F42 Change Proposal: Unprivileged Disk Management (system-wide)

They should not be detected as removable and forcing them to be can cause some problems.

They should just be detected as non-system.

SUBSYSTEM=="usb", ACTION=="add|change", KERNEL=="sd[a-z]", ENV{UDISKS_SYSTEM}="0"

Would be a better way. For most of the drives the media is not removable with media meaning the flash for a SSD.

A USB micro SD card reader has removable set as the card is removable.
A USB thumb drive based of exactly the same micro SD hardware has removable not set.
They may be basically the same hardware with only a few bits in the controller changed to get it non-removable. In some cases they do not advertise but still execute the eject command. How do you remove and re-instert a card that is soldered down?

The system hint is set by default. It is removed if the media is removable or the drive is connected by USB or IEEE.1394 aka FireWire or a Memory Stick device. It does the same as the udev override.

The action is…

  • org.freedesktop.udisks2.encrypted-unlock if the device was created by the user.
    I think a filesystem image attached by the user should trigger this.
  • org.freedesktop.udisks2.encrypted-unlock-crypttab if it is in /etc/crypttab and has an option x-udisks-auth.
    This can be set by “require additional authorization” in Disks.
  • org.freedesktop.udisks2.encrypted-unlock-system if it has HintSystem = true.
    Any device not created by a user or using USB or IEEE.1394 matches this.
  • org.freedesktop.udisks2.encrypted-unlock-other-seat if you are on a different seat.
  • org.freedesktop.udisks2.encrypted-unlock is the default and matches anything not matched until here.

Seat is by default set to “seat0”. It may change for devices connected to some USB docks with integrated graphics but should not change in most cases.

3 Likes