Gentoo Forums
Gentoo Forums
Gentoo Forums
Quick Search: in
Authentication is required to mount the device[polkit, xfce]
View unanswered posts
View posts from last 24 hours

 
Reply to topic    Gentoo Forums Forum Index Desktop Environments
View previous topic :: View next topic  
Author Message
DMoL
Tux's lil' helper
Tux's lil' helper


Joined: 07 May 2006
Posts: 91
Location: Minsk, Belarus

PostPosted: Sun Feb 24, 2013 1:36 pm    Post subject: Authentication is required to mount the device[polkit, xfce] Reply with quote

Hello!

When I try to mount an ntfs partition on my hard-drive (via Thunar), it prompts me for root password, and in details is shows me that action is "org.freedesktop.udisks.filesystem-mount-system-internal" and vendor "The udisks Project".

That dialogue does not appears when I mount the external usb flash stick, everything goes ok, and no password is required.

I have defined all required action (as I think) for mounting without problems, i.e.
Code:

 pkaction | grep org.freedesktop.udisks.filesystem-mount-system-internal
org.freedesktop.udisks.filesystem-mount-system-internal



What I should do to passwordless mount my ntfs partition? Thanks for help.[/code]
Back to top
View user's profile Send private message
popsUlfr
Tux's lil' helper
Tux's lil' helper


Joined: 27 Feb 2011
Posts: 80

PostPosted: Mon Feb 25, 2013 4:08 pm    Post subject: Reply with quote

Hi DMoL!

You can add your own rule into '/etc/polkit-1/rules.d/' for passwordless mounting of internal partitions. For instance, create a '/etc/polkit-1/rules.d/10-udisks.rules' and add this:
Code:

polkit.addRule(function(action, subject) {
   if ((action.id == "org.freedesktop.udisks.filesystem-mount-system-internal")) {
       return polkit.Result.YES;
    }
});


This should grant you to mount your internal partition without password.
Possible return values are
Code:

polkit.Result.NO
polkit.Result.YES
polkit.Result.AUTH_SELF
polkit.Result.AUTH_SELF_KEEP
polkit.Result.AUTH_ADMIN
polkit.Result.AUTH_ADMIN_KEEP
polkit.Result.NOT_HANDLED


** Note: the following localauthority stuff is obsolete and is no longer used by polkit (see ssuominen's post) **

You could also do it the Arch way by letting users in the group "storage" mount without password by using a local authority file. Create a '/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla' with these contents:
Code:

[Mount a system-internal device]
Identity=unix-group:storage
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes


The previous rule could also be changed to have an additional check:
Code:

polkit.addRule(function(action, subject) {
   if ((action.id == "org.freedesktop.udisks.filesystem-mount-system-internal") && subject.isInGroup("storage")) {
       return polkit.Result.YES;
    }
});


See 'man 8 polkit' and ArchWiki for more info.


Last edited by popsUlfr on Sun Mar 03, 2013 1:32 pm; edited 1 time in total
Back to top
View user's profile Send private message
DMoL
Tux's lil' helper
Tux's lil' helper


Joined: 07 May 2006
Posts: 91
Location: Minsk, Belarus

PostPosted: Fri Mar 01, 2013 11:23 am    Post subject: Reply with quote

Hello popsUlfr, thanks for helping.[/code]


popsUlfr wrote:

You could also do it the Arch way by letting users in the group "storage" mount without password by using a local authority file. Create a '/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla' with these contents:
Code:

[Mount a system-internal device]
Identity=unix-group:storage
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes




That what I wanted. I have the file /etc/polkit-1/localauthority/50-local.d/meum.pkla with the content:


Code:
[Disks Access and System Permissions]
Identity=unix-group:wheel
Action=org.freedesktop.udisks.*;org.freedesktop.NetworkManager.*;org.freedesktop.network-manager-settings.*;org.freedesktop.consolekit.*;org.freedesktop.upower.*;org.libvirt.unix.*;org.libvirt.unix.manage;org.freedesktop.ModemManager.*;
ResultAny=no
ResultInactive=yes
ResultActive=yes


And my current user already belongs to wheel group. Why action "org.freedesktop.udisks.filesystem-mount-system-internal" isn't applied via pattern "org.freedesktop.udisks.*"?
Back to top
View user's profile Send private message
DaggyStyle
Advocate
Advocate


Joined: 22 Mar 2006
Posts: 4941

PostPosted: Sun Mar 03, 2013 8:06 am    Post subject: Reply with quote

can your user unmount without auth after that change?
_________________
Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein
ProjectFootball
Back to top
View user's profile Send private message
ssuominen
Developer
Developer


Joined: 30 Sep 2005
Posts: 2132
Location: Finland

PostPosted: Sun Mar 03, 2013 12:53 pm    Post subject: Reply with quote

DMoL wrote:
Hello popsUlfr, thanks for helping.[/code]


popsUlfr wrote:

You could also do it the Arch way by letting users in the group "storage" mount without password by using a local authority file. Create a '/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla' with these contents:
Code:

[Mount a system-internal device]
Identity=unix-group:storage
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes




That what I wanted. I have the file /etc/polkit-1/localauthority/50-local.d/meum.pkla with the content:


Code:
[Disks Access and System Permissions]
Identity=unix-group:wheel
Action=org.freedesktop.udisks.*;org.freedesktop.NetworkManager.*;org.freedesktop.network-manager-settings.*;org.freedesktop.consolekit.*;org.freedesktop.upower.*;org.libvirt.unix.*;org.libvirt.unix.manage;org.freedesktop.ModemManager.*;
ResultAny=no
ResultInactive=yes
ResultActive=yes


And my current user already belongs to wheel group. Why action "org.freedesktop.udisks.filesystem-mount-system-internal" isn't applied via pattern "org.freedesktop.udisks.*"?


XML .pkla files are no longer used at all, there should only be JS .rules files in /etc/polkit-1/rules.d/
You can safely rm -f *.pkla, and even entire localauthority/ subdir
Back to top
View user's profile Send private message
popsUlfr
Tux's lil' helper
Tux's lil' helper


Joined: 27 Feb 2011
Posts: 80

PostPosted: Sun Mar 03, 2013 1:26 pm    Post subject: Reply with quote

ssuominen wrote:
XML .pkla files are no longer used at all, there should only be JS .rules files in /etc/polkit-1/rules.d/
You can safely rm -f *.pkla, and even entire localauthority/ subdir


Ah of course, thanks! Explains why anything pklocalauthority related is no where to be found on the system now (and why it didn't do a thing in my tests :/). If I get around to it, I'll update the ArchWiki page.
Back to top
View user's profile Send private message
DMoL
Tux's lil' helper
Tux's lil' helper


Joined: 07 May 2006
Posts: 91
Location: Minsk, Belarus

PostPosted: Wed Mar 06, 2013 8:59 pm    Post subject: [SOLVED] Authentication is required to mount the device Reply with quote

Thanks for ssuominen and other guys! The following has solved my trouble:

Code:
cat /etc/polkit-1/rules.d/10-admin.rules
polkit.addAdminRule(function(action, subject) {
    return ["unix-group:wheel"];
});
polkit.addRule(function(action, subject) {
   if ((action.id == "org.freedesktop.udisks.filesystem-mount-system-internal")) {
       return polkit.Result.YES;
    }
});
Back to top
View user's profile Send private message
A.D.
n00b
n00b


Joined: 08 Mar 2013
Posts: 1

PostPosted: Fri Mar 08, 2013 5:53 pm    Post subject: Re: [SOLVED] Authentication is required to mount the device Reply with quote

DMoL wrote:

Code:

polkit.addRule(function(action, subject) {
   if (action.id == "org.freedesktop.udisks.filesystem-mount-system-internal") {
       return polkit.Result.YES;
    }
});


I've just registered only to say that you have to realize that these rules are javascript files. So for commenting something out you have to use javascript comments and not #

I had right rules at the top of file, but after that I "commented" other rules with # and whole file was invalidated :!: So take care ;)
Back to top
View user's profile Send private message
Display posts from previous:   
Reply to topic    Gentoo Forums Forum Index Desktop Environments All times are GMT
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum