Access restriction for ssh'd login
Martin Pitt
martin.pitt at ubuntu.com
Mon Jan 19 10:26:37 PST 2009
Hello Dieter,
Dieter Jurzitza [2009-01-17 18:06 +0100]:
> I've understood that for some reason openSUSE development team decided to
> restrict remote access to devices through ssh'ed logins.
Disclaimer: I don't know details in OpenSUSE, but if they are using
libpam-console, you should have a ConsoleKit session like the
following:
Session27:
unix-user = '1000'
[...]
active = FALSE
x11-display = ''
x11-display-device = ''
display-device = '/dev/ssh'
remote-host-name = 'myhost'
is-local = FALSE
on-since = '2009-01-19T18:24:30.580979Z'
I. e. a non-local session.
> As this is bad (IMHO) and very annoying for me, I thought I could probably ask
> on the list if some nice guy could tell me how to circumvent this, whether
> there is a simple means in order to make hald think that an user that logged
> in from remote via ssh is treated just the same as a locally logged in user.
You can use polkit-gnome-authorization or polkit-auth to give the
PolicyKit privileges that you need (e. g.
org.freedesktop.hal.storage.mount-removable) to your user, or
generally allow it for non-local sessions as well.
Martin
--
Martin Pitt | http://www.piware.de
Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org)
More information about the hal
mailing list