Udisks and/or polkit problems

Kevin Chadwick ma1l1ists at yahoo.co.uk
Tue May 8 06:23:20 PDT 2012

On Tue, 8 May 2012 11:10:26 -0400
David Zeuthen wrote:

> > Better than factually wrong documentation and design. You didn't want
> > to answer any of the valid issues in the first place as others have
> > found.  
> As I said in the initial mail to you, your so-called "valid issues"
> were either incomprehensible or just plain wrong. I asked for you to
> be more concise (in a nice way) but apparently it didn't help.
> Sorry, but I can't help people, if they are unable to describe the
> problem in detail. Just saying "it doesn't work!" and throwing hands
> up in the air and ranting and then insulting people is not going to
> help.
> You are doing it wrong.
> First of all, you should be reporting bugs in bugzilla, not on a
> mailing list which is about _development_ (not end-user bugs like
> yours). Second of all, you should include information on the level
> requested in
>  http://www.freedesktop.org/wiki/Software/udisks

Well I was trying to find out if the nautilus regression of not showing
mount point for more than a split second was due to udisks2 or nautilus
before doing that. I did ask twice.

>>> Could someone please help me with the following.

>>> 1./ Why would udisks want modify after safely remove via nautilus or
>>> thunar.

"After safely remove"; I had already done as you suggested.

>>> 2./ Can I suppress the polkit modify permission denied box.

What you suggested led to this before I even mailed the list and I still
had the unmount /var/log problem etc..

>>> 3./ Can I restrict udisks to unmounting only certain devices when udev
>>>has mounted the device via a non priviledged hand-off script utilising


> it would be helpful if you at least copy/paste the exact
> output when running umount(8) or eject(1) or otherwise describe why
> you think udisks or polkit is wrong. Can't really help you otherwise.

There is no output to report except permission denied due to
mount-others and modify.

Udisks/polkit is wrong because:

1./ It should provide more accurate documentation:

using etc. in modify permissions description isn't good enough.

Saying sudo requires password and polkit is more fine-grained is
inaccurate at best. I'm pretty sure that was on the freedesktop.org site
but I'm failing to find it today.

2./ Sudo should be catered for as well as the principles of everything
is a file and user customisability. Rather than has been said by
others that you have stated that users shouldn't customise udisks at a
ll, it's not far to grasp redhat want this to help with easing support.
I admit my criticism there may have been increased due to gconf and the
like using multiple locations and binary configs. The documentation is
also a bit better than I first thought.

3./ Security tools should be transparent, finding out what polkit
allows is terrible. Sudo -l and a single config file make sudo good in
that regard. pkaction seems to give no reference to which users can do
what or what an action actually allows. Personally, if a third-party
program wanted to modify sudoers, I'd want to know about it too and
have opportunity to OK it before activation.

> > My companies won't go near it now.  
> Don't let the door hit you on your way out!

Way out, we never got into redhat. We used fedora once when selinux
came out, but that's about it.

I'm certainly not calling for your job. I'm sure your reasonably
talented but I wouldn't be happy if an employee of mine was calling
potential future customers "special" and "idiot".

If anything my extra comments were an effort to help you. You need to
grow a skin even if it felt like I was attacking your babies. :-)

More information about the devkit-devel mailing list