From owner-freebsd-questions@FreeBSD.ORG Fri Dec 23 06:14:13 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7169A106564A for ; Fri, 23 Dec 2011 06:14:13 +0000 (UTC) (envelope-from freebsd-questions@herveybayaustralia.com.au) Received: from mail.unitedinsong.com.au (mail.unitedinsong.com.au [150.101.178.33]) by mx1.freebsd.org (Postfix) with ESMTP id 1FCA18FC13 for ; Fri, 23 Dec 2011 06:14:13 +0000 (UTC) Received: from laptop1.herveybayaustralia.com.au (laptop1.herveybayaustralia.com.au [192.168.0.179]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.unitedinsong.com.au (Postfix) with ESMTPSA id 8E8635C24 for ; Fri, 23 Dec 2011 16:26:37 +1000 (EST) Message-ID: <4EF41B78.2070907@herveybayaustralia.com.au> Date: Fri, 23 Dec 2011 16:11:04 +1000 From: Da Rock User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:7.0.1) Gecko/20111109 Thunderbird/7.0.1 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <4EF4010B.5040704@herveybayaustralia.com.au> <20111223063744.1894ceda.freebsd@edvax.de> In-Reply-To: <20111223063744.1894ceda.freebsd@edvax.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: PolicyKit confusion X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2011 06:14:13 -0000 On 12/23/11 15:37, Polytropon wrote: > On Fri, 23 Dec 2011 14:18:19 +1000, Da Rock wrote: >> I checked out /media/hal-* and I see that the mount occurs only as root. >> How do I change that exactly? I need it showing for operator group. I've >> searched high and low and googled my brains out, but anything remotely >> related is for linux and udev. I had a feeling you'd be replying to this one :) > I think I remember I got it working some time ago > (on a 7.1 system), relying on the Gnome HAL FAQ > which stated something like this: > > File: /usr/local/etc/PolicyKit/PolicyKit.conf > > > > > > > > > > > > > > > > > > For "NNNNN", use your user name; I think you can also > use more than one "match" section if you want to allow > access for other users. However, I doubt all this > HAL / DBUS / PolicyKit magic is really intended for > multi-user purposes. :-) Followed that and done that, didn't work. Although it does say 'result="yes"' not "user". Sorry: that was the freebsd-gnome FAQ. Do you see any way of using "group" instead of "user"? Incidentally, the disk shows up (in case I wasn't being all too clear), as a user I can't access it. And in the hal-tab it shows -u=0 as I said. I hunted down that scenario and it sent me down a very foggy path using hal-fdi's - setting -uid and -u settings. I then checked out /usr/local/share/hal/fdi/policy/ and found in some files (particularly storage) the "key" options are set to "u=" or "uid=". So I'm still attempting to assimilate all that to produce something other than a brainfart, and possibly restore balance to the force in that way. Oh, and to preclude any suggestion to this effect, I have set vfs.usermount=1. > Note that HAL also has an option of "fixed mount points" > to be set at compile time. I think I had set it... No. At least I don't think I set it. > I'm also unsure if NFS mounts are "fixed" or "removable" > in PK terminology. Nothing is clear on any of this. Which nutcase designed this anyway? Any documentation is vague and unclear, and the software config itself is about as clear as the weather on venus- and just as toxic too ;) > Regarding your second question, I can't provide any > further information. I just assume it's a means to > turn a safe multi-user system into an insecure > single-user system, which is what users expect. :-) > Dear god! What is this world coming to? And yet they all clamour to use the computer at the same time... thats the scene I see in families all the time, let alone work operations. Thanks