PolicyKit confusion

Da Rock freebsd-questions at herveybayaustralia.com.au
Fri Dec 23 06:14:13 UTC 2011

On 12/23/11 15:37, Polytropon wrote:
> On Fri, 23 Dec 2011 14:18:19 +1000, Da Rock wrote:
>> I checked out /media/hal-* and I see that the mount occurs only as root.
>> How do I change that exactly? I need it showing for operator group. I've
>> searched high and low and googled my brains out, but anything remotely
>> related is for linux and udev.
I had a feeling you'd be replying to this one :)
> I think I remember I got it working some time ago
> (on a 7.1 system), relying on the Gnome HAL FAQ
> which stated something like this:
> File: /usr/local/etc/PolicyKit/PolicyKit.conf
> <config version="0.1">
> <match action="org.freedesktop.hal.storage.mount-removable">
>    <match user="marcus">
>      <return result="NNNNN"/>
>    </match>
> </match>
> <match action="org.freedesktop.hal.storage.mount-fixed">
>    <match user="marcus">
>      <return result="NNNNN"/>
>    </match>
> </match>
> </config>
> For "NNNNN", use your user name; I think you can also
> use more than one "match" section if you want to allow
> access for other users. However, I doubt all this
> HAL / DBUS / PolicyKit magic is really intended for
> multi-user purposes. :-)
Followed that and done that, didn't work. Although it does say 
'result="yes"' not "user". Sorry: that was the freebsd-gnome FAQ.

Do you see any way of using "group" instead of "user"?

Incidentally, the disk shows up (in case I wasn't being all too clear), 
as a user I can't access it. And in the hal-tab it shows -u=0 as I said. 
I hunted down that scenario and it sent me down a very foggy path using 
hal-fdi's - setting -uid and -u settings.

I then checked out /usr/local/share/hal/fdi/policy/ and found in some 
files (particularly storage) the "key" options are set to "u=" or "uid=".

So I'm still attempting to assimilate all that to produce something 
other than a brainfart, and possibly restore balance to the force in 
that way.

Oh, and to preclude any suggestion to this effect, I have set 
> Note that HAL also has an option of "fixed mount points"
> to be set at compile time. I think I had set it...
No. At least I don't think I set it.
> I'm also unsure if NFS mounts are "fixed" or "removable"
> in PK terminology.
Nothing is clear on any of this. Which nutcase designed this anyway? Any 
documentation is vague and unclear, and the software config itself is 
about as clear as the weather on venus- and just as toxic too ;)
> Regarding your second question, I can't provide any
> further information. I just assume it's a means to
> turn a safe multi-user system into an insecure
> single-user system, which is what users expect. :-)
Dear god! What is this world coming to? And yet they all clamour to use 
the computer at the same time... thats the scene I see in families all 
the time, let alone work operations.


More information about the freebsd-questions mailing list