Date: Fri, 23 Dec 2011 21:27:20 +1000 From: Da Rock <freebsd-questions@herveybayaustralia.com.au> To: freebsd-questions@freebsd.org Subject: Re: PolicyKit confusion - DBus error org.gtk.Private.RemoteVolumeMonitor.Failed: An operation is already pending Message-ID: <4EF46598.6090202@herveybayaustralia.com.au> In-Reply-To: <4EF41B78.2070907@herveybayaustralia.com.au> References: <4EF4010B.5040704@herveybayaustralia.com.au> <20111223063744.1894ceda.freebsd@edvax.de> <4EF41B78.2070907@herveybayaustralia.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On 12/23/11 16:11, Da Rock wrote: > On 12/23/11 15:37, Polytropon wrote: >> On Fri, 23 Dec 2011 14:18:19 +1000, Da Rock wrote: >>> I checked out /media/hal-* and I see that the mount occurs only as >>> root. >>> How do I change that exactly? I need it showing for operator group. >>> I've >>> searched high and low and googled my brains out, but anything remotely >>> related is for linux and udev. > I had a feeling you'd be replying to this one :) >> I think I remember I got it working some time ago >> (on a 7.1 system), relying on the Gnome HAL FAQ >> which stated something like this: >> >> File: /usr/local/etc/PolicyKit/PolicyKit.conf >> >> <config version="0.1"> >> >> <match action="org.freedesktop.hal.storage.mount-removable"> >> <match user="marcus"> >> <return result="NNNNN"/> >> </match> >> </match> >> >> <match action="org.freedesktop.hal.storage.mount-fixed"> >> <match user="marcus"> >> <return result="NNNNN"/> >> </match> >> </match> >> >> </config> >> >> For "NNNNN", use your user name; I think you can also >> use more than one "match" section if you want to allow >> access for other users. However, I doubt all this >> HAL / DBUS / PolicyKit magic is really intended for >> multi-user purposes. :-) > Followed that and done that, didn't work. Although it does say > 'result="yes"' not "user". Sorry: that was the freebsd-gnome FAQ. > > Do you see any way of using "group" instead of "user"? > > Incidentally, the disk shows up (in case I wasn't being all too > clear), as a user I can't access it. And in the hal-tab it shows -u=0 > as I said. I hunted down that scenario and it sent me down a very > foggy path using hal-fdi's - setting -uid and -u settings. > > I then checked out /usr/local/share/hal/fdi/policy/ and found in some > files (particularly storage) the "key" options are set to "u=" or "uid=". Ok, more data: I believe I'm getting closer. If I set Polkit.conf to match a user rather than a group I fail immediately with permission errors, same as before. However, if I use the group then I get: DBus error org.gtk.Private.RemoteVolumeMonitor.Failed: An operation is already pending dbus-launch gnome-mount --verbose... blah blah (as per instructions for debug output at freebsd-gnome hal faq) simply hangs, like this: dbus-launch gnome-mount --block --no-ui --verbose --hal-udi '/org/freedesktop/Hal/devices/volume_uuid_1061_EF39' gnome-mount 0.8 ** (gnome-mount:8314): DEBUG: Mounting /org/freedesktop/Hal/devices/volume_uuid_1061_EF39 ** (gnome-mount:8314): DEBUG: read default option 'longnames' from gconf strlist key /system/storage/default_options/vfat/mount_options ** (gnome-mount:8314): DEBUG: read default option '-u=' from gconf strlist key /system/storage/default_options/vfat/mount_options ** (gnome-mount:8314): DEBUG: Mounting /org/freedesktop/Hal/devices/volume_uuid_1061_EF39 with mount_point='', fstype='', num_options=2 ** (gnome-mount:8314): DEBUG: option='longnames' ** (gnome-mount:8314): DEBUG: option='-u=1001' Interestingly enough, if I try it with the user instead of group I get the last option there saying -u=0. And /media/.hal-mtab shows that too. In this case I get just .hal-mtab-lock file. Something interesting just happened- after 20mins or so nautilus barfs up a message about being unable to mount the drive: DBus error org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. > So I'm still attempting to assimilate all that to produce something > other than a brainfart, and possibly restore balance to the force in > that way. > > Oh, and to preclude any suggestion to this effect, I have set > vfs.usermount=1. >> Note that HAL also has an option of "fixed mount points" >> to be set at compile time. I think I had set it... > No. At least I don't think I set it. >> I'm also unsure if NFS mounts are "fixed" or "removable" >> in PK terminology. > Nothing is clear on any of this. Which nutcase designed this anyway? > Any documentation is vague and unclear, and the software config itself > is about as clear as the weather on venus- and just as toxic too ;) >> Regarding your second question, I can't provide any >> further information. I just assume it's a means to >> turn a safe multi-user system into an insecure >> single-user system, which is what users expect. :-) >> > Dear god! What is this world coming to? And yet they all clamour to > use the computer at the same time... thats the scene I see in families > all the time, let alone work operations.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4EF46598.6090202>