I did so by restarting and logging in only as tempuser, or if I had already done that and fixed it some other way.
Anyway I meant to run each line of the command separately to avoid stuff going wrong, but accidentally did both at once. I hoped it'd be fine anyway.
Then stuff happened I guess.
Anyway,
I cant remember much more but I know that I tried to log back in as my main user account and I found out that:
- The username had been successfully changed.
- I could not log into my main user account.
Imputing the correct username and password was successful, and acted like it was logging me in as usual. Then after the usual black screen, it just throws me back to the login window.
This still happens.
I went through a fair bit of internet searching, followed some advice. All that most people were saying was to check how much disk space you have left - and to not keep timeshift snapshots on the same drive as your OS.
(this is one such post, and (I think) the only one I found that I definitely recognise from the previous searching: https://www.reddit.com/r/linuxmint/comments/15revgg/cant_stay_logged_in_keeps_going_back_to_login/)
I did ctrl-alt-f1 and ran df -h, and deleted most of the timeshift snapshots I had (I think I had maybe 6 and deleted 4 or 5).
Here's the output of df -h that I think is from after I deleted the timeshifts:
Idk what to do, hope someone can advise.
(TL;DR: tried to change username on mint, now whenever I try to log in to the user it throws me back to the login window after the usual black screen. Hope this suffices for a summary...)
The option to create an entirely new user seems more straightforward and less easy to mess up, no?
I'd say so. If you don't mind copying stuff over, it's a cleaner solution.
Do it like this:
sudo chown -R newusersnamehere /home/olduserhomedirThen you'll have access to all the old files while logged in as your newly created user.
Ok, will do. Thanks!
(while logged in to tempuser) I created a new user, and ran the command. Then I logged out of tempuser and into the new user, and checked the home folder to see if i could access anything. Only the following seems to have changed in reaction to the command; while logged in to the new user, the folder for the old user's /home doesn't have a grey square icon with a white "X" anymore, and I can access said folder without inputting a password. The stuff inside the folder remains the same, except now when I try to open the "Access-Your-Private-Data.desktop" file, nothing at all happens, whereas before it would return an access-denied-type error message.
I think I remembered putting in a password to get said error message before, so I added a password to the new user just in case that helped, then tried opening the file again, but it didn't change anything.
(Also, weirdly the password for this new user was required to be a minimum of 8 characters long, whereas the old user's password was required to be six, and the one for tempuser is only four characters. Which is an odd inconsistency)
I also tried accessing tempuser's /home, and that worked, letting me access it via password. I was able to access all of tempuser's files, instead of there just being "Access-Your-Private-Data.desktop" and "README.text". I assume this means that only the original user's home folder is encrypted.
This is some weird Cinnamon desktop BS, and I don't have all your aettings, so I'm flying blind on that.
Forget the desktop then if you're not sure what you're doing. Create. A new directory under the new users homedir:
mkdir ~/oldhome-backupThen as whichever user has sudo access run:
mv /home/whateveroldusersdir /home/newusersdir/oldhome-backupI uh... I kind of would have assumed that this was what it'd do, but
Yeah its just moved it all as it was to the new directory.
What do I do now?
(the magenta blocks represent the new username btw)
Now you CHANGE THE OWNERSHIP of that folder as a showered you before:
sudo chown -R magenta user ./oldhome-backupThen run this just in case you messed up something with file permissions on that directory previously while running whatever commands:
sudo chmod -R +r ./oldhome-backupConfirm after running that command that the ownership of the files has changed to the new user. If they haven't, then you something else going on.
I ran both commands, then checked the owner was the new user and it is. What next?
Then run through the crypt mount steps: https://forums.linuxmint.com/viewtopic.php?f=42&t=315207
NOTE: That means Step #4 ONLY. You only need to mount the thing, not change it.
Sorry, I’m not sure I understand
Step #4 of the the guide directs me to "Enter your Mount Passphrase when prompted (as in Step 1)" but step 1 only references logging onto the pc (as such would be to do with the login passphrase if any) rather than the mount passphrase which is instead mentioned in step 2. Does this mean I only need to know the login passphrase or do I have to go through the other steps in order to complete step #4? In which case it doesn't look like I CAN only do step #4
Also, the post by rene (rene » Sun May 31, 2020 7:38 am) seems to suggest that the file to be located at the start of step #4 would be in /home/newuser/oldhome-backup/olduser for me, and since it hasn't seemed to be there I assume it must be hidden by default, which would mean I would have to enable show hidden as described in step #2.3
So I gather I should enable show hidden, then locate the .Private file in /home/newuser/oldhome-backup/olduser?
But then what about the "Enter your Mount Passphrase when prompted (as in Step 1)" part of step #4?
No, step 4 says to run a mount command to start the process of mounting the encrypted volumenso you can copy things out of it. Like I said...ignore step 1. Only pay attention step 4.
The login password and the encrypted pasdpbrase are two different things in function. Now, maybe you have them the same value and they are the same in that way, but in the technical sense they are two different things. One logs you into your computer, the other secures the encryption on the volume. If you only used one password to login to the machine previously, then just use that same password to unlock the volume after running the mount command.
If that password doesn't work, then you did something during your initial setup that differs, and if you don't have the passphrase to unlock that encrypted volume, you're not getting your stuff back.
Sorry for taking so long to get back to you.
I tried to run through step #4, but...
With the information available, (and after enabling show hidden files,) I could only assume that I should use
/home/.ecryptfs/[olduser's_originalusername]/.Private
Which is the directory the .Private "Link to Folder" file in /home/[newuser]/oldhome-backup/[olduser's_newusername] ("/home/newuser/oldhome-backup/olduser" above) links to. Thus my command would be:
sudo mount -t ecryptfs /home/.ecryptfs/[olduser's_originalusername]/.Private
Running said command however only results in the console returning
mount: /home/.ecryptfs/[olduser's_originalusername]/.Private: can't find in /etc/fstab.
[key]: (blue: old user's original username. red: old user's new username. magenta: new user's username.)
You need to add a location to mount it to as the last argument. Same command, but add a location at the end like
/mnt, or another empty directory you can mount into.Yeah, I see the "/media/" bit on the end now - idk why I didn't clock that as something significant, I'll try again with a specified mount point. Thanks for clarifying! (and also thanks @Wolf_Munroe for pointing it out earlier)
👍
I ran the command again, this time specifying an empty directory to mount to, but what do I do here?
I'd assume to select option 1, but this dialogue doesn't seem to appear in the "HOWTO: Recover files from encrypted ecryptfs home directory" guide, so I just wanted to check.
Needs to be an existing directory
I know, I created the folder "oldhome-mountpoint" in "/home/newuser/oldhome-backup", then copied the path to that and used it as the specified mount point in the command, or at least I thought I did. I'll double check it again
I double checked
It seems to exist, and when copying the path it also seems to match the one used in the command.
I still don't know what to do at this point in the process, If you could get back to me at some point soon that'd be neat.
I looked for answers on the internet and haven't found much of use, but I also asked a few LLMs and the responses all suggest that this choice is expected behavior for this process, though again, said choice does not appear in the guide, so idk.
As I said, both directories seem to exist.
(Again, what should I do?)
Then create an empty directory and use that as the last argument.
Theast argument just needs to any directory that exists and is empty. It's simply a place the contents of the mount will be available for interaction after you run the mount command.
Could you at some point reply to this comment pls?: (34365607/18915085)
You're pretty lost in this chain. We offer paid remote help if you want that. Feel free to DM me.
Since it has taken two comments to get through to you the past few times, here's a second comment.
Please just reply to the first one at some point... It is my reply to this. - i.e. my reply to the comment I am replying to with this comment. (34365607/19002981 - https://lemmy.world/post/34365607/19002981 < the first one)
I can't really pay, and I feel like using dms for this kind of stuff kinda just denies others access to the information provided/discussed. (If what you say could be useful to me, it could also be useful to someone else)
Could you just try to help me progress further toward sorting this out?
Again; The directory provided as the last argument in the command seems definitely to exist. Should I select an option when the two options are provided, and if so, is the first option preferable?
If you don't quite know how I should proceed, or otherwise can't provide further help, that's also fine, but please let me know either way. (Also idk exactly what "We offer paid remote help if you want that" means, but if you don't have the time/wherewithal/etc to provide further help without pay or whatever, the same applies)
If you're getting an error, please provide it. If it's just saying you're missing the final argument as the mount point, you're doing something wrong. The mount command at its base works like this:
mount [sometargethere] [someemptydirectory]I just need to know what to do at this stage (the stage described in [34365607/18807477]):
There's no error, I just don't know what to do when presented with these two options. Is this expected behavior? As I said in [34365607/18807477], this dialogue (the choice between passphrase and tspi) doesn't appear in the "HOWTO: Recover files from encrypted ecryptfs home directory" guide, so I just wanted to check that said dialogue was what was supposed to happen, and if so which option I should select.
There are more details and stuff on this in my previous comments, I'll quote them below in chronological order so they're all in one place.
Relevant comments in this chain/thread (chronological order):
Hir 1 and enter the passphrase for the volume. Try whatever the previous login password was, or if you know the right passphrase, enter that. The value is what YOU set when you installed the first time.
I got to the "select cipher" step.
I assume I should select whichever cipher was used originally.
How do I find out which one was used?
I doubt I would have deviated from the default during setup, and i assume AES would have been said default, in which case I should pick that?
What should I do?
Just try whatever, or look up the docs for your distro. If you need this info and you don't have it, you're at the end of the road.
I intend to run the command again and try selecting aes in hope that that's what it would've used, however I'm still really unclear on the guide... look at the code section of step 4--
At the line where one would input a number from 1 to 6 to make a selection, "aes" is placed where I'd assume the inputted number would be, and then a sentence starts abruptly at the end of that word
"
"
And it then follows as a series of instructions
Is this a part of the guide?? Is this an output from the terminal??
Since I can't access the internet on my mint instance (for other technical reasons) and I haven't set up hibernation, I have to quit the process to return to my windows instance in order to ask another question or query a search engine.
(When the terminal starts doing more active processes, killing said processes to return to my windows instance seems like it easily has potential to break something important, so...)
I just want to make sure I'm clear on the actual steps that have to be completed before running the command again.
What additional steps follow after selecting a cipher?
Which parts of the code in step 4 are part of the terminal output, and which aren't?
(Sorry I'm asking so many questions-- I just don't wanna fuck it up further; I wanna be sure to do it right)
If it's encrypted, and you can't mount it, then you can't fuck it up, can you? Make the file read-only, and mount it as read-only if you're that scared.
I don't know what other steps you're talking about. Look up the docs.
The main point here, and my main question, is as follows:
As in, there is a great deal more text below the "Select cipher:" block in the code section of step 4. It doesn't just go straight to "Mounted eCryptfs".
Much of said text seems like it must be additional steps in the process, either as text the terminal will output or as text the author of the guide has inserted into the code box. Otherwise what is it? It would seem odd for the terminal to just output it as non-interactive information while processing and mounting the drive, given that it seems to be a series of instructions, as I said.
[from the code box in step 4 of [HOWTO: Recover files from encrypted ecryptfs home directory]:]
🤷
Uh... Ok
Does that mean you don't know what the guide is talking about? The bits I recognise as seeming to be outputs from the terminal asking one to select an option though... Surely I need to know what to select when those come up? For instance I can decipher that presumably these selection prompts will appear during the process:
The guide selects 16 for the key bytes, n for "Enable plaintext passthrough", and y for "Enable filename encryption"
What am I supposed to select when/if these prompts appear?
Do the options selected have to match the ones used originally?
With the y/n prompts, does the "[n]" in each mean that is the default? If so, that would presumably have been used originally, and thus should it be my selection...?
Then, is there also a default key bytes value that would have been auto-selected during setup?
I'm not really sure what "🤷" exactly means in this context, given the amount of variability as to what you may be shrugging about specifically, and the nature and context of the situation
Idk if that means you have absolutely no idea what I should do here or not
I'm not at your machine. Your notes and questions aren't making sense. Nothing I can do here.
But what do you mean by "Your notes and questions aren't making sense"? If you don't understand any of what I'm asking, feel free to ask me what I mean, or point out something that doesn't make sense. You're allowed to ask questions yourself, you know.
DUDE, I CANNOT HELP YOU.
If you're not gonna answer the questions or explain why you can't help or whatever I'll just give up I guess.
Anyway, I went and ran through the selection prompts, winging it and putting in the values I presume to be the ones used, and found that I do in fact seem to need the FNEK, which is obtained in step 3 of the guide. It seems relatively easy and straightforward to obtain, so I'll just do that later, input it where prompted, and see where that goes.
Thanks anyway
The line says "Select key type to use for newly created files", but I'll disregard the seemingly present confliction and presume that doesn't change anything..?
(When I get around to it,) I'll run the command again and select option 1, then enter the passphrase for [magentauser] (Edit: *[blueuser]).
Thanks again!
See this comment: [34365607/18809283]
And this comment on that comment ([34365607/18809448])
And the comment that the comment this comment is commenting on is commenting on ([34365607/18892748])
The directory seems to exist. Is this not what you're talking about?
@DuckyLoco404 @just_another_person
Not familiar with ecryptfs but that mount command looks incomplete.
General syntax for mount is:
sudo mount -t <filesystem type> <device or file to be mounted> <directory to mount device or file>
(The -t specifies the following value is a filesystem type.)
The path you've specified is the device or file to be mounted, but no mount point is specified.
Also saw this on Linux Mint forum:
(Recovering files from Encrypted ~.)
https://forums.linuxmint.com/viewtopic.php?t=354385