fscrypt encrypt: user keyring not linked into session keyring

[WilliamTambellini]

Hello,
I think I have followed correctly the main readme instructions :
https://github.com/google/fscrypt/blob/master/README.md
but still hitting this error at the last step :

fscrypt encrypt Documents --verbose
2020/01/30 14:05:48 keyringID(_uid.1001) = 948572599,
2020/01/30 14:05:48 KeyctlLink(948572599, -2) =
2020/01/30 14:05:48 keyringID(session) = 749852590,
2020/01/30 14:05:48 KeyctlSearch(749852590, keyring, _uid.1001) = -1, required key not available
fscrypt encrypt: user keyring not linked into session keyring
This is usually the result of a bad PAM configuration. Either correct the problem in your PAM stack, enable pam_keyinit.so, or run "keyctl link @U @s"

I have setup pam as documented :
more /etc/pam.d/common-password | grep fscrypt
password optional pam_fscrypt.so
more /etc/pam.d/common-auth | grep fscrypt
auth optional pam_fscrypt.so
more /etc/pam.d/common-session | grep fscrypt
session optional pam_fscrypt.so drop_caches lock_policies

more /usr/share/pam-configs/fscrypt
Name: fscrypt PAM passphrase support
Default: yes
Priority: 0
Auth-Type: Additional
Auth-Final:
optional pam_fscrypt.so
Session-Type: Additional
Session-Interactive-Only: yes
Session-Final:
optional pam_fscrypt.so drop_caches lock_policies
Password-Type: Additional
Password-Final:
optional pam_fscrypt.so

I have run
sudo pam-auth-update
everything checked except "create home on login".

I dont see instructions about how to "enable pam_keyinit.so".
And I m reluctant to run that keyctl command considering it is not documented in the README and perhaps risky, fragile, or a sign of something wrong.

That ticket
#34
linked to an external page from 2018 perhaps not valid anymore and anyway for a different os version.

Would this (recurrent) issue deserve a section in Troubleshooting ?

Kind
W.
OS: ubuntu 18.03