LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 11-30-2018, 01:45 PM   #1
PROBLEMCHYLD
Member
 
Registered: Apr 2015
Posts: 668

Rep: Reputation: Disabled
Change permissions on partitions to be accessible without password


How do I accomplish this? One tutorial I tried had me restoring a backup of my system. Can't believe everything you read on the internet.!!!!!!!!!!!!!!
Attached Thumbnails
Click image for larger version

Name:	Screenshot_2018-11-30_12-39-39.jpg
Views:	58
Size:	88.8 KB
ID:	29070  
 
Old 11-30-2018, 02:15 PM   #2
elcore
Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 550

Rep: Reputation: Disabled
I'd check first how it's mounted in fstab, add options from manual (man mount)

Code:
noauto,noexec,user,owner,ro
Code:
noauto,user,owner,rw
Or something like that, depending on what options you want.
 
1 members found this post helpful.
Old 11-30-2018, 02:17 PM   #3
PROBLEMCHYLD
Member
 
Registered: Apr 2015
Posts: 668

Original Poster
Rep: Reputation: Disabled
Quote:
Originally Posted by elcore View Post
I'd check first how it's mounted in fstab, add options from manual (man mount)

Code:
noauto,noexec,user,owner,ro
Code:
noauto,user,owner,rw
Or something like that, depending on what options you want.
My fstab is

Code:
/dev/sda4        swap             swap        defaults         0   0
/dev/sda3        /                ext4        defaults         1   1
#/dev/cdrom      /mnt/cdrom       auto        noauto,owner,ro,comment=x-gvfs-show 0   0
/dev/fd0         /mnt/floppy      auto        noauto,owner     0   0
devpts           /dev/pts         devpts      gid=5,mode=620   0   0
proc             /proc            proc        defaults         0   0
tmpfs            /dev/shm         tmpfs       defaults         0   0
The drives are NTFS partitions with Windows on them.

Last edited by PROBLEMCHYLD; 11-30-2018 at 02:20 PM.
 
Old 11-30-2018, 02:58 PM   #4
elcore
Member
 
Registered: Sep 2014
Distribution: Slackware
Posts: 550

Rep: Reputation: Disabled
I guess you could create /windows or something and add to fstab
Code:
/dev/sda1         /windows       ntfs     noauto,noexec,user,owner,ro       0   0
Or if you really want to write there:
Code:
/dev/sda1         /windows       ntfs     noauto,noexec,user,owner,rw       0   0
(I don't recommend auto-mounting it, or executing files there, or writing in it. But it's your drive.)
 
Old 11-30-2018, 03:20 PM   #5
BW-userx
LQ Guru
 
Registered: Sep 2013
Location: MID-SOUTH USA
Distribution: Slackware 14.2 / Slackware 14.2 current / Manjaro / Parrot
Posts: 7,340

Rep: Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477Reputation: 1477
slack mounts ntfs like this for all user access
Code:
/dev/sdb7        /media/ntfs1     ntfs-3g     fmask=111,dmask=000 1   0
or just mount it on the cli if you're just going to jump in Windows system for a look around.

Last edited by BW-userx; 11-30-2018 at 04:36 PM.
 
Old 11-30-2018, 03:38 PM   #6
luvr
Member
 
Registered: May 2005
Location: Boom - The Home Town of Tomorrowland, Belgium
Distribution: Slackware, Debian, Xubuntu
Posts: 196
Blog Entries: 1

Rep: Reputation: 83
Looks like something that PolicyKit can handle.
When you get the dialog box prompting you for the password, display the details to show the policy involved. Using the policy name, you can then create an appropriate configuration file to bypass the password entry box. I will have to look up the details later on, though.
 
Old 11-30-2018, 04:36 PM   #7
PROBLEMCHYLD
Member
 
Registered: Apr 2015
Posts: 668

Original Poster
Rep: Reputation: Disabled
fdisk -l | grep NTFS
/dev/sda1 * 2048 33556479 33554432 16G 7 HPFS/NTFS/exFAT
/dev/sda2 33556480 96471039 62914560 30G 7 HPFS/NTFS/exFAT

When I enter the root password the mount ends up

/run/media/problemchyld/28D619AD1015BF2B/
/run/media/problemchyld/10D9FEB652ECDBD2/

I have no problem accessing the drives, I just get tired of having to enter the password every time I'm shifting files around.

org.freedesktop.udisks2.filesystem-mount-system is the details.

Last edited by PROBLEMCHYLD; 11-30-2018 at 04:39 PM.
 
Old 11-30-2018, 05:52 PM   #8
upnort
Member
 
Registered: Oct 2014
Distribution: Slackware, Proxmox, Debian, CentOS, Ubuntu MATE
Posts: 768

Rep: Reputation: Disabled
Quote:
The drives are NTFS partitions with Windows on them.
In the past when helping others I devised three basic strategies when users had a Windows NTFS partition:

* No access other than dual boot. Intended for those horrified by their own lack of computer skills.
* Read-only access. Allows some users with some courage to at least view their Windows files.
* Read-write access. For those unafraid of their own fat fingers.

Here is the snippet from my configuration script:

Code:
if [ "$WINDOWS_PARTITION" != "" ]; then
  # Verify /etc/udev/rules.d/99-hide-partition.rules.
  UDEV_RULE=/etc/udev/rules.d/99-hide-partition.rules
  if [ ! -f "$UDEV_RULE" ]; then
    echo "Creating $UDEV_RULE."
    touch $UDEV_RULE
  else
    echo "$UDEV_RULE already exists."
  fi
  # Pre-populate the rules file.
  # The following will overwrite any existing contents.
  echo "Pre-populating $UDEV_RULE."
  echo "#KERNEL==\"$WINDOWS_PARTITION\", ENV{UDISKS_IGNORE}=\"1\"" > $UDEV_RULE
  SYSTEM_PARTITION="`blkid | grep ntfs | grep System | head -n1 | awk -F : '{print $1}' | sed 's|/dev/||'`"
  if [ "$SYSTEM_PARTITION" != "" ]; then
    echo "KERNEL==\"$SYSTEM_PARTITION\", ENV{UDISKS_IGNORE}=\"1\"" >> $UDEV_RULE
  fi
  RECOVERY_PARTITION="`blkid | grep ntfs | grep Recovery | head -n1 | awk -F : '{print $1}' | sed 's|/dev/||'`"
  if [ "$RECOVERY_PARTITION" != "" ]; then
    echo "KERNEL==\"$RECOVERY_PARTITION\", ENV{UDISKS_IGNORE}=\"1\"" >> $UDEV_RULE
  fi
  Wait_For_Response "Hide the Windows partition?"
  if [ "$response" = "y" ] || [ "$response" = "Y" ]; then
    # Uncomment the rule.
    sed -i "s|^#KERNEL==\"$WINDOWS_PARTITION\"|KERNEL==\"$WINDOWS_PARTITION\"|" $UDEV_RULE
  else
    # Leave the udev rule commented out. The partition will be mounted.
    # First ensure any previous entries are deleted in fstab.
    sed -i "/\/dev\/${WINDOWS_PARTITION}/d" /etc/fstab
    sed -i "/\/media\/Windows/d" /etc/fstab
    cat /etc/fstab
    echo
    Wait_For_Response "Mount the Windows partition read-only?"
    if [ "$response" = "y" ] || [ "$response" = "Y" ]; then
      MOUNT_PERMS="ro"
    else
      MOUNT_PERMS="rw"
    fi
    # Ensure the expected mount point exists.
    mkdir -p /media/Windows
    # Ensure the Windows partition has a disk label for file manager usability.
    echo "Applying a disk label to the Windows partition."
    ntfslabel /dev/${WINDOWS_PARTITION} Windows
    # Update /etc/fstab.
    echo >> /etc/fstab
    # Insert a helpful comment.
    echo "# /dev/${WINDOWS_PARTITION} - Windows Partition" >> /etc/fstab
    # The noexec mount option prevents executing exe files, in case WINE is installed.
    # The noauto option prevents the desktop icon from appearing all the
    # time. The user can mount when needed.
    echo "UUID=${WINDOWS_UUID} /media/Windows ntfs defaults,${MOUNT_PERMS},windows_names,noauto,noexec,ntfs=utf8 0 0" >> /etc/fstab
    echo >> /etc/fstab
    cat /etc/fstab
    echo
    Wait_For_Response "Continue?"
    if [ "$response" != "y" ] && [ "$response" != "Y" ]; then
      exit 1
    fi
    # udisks2 prevents using the traditional 'users' mount option in fstab.
    # To mount the NTFS partition without a password requires a polkit rule.
    if [ -d /etc/polkit-1/localauthority/50-local.d ]; then
      echo "Verifying polkit rule to mount the Windows partition without a password."
      POLKIT_RULE="/etc/polkit-1/localauthority/50-local.d/99-mount-partitions.pkla"
      if [ -a $POLKIT_RULE ]; then
        echo "$POLKIT_RULE exists."
      else
        echo "$POLKIT_RULE does not exist. Creating."
        touch $POLKIT_RULE
        echo "[Password-less mounting of local partitions]" > $POLKIT_RULE
        echo "Identity=unix-group:users" >> $POLKIT_RULE
        echo "Action=org.freedesktop.udisks2.filesystem-mount-system" >> $POLKIT_RULE
        echo "ResultAny=yes" >> $POLKIT_RULE
        echo "ResultInactive=yes" >> $POLKIT_RULE
        echo "ResultActive=yes" >> $POLKIT_RULE
      fi
      echo "Verifying polkit rule to configure printers without a password."
      POLKIT_RULE="/etc/polkit-1/localauthority/50-local.d/90-configure-printers.pkla"
      if [ -a $POLKIT_RULE ]; then
        echo "$POLKIT_RULE exists."
      else
        echo "$POLKIT_RULE does not exist. Creating."
        touch $POLKIT_RULE
        echo "[Password-less configuration of printers]" > $POLKIT_RULE
        echo "Identity=unix-group:lpadmin" >> $POLKIT_RULE
        echo "Action=org.opensuse.cupspkhelper.mechanism.*" >> $POLKIT_RULE
        echo "ResultAny=yes" >> $POLKIT_RULE
        echo "ResultInactive=yes" >> $POLKIT_RULE
        echo "ResultActive=yes" >> $POLKIT_RULE
      fi
    else
      echo "/etc/polkit-1/localauthority/50-local.d/ does not exist. Unable to create polkit rules."
      Wait_For_Response "Continue?"
      if [ "$response" != "y" ] && [ "$response" != "Y" ]; then
        exit 1
      fi
      echo
    fi
  fi
  echo
fi
There is more to the script but hopefully the variables make sense. Notice the user must be a member of the users group.

The script was intended to automate installing a dual boot system. There is no need to use the script snippet. Just extract the applicable sections, such as making udev and polkit rules and populating fstab.

I have not tested this in a long while and have not tested with Windows 10. I have not tested in a true Linux multi-user system with multiple users concurrently logged on using switching.
 
Old 12-01-2018, 11:24 AM   #9
PROBLEMCHYLD
Member
 
Registered: Apr 2015
Posts: 668

Original Poster
Rep: Reputation: Disabled
Thanks for the script but I'm not quite sure where to 'Nip and Tuck' and does this apply when you have multiple NTFS drives?
 
Old 12-01-2018, 01:14 PM   #10
upnort
Member
 
Registered: Oct 2014
Distribution: Slackware, Proxmox, Debian, CentOS, Ubuntu MATE
Posts: 768

Rep: Reputation: Disabled
Quote:
does this apply when you have multiple NTFS drives
Yes.

To hide partitions from any disk and any operating system, use udev rules like this:

Code:
# Hide Windows SYSTEM partition.
KERNEL=="sda1", ENV{UDISKS_IGNORE}="1"
# Hide Windows C: partition.
KERNEL=="sda2", ENV{UDISKS_IGNORE}="1"
# Hide Windows RECOVERY partition.
KERNEL=="sda3", ENV{UDISKS_IGNORE}="1"
# Hide MY BACKUP partition.
KERNEL=="sdb5", ENV{UDISKS_IGNORE}="1"
Multiple rules can be maintained in the same rule file. I call my rule 99-hide-partition.rules. Adding the rule is good idea even when wanting read-only or read-write access to Windows files because typically users do not want to be bothered by Windows system and recovery partitions. The udev rules for those partitions keeps the partitions out of file manager mount lists.

Moving up the ladder so to speak, to allow read-only access to the Windows C: partition:

* Comment out the udev rule for the Windows C: partition.
* Create a mount point. For example, /media/windows or /mnt/windows.
* Use blkid to grab the partition UUID.
* Edit fstab:

Code:
# /dev/sda2 - Windows C: Partition
UUID=${WINDOWS_UUID} /media/windows ntfs defaults,ro,windows_names,noauto,noexec,ntfs=utf8 0 0"
To allow read-write access to the same partition, change the ro to rw.

To avoid the password prompt, create a polkit rule:

/etc/polkit-1/localauthority/50-local.d/99-mount-partitions.pkla
Code:
[Password-less mounting of local partitions]
Identity=unix-group:users
Action=org.freedesktop.udisks2.filesystem-mount-system
ResultAny=yes
ResultInactive=yes
ResultActive=yes
Be sure the user account is a member of the users group or whatever group you want to use.

I created this sequence of steps before polkit supported *.rules files. The syntax for a rules file is different from a pkla file. Slackware 14.2 uses polkit 0.113, which supports *.rules files. polkit 0.105 and older does not support *.rules files and only supports *.pkla files.

If you have a dual boot Windows system, for example, running Windows 7 and 10, just add the additional partitions to both the udev rule and fstab.

Last edited by upnort; 12-01-2018 at 01:17 PM.
 
Old 12-01-2018, 02:10 PM   #11
luvr
Member
 
Registered: May 2005
Location: Boom - The Home Town of Tomorrowland, Belgium
Distribution: Slackware, Debian, Xubuntu
Posts: 196
Blog Entries: 1

Rep: Reputation: 83
If I understand correctly, then you just want to bypass the password prompt that appears when you attempt to open a disk filesystem that is not yet mounted.

To achieve that, you need to create the appropriate polkit rule in the ‘/etc/polkit-1/rules.d’ directory. The files in that directory are numbered, and they are processed in order, sorted by their filenames. Whenever the policy kit validates a request, it will execute the code in the files in sequence, until one of them returns a result. Thus, if you want to override any existing policy, you should make sure that your file will execute as early as possible. In other words, you will need to assign it a name that starts with a low number—e.g., “00”.

Therefore, you could name your file, e.g., ‘00-local.overrides.rules’. If you want any user to be able to mount internal disk filesystems without getting a password prompt, then the contents of the file should look something like the following:
Code:
polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.udisks2.filesystem-mount-system") {
        return polkit.Result.YES;
    }
});
If, on the other hand, you want to suppress the password prompt only for users that belong to a specific user group—e.g., “plugdev”—then the contents will look something like this:
Code:
polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.udisks2.filesystem-mount-system" &&
        subject.isInGroup("plugdev")) {
        return polkit.Result.YES;
    }
});
Hope that helps.

Last edited by luvr; 12-01-2018 at 02:11 PM.
 
Old 12-03-2018, 02:45 PM   #12
PROBLEMCHYLD
Member
 
Registered: Apr 2015
Posts: 668

Original Poster
Rep: Reputation: Disabled
All of you guys methods worked!!! I have everything up and running and thanks very much.

I chose luvr approach because I was able to add more software to stop the password pop ups. Thanks to all....

19-bypass-root-password.rules
Code:
polkit.addRule(function(action, subject) {
    if (action.id == "org.fedoraproject.config.samba.configure" ||
	action.id == "org.freedesktop.policykit.exec" ||
	action.id == "org.freedesktop.udisks2.filesystem-mount-system" ||
	action.id == "org.gnome.gparted")
    {
	return polkit.Result.YES;
    }
});
This way I can keep everything in one place. I can't seem to get cups working bypassing the password prompt. Any ideas?
 
Old 12-06-2018, 03:27 AM   #13
enorbet
Senior Member
 
Registered: Jun 2003
Location: Virginia
Distribution: Slackware = Main OpSys for decades while testing others to keep up
Posts: 2,015

Rep: Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911Reputation: 1911
Glad you got it OK but it might be worthy of mention on the subject of ntfs partitions and permission that there is a really simple way that I use. Here's one line from /etc/fstab for one partition

Code:
###/etc/fstab
/dev/sda2     /mnt/ntfs2     ntfs-3g     fmask=111,dmask=000   1   0
 
Old 12-06-2018, 04:37 AM   #14
luvr
Member
 
Registered: May 2005
Location: Boom - The Home Town of Tomorrowland, Belgium
Distribution: Slackware, Debian, Xubuntu
Posts: 196
Blog Entries: 1

Rep: Reputation: 83
Quote:
Originally Posted by PROBLEMCHYLD View Post
I can't seem to get cups working bypassing the password prompt. Any ideas?
I guess you mean the password prompt that I attached here?
That obviously isnʼt handled by PolicyKit, which, consequently, wonʼt be able to bypass it.
I have no idea how it could be bypassed, or if this is even possible in the first place.
Attached Thumbnails
Click image for larger version

Name:	CUPS Authentication.png
Views:	4
Size:	14.5 KB
ID:	29104  
 
Old 12-06-2018, 04:56 AM   #15
Petri Kaukasoina
Member
 
Registered: Mar 2007
Posts: 357

Rep: Reputation: 205Reputation: 205Reputation: 205
Quote:
Originally Posted by PROBLEMCHYLD View Post
I can't seem to get cups working bypassing the password prompt. Any ideas?
In /etc/cups/cups-files.conf there is a line beginning with word SystemGroup. Add a group there, say 'cupsadmin', and add yourself to that group.
 
1 members found this post helpful.
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
change password without knowing current password powah Linux - Security 16 10-04-2012 09:17 AM
how to change root password without knowing the grub password ramesh.mimit Red Hat 8 10-15-2011 06:12 AM
NTFS (winxp) drive is accessible only by root, why NTFS (winxp) drive not accessible Samppa72 Linux - Software 1 07-26-2004 04:13 PM
One of Windows partitions not accessible in Linux forres Linux - Newbie 2 04-13-2004 06:14 PM
Partitions, partitions, partitions..... Clueless in VA Linux - Newbie 7 08-08-2001 04:01 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 11:38 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration