-   Linux - General (
-   -   Problem with sudo and mounting as user (

revinary 10-05-2011 08:22 AM

Problem with sudo and mounting as user
Hi all,

I am running Debian testing + Gnome 2 and have added !authenticate to the Defaults in my sudoers file.

It had the desired effect: neither sudo nor gtksudo (which is configured to use sudo as backend) require entering my password anymore
when I try to mount a device in nautilus it always asks me to enter my user password (which indicates that sudo is used to grant the rights).

Any ideas why in the paticular case of mounting storage the !authenticate option has no effect?



kbscores 10-05-2011 09:17 AM

Is it a specific account that is mounting or is it all users?

For specific user add:

userName ALL=NOPASSWD: /bin/mount /filesystem

OR for all users

users ALL=NOPASSWD: /bin/mount /filesystem

Note: /bin/mount maybe a different path depending on how your box is set up.

revinary 10-06-2011 04:01 AM

Thanks for your reply,

what exactly does /filesystem stand for?

Anyway, shouldn't the !authenticate option in my sudoers file disable password checks ENTIRELY?

My sudoers file looks like this atm:

Defaults        env_reset,!authenticate,editor=/usr/bin/nano
Defaults        secure_path="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"

root        ALL=(ALL:ALL) ALL

Again, using sudo/gksu/gksudo works without asking for my p/w EXCEPT when mounting a device with nautilus.

Note, the device is an external eSATA drive. If I attach it via USB it gets mounted automatically and without requireing a p/w.

Any clues?



kbscores 10-06-2011 09:41 AM

Mounting with Nautilis is a bit buggy in general with Debian Distro. The Ubuntu forums are filled with threads about it. Some of the posts date all the way back to 02-07-2010.

Yes,!authenticate should work. /filesystem is whatever your mount point is to in fstab.

fstab file:
Code: /content  nfs  defaults 0 0
Then sudoers would look like this for user bob to have access:

bob ALL=NOPASSWD: /bin/mount /content
A couple of other things to check is make sure mount point is opened all the way up to 777 before mounting. The actual mount filesystem controls permissions. I've found things can get a little hairy when it isn't opened up.

Sorry if this isn't super helpful.

revinary 10-07-2011 04:00 AM

Thanks for your reply,

the disk is not in my fstab since it's removable (and should therefore be treated like an external USB drive).

I stumbled across an udev rule on ArchWiki:

DEVPATH=="/devices/pci0000:00/0000:00:1f.2/host4/*", ENV{UDISKS_SYSTEM_INTERNAL}="0"
is supposed to mark the eSata drive as external but doesn't work for me.

For now, I worked around it by giving me rights to mount internal drives using PolicyKit:

[Mount a system-internal device]



kbscores 10-07-2011 10:25 AM

Thanks. This will probably prove useful. Cause I've run into similar errors while trying to mount external drives.

All times are GMT -5. The time now is 12:48 PM.