[SOLVED] Slackware 14.2 RC1 asks for root password, but didn't before 25th March, 2016
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Slackware 14.2 RC1 asks for root password, but didn't before 25th March, 2016
EDIT: Marked as unresolved, again, as it turns out that I am not the only one with that problem.
gargamel
i everyone,
I have a weird phenomenon here, and wonder, if it's only my system or if anyone else has similar problems.
Root Password is requested for mounting encrypted internal Harddisk
I have two internal harddisks in my computer, on for the operating system, the other one for photos, music and such. Both harddisks are LUKS encrypted. The first harddisk is decrypted at boot after entering the LUKS passphrase. The second harddisk is decrypted using a key file and /etc/crypttab, when I click on the harddisk icon in Dolphin. This used to work for me as a normal user, and the harddisk was just mounted. A few days ago, however, this changed. When I click on the harddisk icon in Dolphin now, a dialog pops up requesting the root password (yes, the root password, not the LUKS key or passphrase!).
Burning DVDs fails with strange Error Message
Also, I cannot burn DVDs anymore. "Unknown error message" in k3b and "cdrecord: Can you confirm that there is enough space on the media?" or so.
Root Cause?
Now, as long as I use Linux as my main system I haven't become (or even tried to become) an expert or geek. I am still a humble user. One thing I learned about Unix/Linux is, however, that 9 out of 10 issues have to do with wrong file permissions or user privileges. Therefore I think, the changed behaviour might have to do with the recent polkit updates (25th and 26th March, 2016).
Does anyone else have similar issues, or is it just me?
The same happens in my system, but i guess its a matter of /etc issue and polkitd user and group id, come with the last update, still tryng to figure it out
Curiously, I was having some strange behavior requiring root to mount an external drive that shouldn't have needed it after the 21-March updates, but they got fixed by the 26-March updates (which included the polkit UID/GID additions).
@specialized. I think the same. So I'll mark the thread as unresolved, again, as I am not the only one experiencing these issues.
@xflow7. I am pretty sure that before 25th March, 2016, the issues weren't present in my system. But the problem with mounting external drives is one of the symptoms of the problem that I tried to describe in my original post. So, maybe the root cause came with one of the previous updated, and the updates of 25th/26th March, 2016, only disclosed them?
At the moment I still have no clue, what exactly is going on.
BTW, I am planning for a fresh install, once 14.2 is out. Maybe the issue has to do with some old files interfering with new ones. I don't know. A new install will wipe old, obsolete and potentially interfering stuff.
Me too. That's in a VM that I use to build packages and where I rebuilt shadow to include translations of the (internationalized) "adduser" script, so at first I suspected that the issue came from that, but probably not as I am not alone.
The error message is localized:
Code:
mount: seul le superutilisateur peut utiliser mount
In /etc/fstab I have:
Code:
/dev/sdb1 /mnt auto noauto,user 0 0
/dev/sdb1 is an EFI partition equipped with a vfat file system of an USB stick with a GPT and a protective MBR and "lsblk -o model,name,fstype" reports an ISO9660 file system in /dev/sdb (device of which /dev/sdb1 is a partition).
However, I have no issue to mount /dev/sdb1 as root in Slackware current in a VirtualBox VM and as a regular user in Slackware 14.1 on bare metal.
Last edited by Didier Spaier; 04-16-2016 at 03:06 PM.
And yes: For me it is an issue, though a minor one. In fact there might be a reason for the changed behaviour, and if it's security, than so be it. I'd just like to know that the change was intended for some reason, and is not just an unwanted side effect of another change in special setups.
For my luks partition works this but maybe root password for mount is not that bad option:
[...]
Wait Pat fix this issue.
Thanks! I'll try your solution on the weekend, when I have a little time.
Yes, I agree: Requesting the root password to mount a disk is not always and not necessarily a bad idea. However, I think it depends on the usage scenario, the disk content and data ownership. E.g., in my setup the root password might in fact make sense, as I am mounting an internal harddisk.
For external hard drives I doubt that the current behaviour is all that useful. I liked the old behaviour when a normal user could connect an external USB harddisk and mount it after providing the LUKS passphrase or the LUKS key. It shouldn't require a system administrator to allow people to backup their data on external drives, as long as security is ensured. Requesting the root password for this in addition to the LUKS passphrase or key does not add to the security, here; I'd even think the opposite is true, because the user can more easily get into possession of the root password this way, by watching the admin entering it, for example.
So no added security, but a loss of comfort, at least for some users and some usage scenarios compared to the previous behaviour.
gargamel
Last edited by gargamel; 04-18-2016 at 02:21 PM.
Reason: EDIT: Re-formatted for better readability.
Root Password is requested for mounting encrypted internal Harddisk
I have two internal harddisks in my computer, on for the operating system, the other one for photos, music and such. Both harddisks are LUKS encrypted. The first harddisk is decrypted at boot after entering the LUKS passphrase. The second harddisk is decrypted using a key file and /etc/crypttab, when I click on the harddisk icon in Dolphin. This used to work for me as a normal user, and the harddisk was just mounted. A few days ago, however, this changed. When I click on the harddisk icon in Dolphin now, a dialog pops up requesting the root password (yes, the root password, not the LUKS key or passphrase!).
I'm pretty sure this is by design - removable media should still mount/unmount fine, but internal drives require authorization if they're not listed in fstab (and maybe even if they are, depending on fstab settings).
Quote:
Burning DVDs fails with strange Error Message
Also, I cannot burn DVDs anymore. "Unknown error message" in k3b and "cdrecord: Can you confirm that there is enough space on the media?" or so.
I don't know about this one. Does it help to do something similar to the instructions in CHANGES_AND_HINTS.TXT?
Code:
If you have permission errors when attempting to burn a cdrom or dvd image,
such as the following:
/usr/bin/cdrecord: Operation not permitted. Cannot send SCSI cmd via ioctl
then cdrecord almost certainly needs root privileges to work correctly.
One potential solution is to make the cdrecord and cdrdao binaries suid root,
but this has possible security implications. The safest way to do that is
to make those binaries suid root, owned by a specific group, and executable
by only root and members of that group. For most people, the example below
will be sufficient (but adjust as desired depending on your specific needs):
chown root:cdrom /usr/bin/cdrecord /usr/bin/cdrdao
chmod 4750 /usr/bin/cdrecord /usr/bin/cdrdao
If you don't want all members of the 'cdrom' group to be able to execute the
two suid binaries, then create a special group (such as 'burning' which is
recommended by k3b), use it instead of 'cdrom' in the line above, and add
to it only the users you wish to have access to cdrecord and cdrdao.
They don't as regular user here, even if listed in /etc/fstab on current. They do on 14.1 (USB stick in this case in this case, with some specificity, see post #7)
They don't as regular user here, even if listed in /etc/fstab on current. They do on 14.1 (USB stick in this case in this case, with some specificity, see post #7)
Removable media is mounting/unmounting in Xfce file manager for me here, as a regular user. No password prompt. The partitions are not listed in fstab, either. Tested with both a USB flash memory stick and a hard drive in a USB attached external bay.
Removable media is mounting/unmounting in Xfce file manager for me here, as a regular user. No password prompt. The partitions are not listed in fstab, either. Tested with both a USB flash memory stick and a hard drive in a USB attached external bay.
I just type the mount command in a terminal in Fluxbox.
PS in an xterm if that matters.
Last edited by Didier Spaier; 04-20-2016 at 03:07 PM.
Reason: PS added.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
