LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Suse/Novell (http://www.linuxquestions.org/questions/suse-novell-60/)
-   -   Domain users are unable to automount disk(or flash) (http://www.linuxquestions.org/questions/suse-novell-60/domain-users-are-unable-to-automount-disk-or-flash-539919/)

AJlekceu 03-23-2007 10:01 AM

Domain users are unable to automount disk(or flash)
 
Hi all

OS: OpenSuse 10.2 + KDE

OpenSuse was added into Windows 2003 domain through Yast without problems.
Domain Users can login to OpenSuse using domain credentials.

But unfortunately I've got few problems:

1. Users do not have access to the audio device. The problem went as follows
a) In /etc/security/group.conf add a new line

; *; *; Al0000-2400; dialout, video, cdrom, audio
b) in /etc/pam.d/common-auth add line

auth optional pam_group.so
The sound device for the domain user has been available.

2. Automounting does not work.

When automounting CDdrive or flash (under the domain user) displays the
following error:

kded: ERROR: mount failed
for /org/freedesktop/Hal/devices/volume_label_SU1020_001:
org.freedesktop.DBus.DBus.Error.AccessDenied - A security policy in
place prevents this sender from sending this message to this recipient,
see message bus configuration file (rejected message had interface
"org.freedesktop.Hal.Device.Volume" member "Mount" error name "(unset)"
destination "org.freedesktop.Hal")

Found seems to be a solution to the problem ... In the article had been
proposed by the next version of a solution to the problem :

----------------------------------------------------
BTW: The policy can be changed in /etc/dbus-1/system.d/hal.conf
<policy group="500">
<allow send_interface="org.freedesktop.Hal.Device.SystemPowerManagement"/>
<allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
</policy>
By adding this to the end I can now mount everything as my user and
root. group 500 is users on my system. Thanks a lot Jurg. Also as a side
note, You can't have more then one option in the policy tag, you have to
create multiple policy tags.
-----------------------------------------------------

I have a "user" local group, I added these lines only by changing <policy group="users"> .
Added the "users" to a file /etc/security/group.conf :

; *; *; Al0000-2400; dialout, video, cdrom, audio, users

Reloaded service hal...... But the problem still remain:
"kded: ERROR: mount failed for /org/freedesktop/Hal/devi....."


Please tell me how can we solve the problem?

P.S.
FRIDAY\all@Daz-Work:~> id
uid=10000(FRIDAY\all) gid=10000(FRIDAY\domain users)
group=16(dialout),17(audio),20(cdrom),33(video),100(users),10000(FRIDAY\domain users),10001(FRIDAY\domain admins),10002(FRIDAY\programmers)

In /var/run/resmgr/classes /, in all folders have a file FRIDAYall

FRIDAY - Domain Name
all - Domain User


All times are GMT -5. The time now is 05:26 PM.