2 files changed, 6 insertions, 7 deletions

diff --git a/cli-tests/t_v1_policy.out b/cli-tests/t_v1_policy.out
index b47bcca..9adb00a 100644
--- a/cli-tests/t_v1_policy.out
+++ b/cli-tests/t_v1_policy.out
@@ -42,7 +42,7 @@ desc2  No      custom protector "prot"
 
 Policy:   desc1
 Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:1 
-Unlocked: Yes
+Unlocked: Partially (incompletely locked, or unlocked by another user)
 
 Protected with 1 protector:
 PROTECTOR         LINKED  DESCRIPTION
@@ -115,7 +115,7 @@ Then re-run:
 
 Policy:   desc1
 Options:  padding:32 contents:AES_256_XTS filenames:AES_256_CTS policy_version:1 
-Unlocked: Partially (incompletely locked)
+Unlocked: Partially (incompletely locked, or unlocked by another user)
 
 Protected with 1 protector:
 PROTECTOR         LINKED  DESCRIPTION
diff --git a/cmd/fscrypt/status.go b/cmd/fscrypt/status.go
index 02fdc74..255bb2b 100644
--- a/cmd/fscrypt/status.go
+++ b/cmd/fscrypt/status.go
@@ -68,13 +68,12 @@ func policyUnlockedStatus(policy *actions.Policy, path string) string {
 	status := policy.GetProvisioningStatus()
 
 	// Due to a limitation in the old kernel API for fscrypt, for v1
-	// policies using the user keyring that are incompletely locked we'll
-	// get KeyAbsent, not KeyAbsentButFilesBusy as expected.  If we have a
-	// directory path, use a heuristic to try to detect whether it is still
-	// usable and thus the policy is actually incompletely locked.
+	// policies using the user keyring that are incompletely locked or are
+	// unlocked by another user, we'll get KeyAbsent.  If we have a
+	// directory path, use a heuristic to try to detect these cases.
 	if status == keyring.KeyAbsent && policy.NeedsUserKeyring() &&
 		path != "" && isDirUnlockedHeuristic(path) {
-		status = keyring.KeyAbsentButFilesBusy
+		return "Partially (incompletely locked, or unlocked by another user)"
 	}
 
 	switch status {