View previous topic :: View next topic |
Author |
Message |
DMoL Tux's lil' helper
Joined: 07 May 2006 Posts: 100 Location: Minsk, Belarus
|
Posted: Sun Feb 24, 2013 1:36 pm Post subject: Authentication is required to mount the device[polkit, xfce] |
|
|
Hello!
When I try to mount an ntfs partition on my hard-drive (via Thunar), it prompts me for root password, and in details is shows me that action is "org.freedesktop.udisks.filesystem-mount-system-internal" and vendor "The udisks Project".
That dialogue does not appears when I mount the external usb flash stick, everything goes ok, and no password is required.
I have defined all required action (as I think) for mounting without problems, i.e.
Code: |
pkaction | grep org.freedesktop.udisks.filesystem-mount-system-internal
org.freedesktop.udisks.filesystem-mount-system-internal
|
What I should do to passwordless mount my ntfs partition? Thanks for help.[/code] |
|
Back to top |
|
|
popsUlfr Tux's lil' helper
Joined: 27 Feb 2011 Posts: 80
|
Posted: Mon Feb 25, 2013 4:08 pm Post subject: |
|
|
Hi DMoL!
You can add your own rule into '/etc/polkit-1/rules.d/' for passwordless mounting of internal partitions. For instance, create a '/etc/polkit-1/rules.d/10-udisks.rules' and add this:
Code: |
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks.filesystem-mount-system-internal")) {
return polkit.Result.YES;
}
});
|
This should grant you to mount your internal partition without password.
Possible return values are
Code: |
polkit.Result.NO
polkit.Result.YES
polkit.Result.AUTH_SELF
polkit.Result.AUTH_SELF_KEEP
polkit.Result.AUTH_ADMIN
polkit.Result.AUTH_ADMIN_KEEP
polkit.Result.NOT_HANDLED
|
** Note: the following localauthority stuff is obsolete and is no longer used by polkit (see ssuominen's post) **
You could also do it the Arch way by letting users in the group "storage" mount without password by using a local authority file. Create a '/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla' with these contents:
Code: |
[Mount a system-internal device]
Identity=unix-group:storage
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes
|
The previous rule could also be changed to have an additional check:
Code: |
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks.filesystem-mount-system-internal") && subject.isInGroup("storage")) {
return polkit.Result.YES;
}
});
|
See 'man 8 polkit' and ArchWiki for more info.
Last edited by popsUlfr on Sun Mar 03, 2013 1:32 pm; edited 1 time in total |
|
Back to top |
|
|
DMoL Tux's lil' helper
Joined: 07 May 2006 Posts: 100 Location: Minsk, Belarus
|
Posted: Fri Mar 01, 2013 11:23 am Post subject: |
|
|
Hello popsUlfr, thanks for helping.[/code]
popsUlfr wrote: |
You could also do it the Arch way by letting users in the group "storage" mount without password by using a local authority file. Create a '/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla' with these contents:
Code: |
[Mount a system-internal device]
Identity=unix-group:storage
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes
|
|
That what I wanted. I have the file /etc/polkit-1/localauthority/50-local.d/meum.pkla with the content:
Code: | [Disks Access and System Permissions]
Identity=unix-group:wheel
Action=org.freedesktop.udisks.*;org.freedesktop.NetworkManager.*;org.freedesktop.network-manager-settings.*;org.freedesktop.consolekit.*;org.freedesktop.upower.*;org.libvirt.unix.*;org.libvirt.unix.manage;org.freedesktop.ModemManager.*;
ResultAny=no
ResultInactive=yes
ResultActive=yes
|
And my current user already belongs to wheel group. Why action "org.freedesktop.udisks.filesystem-mount-system-internal" isn't applied via pattern "org.freedesktop.udisks.*"? |
|
Back to top |
|
|
DaggyStyle Watchman
Joined: 22 Mar 2006 Posts: 5909
|
Posted: Sun Mar 03, 2013 8:06 am Post subject: |
|
|
can your user unmount without auth after that change? _________________ Only two things are infinite, the universe and human stupidity and I'm not sure about the former - Albert Einstein |
|
Back to top |
|
|
SamuliSuominen Retired Dev
Joined: 30 Sep 2005 Posts: 2133 Location: Finland
|
Posted: Sun Mar 03, 2013 12:53 pm Post subject: |
|
|
DMoL wrote: | Hello popsUlfr, thanks for helping.[/code]
popsUlfr wrote: |
You could also do it the Arch way by letting users in the group "storage" mount without password by using a local authority file. Create a '/etc/polkit-1/localauthority/50-local.d/50-filesystem-mount-system-internal.pkla' with these contents:
Code: |
[Mount a system-internal device]
Identity=unix-group:storage
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes
|
|
That what I wanted. I have the file /etc/polkit-1/localauthority/50-local.d/meum.pkla with the content:
Code: | [Disks Access and System Permissions]
Identity=unix-group:wheel
Action=org.freedesktop.udisks.*;org.freedesktop.NetworkManager.*;org.freedesktop.network-manager-settings.*;org.freedesktop.consolekit.*;org.freedesktop.upower.*;org.libvirt.unix.*;org.libvirt.unix.manage;org.freedesktop.ModemManager.*;
ResultAny=no
ResultInactive=yes
ResultActive=yes
|
And my current user already belongs to wheel group. Why action "org.freedesktop.udisks.filesystem-mount-system-internal" isn't applied via pattern "org.freedesktop.udisks.*"? |
XML .pkla files are no longer used at all, there should only be JS .rules files in /etc/polkit-1/rules.d/
You can safely rm -f *.pkla, and even entire localauthority/ subdir |
|
Back to top |
|
|
popsUlfr Tux's lil' helper
Joined: 27 Feb 2011 Posts: 80
|
Posted: Sun Mar 03, 2013 1:26 pm Post subject: |
|
|
ssuominen wrote: | XML .pkla files are no longer used at all, there should only be JS .rules files in /etc/polkit-1/rules.d/
You can safely rm -f *.pkla, and even entire localauthority/ subdir |
Ah of course, thanks! Explains why anything pklocalauthority related is no where to be found on the system now (and why it didn't do a thing in my tests :/). If I get around to it, I'll update the ArchWiki page. |
|
Back to top |
|
|
DMoL Tux's lil' helper
Joined: 07 May 2006 Posts: 100 Location: Minsk, Belarus
|
Posted: Wed Mar 06, 2013 8:59 pm Post subject: [SOLVED] Authentication is required to mount the device |
|
|
Thanks for ssuominen and other guys! The following has solved my trouble:
Code: | cat /etc/polkit-1/rules.d/10-admin.rules
polkit.addAdminRule(function(action, subject) {
return ["unix-group:wheel"];
});
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks.filesystem-mount-system-internal")) {
return polkit.Result.YES;
}
});
|
|
|
Back to top |
|
|
A.D. n00b
Joined: 08 Mar 2013 Posts: 1
|
Posted: Fri Mar 08, 2013 5:53 pm Post subject: Re: [SOLVED] Authentication is required to mount the device |
|
|
DMoL wrote: |
Code: |
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.udisks.filesystem-mount-system-internal") {
return polkit.Result.YES;
}
});
|
|
I've just registered only to say that you have to realize that these rules are javascript files. So for commenting something out you have to use javascript comments and not #
I had right rules at the top of file, but after that I "commented" other rules with # and whole file was invalidated So take care |
|
Back to top |
|
|
|