From owner-freebsd-questions@FreeBSD.ORG Fri Dec 23 11:30:30 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 71866106566C for ; Fri, 23 Dec 2011 11:30:30 +0000 (UTC) (envelope-from freebsd-questions@herveybayaustralia.com.au) Received: from mail.unitedinsong.com.au (mail.unitedinsong.com.au [150.101.178.33]) by mx1.freebsd.org (Postfix) with ESMTP id F14898FC1B for ; Fri, 23 Dec 2011 11:30:29 +0000 (UTC) Received: from laptop1.herveybayaustralia.com.au (laptop1.herveybayaustralia.com.au [192.168.0.179]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mail.unitedinsong.com.au (Postfix) with ESMTPSA id 93EC95C26 for ; Fri, 23 Dec 2011 21:42:54 +1000 (EST) Message-ID: <4EF46598.6090202@herveybayaustralia.com.au> Date: Fri, 23 Dec 2011 21:27:20 +1000 From: Da Rock User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:7.0.1) Gecko/20111109 Thunderbird/7.0.1 MIME-Version: 1.0 To: freebsd-questions@freebsd.org References: <4EF4010B.5040704@herveybayaustralia.com.au> <20111223063744.1894ceda.freebsd@edvax.de> <4EF41B78.2070907@herveybayaustralia.com.au> In-Reply-To: <4EF41B78.2070907@herveybayaustralia.com.au> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: PolicyKit confusion - DBus error org.gtk.Private.RemoteVolumeMonitor.Failed: An operation is already pending X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Dec 2011 11:30:30 -0000 On 12/23/11 16:11, Da Rock wrote: > On 12/23/11 15:37, Polytropon wrote: >> On Fri, 23 Dec 2011 14:18:19 +1000, Da Rock wrote: >>> I checked out /media/hal-* and I see that the mount occurs only as >>> root. >>> How do I change that exactly? I need it showing for operator group. >>> I've >>> searched high and low and googled my brains out, but anything remotely >>> related is for linux and udev. > I had a feeling you'd be replying to this one :) >> I think I remember I got it working some time ago >> (on a 7.1 system), relying on the Gnome HAL FAQ >> which stated something like this: >> >> File: /usr/local/etc/PolicyKit/PolicyKit.conf >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> For "NNNNN", use your user name; I think you can also >> use more than one "match" section if you want to allow >> access for other users. However, I doubt all this >> HAL / DBUS / PolicyKit magic is really intended for >> multi-user purposes. :-) > Followed that and done that, didn't work. Although it does say > 'result="yes"' not "user". Sorry: that was the freebsd-gnome FAQ. > > Do you see any way of using "group" instead of "user"? > > Incidentally, the disk shows up (in case I wasn't being all too > clear), as a user I can't access it. And in the hal-tab it shows -u=0 > as I said. I hunted down that scenario and it sent me down a very > foggy path using hal-fdi's - setting -uid and -u settings. > > I then checked out /usr/local/share/hal/fdi/policy/ and found in some > files (particularly storage) the "key" options are set to "u=" or "uid=". Ok, more data: I believe I'm getting closer. If I set Polkit.conf to match a user rather than a group I fail immediately with permission errors, same as before. However, if I use the group then I get: DBus error org.gtk.Private.RemoteVolumeMonitor.Failed: An operation is already pending dbus-launch gnome-mount --verbose... blah blah (as per instructions for debug output at freebsd-gnome hal faq) simply hangs, like this: dbus-launch gnome-mount --block --no-ui --verbose --hal-udi '/org/freedesktop/Hal/devices/volume_uuid_1061_EF39' gnome-mount 0.8 ** (gnome-mount:8314): DEBUG: Mounting /org/freedesktop/Hal/devices/volume_uuid_1061_EF39 ** (gnome-mount:8314): DEBUG: read default option 'longnames' from gconf strlist key /system/storage/default_options/vfat/mount_options ** (gnome-mount:8314): DEBUG: read default option '-u=' from gconf strlist key /system/storage/default_options/vfat/mount_options ** (gnome-mount:8314): DEBUG: Mounting /org/freedesktop/Hal/devices/volume_uuid_1061_EF39 with mount_point='', fstype='', num_options=2 ** (gnome-mount:8314): DEBUG: option='longnames' ** (gnome-mount:8314): DEBUG: option='-u=1001' Interestingly enough, if I try it with the user instead of group I get the last option there saying -u=0. And /media/.hal-mtab shows that too. In this case I get just .hal-mtab-lock file. Something interesting just happened- after 20mins or so nautilus barfs up a message about being unable to mount the drive: DBus error org.freedesktop.DBus.Error.NoReply: Did not receive a reply. Possible causes include: the remote application did not send a reply, the message bus security policy blocked the reply, the reply timeout expired, or the network connection was broken. > So I'm still attempting to assimilate all that to produce something > other than a brainfart, and possibly restore balance to the force in > that way. > > Oh, and to preclude any suggestion to this effect, I have set > vfs.usermount=1. >> Note that HAL also has an option of "fixed mount points" >> to be set at compile time. I think I had set it... > No. At least I don't think I set it. >> I'm also unsure if NFS mounts are "fixed" or "removable" >> in PK terminology. > Nothing is clear on any of this. Which nutcase designed this anyway? > Any documentation is vague and unclear, and the software config itself > is about as clear as the weather on venus- and just as toxic too ;) >> Regarding your second question, I can't provide any >> further information. I just assume it's a means to >> turn a safe multi-user system into an insecure >> single-user system, which is what users expect. :-) >> > Dear god! What is this world coming to? And yet they all clamour to > use the computer at the same time... thats the scene I see in families > all the time, let alone work operations.