From owner-freebsd-bugs@FreeBSD.ORG Thu Oct 6 00:10:08 2011 Return-Path: Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D4E67106566C for ; Thu, 6 Oct 2011 00:10:08 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id ADC4C8FC13 for ; Thu, 6 Oct 2011 00:10:08 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id p960A8BL076187 for ; Thu, 6 Oct 2011 00:10:08 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id p960A8q6076184; Thu, 6 Oct 2011 00:10:08 GMT (envelope-from gnats) Resent-Date: Thu, 6 Oct 2011 00:10:08 GMT Resent-Message-Id: <201110060010.p960A8q6076184@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, Chuck Burns Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 212D51065676 for ; Thu, 6 Oct 2011 00:04:10 +0000 (UTC) (envelope-from nobody@FreeBSD.org) Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22]) by mx1.freebsd.org (Postfix) with ESMTP id 0AC588FC14 for ; Thu, 6 Oct 2011 00:04:10 +0000 (UTC) Received: from red.freebsd.org (localhost [127.0.0.1]) by red.freebsd.org (8.14.4/8.14.4) with ESMTP id p96049Nj042764 for ; Thu, 6 Oct 2011 00:04:09 GMT (envelope-from nobody@red.freebsd.org) Received: (from nobody@localhost) by red.freebsd.org (8.14.4/8.14.4/Submit) id p96049oS042757; Thu, 6 Oct 2011 00:04:09 GMT (envelope-from nobody) Message-Id: <201110060004.p96049oS042757@red.freebsd.org> Date: Thu, 6 Oct 2011 00:04:09 GMT From: Chuck Burns To: freebsd-gnats-submit@FreeBSD.org X-Send-Pr-Version: www-3.1 Cc: Subject: misc/161317: KDE 4.6.5 does not prompt for authentication for actions such as mount internal media. X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Oct 2011 00:10:09 -0000 >Number: 161317 >Category: misc >Synopsis: KDE 4.6.5 does not prompt for authentication for actions such as mount internal media. >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Oct 06 00:10:08 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Chuck Burns >Release: 8.2-STABLE >Organization: >Environment: FreeBSD blackbeast.local 8.2-STABLE FreeBSD 8.2-STABLE #2: Tue Oct 4 19:57:10 CDT 2011 root@blackbeast.local:/usr/obj/usr/src/sys/BLACKBEAST amd64 >Description: KDE does not seem to prompt, using kdesu, for authentication, for such things as "Mount internal media" the system policy is set for "Authentication" which means the UI should prompt for a root password to do the actions specified. As an example, I have created another partition on an internal drive, which by default, requires admin authentication, for polkit and hal to allow a mount. Instead of mounting, I am greeted with "An error occurred while accessing '74.5 GiB Hard Drive', the system responded: org.freedesktop.Hal.Device.PermissionDeniedByPolicy: org.freedesktop.hal.storage.mount-fixed auth_admin_keep_always <-- (action, result) Which gives the indication that I failed to authenticate.. Which I suppose I did, since I wasn't ever asked to authenticate. If, however, I modify the system to not require authentication at all, it will mount the device properly, but I wish to keep the default setting of "Admin Authorization - Keep" And yes, $ sysctl vfs.usermount vfs.usermount: 1 >How-To-Repeat: Attempt to mount an INTERNAL hard drive partition with KDE/dolphin 4.6.5 >Fix: No fix known, but an ugly hack is to just give a specified user or users full access, with no need for authentication. >Release-Note: >Audit-Trail: >Unformatted: