Feature Request: Enable some way for pam_fscrypt to not lock policies on logout

[josephlr]

My use case is the following:

Normally, I have a a directory (say /mnt/foo/bar) that is unlocked whenever I login, and is protected by my login passphrase. It uses pam_fscrypt to automatically unlock directory bar, and everything works fine. This directory's contents are also read by system services running on the machine.

However, things get weird if I manually unlock the directory. This sometimes is necessary to fix system bugs (unrelated to fscrypt) or when accessing the computer over SSH (where I don't provide a passphrase on login). Even if I manually unlock the directory with a different, non-login protector, the directory is locked on logout.

This is different from the behavior of a directory only protected with a non-login protector, where it will not be locked on logout.

I see some potential ways to make this more user-friendly:

• When unlocking the directory, print a message to the user if it will be autolocked on logout.
• Only auto-lock policies that were unlocked with the login passphrase (maybe this should be opt-in?)
• A non-default options to pam_fscrypt to just disable directory locking on logout.

@ebiggers what are your thoughts here?