You are not logged in.

#1 2010-07-31 23:13:46

Kane
Member
Registered: 2006-10-08
Posts: 220

Authentication is required to mount the device

Hi guys,
If i try to mount one of my hard drives or partitions from within gnome using nautilus (where the drives are shown),
A dialogue box pops up asking for the root password.

The user is part of the storage group, should this not allow them to mount the device without giving root permissions?

Thanks
Kane

Offline

#2 2010-07-31 23:26:29

karol
Archivist
Registered: 2009-05-06
Posts: 25,440

Re: Authentication is required to mount the device

Try pmount to mount as a user.

I don't think it should prompt for a root password, you may want to add 'mount' to no-password commands for the user (via visudo).

Offline

#3 2010-07-31 23:47:36

Kane
Member
Registered: 2006-10-08
Posts: 220

Re: Authentication is required to mount the device

sorry i should have made it a bit clearer, im clicking on the drive in nautilus and the dialogue box pops up.
i thought mounting was handled by policykit/consolekit in gnome these days?

thanks

Offline

#4 2010-07-31 23:54:36

cesura
Package Maintainer (PM)
From: Tallinn, Estonia
Registered: 2010-01-23
Posts: 1,867

Re: Authentication is required to mount the device

I don't recall where nautilus mounts drives, but does your user have permission to mount a drive in that location?

Offline

#5 2010-07-31 23:58:13

karol
Archivist
Registered: 2009-05-06
Posts: 25,440

Re: Authentication is required to mount the device

itsbrad212 wrote:

I don't recall where nautilus mounts drives, but does your user have permission to mount a drive in that location?

In other words, if /media/usb belongs to root and you want to mount there, you need root's password.

Offline

#6 2010-08-01 00:23:35

Kane
Member
Registered: 2006-10-08
Posts: 220

Re: Authentication is required to mount the device

In the wiki it says if mounting fails for normal users, then use:

exec ck-launch-session gnome-session

in your .xinitrc

which i have, and so i just wondered if there was a bug or an issue? or is this a feature?

Offline

#7 2011-02-27 21:07:38

bkadoctaj
Member
Registered: 2010-05-02
Posts: 52

Re: Authentication is required to mount the device

Yeah, I'm wondering the same.  How can we enable the Ubuntu behavior (to mount other partitions in Nautilus using the regular user password) whereas in Arch the root password seems to be required?

I am using Gnome 2.32.1 and Nautilus 2.32.0.  Using the /apps/gksu/sudo-mode key in gconf-editor doesn't make a difference nor does System > Preferences > Privilege granting (gksu-properties).

Last edited by bkadoctaj (2011-02-27 21:13:22)

Offline

#8 2011-02-27 21:28:55

bremarv
Member
Registered: 2010-03-12
Posts: 26

Re: Authentication is required to mount the device

If I remember correctly, Ubuntu as default mounts in /mnt, which in arch is set to root:root. Setting owner and/or group to storage or another appropriate group might help.


"As a former philosophy major, it disturbs me to think that things disappear when no one is looking at them, but that's exactly what happens in Python" - Mark Pilgrim

Offline

#9 2011-02-27 21:40:24

bkadoctaj
Member
Registered: 2010-05-02
Posts: 52

Re: Authentication is required to mount the device

Hmm... changing the group of /mnt to storage && allowing write capabilities to the group didn't change anything.  Nautilus still requests the root password to mount the other partitions.

It seems to me that it is a problem related to either Gnome or Nautilus rather than a permissions issue.  Why can't what seems to be a 'su' backend be changed to a 'sudo' backend?

Thanks for your thoughts.

EDIT: btw, the fix in https://wiki.archlinux.org/index.php/GN … n_Nautilus does indeed work for me but it also seems enable other graphical applications to bypass gksu authentication.

Last edited by bkadoctaj (2011-02-27 21:46:29)

Offline

#10 2011-10-06 07:36:21

Taquito
Member
Registered: 2011-10-06
Posts: 5

Re: Authentication is required to mount the device

FROM ... man pklocalauthority

------------------------------------------------------------
NAME
       pklocalauthority - PolicyKit Local Authority

DESCRIPTION

       The Local Authority is the default PolicyKit authority implementation. Configuration for the Local Authority and information pertaining to authorization decisions are read from local files on the disk. One design goal of the Local Authority is to split configuration items into separate files such that 3rd party packages and users won't conflict trying to edit the same files. This policy also ensures smooth upgrades when distributing PolicyKit using a package management system.

       Files shipped with PolicyKit and 3rd party packages (e.g. under package manager control) typically have comments (such as “DO NOT EDIT THIS FILE, it will be overwritten on update”) telling the system administrator that changes will be overwritten on update.

ADMINISTRATOR AUTHENTICATION

       PolicyKit makes a distinction between user authentication (to make the user in front of the system prove he really is the user) and administrator authentication (to make the user in front of the system prove he really is an administrator). Since various operating systems (or even flavors of the same operating system) has different ways of defining "administrator", the Local Authority provides a way to specify what "administrator authentication" means.

       By default, "administrator authentication" is defined as asking for the root password. Since some systems, for usability reasons, don't have a root password and instead rely on a group of users being member of an administrative group that gives them super-user privileges, the Local
       Authority can be configured to support this use-case as well.

       Configuration for the Local Authority is read from files in the /etc/polkit-1/localauthority.conf.d directory. All files are read in lexigraphical order (using the C locale) meaning that later files can override earlier ones. The file 50-localauthority.conf contains the settings provided by the OS vendor. Users and 3rd party packages can drop configuration files with a priority higher than 60 to change the defaults. The configuration file format is simple. Each configuration file is a key file (also commonly known as a ini file) with a single group called [Configuration]. Only a single key, AdminIdentities is read. The value of this key is a semi-colon separated list of identities that can be used when administrator authentication is required. Users are specified by prefixing the user name with unix-user: and groups of users are specified by prefixing with unix-group:. See the section called “EXAMPLES” for an example of a configuration file.

-----------------------------------------------

EXAMPLES

The following .conf file

           [Configuration]
           AdminIdentities=unix-group:desktop_admin_r

       that any user in the desktop_admin_r UNIX group can be used for authentication when administrator authentication is needed. This file would typically be installed in the /etc/polkit-1/localauthority.conf.d directory and given the name 60-desktop-policy.conf to ensure that it is evaluted after the 50-localauthority.conf file shipped with PolicyKit. If the local administrator wants to override this (suppose 60-desktop-policy.conf was shipped as part of the OS) he can simply create a file 99-my-admin-configuration.conf with the following content

           [Configuration]
           AdminIdentities=unix-user:lisa;unix-user:marge

       to specify that only the users lisa and marge can authenticate when administrator authentication is needed.

So maybe for you need you should do this

 $ sudo nano 60-desktop-policy.conf 

Inside nano (or your loved editor) write this..

 [Configuration]
           AdminIdentities=unix-group:storage

Hope this works for you... it did for me... big_smile..

P.S. Sorry about my english sad

Offline

Board footer

Powered by FluxBB