1 |
In the end it was easy: created a polkit rule enabling users in the |
2 |
wheel group to not use a password. |
3 |
|
4 |
rattus ~ # cat /etc/polkit-1/rules.d/55-disks.rules |
5 |
|
6 |
// Allow any user in the 'wheel' group to mount a disk |
7 |
// without entering a password. |
8 |
|
9 |
polkit.addRule(function(action, subject) { |
10 |
if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" && |
11 |
subject.isInGroup("wheel")) { |
12 |
return polkit.Result.YES; |
13 |
} |
14 |
}); |
15 |
rattus ~ # |
16 |
|
17 |
Thanks for the polkit hint. |
18 |
|
19 |
BillK |
20 |
|
21 |
|
22 |
On 1/4/21 6:08 pm, William Kenworthy wrote: |
23 |
> Hi, I only have a default polkit rule - nothing about usb. |
24 |
> |
25 |
> Just noticed the mount dialog box contains: |
26 |
> |
27 |
> Action: org.freedesktop.udisks2.filesystem-mount-system |
28 |
> |
29 |
> Vendor: The Udsks Project" |
30 |
> |
31 |
> I have found some documents on the web, but nothing yet on how to deal |
32 |
> with this issue. |
33 |
> |
34 |
> BillK |
35 |
> |
36 |
> |
37 |
> On 1/4/21 3:21 pm, Ramon Fischer wrote: |
38 |
>> Addendum: |
39 |
>> |
40 |
>> I forgot to answer your other question: |
41 |
>> |
42 |
>> Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which |
43 |
>> allows your unprivileged user to mount USB drives and SD cards without |
44 |
>> any password. |
45 |
>> |
46 |
>> -Ramon |
47 |
>> |
48 |
>> [1] https://wiki.gentoo.org/wiki/Polkit |
49 |
>> |
50 |
>> On 01/04/2021 09:13, Ramon Fischer wrote: |
51 |
>>> Hello BillK, |
52 |
>>> |
53 |
>>> I guess, that you are looking for the mount option "user": |
54 |
>>> |
55 |
>>> /etc/fstab |
56 |
>>> |
57 |
>>> /dev/sdx /<some_path> ext4 noauto,user,relatime |
58 |
>>> 0 2 |
59 |
>>> |
60 |
>>> In this way, I can mount "/dev/sdx" with an unprivileged user: |
61 |
>>> |
62 |
>>> $ mount /<some_path> |
63 |
>>> |
64 |
>>> See also "man 8 mount" ("Non-superuser mounts"). |
65 |
>>> |
66 |
>>> I am not sure, if this also works with "automount" from |
67 |
>>> "net-fs/autofs", if this is what you meant with "automounter". |
68 |
>>> |
69 |
>>> -Ramon |
70 |
>>> |
71 |
>>> On 01/04/2021 06:51, William Kenworthy wrote: |
72 |
>>>> Hi, |
73 |
>>>> |
74 |
>>>> I use a sata drive caddy with 2Tb hard disks for offline backups. |
75 |
>>>> Almost everytime (within sessions are ok?) it asks for a password |
76 |
>>>> before |
77 |
>>>> automounting. This is just annoying and has no security benefit in my |
78 |
>>>> environment (why just hard disks when USB keys and SD cards don't ask |
79 |
>>>> for one?). |
80 |
>>>> |
81 |
>>>> So, how can I disable the automounter asking for a password either in |
82 |
>>>> general, or just for my backup drives? |
83 |
>>>> |
84 |
>>>> BillK |
85 |
>>>> |
86 |
>>>> |
87 |
>>>> |