Mageia forum

Hello,

What is the setup to allow a user in a certain group to mount disks?

AFAIK, a file in /etc/polkit-1/rules.d/, containing the following would do it:

Code: Select all

// Allow udisks2 to mount devices without authentication
// for users in the "wheel" group.
polkit.addRule(function(action, subject) {
    if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
         action.id == "org.freedesktop.udisks2.filesystem-mount") &&
        subject.isInGroup("wheel")) {
        return polkit.Result.YES;
    }
});


But seems to not work.

What is the correct configuration?

Thank you.

Hi, so, what is the group that is allowed to mount disks?
How could I find this?

Pushing for a solution/answer in this forum is not appreciated.
Whenever there is someone able to answer, she/he will do so, so please be patient.

There is no pushing. Just new questions added. Or aren't? I might think they are different, but aren't they?
I've learned to ask in all the forms I can. Once, I've asked "Is there a way to do this and this?" and somebody answered "Yes". Obviously, I was needing to know how too... But not asking that, left me with that...


Now, I've found in logs the reason:

Code: Select all

Error compiling script /usr/share/polkit-1/rules.d/10-udisks2.rules

I see no syntax reason for this.

Hi, I have found the reason.
The file was correct, the file rights were correct (polkitd as owner).
Each time the file was edited, a compilation attempt occurred and failed.
Actually, seems that polkit service must be restarted in order to compile it successfully.
No idea about the reason of this. You see the file is recompiled and expect to work or fail for a rule code error, but it is not the case.
Maybe somebody can bring some light into this, out of curiosity?

msdobrescu wrote:What is the setup to allow a user in a certain group to mount disks?

msdobrescu wrote:Hi, so, what is the group that is allowed to mount disks?

Both seem to me leading to the same inquiry.

No.

First one asks what is the setup. A setup refers to the assembly in which something is organized, planned, or arranged, in its entirety and the relations between its elements and the relations with the other external relevant elements.
The second one is to a single factor. I've thought that mounting is the privilege of one group only and I've asked which one is it.

But really, if you need to ban somebody tonight, just do it! It's okay.
I won't go into this, no more.

But if you do, just erase all my data, according to the GDPR laws, I have the right to have all my stuff removed as long as I can't access this anymore.

msdobrescu wrote:But really, if you need to ban somebody tonight, just do it! It's okay.
I won't go into this, no more.

But if you do, just erase all my data, according to the GDPR laws, I have the right to have all my stuff removed as long as I can't access this anymore.

Nothing whatsoever i had thoughts towards issuing a ban. Don't know how you come to that conclusion.
My interpretation seems different than yours, that is all there is about.

Well, let's say it's a communication issue.

Case closed, see you around

Now I'm afraid to ask.
Hopefully Mageia keeps it the way we are used, so no problems more than a couple once in 5 years...

No worries, have a good night.

Good night to you too!

FWIW, you don't even mention all the details. Are you talking about external or internal disks? And what filesystems?
Usually all external disks that don't have a filesystem on them that supports unix permissions do not require any polkit rule, you can just mount them via your desktop environment.

Also that message about "Error compiling script" usually occurs if there's a syntax error in the mentioned file. Restarting polkitd does not fix that syntax error.
See e.g. https://bugzilla.novell.com/show_bug.cgi?id=876643 or https://serverfault.com/questions/92415 ... nter-admin or https://bbs.archlinux.org/viewtopic.php?id=213580 for some examples.

msdobrescu wrote:Hello,

What is the setup to allow a user in a certain group to mount disks?

AFAIK, a file in /etc/polkit-1/rules.d/, containing the following would do it:

Code: Select all

// Allow udisks2 to mount devices without authentication
// for users in the "wheel" group.
polkit.addRule(function(action, subject) {
    if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
         action.id == "org.freedesktop.udisks2.filesystem-mount") &&
        subject.isInGroup("wheel")) {
        return polkit.Result.YES;
    }
});


But seems to not work.

What is the correct configuration?

Thank you.

Anthough you have solved, maybe you want to know another experience.

I have used a file with a different name:

/etc/polkit-1/rules.d/99-udisks2.rules

Code: Select all

// Allow udisks2 to mount devices without authentication
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" || action.id == "org.freedesktop.udisks2.filesystem-mount" || action.id == "org.freedesktop.udisks2.filesystem-mount-system-internal") { return polkit.Result.YES; } });


Note that I need automount at the startup (KDE session), with no password.

So, there is no mention to wheel group.

Hello, thanks for the reply!

My script was intended to allow users from a specific group only.

Regards,
Mike