So as I said, we'd better go with the GUI-side (and Ubuntu specific, at this point in the cycle) fix, special-casing the current user. Using PAM could be interesting, but that would need a deeper rework (LDAP and friends) that we can't do now, and from what I can see, PAM's advantages (if any) would be in other fields than eCryptfs.
A much easier solution, and maybe not so ugly, would be to always present a dialog asking for both passwords on login, when unwrapping the private dir failed. As a temporary solution at least, that could do the trick.
So as I said, we'd better go with the GUI-side (and Ubuntu specific, at this point in the cycle) fix, special-casing the current user. Using PAM could be interesting, but that would need a deeper rework (LDAP and friends) that we can't do now, and from what I can see, PAM's advantages (if any) would be in other fields than eCryptfs.
A much easier solution, and maybe not so ugly, would be to always present a dialog asking for both passwords on login, when unwrapping the private dir failed. As a temporary solution at least, that could do the trick.