I installed 12.3 one to two weeks ago,
and the setup is such that the standard user can’t mount certain partitions of the hard disk using dolphin,
but that instead root privileges are required for that.
Now, when logged in as standard user and attempting to mount such a partition,
a popup window appears ‘Authentication is required to mount XYZ’,
and the root password is asked for.
That’s just fine, and that’s just what i want !
But, the checkbox for ‘Remember authorization’ by default is checked time and again,
i.e. whenever I get this popup.
One day I’ll forget to uncheck this ‘Remember authorization’,
and my 11 year old son may have access to all partitions on this machine,
which I would clearly like to avoid !
Is there a way to change this default behaviour,
i.e. to have the ‘Remember authorization’ unchecked by default
when this popup ‘Authentication is required to mount XYZ’ appears ?
Then you should be able to mount all your partitions without password.
It has been my impression that “remember authorization” doesn’t actually work.
Not in the GUI, no.
But using “auth_admin_keep” in the line above instead of “yes” would require the the root password to be entered the first time in the session, and remember the authorization for this session. I.e. when you login the next time you would have to enter it again.
I was interested.
So I spent about half an hour to test it.
Under opensuse 12.1 any attempt to mount such partitions just failed without that any popup window
of the kind ‘Authentication is required to mount XYZ’ appeared at all (in which the behaviour differs from 12.3).
So my experience with the ‘Remember authorization’ checkbox will probably have been gathered in cases of calling YaST,
in which the system may behave different.
Correct.
For kdesu (YaST’s menu entry uses this), the “Remember authorization” checkbox DOES work. The authorization is remembered for 5 minutes I think, but only for starting the same program again.
But in the KAuth dialog (KDE’s system for authenticating via polkit), it never worked.
I do not want that any partition gets mounted without root privileges, because I want to prevent my young son
from returning this machine unusable.
I just wanted to get the clickbox ‘Remember authorization’ unchecked by default whenever the popup window
‘Authentication is required to mount XYZ’ appears under 12.3.
Right. I noticed that after writing.
But well, it was just for your (and nrickert’s) information.
And as mentioned, you could set it to “auth_admin_keep”, then the authorization would be remembered, but only for this session (or is it time-based? I have to take a look).
I just wanted to get the clickbox ‘Remember authorization’ unchecked by default whenever the popup window
‘Authentication is required to mount XYZ’ appears under 12.3.
Because I may eventually forget to uncheck it
OK. As has been cleared up in the meantime, this clickbox doesn’t work anyway…
which I copied from polkit-default-privs.restrictive,
and ran
/sbin/set_polkit_default_privs
Afterwards I made tests.
The clickbox ‘Remember authorization’ still is checked in the popup window that appears
every time I try to mount certain partitions using dolphin,
however, at the end of the day the root password is needed every time to successfully mount these partitions,
no matter what the state of this clickbox has been before.
So that’s fine !
Besides, do you know about some documentation on the syntax used in the above-mentioned 3 files,
because in the file
polkit-default-privs.standard
I find lines like
If you only specify one value, then all three elements will be set to this value (i.e. “auth_admin” is a shortcut for “auth_admin:auth_admin:auth_admin”).
From “man polkit”:
allow_any
Implicit authorizations that apply to any client. Optional.
allow_inactive
Implicit authorizations that apply to clients in inactive
sessions on local consoles. Optional.
allow_active
Implicit authorizations that apply to clients in active
sessions on local consoles. Optional.
And the authorization dialog shows which rule causes it to appear when you click on “Details”.
