i did this after i'd tried to enable various things from polkit-gnome-authorization, by explicitly granting my user rights. i had to run polkit-gnome-authorization using sudo, or i couldn't change anything at all... not that anything _should_ have required changing, since most things, including time change, manage system configuration, were already set to implicit authorization for admin authentication. "mount file systems from removable devices" was also already set to implicit Yes for the active console without requiring authentication. anyway, adding myself explicitly to the authorize list made no difference. note that it says hal mount-fixed is obtainable not mount-removable, which is presumably already allowed.
if i try to change /etc/PolicyKit/PolicyKit.conf to explicitly authorize me (user rishab) and also the hal mount-removable:
<!-- See the manual page PolicyKit.conf(5) for file format -->
now, "polkit-auth --show-obtainable" does nothing, presumably because everything is allowed.
i can now edit the wifi configuration, set date etc with no authentication, which is not really a safe situation. so i'll probably go back to the previous PolicyKit.conf, especially since even with this change hal still doesn't auto-mount (the drives show up in dmesg fine).
i also saw somewhere (not sure where, this polkit/hal problem seems to have been going on many threads) a suggestion to add to hal.conf:
<policy group="plugdev">
<allow send_interface="org.freedesktop.Hal.Device.Volume"/>
<allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>
</policy>
i couldn't see the point of it since the hal.conf default context already allows these actions, but added it anyway, to no effect.
sebastien bacher wrote:
> could you run "polkit-auth --show-obtainable" and "ck-list-sessions" and copy the logs to the bug?
ok, i ran it with the default /etc/PolicyKit/ PolicyKit. conf file...
[....header comments.....]
<!-- See the manual page PolicyKit.conf(5) for file format -->
<config version="0.1">
<match user="root">
<return result="yes"/>
</match>
</config>
$ polkit-auth --show-obtainable clockapplet. mechanism. settimezone .policykit. read .policykit. revoke .hal.power- management. shutdown- multiple- sessions .hal.power- management. reboot- multiple- sessions .hal.storage. mount-fixed .hal.storage. unmount- others .hal.storage. crypto- setup-fixed
org.gnome.
org.freedesktop
org.freedesktop
org.freedesktop
org.freedesktop
org.freedesktop
org.freedesktop
org.freedesktop
$ ck-list-sessions 08T22:27: 08Z'
Session1:
uid = '1000'
realname = 'Rishab Aiyer Ghosh,,,'
seat = 'Seat1'
session-type = ''
active = TRUE
x11-display = ':0'
x11-display-device = '/dev/tty7'
display-device = ''
remote-host-name = ''
is-local = TRUE
on-since = '2008-06-
i did this after i'd tried to enable various things from polkit- gnome-authoriza tion, by explicitly granting my user rights. i had to run polkit- gnome-authoriza tion using sudo, or i couldn't change anything at all... not that anything _should_ have required changing, since most things, including time change, manage system configuration, were already set to implicit authorization for admin authentication. "mount file systems from removable devices" was also already set to implicit Yes for the active console without requiring authentication. anyway, adding myself explicitly to the authorize list made no difference. note that it says hal mount-fixed is obtainable not mount-removable, which is presumably already allowed.
if i try to change /etc/PolicyKit/ PolicyKit. conf to explicitly authorize me (user rishab) and also the hal mount-removable:
<!-- See the manual page PolicyKit.conf(5) for file format -->
<config version="0.1"> admin_auth group="admin"/> "org.freedeskto p.hal.storage. mount-removable ">
<match user="root|rishab">
<return result="yes"/>
</match>
<define_
<match action=
<return result="yes"/>
</match>
</config>
now, "polkit-auth --show-obtainable" does nothing, presumably because everything is allowed.
i can now edit the wifi configuration, set date etc with no authentication, which is not really a safe situation. so i'll probably go back to the previous PolicyKit.conf, especially since even with this change hal still doesn't auto-mount (the drives show up in dmesg fine).
i also saw somewhere (not sure where, this polkit/hal problem seems to have been going on many threads) a suggestion to add to hal.conf: "org.freedeskto p.Hal.Device. Volume" /> "org.freedeskto p.Hal.Device. Volume. Crypto" />
<policy group="plugdev">
<allow send_interface=
<allow send_interface=
</policy>
i couldn't see the point of it since the hal.conf default context already allows these actions, but added it anyway, to no effect.