access regulation for block devices with hal?

[Jelle de Jong]

Hello everybody,

I am searching for a solution for the following situation:

I have created a system where multiple users work at the same time on
one system (multiseat) Every user has his own usb hub and unique linux
username and group.

I created udev rules that setup the group permissions of block devices
depending on the location where the usb stick is plugged in.

Creating the following example situation:

unity:~# ls -hal /dev/sd*
brw-rw---- 1 root disk  8,  0 okt 26 12:32 /dev/sda
brw-rw---- 1 root disk  8,  1 okt 26 12:32 /dev/sda1
brw-rw---- 1 root user0 8, 16 okt 26 12:32 /dev/sdb
brw-rw---- 1 root user0 8, 17 okt 26 12:32 /dev/sdb1
brw-rw---- 1 root user1 8, 32 okt 26 12:32 /dev/sdc
brw-rw---- 1 root user1 8, 33 okt 26 12:32 /dev/sdc1

So now user0 should not be able to access the device with group user1.
This works fine with parted, fdisk, dd etcetera. But I would like to be
able to let the user0 mount its device dev/sdb1.

So her comes the question, how can I let user0 mounts his usb stick with
group user0 and how can I let user1 mounts his usb stick with group
user1 without user0 or user1 being able to access other devices where
they have group rw permission on...

I would like to regulate this with HAL rules, only showing devices to a
user that he has access to and can mount, also make sure the mount is
not accessible by other users.

I have experimented with /etc/fstab but this is all static configuration
and seems not flexible enough.

Any ideas are welcome,

Kind regards,

Jelle de Jong