| View previous topic :: View next topic |
| Author |
Message |
ppurka
Advocate
Joined: 26 Dec 2004
Posts: 3049
|
 Posted: Sun Nov 06, 2011 3:03 am Post subject: How do I make proper udisks setting in /etc/polkit-1?[S + W] |
 |
|
[S + W] == [Solved + Workaround] (in the thread title. Had no space left to write it fully)
I have the following problem which I have hacked around till now by editing /usr/share/polkit-1/actions/org.freedesktop.udisks.policy. I have a script udev_data which is hooked up to udev via a rules.d file: | Code: | SUBSYSTEM=="block", ACTION=="add", SUBSYSTEMS=="usb", ENV{ID_FS_USAGE}=="filesystem", RUN+="/usr/local/bin/udev_data"
SUBSYSTEM=="block", ACTION=="add", SUBSYSTEMS=="mmc", ENV{ID_FS_USAGE}=="filesystem", RUN+="/usr/local/bin/udev_data"
|
The aim of the script udev_data is to prompt me with a graphical dialog whenever a usb device is plugged in and only on confirmation, it mounts the drive. To make this possible, I have the following file in /etc/polkit-1 which is supposed to override the /usr/share/polkit-1 file (it does override when I am logged in and run udisks --mount from a terminal) | Code: | ~> cat /etc/polkit-1/localauthority//50-local.d/99-udisks-mount.pkla
# Action=org.freedesktop.udisks.*
[Allow to mount and unmount disks]
Identity=unix-group:wheel
Action=org.freedesktop.udisks.filesystem-mount,org.freedesktop.udisks.drive-eject
ResultAny=yes
ResultInactive=yes
ResultActive=yes
|
I can mount using udisks from command line but not from udev_data. A simple version of udev_data is given below and it shows what is wrong: | Code: | #!/bin/bash -x
exec &>> /tmp/udev.log
X_USER="username"
export DISPLAY=:0.0
export X_USER=$X_USER
export LC_ALL="en_US.UTF-8"
export BROWSER="/usr/local/bin/firox"
export PATH="/usr/local/bin:${PATH}"
#exec su $X_USER -c "ck-launch-session dbus-launch --exit-with-session udisks --mount $DEVNAME" &
exec su $X_USER -c "udisks --mount $DEVNAME" &
exit 0
|
It doesn't matter which of the "exec su" lines I run; the result is the same: "Mount failed: Not Authorized".
The workaround I currently have is to edit /usr/share/polkit-1/actions/org.freedesktop.udisks.policy and change allow_any and allow_inactive to yes: | Code: | <action id="org.freedesktop.udisks.filesystem-mount">
<description>Mount a device</description>
<message>Authentication is required to mount the device</message>
<defaults>
<allow_any>yes</allow_any>
<allow_inactive>yes</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
</action>
|
Obviously, this is not how it should be done, and so I ask the *kit gurus: what is the proper way to do this? According to pklocalauthority( 8 ) manpage, files in /etc/polkit-1 should override the files defined elsewhere. Why is this not taking effect?
NB: All the 100s of scripts designed to automount disks as soon as they are plugged in is not what I want. What I want is graphical prompts to the user, and the external drives mounted as the user.
_________________
emerge --quiet redefined | E17 vids: I, II
Last edited by ppurka on Sun Nov 06, 2011 10:16 am; edited 1 time in total |
|
| Back to top |
|
 |
ssuominen
Developer
Joined: 30 Sep 2005
Posts: 1822
Location: Finland
|
| Posted: Sun Nov 06, 2011 8:44 am Post subject: |
|
|
Take a look at 'sys-fs/bashmount'
And as for running as another user, you want `pkexec` instead of `su`
man pkexec |
|
| Back to top |
|
|
ppurka
Advocate
Joined: 26 Dec 2004
Posts: 3049
|
| Posted: Sun Nov 06, 2011 10:08 am Post subject: |
|
|
Hi ssuominen,
pkexec has helped. It, however, seems to behave weirdly if I insert vfat drives. I had to modify my mount options from "--mount-options uid=500" to "--mount-options umask=0000". If I don't do that, then I get into the error I describe below. On the other hand, "uid=500" works nicely from terminal, so I don't even know why it behaves differently with pkexec.
Thanks.
[Still keeping the following text, although I have found a nasty workaround]
Thanks pkexec has helped to some extent. Now, I can mount some (ext2) drives. The following problem still remains:
I can not mount a vfat drive as user (using --mount-options uid=500). It works from the terminal, but doesn't work from the script. I get the following error:
Mount failed: Mount option uid=500 is not allowed
If I do not provide that option, then the result is that the drive is mounted as root/root and I am unable to browse its contents.
I have created /usr/share/polkit-1/actions/org.freedesktop.policykit.udev_data.policy: | Code: | <?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE policyconfig PUBLIC
"-//freedesktop//DTD PolicyKit Policy Configuration 1.0//EN"
"http://www.freedesktop.org/standards/PolicyKit/1/policyconfig.dtd">
<policyconfig>
<vendor>Examples for the PolicyKit Project</vendor>
<vendor_url>http://hal.freedesktop.org/docs/PolicyKit/</vendor_url>
<action id="org.freedesktop.policykit.udev_data">
<description>Run the PolicyKit example program Frobnicate</description>
<message>Authentication is required to run the PolicyKit example program Frobnicate (user=$(user), program=$(program), command_line=$(command_line))</message>
<icon_name>audio-x-generic</icon_name>
<defaults>
<allow_any>yes</allow_any>
<allow_inactive>yes</allow_inactive>
<allow_active>yes</allow_active>
</defaults>
<annotate key="org.freedesktop.policykit.exec.path">/usr/bin/udisks</annotate>
</action>
</policyconfig> |
_________________
emerge --quiet redefined | E17 vids: I, II |
|
| Back to top |
|
|
|
|
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
|
|
Desktop Environments
