You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
trying to mount a freshly unlocked device via the DBus-API right after InterfacesAdded signal will require org.freedesktop.udisks2.filesystem-mount-system permission most of the time. If waiting a few seconds after the unlock, it requires org.freedesktop.udisks2.filesystem-mount as expected.
(Therefore, if you don't have this permission, it either fails with GDBus.Error:org.freedesktop.UDisks2.Error.NotAuthorizedCanObtain: Not authorized to perform operation; or if you have e.g. polkit-gnome running, it shows an authentication dialog instead of failing directly. If a password is entered into the dialog, it mounts, otherwise fails with GLib.Error: g-io-error-quark: GDBus.Error:org.freedesktop.UDisks2.Error.NotAuthorizedDismissed: The authentication dialog was dismissed (36).)
I encountered the issue while running udiskie in a window manager. Inside a DE, everything seems to work as was reported by someone else in coldfix/udiskie#153 (could be due to the permission being granted there, not sure).
It's reproducible without udiskie with the following simplified python script that waits for new filesystems and mounts as soon as they are added:
After starting this script, unlock your device with udisksctl unlock -b /dev/sdb1 and observe the issue. It doesn't happen every time, particularly if the device has warmed up.
Curiously, udisksctl unlock -b /dev/sdb1 && udisksctl mount -b /dev/dm-6 seems to mount every time.
Furthermore, if waiting a few seconds (1s seems to be enough) before attempting to mount, everything works as expected without having to enter a password.
Note that I know from running udisksctl monitor at the same time that InterfacesAdded is the only signal received, there is no PropertiesChanged afterwards, so it seems to be impossible to detect when the device is ready to be mounted without filesystem-mount-system permission.
Note that I run journalctl -n 20 -f -u polkit.service with the following polkit rule in /etc/polkit-1/rules.d/50-udisks.rules to see which permissions are queried:
tbzatek
changed the title
Requiring filesystem-mount-system directly after unlock
Polkit: Requiring filesystem-mount-system directly after unlock
Nov 28, 2019
Hi,
trying to mount a freshly unlocked device via the DBus-API right after
InterfacesAdded
signal will requireorg.freedesktop.udisks2.filesystem-mount-system
permission most of the time. If waiting a few seconds after the unlock, it requiresorg.freedesktop.udisks2.filesystem-mount
as expected.(Therefore, if you don't have this permission, it either fails with
GDBus.Error:org.freedesktop.UDisks2.Error.NotAuthorizedCanObtain: Not authorized to perform operation
; or if you have e.g.polkit-gnome
running, it shows an authentication dialog instead of failing directly. If a password is entered into the dialog, it mounts, otherwise fails withGLib.Error: g-io-error-quark: GDBus.Error:org.freedesktop.UDisks2.Error.NotAuthorizedDismissed: The authentication dialog was dismissed (36)
.)I encountered the issue while running udiskie in a window manager. Inside a DE, everything seems to work as was reported by someone else in coldfix/udiskie#153 (could be due to the permission being granted there, not sure).
It's reproducible without udiskie with the following simplified python script that waits for new filesystems and mounts as soon as they are added:
(you need
python-gobject
to run it)After starting this script, unlock your device with
udisksctl unlock -b /dev/sdb1
and observe the issue. It doesn't happen every time, particularly if the device has warmed up.Curiously,
udisksctl unlock -b /dev/sdb1 && udisksctl mount -b /dev/dm-6
seems to mount every time.Furthermore, if waiting a few seconds (1s seems to be enough) before attempting to mount, everything works as expected without having to enter a password.
Note that I know from running
udisksctl monitor
at the same time thatInterfacesAdded
is the only signal received, there is noPropertiesChanged
afterwards, so it seems to be impossible to detect when the device is ready to be mounted withoutfilesystem-mount-system
permission.Note that I run
journalctl -n 20 -f -u polkit.service
with the following polkit rule in/etc/polkit-1/rules.d/50-udisks.rules
to see which permissions are queried:This behaviour seems to be new since maybe 1-6 months (don't know exactly, sorry).
Any ideas how to fix this?
Best, Thomas
The text was updated successfully, but these errors were encountered: