[SOLVED] Change permissions on partitions to be accessible without password
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Change permissions on partitions to be accessible without password
How do I accomplish this? One tutorial I tried had me restoring a backup of my system. Can't believe everything you read on the internet.!!!!!!!!!!!!!!
Last edited by PROBLEMCHYLD; 09-27-2019 at 09:52 PM.
Looks like something that PolicyKit can handle.
When you get the dialog box prompting you for the password, display the details to show the policy involved. Using the policy name, you can then create an appropriate configuration file to bypass the password entry box. I will have to look up the details later on, though.
The drives are NTFS partitions with Windows on them.
In the past when helping others I devised three basic strategies when users had a Windows NTFS partition:
* No access other than dual boot. Intended for those horrified by their own lack of computer skills.
* Read-only access. Allows some users with some courage to at least view their Windows files.
* Read-write access. For those unafraid of their own fat fingers.
Here is the snippet from my configuration script:
Code:
if [ "$WINDOWS_PARTITION" != "" ]; then
# Verify /etc/udev/rules.d/99-hide-partition.rules.
UDEV_RULE=/etc/udev/rules.d/99-hide-partition.rules
if [ ! -f "$UDEV_RULE" ]; then
echo "Creating $UDEV_RULE."
touch $UDEV_RULE
else
echo "$UDEV_RULE already exists."
fi
# Pre-populate the rules file.
# The following will overwrite any existing contents.
echo "Pre-populating $UDEV_RULE."
echo "#KERNEL==\"$WINDOWS_PARTITION\", ENV{UDISKS_IGNORE}=\"1\"" > $UDEV_RULE
SYSTEM_PARTITION="`blkid | grep ntfs | grep System | head -n1 | awk -F : '{print $1}' | sed 's|/dev/||'`"
if [ "$SYSTEM_PARTITION" != "" ]; then
echo "KERNEL==\"$SYSTEM_PARTITION\", ENV{UDISKS_IGNORE}=\"1\"" >> $UDEV_RULE
fi
RECOVERY_PARTITION="`blkid | grep ntfs | grep Recovery | head -n1 | awk -F : '{print $1}' | sed 's|/dev/||'`"
if [ "$RECOVERY_PARTITION" != "" ]; then
echo "KERNEL==\"$RECOVERY_PARTITION\", ENV{UDISKS_IGNORE}=\"1\"" >> $UDEV_RULE
fi
Wait_For_Response "Hide the Windows partition?"
if [ "$response" = "y" ] || [ "$response" = "Y" ]; then
# Uncomment the rule.
sed -i "s|^#KERNEL==\"$WINDOWS_PARTITION\"|KERNEL==\"$WINDOWS_PARTITION\"|" $UDEV_RULE
else
# Leave the udev rule commented out. The partition will be mounted.
# First ensure any previous entries are deleted in fstab.
sed -i "/\/dev\/${WINDOWS_PARTITION}/d" /etc/fstab
sed -i "/\/media\/Windows/d" /etc/fstab
cat /etc/fstab
echo
Wait_For_Response "Mount the Windows partition read-only?"
if [ "$response" = "y" ] || [ "$response" = "Y" ]; then
MOUNT_PERMS="ro"
else
MOUNT_PERMS="rw"
fi
# Ensure the expected mount point exists.
mkdir -p /media/Windows
# Ensure the Windows partition has a disk label for file manager usability.
echo "Applying a disk label to the Windows partition."
ntfslabel /dev/${WINDOWS_PARTITION} Windows
# Update /etc/fstab.
echo >> /etc/fstab
# Insert a helpful comment.
echo "# /dev/${WINDOWS_PARTITION} - Windows Partition" >> /etc/fstab
# The noexec mount option prevents executing exe files, in case WINE is installed.
# The noauto option prevents the desktop icon from appearing all the
# time. The user can mount when needed.
echo "UUID=${WINDOWS_UUID} /media/Windows ntfs defaults,${MOUNT_PERMS},windows_names,noauto,noexec,ntfs=utf8 0 0" >> /etc/fstab
echo >> /etc/fstab
cat /etc/fstab
echo
Wait_For_Response "Continue?"
if [ "$response" != "y" ] && [ "$response" != "Y" ]; then
exit 1
fi
# udisks2 prevents using the traditional 'users' mount option in fstab.
# To mount the NTFS partition without a password requires a polkit rule.
if [ -d /etc/polkit-1/localauthority/50-local.d ]; then
echo "Verifying polkit rule to mount the Windows partition without a password."
POLKIT_RULE="/etc/polkit-1/localauthority/50-local.d/99-mount-partitions.pkla"
if [ -a $POLKIT_RULE ]; then
echo "$POLKIT_RULE exists."
else
echo "$POLKIT_RULE does not exist. Creating."
touch $POLKIT_RULE
echo "[Password-less mounting of local partitions]" > $POLKIT_RULE
echo "Identity=unix-group:users" >> $POLKIT_RULE
echo "Action=org.freedesktop.udisks2.filesystem-mount-system" >> $POLKIT_RULE
echo "ResultAny=yes" >> $POLKIT_RULE
echo "ResultInactive=yes" >> $POLKIT_RULE
echo "ResultActive=yes" >> $POLKIT_RULE
fi
echo "Verifying polkit rule to configure printers without a password."
POLKIT_RULE="/etc/polkit-1/localauthority/50-local.d/90-configure-printers.pkla"
if [ -a $POLKIT_RULE ]; then
echo "$POLKIT_RULE exists."
else
echo "$POLKIT_RULE does not exist. Creating."
touch $POLKIT_RULE
echo "[Password-less configuration of printers]" > $POLKIT_RULE
echo "Identity=unix-group:lpadmin" >> $POLKIT_RULE
echo "Action=org.opensuse.cupspkhelper.mechanism.*" >> $POLKIT_RULE
echo "ResultAny=yes" >> $POLKIT_RULE
echo "ResultInactive=yes" >> $POLKIT_RULE
echo "ResultActive=yes" >> $POLKIT_RULE
fi
else
echo "/etc/polkit-1/localauthority/50-local.d/ does not exist. Unable to create polkit rules."
Wait_For_Response "Continue?"
if [ "$response" != "y" ] && [ "$response" != "Y" ]; then
exit 1
fi
echo
fi
fi
echo
fi
There is more to the script but hopefully the variables make sense. Notice the user must be a member of the users group.
The script was intended to automate installing a dual boot system. There is no need to use the script snippet. Just extract the applicable sections, such as making udev and polkit rules and populating fstab.
I have not tested this in a long while and have not tested with Windows 10. I have not tested in a true Linux multi-user system with multiple users concurrently logged on using switching.
does this apply when you have multiple NTFS drives
Yes.
To hide partitions from any disk and any operating system, use udev rules like this:
Code:
# Hide Windows SYSTEM partition.
KERNEL=="sda1", ENV{UDISKS_IGNORE}="1"
# Hide Windows C: partition.
KERNEL=="sda2", ENV{UDISKS_IGNORE}="1"
# Hide Windows RECOVERY partition.
KERNEL=="sda3", ENV{UDISKS_IGNORE}="1"
# Hide MY BACKUP partition.
KERNEL=="sdb5", ENV{UDISKS_IGNORE}="1"
Multiple rules can be maintained in the same rule file. I call my rule 99-hide-partition.rules. Adding the rule is good idea even when wanting read-only or read-write access to Windows files because typically users do not want to be bothered by Windows system and recovery partitions. The udev rules for those partitions keeps the partitions out of file manager mount lists.
Moving up the ladder so to speak, to allow read-only access to the Windows C: partition:
* Comment out the udev rule for the Windows C: partition.
* Create a mount point. For example, /media/windows or /mnt/windows.
* Use blkid to grab the partition UUID.
* Edit fstab:
[Password-less mounting of local partitions]
Identity=unix-group:users
Action=org.freedesktop.udisks2.filesystem-mount-system
ResultAny=yes
ResultInactive=yes
ResultActive=yes
Be sure the user account is a member of the users group or whatever group you want to use.
I created this sequence of steps before polkit supported *.rules files. The syntax for a rules file is different from a pkla file. Slackware 14.2 uses polkit 0.113, which supports *.rules files. polkit 0.105 and older does not support *.rules files and only supports *.pkla files.
If you have a dual boot Windows system, for example, running Windows 7 and 10, just add the additional partitions to both the udev rule and fstab.
If I understand correctly, then you just want to bypass the password prompt that appears when you attempt to open a disk filesystem that is not yet mounted.
To achieve that, you need to create the appropriate polkit rule in the ‘/etc/polkit-1/rules.d’ directory. The files in that directory are numbered, and they are processed in order, sorted by their filenames. Whenever the policy kit validates a request, it will execute the code in the files in sequence, until one of them returns a result. Thus, if you want to override any existing policy, you should make sure that your file will execute as early as possible. In other words, you will need to assign it a name that starts with a low number—e.g., “00”.
Therefore, you could name your file, e.g., ‘00-local.overrides.rules’. If you want any user to be able to mount internal disk filesystems without getting a password prompt, then the contents of the file should look something like the following:
If, on the other hand, you want to suppress the password prompt only for users that belong to a specific user group—e.g., “plugdev”—then the contents will look something like this:
Glad you got it OK but it might be worthy of mention on the subject of ntfs partitions and permission that there is a really simple way that I use. Here's one line from /etc/fstab for one partition
I can't seem to get cups working bypassing the password prompt. Any ideas?
I guess you mean the password prompt that I attached here?
That obviously isnʼt handled by PolicyKit, which, consequently, wonʼt be able to bypass it.
I have no idea how it could be bypassed, or if this is even possible in the first place.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.