Ubuntu
gnome-disk-utility package

regression: local admin not authorized for many tasks

Bug #1069234 reported by Jamin W. Collins
36
This bug affects 7 people
Affects Status Importance Assigned to Milestone
gnome-disk-utility (Ubuntu)
Triaged
High
Unassigned
policykit-desktop-privileges (Ubuntu)
Confirmed
Undecided
Unassigned
udisks2 (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

With 12.10 it looks like gnome-disk-utility has moved to using udisks2 behind the scenes. However, it appears that polkit entries were not created for most of the potential actions that can be taken within gnome-disks. Many of the actions result in an error like the following:

An error occured

Not authorized to perform operation (udisks-error-quark, 4)

I've received the above error when trying to use gnome-disks start a benchmark of a volume. This worked fine under 12.04 (via the gnome-disks precursor palimpsest and udisks).

Digging into this, it appears that there are a total of 38 possible polkit actions and local admins are only authorized by default for a total of three of them (via 10-vendor.d/com.ubuntu.desktop.pkla):

org.freedesktop.udisks2.filesystem-mount-system
org.freedesktop.udisks2.encrypted-unlock-system
org.freedesktop.udisks2.filesystem-fstab

Contrast this with the authorization for the previous udisk activities:
org.freedesktop.udisks.filesystem-*
org.freedesktop.udisks.drive-ata-smart*

Which covers 10 actions from what I can see.

For parity with previous releases I believe the following actions also need to be authorized for local admins:
org.freedesktop.udisks2.filesystem-mount [1]
org.freedesktop.udisks2.filesystem-unmount-others [1]
org.freedesktop.udisks2.ata-smart-* [2]

I'm sure there are others as there doesn't appear to be a direct 1:1 translation for some of the permissions.

This is a regression with regard to the previous 12.04 release and what local admin users were authorized to do.

[1] - covered previously by org.freedesktop.udisks.filesystem-*
[2]- covered previously by org.freedesktop.udisks.drive-ata-smart*

ProblemType: Bug
DistroRelease: Ubuntu 12.10
Package: gnome-disk-utility 3.6.1-0ubuntu1
ProcVersionSignature: Ubuntu 3.5.0-17.28-generic 3.5.5
Uname: Linux 3.5.0-17-generic x86_64
ApportVersion: 2.6.1-0ubuntu3
Architecture: amd64
Date: Sat Oct 20 14:45:17 2012
InstallationMedia: Ubuntu 9.10 "Karmic Koala" - Release amd64 (20091027)
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
 XDG_RUNTIME_DIR=<set>
 LANG=en_US.UTF-8
 SHELL=/bin/bash
SourcePackage: gnome-disk-utility
UpgradeStatus: Upgraded to quantal on 2012-10-12 (8 days ago)

See original description
Revision history for this message
Jamin W. Collins (jcollins) wrote :
description: updated
Revision history for this message
Johan Helgø (johelgo) wrote :

Confirmed. Installed OS on my SSD, I deleted the partitions on my HDD during installation. Now I am not allowed to create new partition through disk utility --> cannot mount it either
It gives the error mentioned in bug description.

Any workaround for this? I kind of need that extra space :S

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in gnome-disk-utility (Ubuntu):
status: New → Confirmed
Revision history for this message
Jamin W. Collins (jcollins) wrote :

The attached file is a very permissive work around for the issue, it will allow local admins to do any of the potential udisk2 actions. Simply place it in /var/lib/polkit-1/localauthority/50-local.d.

Revision history for this message
Johan Helgø (johelgo) wrote :

Well, I found a workaround for my spesific problem: start the OS installation again, go to the screen where you can format/partition hard-drives. I did what I had to do there, then cancelled the installation and rebooted. Now I can mount/unmount the hard drive and I can use it. However, If I try to format it, then I get the error message again.

Revision history for this message
Timo Aaltonen (tjaalton) wrote :

still happening on 13.04

Changed in gnome-disk-utility (Ubuntu):
importance: Undecided → High
status: Confirmed → Triaged
Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in policykit-desktop-privileges (Ubuntu):
status: New → Confirmed
Changed in udisks2 (Ubuntu):
status: New → Confirmed
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.