#!/bin/sh
#
# Script to reproduce fscrypt hang bug on xrdp login
# Run me as root in an Ubuntu (22.04/jammy) Live session
#

set -ex

apt-get update
apt-get -y install freerdp2-x11 libpam-fscrypt xrdp

# Set up xrdp
#
perl -pi -e 's,^(test .*),exec xterm\t#$1,' /etc/xrdp/startwm.sh
adduser xrdp ssl-cert
/etc/init.d/xrdp restart

# Create in-memory ext4 filesystem for testing
#
img=/tmp/ext4fs.img
dd if=/dev/zero of=$img bs=1M count=16
mkfs.ext4 $img
tune2fs -O encrypt $img
mount -o loop $img /mnt

# Set up fscrypt, and enable fscrypt session debugging
#
fscrypt setup --quiet
fscrypt setup /mnt --quiet
perl -pi -e 's,(pam_fscrypt\.so) *$,$1 debug,' /etc/pam.d/common-session

# Set up our test user with an encrypted home directory
#
echo 'testuser:pwtest:1000:1000:Test User,,,:/mnt/testuser:/bin/bash' | newusers
echo pwtest | fscrypt encrypt /mnt/testuser --source=pam_passphrase --user=testuser --quiet
echo 'super secret stuff' >/mnt/testuser/secret.txt
fscrypt lock --all-users /mnt/testuser

cat <<EOF
================================================================

Bug reproduction setup is complete.

Now, keep an eye on /var/log/syslog, and in a separate terminal, run

    xfreerdp +grab-keyboard /cert:ignore /u:testuser /p:pwtest /size:640x480 /v:localhost

The last message visible from xrdp/fscrypt in syslog should be "running
passphrase hash for protector ..." And there, it hangs. After a couple
minutes, you'll see "connection problem, giving up".

EOF