LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - General (https://www.linuxquestions.org/questions/linux-general-1/)
-   -   Problem with sudo and mounting as user (https://www.linuxquestions.org/questions/linux-general-1/problem-with-sudo-and-mounting-as-user-906548/)

revinary 10-05-2011 07:22 AM
Problem with sudo and mounting as user
 
Hi all,

I am running Debian testing + Gnome 2 and have added !authenticate to the Defaults in my sudoers file.

It had the desired effect: neither sudo nor gtksudo (which is configured to use sudo as backend) require entering my password anymore
EXCEPT
when I try to mount a device in nautilus it always asks me to enter my user password (which indicates that sudo is used to grant the rights).

Any ideas why in the paticular case of mounting storage the !authenticate option has no effect?

Thanks,

rev

kbscores 10-05-2011 08:17 AM
Is it a specific account that is mounting or is it all users?

For specific user add:

userName ALL=NOPASSWD: /bin/mount /filesystem

OR for all users

users ALL=NOPASSWD: /bin/mount /filesystem


Note: /bin/mount maybe a different path depending on how your box is set up.

revinary 10-06-2011 03:01 AM
Thanks for your reply,

what exactly does /filesystem stand for?

Anyway, shouldn't the !authenticate option in my sudoers file disable password checks ENTIRELY?

My sudoers file looks like this atm:
Code:
Defaults        env_reset,!authenticate,editor=/usr/bin/nano
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

root        ALL=(ALL:ALL) ALL
%sudo        ALL=(ALL:ALL) NOPASSWD:ALL
Again, using sudo/gksu/gksudo works without asking for my p/w EXCEPT when mounting a device with nautilus.

Note, the device is an external eSATA drive. If I attach it via USB it gets mounted automatically and without requireing a p/w.

Any clues?

Cheers,

rev

kbscores 10-06-2011 08:41 AM
Mounting with Nautilis is a bit buggy in general with Debian Distro. The Ubuntu forums are filled with threads about it. Some of the posts date all the way back to 02-07-2010.

Yes,!authenticate should work. /filesystem is whatever your mount point is to in fstab.

Example:
fstab file:
Code:
192.168.200.25:/content /content  nfs  defaults 0 0
Then sudoers would look like this for user bob to have access:
Code:
bob ALL=NOPASSWD: /bin/mount /content
A couple of other things to check is make sure mount point is opened all the way up to 777 before mounting. The actual mount filesystem controls permissions. I've found things can get a little hairy when it isn't opened up.

Sorry if this isn't super helpful.

revinary 10-07-2011 03:00 AM
Thanks for your reply,

the disk is not in my fstab since it's removable (and should therefore be treated like an external USB drive).

I stumbled across an udev rule on ArchWiki:
Code:
DEVPATH=="/devices/pci0000:00/0000:00:1f.2/host4/*", ENV{UDISKS_SYSTEM_INTERNAL}="0"
is supposed to mark the eSata drive as external but doesn't work for me.

For now, I worked around it by giving me rights to mount internal drives using PolicyKit:
Code:
[Mount a system-internal device]
Identity=*
Action=org.freedesktop.udisks.filesystem-mount-system-internal
ResultActive=yes
Cheers,

rev

kbscores 10-07-2011 09:25 AM
Thanks. This will probably prove useful. Cause I've run into similar errors while trying to mount external drives.


All times are GMT -5. The time now is 04:44 PM.