access regulation for block devices with hal?

[Jelle de Jong]

Jelle de Jong wrote:
> Hello everybody,
> 
> I am searching for a solution for the following situation:
> 
> I have created a system where multiple users work at the same time on
> one system (multiseat) Every user has his own usb hub and unique linux
> username and group.
> 
> I created udev rules that setup the group permissions of block devices
> depending on the location where the usb stick is plugged in.
> 
> Creating the following example situation:
> 
> unity:~# ls -hal /dev/sd*
> brw-rw---- 1 root disk  8,  0 okt 26 12:32 /dev/sda
> brw-rw---- 1 root disk  8,  1 okt 26 12:32 /dev/sda1
> brw-rw---- 1 root user0 8, 16 okt 26 12:32 /dev/sdb
> brw-rw---- 1 root user0 8, 17 okt 26 12:32 /dev/sdb1
> brw-rw---- 1 root user1 8, 32 okt 26 12:32 /dev/sdc
> brw-rw---- 1 root user1 8, 33 okt 26 12:32 /dev/sdc1
> 
> So now user0 should not be able to access the device with group user1.
> This works fine with parted, fdisk, dd etcetera. But I would like to be
> able to let the user0 mount its device dev/sdb1.
> 
> So her comes the question, how can I let user0 mounts his usb stick with
> group user0 and how can I let user1 mounts his usb stick with group
> user1 without user0 or user1 being able to access other devices where
> they have group rw permission on...
> 
> I would like to regulate this with HAL rules, only showing devices to a
> user that he has access to and can mount, also make sure the mount is
> not accessible by other users.
> 
> I have experimented with /etc/fstab but this is all static configuration
> and seems not flexible enough.
> 
> Any ideas are welcome,
> 
> Kind regards,
> 
> Jelle de Jong

Is there somebody, that is able to create some example hal rules, to do
what I need. I am willing to talk about some sort of reward/payment. I
can be contacted via irc: chat.freenode.org as tuxcrafter.

Thanks in advance,

Jelle