Re: [gentoo-user] Disable password required to mount removable hard disk. (solved)
Awesome! I am glad to hear, that I could help. :) -Ramon On 01/04/2021 13:28, William Kenworthy wrote: In the end it was easy: created a polkit rule enabling users in the wheel group to not use a password. rattus ~ # cat /etc/polkit-1/rules.d/55-disks.rules // Allow any user in the 'wheel' group to mount a disk // without entering a password. polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" && subject.isInGroup("wheel")) { return polkit.Result.YES; } }); rattus ~ # Thanks for the polkit hint. BillK On 1/4/21 6:08 pm, William Kenworthy wrote: Hi, I only have a default polkit rule - nothing about usb. Just noticed the mount dialog box contains: Action: org.freedesktop.udisks2.filesystem-mount-system Vendor: The Udsks Project" I have found some documents on the web, but nothing yet on how to deal with this issue. BillK On 1/4/21 3:21 pm, Ramon Fischer wrote: Addendum: I forgot to answer your other question: Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which allows your unprivileged user to mount USB drives and SD cards without any password. -Ramon [1] https://wiki.gentoo.org/wiki/Polkit On 01/04/2021 09:13, Ramon Fischer wrote: Hello BillK, I guess, that you are looking for the mount option "user": /etc/fstab /dev/sdx / ext4 noauto,user,relatime 0 2 In this way, I can mount "/dev/sdx" with an unprivileged user: $ mount / See also "man 8 mount" ("Non-superuser mounts"). I am not sure, if this also works with "automount" from "net-fs/autofs", if this is what you meant with "automounter". -Ramon On 01/04/2021 06:51, William Kenworthy wrote: Hi, I use a sata drive caddy with 2Tb hard disks for offline backups. Almost everytime (within sessions are ok?) it asks for a password before automounting. This is just annoying and has no security benefit in my environment (why just hard disks when USB keys and SD cards don't ask for one?). So, how can I disable the automounter asking for a password either in general, or just for my backup drives? BillK -- GPG public key: 5983 98DA 5F4D A464 38FD CF87 155B E264 13E6 99BF OpenPGP_signature Description: OpenPGP digital signature
Re: [gentoo-user] Disable password required to mount removable hard disk. (solved)
In the end it was easy: created a polkit rule enabling users in the wheel group to not use a password. rattus ~ # cat /etc/polkit-1/rules.d/55-disks.rules // Allow any user in the 'wheel' group to mount a disk // without entering a password. polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" && subject.isInGroup("wheel")) { return polkit.Result.YES; } }); rattus ~ # Thanks for the polkit hint. BillK On 1/4/21 6:08 pm, William Kenworthy wrote: > Hi, I only have a default polkit rule - nothing about usb. > > Just noticed the mount dialog box contains: > > Action: org.freedesktop.udisks2.filesystem-mount-system > > Vendor: The Udsks Project" > > I have found some documents on the web, but nothing yet on how to deal > with this issue. > > BillK > > > On 1/4/21 3:21 pm, Ramon Fischer wrote: >> Addendum: >> >> I forgot to answer your other question: >> >> Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which >> allows your unprivileged user to mount USB drives and SD cards without >> any password. >> >> -Ramon >> >> [1] https://wiki.gentoo.org/wiki/Polkit >> >> On 01/04/2021 09:13, Ramon Fischer wrote: >>> Hello BillK, >>> >>> I guess, that you are looking for the mount option "user": >>> >>> /etc/fstab >>> >>> /dev/sdx / ext4 noauto,user,relatime >>> 0 2 >>> >>> In this way, I can mount "/dev/sdx" with an unprivileged user: >>> >>> $ mount / >>> >>> See also "man 8 mount" ("Non-superuser mounts"). >>> >>> I am not sure, if this also works with "automount" from >>> "net-fs/autofs", if this is what you meant with "automounter". >>> >>> -Ramon >>> >>> On 01/04/2021 06:51, William Kenworthy wrote: Hi, I use a sata drive caddy with 2Tb hard disks for offline backups. Almost everytime (within sessions are ok?) it asks for a password before automounting. This is just annoying and has no security benefit in my environment (why just hard disks when USB keys and SD cards don't ask for one?). So, how can I disable the automounter asking for a password either in general, or just for my backup drives? BillK