KDE Device Notifier mounts nouser filesystems

Paul Novak k9jenius at gmail.com
Fri Feb 13 08:24:39 PST 2015


Thank you for your very helpful & informative reply.

>> Live DVDs could intentionally loosen permission checks.
>> After all you are supposed to be the sole user and cannot
>> interfere with anything.

I had not thought of that.   Nonetheless, I have verified
the problem exists on a clean install of 64 bit PCLinuxOS
KDE.   All of the commands below are run on that system.

Synaptic reports this:

    udisks2 version  2.1.3-2pclos2014
    polkit  version  0.103-2pclos2013

I think polkit is version 1 because files are located in
/usr/share/polkit-1 (see below).   I'm assuming udisks
is version 2 based on the name.


Here's my entry in /etc/fstab:

LABEL=ROOT3    /mnt/ROOT3    ext4 noauto,nouser,ro 1 2



>> use "udisksctl info -b /dev/sdXN" to check whether partition is
>> considered system or not:

LABEL=ROOT3 is on /dev/sda1, so

"udisksctl info -b /dev/sda1" reports below (run as non-root),
full output, not just the HintSystem in case there's something
else useful there.  (note it does see the "noauto,nouser,ro"
settings, but note later in the output ReadOnly is false,
just pointing it out, don't know if "ro" and "ReadOnly" are
related).


##### BEGIN OUTPUT
/org/freedesktop/UDisks2/block_devices/sda1:
  org.freedesktop.UDisks2.Block:
    Configuration:              [('fstab', {'fsname': <b'LABEL=ROOT3'>,
'dir': <b'/mnt/ROOT3'>, 'type': <b'ext4'>, 'opts': <b'noauto,nouser,ro'>,
'freq': <1>, 'passno': <2>})]
    CryptoBackingDevice:        '/'
    Device:                     /dev/sda1
    DeviceNumber:               2049
    Drive:
'/org/freedesktop/UDisks2/drives/Hitachi_HTS545032B9A300_100425PBNC001YKAPV0R'
    HintAuto:                   false
    HintIconName:
    HintIgnore:                 false
    HintName:
    HintPartitionable:          true
    HintSymbolicIconName:
    HintSystem:                 true
    Id:
by-id-ata-Hitachi_HTS545032B9A300_100425PBNC001YKAPV0R-part1
    IdLabel:                    ROOT3
    IdType:                     ext4
    IdUUID:                     3140959a-7709-4cfa-a1bf-5424167d1a4c
    IdUsage:                    filesystem
    IdVersion:                  1.0
    MDRaid:                     '/'
    MDRaidMember:               '/'
    PreferredDevice:            /dev/sda1
    ReadOnly:                   false
    Size:                       16106127360
    Symlinks:                   /dev/block/8:1

/dev/disk/by-id/ata-Hitachi_HTS545032B9A300_100425PBNC001YKAPV0R-part1

/dev/disk/by-id/scsi-SATA_Hitachi_HTS5450100425PBNC001YKAPV0R-part1

/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0-part1

/dev/disk/by-uuid/3140959a-7709-4cfa-a1bf-5424167d1a4c
                                /dev/disk/by-label/ROOT3
                                /dev/disk/by-id/wwn-0x5000cca5edef2434-part1
                                /dev/disk/by-id/edd-int13_dev80-part1
  org.freedesktop.UDisks2.Filesystem:
    MountPoints:
  org.freedesktop.UDisks2.Partition:
    Flags:              0
    IsContained:        false
    IsContainer:        false
    Name:
    Number:             1
    Offset:             1048576
    Size:               16106127360
    Table:              '/org/freedesktop/UDisks2/block_devices/sda'
    Type:               0x83
    UUID:


##### END OUTPUT

HintSystem is set to "true"


>> System devices require authentication for
>> org.freedesktop.udisks2.filesystem-mount-system action; other devices -
>> for org.freedesktop.udisks2.filesystem-mount. Check whether polkit
>> grants you it:

Running as non-root user,

    pkcheck -a org.freedesktop.udisks2.filesystem-mount-system -p $$

returns no visible output, so running

    echo $?

returns 0

I believe this means that polkit is granting permission to me (non-root
user)

>> udisksctl mount -b /dev/sdXN

Running as non-root user,

    udisksctl mount -b /dev/sda1
    Mounted /dev/sda1 at /mnt/ROOT3.

/usr/share/polkit-1/actions/org.freedesktop.udisks2.policy
is very big (2500+ lines).  Because of that, I don't want to
include it directly in this reply, so I have provided it
as an attachment (I hope that's OK).

I thought maybe I needed to modify:

    /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy

I went to the

    <action id="org.freedesktop.udisks2.filesystem-mount-system">

section, and changed

      <allow_active>yes</allow_active>
to      <allow_active>auth_admin</allow_active>

towards the end of the section.

I rebooted (I wasn't sure if I needed to but I just wanted to be sure).
I (non-root) could still mount ROOT3 using the KDE device notifier
and running "udisksctl mount -b /dev/sda1" on the command line.

Thinking maybe I misunderstood if I the device was type system or not,
I went back to "org.freedesktop.udisks2.filesystem-mount-system"
and changed all occurrences (in all sections of the file) of

        <allow_active>yes</allow_active>
    to     <allow_active>auth_admin</allow_active>

rebooted (didn't know if that needed), and I (non-root) can still
mount ROOT3 using the device notifier or calling udisksctl on the
command line.

Questions:

- is udisks supposed to ignore the "nouser" setting in /etc/fstab
   and just go by whatever polkit tell it?

- do I need to reboot after changing
    /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy

- even if ROOT3 were not set to "nouser", why am I (non-root)
allowed to mount ROOT3 using udisksctl even after I set every
occurance of <allow_active> to auth_admin?

Paul.
*


On Fri, Feb 13, 2015 at 12:24 AM, Andrei Borzenkov <arvidjaar at gmail.com>
wrote:

> В Thu, 12 Feb 2015 11:59:40 -0600
> Paul Novak <k9jenius at gmail.com> пишет:
>
> > I'm trying to track down what I think is a bug that
> > can be seen using the KDE device notifier (although
> > according to the KDE folks, the problem in either in
> > udisk or polkit (either a bug or misconfiguration).
> >
> > I'm just a user; I'm not a developer.
> >
> > Before I write a bug report, I'm asking for confirmation
> > that what I'm seeing is in fact a bug and not expected/
> > desired behavior.
> >
> > I have verified this issue running LiveDVDs of
> > Kubuntu, Mint, and PCLinuxOS.   I used LiveDVDs
> > to eliminate any possibility of the problem
> > being related to my personal computer.
> >
>
> Live DVDs could intentionally loosen permission checks. After all you
> are supposed to be the sole user and cannot interfere with anything.
>
> > I have many partitions on my primary hard drive that
> > are not normally mounted.   One of them (for example)
> > is LABEL-ed ROOT3 and I have an entry in /etc/fstab
> > that looks like this:
> >
> >       LABEL=ROOT3     /mnt/ROOT3      ext4  noauto,nouser,ro 1 2
> >
> > I don't want non-root users to be able to mount or unmount
> > that partition, so I have set the "nouser" attribute.
> >
> > In a (non-root) terminal, if I run
> >
> >       mount /mnt/ROOT3
> >
> > I will (correctly) get this error:
> >
> >       mount: only root can mount LABEL=ROOT3 on /mnt/ROOT3
> >
> > However, if I (non-root user) click on the KDE Device Notifier and
> > configure it to look at all devices (not just removable),
> > then find the ROOT3 partition, and then click on the "little belt"
> > icon to the right of the ROOT3, the Device Notifier does mount
> > the filesystem read-only.   Because the filestem is mounted
> > read-only, I know the Device Notifier (or the tools it calls)
> > is reading /etc/fstab.   But I also know that "nouser" is
> > apparently being ignored.
> >
> > I filed a bug report again the KDE Device Notifier, but they closed
> > it saying the device notifier calls udisk with calls polkit when
> > dealing with mounts, so the problem was either a bug or a
> > misconfiguration of polkit or udisk.
> >
>
> use "udiskctl info -b /dev/sdXN" to check whether partition is
> considered system or not:
>
> bor at opensuse:~> udisksctl info -b /dev/sda1
> /org/freedesktop/UDisks2/block_devices/sda1:
>   org.freedesktop.UDisks2.Block:
>     Configuration:              [('fstab', {'fsname': <b'/dev/sda1'>,
> 'dir': <b'/boot'>, 'type': <b'ext2'>, 'opts': <b'defaults'>, 'freq': <1>,
> 'passno': <2>})]
> ...
>     HintSystem:                 true
>
> System devices require authentication for
> org.freedesktop.udisks2.filesystem-mount-system action; other devices -
> for org.freedesktop.udisks2.filesystem-mount. Check whether polkit
> grants you it:
>
> bor at opensuse:~> pkcheck -a
> org.freedesktop.udisks2.filesystem-mount-system -p $$
> polkit\56retains_authorization_after_challenge=1
> Authorization requires authentication and -u wasn't passed.
>
> So here poilkit will require explicit authentication for system
> devices. As opposed to
>
> bor at opensuse:~> pkcheck -a org.freedesktop.udisks2.filesystem-mount -p $$
> bor at opensuse:~/src/udisks> echo $?
> 0
>
> Finally try explicitly mount from command line
>
> udisksctl mount -b /dev/sdXN
>
> Note that it also depends on whether you have udisks or udisks2 and
> polkit or polkit2 ... but you got an idea?
>
> > I don't want to write a needless bug report if in fact
> > this is behavior is not a bug.  Could someone please
> > let me know if this is expected behavior ("ro" is used,
> > but "nouser" seems to be ignored)?
> >
> > Yesterday I posted a similar message to the polkit-devel
> > mailing list, but I haven't heard anything from anyone
> > there.
> >
> > Thanks.
> >
> > Paul.
> >
> > _______________________________________________
> > devkit-devel mailing list
> > devkit-devel at lists.freedesktop.org
> > http://lists.freedesktop.org/mailman/listinfo/devkit-devel
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freedesktop.org/archives/devkit-devel/attachments/20150213/705e6f20/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: org.freedesktop.udisks2.policy
Type: application/octet-stream
Size: 222426 bytes
Desc: not available
URL: <http://lists.freedesktop.org/archives/devkit-devel/attachments/20150213/705e6f20/attachment-0001.obj>


More information about the devkit-devel mailing list