In the end it was easy: created a polkit rule enabling users in the
wheel group to not use a password.
rattus ~ # cat /etc/polkit-1/rules.d/55-disks.rules
// Allow any user in the 'wheel' group to mount a disk
// without entering a password.
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" &&
subject.isInGroup("wheel")) {
return polkit.Result.YES;
}
});
rattus ~ #
Thanks for the polkit hint.
BillK
On 1/4/21 6:08 pm, William Kenworthy wrote:
> Hi, I only have a default polkit rule - nothing about usb.
>
> Just noticed the mount dialog box contains:
>
> Action: org.freedesktop.udisks2.filesystem-mount-system
>
> Vendor: The Udsks Project"
>
> I have found some documents on the web, but nothing yet on how to deal
> with this issue.
>
> BillK
>
>
> On 1/4/21 3:21 pm, Ramon Fischer wrote:
>> Addendum:
>>
>> I forgot to answer your other question:
>>
>> Maybe you also have set some rules in "/etc/polkit/rules.d/"[1], which
>> allows your unprivileged user to mount USB drives and SD cards without
>> any password.
>>
>> -Ramon
>>
>> [1] https://wiki.gentoo.org/wiki/Polkit
>>
>> On 01/04/2021 09:13, Ramon Fischer wrote:
>>> Hello BillK,
>>>
>>> I guess, that you are looking for the mount option "user":
>>>
>>> /etc/fstab
>>>
>>> /dev/sdx /<some_path> ext4 noauto,user,relatime
>>> 0 2
>>>
>>> In this way, I can mount "/dev/sdx" with an unprivileged user:
>>>
>>> $ mount /<some_path>
>>>
>>> See also "man 8 mount" ("Non-superuser mounts").
>>>
>>> I am not sure, if this also works with "automount" from
>>> "net-fs/autofs", if this is what you meant with "automounter".
>>>
>>> -Ramon
>>>
>>> On 01/04/2021 06:51, William Kenworthy wrote:
>>>> Hi,
>>>>
>>>> I use a sata drive caddy with 2Tb hard disks for offline backups.
>>>> Almost everytime (within sessions are ok?) it asks for a password
>>>> before
>>>> automounting. This is just annoying and has no security benefit in my
>>>> environment (why just hard disks when USB keys and SD cards don't ask
>>>> for one?).
>>>>
>>>> So, how can I disable the automounter asking for a password either in
>>>> general, or just for my backup drives?
>>>>
>>>> BillK
>>>>
>>>>
>>>>
