Bug 441421 - no means to prevent fixed disk automount
no means to prevent fixed disk automount
Status: CLOSED WORKSFORME
Product: Fedora
Classification: Fedora
Component: hal (Show other bugs)
rawhide
All Linux
low Severity low
: ---
: ---
Assigned To: David Zeuthen
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-04-07 19:24 EDT by Steve Alexander
Modified: 2013-03-05 22:55 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-04-07 20:37:45 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Steve Alexander 2008-04-07 19:24:05 EDT
Description of problem:
Hal policy causes it to automount all fixed disk file systems.

Version-Release number of selected component (if applicable):
Fedora9 beta distro.
hal-0.5.11-0.2.rc2.fc9

How reproducible:
100%

Steps to Reproduce:
1.create an ext3 fixed disk partition, not described in /etc/fstab
2.login to system as root with gnome desktop
  
Actual results:
The undescribed fixed disk file system is mounted under /media

Expected results:
Only fixed disk file system of/etc/fstab should be mounted.


Additional info:
Under FC6 and F7 the "hal" package included a policy in
/usr/share/hal/fdi/policy/10osvendor/99-redhat-storage-policy-fixed-drives.fdi
which causes hal to NOT automount fixed file systems.

In F8, F9alpha and F9beta this file was removed from the hal package.  Perhaps
this was to accommodate changes in gnome-volume-manager-2.17.0-8.fc8  which had
a "storage" tab in "gnome-volume-properties" tool.  That tab has "removable
storage" options which also applied to fixed storage devices.  So in F8 there
was an administratively accessible tool to prevent fixed disk automount.

In F9alpha & F9beta the gnome-volume-properties lacks a "storage" tab.  The
corresponding F9alpha and F9beta hal packages do not include the hal policy fdi
file.  This leaves F9 with no simple means of preventing hal automount of all
fixed file systems.

Temporary workaround:
Copying the 99-redhat-storage-policy-fixed-drives.fdi file from older Fedora
distro to F9 prevents the fixed disk automount.
Comment 1 David Zeuthen 2008-04-07 20:37:45 EDT
> 2.login to system as root with gnome desktop

Lose. You're not supposed to log in as root. You even get a big warning
explaining this to you. So it's not like you've not been warned. Care to explain
why logging into GNOME as uid 0 is useful?

That said, you can already control authorizations via PolicyKit. For example

# polkit-auth  --user some_user --block org.freedesktop.hal.storage.mount-fixed

will block mounting internal disks for user 'some_user'. But I can't remember if
it applies to uid 0 or not. Either way, Nautilus is deciding to mount the disks
so you are filing bugs against the wrong component.

Note You need to log in before you can comment on or make changes to this bug.