Udisks KDE4.6.1 Suse 11.4 Authorization Required Issue

Hi Folks,

I have an issue in OpenSUSE 11.4 64bit KDE4.6.1 (multiboot from 11.2 32bit KDE 4.6.1) where Udisks does seem to automatically mount other internal drives but only to root, ie only home and root for 11.4 are OK all other internal drives require authorization to be available to user including NTFS drives.

USB/CD Rom mounting is fine.

In 11.2 32-bit all NTFS partitions are automatically mounted via udisks (yes I installed to fix udisks/HAL for >KDE4.5) without authorization required but 11.4 partitions for home and root require authorization. In 11.4 64bit NTFS partitions and 11.2 home/root are NOT automounted to user and require authorization. I would like to get 11.4 to automount to user the NTFS partitions and 11.2 home (not root).
I think the NTFS none automount to user in 11.4 is a bug either as a result of the multi boot or a policy issue. The none automount to user of 11.2 home I assume is standard security policy of Udisks/Udev as this is true of trying to see 11.4 home from 11.2 - is there a way to allow this ? Any help would be greatly appreciated.

Steps taken so far:

1) Add disks group to user - no effect

    1. Change settings (see below) in org.freedesktop.udisks.policy from the defaults
      listed below to all yes - no effect*

      <action id=“org.freedesktop.udisks.filesystem-mount-system-internal”>
      <description>Mount a system-internal device</description>
      <description xml:lang=“da”>Montér en intern enhed</description>
      <message>Authentication is required to mount the device</message>
      <message xml:lang=“da”>Autorisering er påkrævet for at montere et fil system</message>
      <defaults>
      <allow_any>no</allow_any>
      <allow_inactive>no</allow_inactive>
      <allow_active>auth_admin_keep</allow_active>
      </defaults>
      </action>

  • 3 Examine the UDEV 80-udisks.rules but I really don’t know enough about this *

  • 4 Yes I have set automounting in KDE settings*

The system is multiboot:

default 0
timeout 8
##YaST - generic_mbr
gfxmenu (hd0,1)/boot/message
##YaST - activate

###Don’t change this comment - YaST2 identifier: Original name: linux###
title OpenSuse 11.2 KDE 4.6
root (hd0,1)
kernel /boot/vmlinuz-2.6.31.14-0.6-desktop root=/dev/disk/by-id/ata-WDC_WD740GD-00FLA2_WD-WMAKE1835339-part2 resume=/dev/disk/by-id/ata-WDC_WD740GD-00FLA2_WD-WMAKE1835339-part1 splash=silent quiet showopts vga=0x369
initrd /boot/initrd-2.6.31.14-0.6-desktop

###Don’t change this comment - YaST2 identifier: Original name: failsafe###
title Failsafe – openSUSE 11.2
root (hd0,1)
kernel /boot/vmlinuz-2.6.31.14-0.6-desktop root=/dev/disk/by-id/ata-WDC_WD740GD-00FLA2_WD-WMAKE1835339-part2 showopts apm=off noresume nosmp maxcpus=0 edd=off powersaved=off nohz=off highres=off processor.max_cstate=1 x11failsafe
initrd /boot/initrd-2.6.31.14-0.6-desktop

###Don’t change this comment - YaST2 identifier: Original name: other###
title Windows 7
map (hd2) (hd0)
map (hd0) (hd2)
rootnoverify (hd2,0)
makeactive
chainloader +2

#Don’t change this comment - YaST2 identifier: Original name: none#
title Opensuse 11.4
root (hd1,0)
kernel /boot/vmlinuz-2.6.37.1-1.2-desktop root=/dev/sdb1 splash=silent quiet showopts nomodeset vga=0x31a
initrd /boot/initrd-2.6.37.1-1.2-desktop

Here is the drive setup:

Disk /dev/sda: 74.4 GB, 74355769344 bytes
255 heads, 63 sectors/track, 9039 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0x000343e8

Device Boot Start End Blocks Id System
/dev/sda1 1 262 2104483+ 82 Linux swap / Solaris
/dev/sda2 * 263 2873 20972857+ 83 Linux
/dev/sda3 2874 9039 49528395 83 Linux

Disk /dev/sdb: 1000.2 GB, 1000204886016 bytes
255 heads, 63 sectors/track, 121601 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0xce89844f

Device Boot Start End Blocks Id System
/dev/sdb1 * 1 3040 24412160 83 Linux
/dev/sdb2 3040 121601 952345825+ f W95 Ext’d (LBA)
/dev/sdb5 16318 121601 845693698+ 7 HPFS/NTFS
/dev/sdb6 3040 16317 106651648 83 Linux

Partition table entries are not in disk order

Disk /dev/sdc: 1000.2 GB, 1000204886016 bytes
240 heads, 63 sectors/track, 129201 cylinders
Units = cylinders of 15120 * 512 = 7741440 bytes
Disk identifier: 0xb1dcac7a

Device Boot Start End Blocks Id System
/dev/sdc1 * 1 14 105808+ 7 HPFS/NTFS
/dev/sdc2 15 13545 102294360 7 HPFS/NTFS
/dev/sdc3 13546 129201 874359360 7 HPFS/NTFS

Disk /dev/sdd: 500.1 GB, 500107862016 bytes
255 heads, 63 sectors/track, 60801 cylinders
Units = cylinders of 16065 * 512 = 8225280 bytes
Disk identifier: 0xcb1bc61c

Device Boot Start End Blocks Id System
/dev/sdd1 * 1 60801 488384001 7 HPFS/NTFS

Please, please, please, keep your computer text readable by putting it beteen CODE tags: Posting in Code Tags - A Guide.

Sorry hcvv

:embarrassed:

will remember next time.

PS this is why I thought my problem might be org.freedesktop.udisks.policy

See the link below for more info

[kde 4.6] not able to automount disks anymore[Solved]

https://bbs.archlinux.org/viewtopic.php?id=112465

Finally worked it out :slight_smile:

Had to change:

/var/lib/polkit-1/localauthority/10-vendor.d/org.freedesktop.udisks.filesystem-mount-system-internal.pkla

This is the original contents:

[org.freedesktop.udisks.filesystem-mount-system-internal]
Identity=unix-group:*
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultAny=auth_admin
ResultInactive=auth_admin
ResultActive=auth_admin_keep

Updated:

[org.freedesktop.udisks.filesystem-mount-system-internal]
Identity=unix-group:*
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultAny=auth_admin
ResultInactive=auth_admin
ResultActive=yes

Had to use fstab entries as an initial work around but now I have removed these and all internal drives automount to user in dolphin - which I believe is supposed to be the current default KDE behaviour using Udisks (BUG) ?

One strange thing though is I could not change this behaviour in system settings>actions policy. Any changes made would just revert to default.

Nice work Dragon32! I wasn’t aware of this /var/lib/polkit-1/localauthority/10-vendor.d/ directory. (Up until now, I thought the policies were set by policy files located in /usr/share/polkit-1/actions/, although I note that /etc/polkit-1/localauthority/ also exists but empty on my system). I’m still coming up to speed with the polkit changes. Every new version seems to implement new policy file structures…

Anyway, this might be the cause of a camera access issue being discussed here. So far, I’m looking at group access issues, but maybe /var/lib/polkit-1/localauthority/10-vendor.d/org.freedesktop.hal.device-access.camera.pkla is a potential culprit for this user.

PolicyKit reference manual:

pklocalauthority

Hey thanks for the info Dragon32. You are lucky. I attempted to use the settings>action policy and it removed ALL of my policies on the system. >:( After many hours of trying to repair, I gave up and reinstalled. I strongly caution everyone against using the gui policy editor, at least in the current version.

Many thanks for that. I had the same problem, tried much the same steps… never knew about this localauthority thing until you pointed it out.

Less enthusiasm when adding features and documenting properly what’s already there would certainly go a long way to make PolicyKit et al more palatable. :stuck_out_tongue: