#!/bin/sh -e
# This script unmounts a user's private ecryptfs folder
# and clears the kernel keyring of the relevant keys
#
# Original by Michael Halcrow, IBM
# Extracted to a stand-alone script by Dustin Kirkland <kirkland@canonical.com>

if grep -qs "$HOME/.Private $PWD ecryptfs " /proc/mounts 2>/dev/null; then
	pwd_mounted=1
fi
out=`/sbin/umount.ecryptfs_private 2>&1`
if [ -n "$out" ]; then
	echo "$out"
fi
if echo "$out" | grep -q -v "Sessions still open"; then
	for sig in `cat "$HOME/.ecryptfs/Private.sig"`; do
		key_id=`keyctl show | grep "$sig$" | awk '{print $1}'`
		keyctl unlink "$key_id" @u
	done
fi
if [ "$pwd_mounted" = "1" ]; then
	echo
	echo "INFO: Your private directory has been unmounted."
	echo "INFO: To see this change in your current shell:"
	echo "  cd $PWD"
	echo
fi