| 1 |
In the end it was easy: created a polkit rule enabling users in the |
| 2 |
wheel group to not use a password. |
| 3 |
|
| 4 |
rattus ~ # cat /etc/polkit-1/rules.d/55-disks.rules |
| 5 |
|
| 6 |
// Allow any user in the 'wheel' group to mount a disk |
| 7 |
// without entering a password. |
| 8 |
|
| 9 |
polkit.addRule(function(action, subject) { |
| 10 |
if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" && |
| 11 |
subject.isInGroup("wheel")) { |
| 12 |
return polkit.Result.YES; |
| 13 |
} |
| 14 |
}); |
| 15 |
rattus ~ # |
| 16 |
|
| 17 |
Thanks for the polkit hint. |
| 18 |
|
| 19 |
BillK |
| 20 |
|
| 21 |
|
| 22 |
On 1/4/21 6:08 pm, William Kenworthy wrote: |
| 23 |
> Hi, I only have a default polkit rule - nothing about usb. |
| 24 |
> |
| 25 |
> Just noticed the mount dialog box contains: |
| 26 |
> |
| 27 |
> Action: org.freedesktop.udisks2.filesystem-mount-system |
| 28 |
> |
| 29 |
> Vendor: The Udsks Project" |
| 30 |
> |
| 31 |
> I have found some documents on the web, but nothing yet on how to deal |
| 32 |
> with this issue. |
| 33 |
> |
| 34 |
> BillK |
| 35 |
> |
| 36 |
> |
| 37 |
> On 1/4/21 3:21 pm, Ramon Fischer wrote: |
| 38 |
>> Addendum: |
| 39 |
>> |
| 40 |
>> I forgot to answer your other question: |
| 41 |
>> |
| 42 |
>> Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which |
| 43 |
>> allows your unprivileged user to mount USB drives and SD cards without |
| 44 |
>> any password. |
| 45 |
>> |
| 46 |
>> -Ramon |
| 47 |
>> |
| 48 |
>> [1] https://wiki.gentoo.org/wiki/Polkit |
| 49 |
>> |
| 50 |
>> On 01/04/2021 09:13, Ramon Fischer wrote: |
| 51 |
>>> Hello BillK, |
| 52 |
>>> |
| 53 |
>>> I guess, that you are looking for the mount option "user": |
| 54 |
>>> |
| 55 |
>>> /etc/fstab |
| 56 |
>>> |
| 57 |
>>> /dev/sdx /<some_path> ext4 noauto,user,relatime |
| 58 |
>>> 0 2 |
| 59 |
>>> |
| 60 |
>>> In this way, I can mount "/dev/sdx" with an unprivileged user: |
| 61 |
>>> |
| 62 |
>>> $ mount /<some_path> |
| 63 |
>>> |
| 64 |
>>> See also "man 8 mount" ("Non-superuser mounts"). |
| 65 |
>>> |
| 66 |
>>> I am not sure, if this also works with "automount" from |
| 67 |
>>> "net-fs/autofs", if this is what you meant with "automounter". |
| 68 |
>>> |
| 69 |
>>> -Ramon |
| 70 |
>>> |
| 71 |
>>> On 01/04/2021 06:51, William Kenworthy wrote: |
| 72 |
>>>> Hi, |
| 73 |
>>>> |
| 74 |
>>>> I use a sata drive caddy with 2Tb hard disks for offline backups. |
| 75 |
>>>> Almost everytime (within sessions are ok?) it asks for a password |
| 76 |
>>>> before |
| 77 |
>>>> automounting. This is just annoying and has no security benefit in my |
| 78 |
>>>> environment (why just hard disks when USB keys and SD cards don't ask |
| 79 |
>>>> for one?). |
| 80 |
>>>> |
| 81 |
>>>> So, how can I disable the automounter asking for a password either in |
| 82 |
>>>> general, or just for my backup drives? |
| 83 |
>>>> |
| 84 |
>>>> BillK |
| 85 |
>>>> |
| 86 |
>>>> |
| 87 |
>>>> |
Archives