LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop
User Name
Password
Linux - Desktop This forum is for the discussion of all Linux Software used in a desktop context.

Notices


Reply
  Search this Thread
Old 08-28-2017, 08:48 AM   #31
Timatekore
Member
 
Registered: Mar 2013
Location: Planet Earth
Distribution: open SuSE, Knoppix, Android, Puppy
Posts: 37

Original Poster
Rep: Reputation: Disabled

Quote:
Originally Posted by Shadow_7 View Post
Is autofs even installed?

$ sudo apt-get install autofs

It's probably grabbed as a dependency if you go with the distro's installers defaults. Or grab them after the fact.

$ sudo apt-get install ubuntu-desktop
or
$ sudo tasksel install gnome-desktop

Depending on distro and such.
openSUSE!=apt-get

Code:
zypper install autofs
Loading repository data...
Reading installed packages...
'autofs' is already installed.
No update candidate for 'autofs-5.0.9-17.1.armv7hl'. The highest available version is already installed.
Resolving package dependencies...
Nothing to do.
 
Old 08-28-2017, 03:31 PM   #32
Shadow_7
Senior Member
 
Registered: Feb 2003
Distribution: debian
Posts: 4,137
Blog Entries: 1

Rep: Reputation: 874Reputation: 874Reputation: 874Reputation: 874Reputation: 874Reputation: 874Reputation: 874
Undo your previous changes? fresh install would be the quick answer. Otherwise

$ sudo systemctl enable autofs
$ sudo systemctl start autofs

To undo your disable. And verify that things took.

$ systemctl -a --no-pager list-units | grep -i autofs
$ pgrep autofs

Otherwise zypper might have a --reinstall option which would be another way to do the same thing? I really haven't used SuSE since 7.0. And I generally do NOT use autofs, since hard shutdowns can damage media types if they're mounted at the time. It's just a little too common for the power to "blink" out in the country. And the closest thing to UPS's that I have are laptops. Which hardly qualifies when you use powered hubs, not powered by the laptop.

Without autofs (or other methods) you can only mount as root the things not in /etc/fstab. But you can mount them in a way to allow user access, although not the default for most distros.
 
Old 08-28-2017, 03:36 PM   #33
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
@Timatekore: Are you logged in remotely? There's no displaymanager associated with the session? You never did confirm that SDDM was in use.

Anyway, that might explain why you can't mount USB media as a user.

I'd have expected to see something more like this
Code:
dean@linux-kgxs:~> loginctl user-status dean
dean (1000)
           Since: Mon 2017-08-28 14:52:14 NZST; 17h ago
           State: active
        Sessions: *1
            Unit: user-1000.slice
                  ├─session-1.scope
                  │ ├─1188 /usr/lib/sddm/sddm-helper --socket /tmp/sddm-auth9a7265ae-d9d2-4258-be7b-44185f6f5d09 --id 1 --start /usr/bin/star
                  │ ├─1198 /bin/sh /usr/bin/startkde
                  │ ├─1218 /usr/bin/VBoxClient --clipboard
                  │ ├─1219 /usr/bin/VBoxClient --clipboard
                  │ ├─1242 /usr/bin/VBoxClient --display
                  │ ├─1244 /usr/bin/VBoxClient --display
                  │ ├─1256 /usr/bin/VBoxClient --seamless
                  │ ├─1257 /usr/bin/VBoxClient --seamless
                  │ ├─1272 /usr/bin/VBoxClient --draganddrop
                  │ ├─1273 /usr/bin/VBoxClient --draganddrop
                  │ ├─1316 /usr/bin/dbus-launch --sh-syntax --exit-with-session /usr/bin/gpg-agent --sh --daemon --keep-display --write-env-f
                  │ ├─1317 /bin/dbus-daemon --fork --print-pid 5 --print-address 15 --session
                  │ ├─1318 /usr/bin/gpg-agent --sh --daemon --keep-display --write-env-file /home/dean/.gnupg/agent.info-linux-kgxs:0 /etc/X1
                  │ ├─1353 /usr/lib64/libexec/kf5/start_kdeinit --kded +kcminit_startup
                  │ ├─1354 kdeinit5: Running...
 
Old 08-28-2017, 03:37 PM   #34
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
@shadow7. I've already explained to you that AutoFS does not play a part in desktop mounting here.

Last edited by ferrari; 08-28-2017 at 03:39 PM.
 
Old 08-29-2017, 10:54 AM   #35
Timatekore
Member
 
Registered: Mar 2013
Location: Planet Earth
Distribution: open SuSE, Knoppix, Android, Puppy
Posts: 37

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by ferrari View Post
@Timatekore: Are you logged in remotely? There's no displaymanager associated with the session? You never did confirm that SDDM was in use.

Anyway, that might explain why you can't mount USB media as a user.
... [/CODE]
I am running a headless box here, connecting via VNC.
Its only that I need to mount disk drives over the USB and SATA bus from time to time.
 
Old 08-29-2017, 03:15 PM   #36
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
Quote:
I am running a headless box here, connecting via VNC.
Its only that I need to mount disk drives over the USB and SATA bus from time to time.
Right. Try relaxing the privileges as explained in post #21 so that inactive users can mount.

Alternatively, add a custom PolKit rule (eg /etc/polkit-1/rules.d/10-udisks2.rules) with the following...

Code:
// See the polkit(8) man page for more information
// about configuring polkit.

// Allow udisks2 to mount devices without authentication
// for users in the "users" group.
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
action.id == "org.freedesktop.udisks2.filesystem-mount") &&
subject.isInGroup("users")) {
return polkit.Result.YES;
}
});
* I've shown with group 'users', but you could change to another group, or not assign a group at all if preferred.

Last edited by ferrari; 08-29-2017 at 03:46 PM.
 
Old 08-29-2017, 05:12 PM   #37
Timatekore
Member
 
Registered: Mar 2013
Location: Planet Earth
Distribution: open SuSE, Knoppix, Android, Puppy
Posts: 37

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by ferrari View Post
Right. Try relaxing the privileges as explained in post #21 so that inactive users can mount.

Alternatively, add a custom PolKit rule (eg /etc/polkit-1/rules.d/10-udisks2.rules) with the following...

Code:
// See the polkit(8) man page for more information
// about configuring polkit.

// Allow udisks2 to mount devices without authentication
// for users in the "users" group.
polkit.addRule(function(action, subject) {
if ((action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
action.id == "org.freedesktop.udisks2.filesystem-mount") &&
subject.isInGroup("users")) {
return polkit.Result.YES;
}
});
* I've shown with group 'users', but you could change to another group, or not assign a group at all if preferred.
The changes you suggested in posting #21 had no affect.
And the file you mention in this posting already has the exact same settings in it as you suggest.
Could you please elaborate on the significance of the/a Display Manager in all of this?
For I do connect via VNC and thus I bypass the DM Login Screen altogether.
 
Old 08-29-2017, 07:05 PM   #38
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
Quote:
Could you please elaborate on the significance of the/a Display Manager in all of this?
For I do connect via VNC and thus I bypass the DM Login Screen altogether.
The DM plays a part in registering the active user.

A similar thread here
https://forums.opensuse.org/showthre...t=loginctl+kdm
 
Old 08-29-2017, 07:11 PM   #39
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
I've just logged in to a remote machine with ssh as you do. I then attempted to mount a removable media device via udisksctl (as user)...
Code:
dean@linux-54cw:~> udisksctl mount -b /dev/sdb
==== AUTHENTICATING FOR org.freedesktop.udisks2.filesystem-mount-other-seat ===
Authentication is required to mount  (/dev/sdb)
Authenticating as: root
Password: 
==== AUTHENTICATION COMPLETE ===
Mounted /dev/sdb at /media/6A76-3ADC.
dean@linux-54cw:~>
When attempting to mount this way it is 'org.freedesktop.udisks2.filesystem-mount-other-seat' privileges that are relevant here. So, you could modify the privileges to allow mounting with out authentication.

By default mine looks like
Code:
dean@linux-54cw:~> pkaction --action-id org.freedesktop.udisks2.filesystem-mount-other-seat --verbose
org.freedesktop.udisks2.filesystem-mount-other-seat:
  description:       Mount a filesystem from a device plugged into another seat
  message:           Authentication is required to mount the filesystem
  vendor:            The udisks Project
  vendor_url:        http://udisks.freedesktop.org/
  icon:              drive-removable-media
  implicit any:      auth_admin
  implicit inactive: auth_admin
  implicit active:   auth_admin_keep
 
1 members found this post helpful.
Old 08-29-2017, 07:59 PM   #40
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
The following worked for me to allow unauthenticated mounting as a remote user...

Created 10-udiks2.rules with
Code:
// See the polkit(8) man page for more information
// about configuring polkit.

// Allow udisks2 to mount devices without authentication
// 
polkit.addRule(function(action, subject) {
if (action.id == "org.freedesktop.udisks2.filesystem-mount-other-seat" ||
action.id == "org.freedesktop.udisks2.filesystem-mount")  {
return polkit.Result.YES;
}
});
After a reboot of the host I was then able to log back in remotely and mount a removable device without authentication...
Code:
dir /media/6A76-3ADC1
total 572
drwxr-xr-x 3 dean users   2048 Sep  2  2011 Performance data
drwxr-xr-x 4 dean users   4096 Sep  2  2011 Music
drwxr-xr-x 2 dean users   1024 Sep  2  2011 Ubiquiti

Last edited by ferrari; 08-29-2017 at 08:01 PM.
 
1 members found this post helpful.
Old 08-29-2017, 11:24 PM   #41
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
BTW, adding these
Code:
org.freedesktop.udisks2.filesystem-mount-other-seat yes:yes:yes
org.freedesktop.udisks2.filesystem-mount yes:yes:yes
to /etc/polkit-default-privs.local, then running
Code:
set_polkit_default_privs
will do them same as the custom PolKit .rules file described above.

Last edited by ferrari; 08-30-2017 at 02:06 PM.
 
2 members found this post helpful.
Old 08-31-2017, 09:39 AM   #42
Timatekore
Member
 
Registered: Mar 2013
Location: Planet Earth
Distribution: open SuSE, Knoppix, Android, Puppy
Posts: 37

Original Poster
Rep: Reputation: Disabled
Talking

Quote:
Originally Posted by ferrari View Post
BTW, adding these
Code:
org.freedesktop.udisks2.filesystem-mount-other-seat yes:yes:yes
org.freedesktop.udisks2.filesystem-mount yes:yes:yes
to /etc/polkit-default-privs.local, then running
Code:
set_polkit_default_privs
will do them same as the custom PolKit .rules file described above.
Hurrayy !!!
Success at last :-)

Since I prefer simple over complicated, I went with your later approach and viola, it did the trick. Even w/o reboot.
The way you explained it also helped me (a lot) to understand what is happening here.
All the time I was under the mistaken assumption, that this was a problem with lacking authorizations for my user, when in fact it was a security feature of the udev polkit, restricting access to local resources for remotely logged-in user accounts.
Thx for helping me out on this one, w/o belittling me or sneering at my obvious lack of knowledge in this area.
I say that, because it happens less and less frequently that one can go into a tech forum and be so utterly clueless about a specific area (I am no NOOB, matter of fact I work in IT for a living, but I never had to deal with PolKits b4), yet still be offered competent help.
Most often you get clueless folks, suggesting all kinds of nonsense that usually ends up in some form of the age old "just reinstall everything" advice - or you are being berated by self-styled know-it-alls for your inability to figure it out by yourself.

You did neither, you just helped and stayed with it until the issue was solved. Thx for that!
Is there a way how I can reward you points in the forum for this?

BTW: Are those rules considered excessively lax or is it still "sane" to go with them? I am the only one allowed to VNC on the system and it is stuck behind three firewalls.

Last edited by Timatekore; 08-31-2017 at 09:42 AM.
 
Old 08-31-2017, 02:05 PM   #43
ferrari
LQ Guru
 
Registered: Sep 2003
Location: Auckland, NZ
Distribution: openSUSE Leap
Posts: 5,781

Rep: Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139Reputation: 1139
Quote:
Hurrayy !!!
Success at last :-)

Since I prefer simple over complicated, I went with your later approach and viola, it did the trick. Even w/o reboot.
The way you explained it also helped me (a lot) to understand what is happening here.
Congratulations! I was happy to have been of help. This one did take a bit of investigation, since I wasn't initially aware that we were talking about a remote login until the output suggested it in post #32! Anyway, sometimes it is necessary to adjust specific PolKit privileges a bit to get a job done. As long as you're aware and remote access security itself is good, I don't think this is unreasonable.

Code:
Is there a way how I can reward you points in the forum for this?
There is a rep button (icicle icon? lower left of posts) if you so desire.

Don't forget to pass the knowledge on when you are able to do so.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
How do automount scripts work? flyinggeorge Linux - General 1 08-03-2013 11:01 AM
CentOS 5.2 Automount isos in fstab \other methods that work?automount iso Frankly3D Linux - General 6 07-13-2008 12:34 PM
usb automount: how does it work? iam whoiam Linux - General 1 08-12-2006 02:44 AM
automount didnt work PinRojas Debian 7 07-05-2005 11:29 AM
how to make automount work? jaan kaer Linux - Hardware 3 02-21-2004 07:20 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Desktop

All times are GMT -5. The time now is 04:23 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration