ATA Smart Update Requires Authentication on Every Login

Ralf Mardorf silver.bullet at zoho.com
Tue Jul 12 12:54:19 UTC 2016


On Tue, 12 Jul 2016 11:01:39 +0300, Amichai Rotman wrote:
>The details state the action as
>org.freedesktop.udisks2.ata-smart-update.
>
>How can I make it stop asking?!  It really bugs me...

If somethings auto-starts udisks (that doesn't happen on my machine),
than perhaps the rules are required in /etc/polkit-1/*/*
or /var/lib/polkit-1/*/*, the ones, perhaps templates, in
/usr/share/polkit-1/actions/org.freedesktop.udisks2.policy look
different to .pkla and .rules files.

https://udisks.freedesktop.org/docs/latest/udisks-polkit-actions.html
http://manpages.ubuntu.com/manpages/xenial/man8/pklocalauthority.8.html

I once edited such a file for another Linux [1], but I never had to do
it again. Note, I didn't read the links I provided myself ;). I don't
know if it's a pointer into the right direction, but If I would
experience this issues, I likely would start reading with those links.

"For each of these settings the following options are available:

    no: The user is not authorized to carry out the action. There is therefore no need for authentication.
    yes: The user is authorized to carry out the action without any authentication.
    auth_self: Authentication is required but the user need not be an administrative user.
    auth_admin: Authentication as an administrative user is require.
    auth_self_keep: The same as auth_self but, like sudo, the authorization lasts a few minutes.
    auth_admin_keep: The same as auth_admin but, like sudo, the authorization lasts a few minutes." -
https://wiki.archlinux.org/index.php/Polkit

https://wiki.archlinux.org/index.php/Polkit#Udisks

[weremouse at moonstudio ~]$ grep -v lang= /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy | grep -B1 -A7 update
  
  <action id="org.freedesktop.udisks2.ata-smart-update">
    <description>Update SMART data</description>
    <message>Authentication is required to update SMART data</message>
    <defaults>
      <allow_any>auth_admin</allow_any>
      <allow_inactive>auth_admin</allow_inactive>
      <allow_active>yes</allow_active>
    </defaults>
  </action>

[weremouse at moonstudio ~]$ sudo -i
[root at moonstudio ~]# ls -hAl /etc/polkit-1/*/*
-rw-r--r-- 1 root root  267 Jul 10  2015 /etc/polkit-1/localauthority.conf.d/50-localauthority.conf
-rw-r--r-- 1 root root   65 Jul 10  2015 /etc/polkit-1/localauthority.conf.d/51-ubuntu-admin.conf
-rw-r--r-- 1 root root  455 Jul 10  2015 /etc/polkit-1/nullbackend.conf.d/50-nullbackend.conf

/etc/polkit-1/localauthority/10-vendor.d:
total 0

/etc/polkit-1/localauthority/20-org.d:
total 0

/etc/polkit-1/localauthority/30-site.d:
total 0

/etc/polkit-1/localauthority/50-local.d:
total 0

/etc/polkit-1/localauthority/90-mandatory.d:
total 0
[root at moonstudio ~]# ls -hAl /var/lib/polkit-1/*/*
/var/lib/polkit-1/localauthority/10-vendor.d:
total 0

/var/lib/polkit-1/localauthority/20-org.d:
total 0

/var/lib/polkit-1/localauthority/30-site.d:
total 0

/var/lib/polkit-1/localauthority/50-local.d:
total 0

/var/lib/polkit-1/localauthority/90-mandatory.d:
total 0
[root at moonstudio ~]# ps aux | grep udis
root      4365  0.0  0.0  12944   920 pts/0    S+   14:33   0:00 grep --color=auto udis

Regards,
Ralf

[1]
[root at moonstudio ~]# ls -hAl /mnt/archlinux/etc/polkit-1/*/*
-rw-r--r-- 1 root root 514 Jul 19  2015 /mnt/archlinux/etc/polkit-1/rules.d/10-admin-shutdown-reboot.rules
-rw-r--r-- 1 root root 226 Oct 10  2015 /mnt/archlinux/etc/polkit-1/rules.d/40-libvirtd-vmanusers.rules
-rw-r--r-- 1 root root 326 Oct 25  2015 /mnt/archlinux/etc/polkit-1/rules.d/50-default.rules
[root at moonstudio ~]# cat /mnt/archlinux/etc/polkit-1/rules.d/10-admin-shutdown-reboot.rules 
polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.login1.power-off" ||
        action.id == "org.freedesktop.login1.power-off-ignore-inhibit" ||
        action.id == "org.freedesktop.login1.power-off-multiple-sessions" ||
        action.id == "org.freedesktop.login1.reboot" ||
        action.id == "org.freedesktop.login1.reboot-ignore-inhibit" ||
        action.id == "org.freedesktop.login1.reboot-multiple-sessions"
    ) {
        return polkit.Result.AUTH_SELF_KEEP;
    }
});




More information about the ubuntu-users mailing list