udiskie wrongly mounts a HintSystem=true LUKS-encrypted multi-device btrfs array

[intelfx]

I'm using udiskie 2.8.4 (Arch Linux) on a headless NAS to automount all external USB drives when they are plugged in. Udiskie is started as a systemd user service:

$ systemctl --user cat udiskie
# /home/operator/.config/systemd/user/udiskie.service
[Service]
Type=simple
ExecStart=/usr/bin/udiskie --verbose --config %E/udiskie/config.yml

With the following config:

$ cat ~/.config/udiskie/config.yml 
program_options:
  udisks_version: 2
  tray: false
  automount: true
  notify: false

device_config:
  - is_external: false
    ignore: true
  - ignore: false

These are block devices attached to the NAS:

$ lsblk -f
NAME       FSTYPE      LABEL      UUID                                 FSAVAIL FSUSE% MOUNTPOINT
sda                                                                                   
├─sda1     vfat        EFI        0E25-B0A4                             188,3M    26% /boot
├─sda2     btrfs       linux-root 7c7390e8-8d12-4ebc-9cf8-e824aa39c869  134,7G    39% /var/lib/grafana
└─sda3     swap        linux-swap 143b2fa9-c500-4ba9-a04b-08c433330457                [SWAP]
sdb                                                                                   
sdc        crypto_LUKS            19a4f5a6-7ef9-4b76-ae95-bc2c4f03d8fe                
└─storage2 btrfs       storage    a4a78eb3-a3e4-467f-85b8-cf3bfe8747a4                
sdd        crypto_LUKS            4781976a-58b9-40ad-b490-d7269304b56a                
└─storage3 btrfs       storage    a4a78eb3-a3e4-467f-85b8-cf3bfe8747a4                
sde        crypto_LUKS            dfdac573-0f19-40eb-ad29-1d0a6599b222                
└─storage4 btrfs       storage    a4a78eb3-a3e4-467f-85b8-cf3bfe8747a4                
sdf        crypto_LUKS            6ff0637e-bb58-4ecb-bd0e-e1e6cb9bc7ce                
└─storage1 btrfs       storage    a4a78eb3-a3e4-467f-85b8-cf3bfe8747a4    1,3T    61% /mnt/data
sdg                                                                                   
└─sdg1     ext4        datastore1 5bcf5c71-291d-4625-afdf-b415c01d6986

Here, sd[c-f] are parts of a LUKS-encrypted multi-device btrfs array, and storage[1-4] are their decrypted counterparts. The sdg1 is an external USB HDD which I would like to mount.

At this point, the UDisks2 state looks like this:

$ busctl tree org.freedesktop.UDisks2                                       
└─/org
  └─/org/freedesktop
    └─/org/freedesktop/UDisks2
      ├─/org/freedesktop/UDisks2/Manager
      ├─/org/freedesktop/UDisks2/block_devices
      │ ├─/org/freedesktop/UDisks2/block_devices/dm_2d0
      │ ├─/org/freedesktop/UDisks2/block_devices/dm_2d1
      │ ├─/org/freedesktop/UDisks2/block_devices/dm_2d2
      │ ├─/org/freedesktop/UDisks2/block_devices/dm_2d3
      │ ├─/org/freedesktop/UDisks2/block_devices/loop0
      │ ├─/org/freedesktop/UDisks2/block_devices/loop1
      │ ├─/org/freedesktop/UDisks2/block_devices/loop2
      │ ├─/org/freedesktop/UDisks2/block_devices/loop3
      │ ├─/org/freedesktop/UDisks2/block_devices/loop4
      │ ├─/org/freedesktop/UDisks2/block_devices/loop5
      │ ├─/org/freedesktop/UDisks2/block_devices/loop6
      │ ├─/org/freedesktop/UDisks2/block_devices/loop7
      │ ├─/org/freedesktop/UDisks2/block_devices/sda
      │ ├─/org/freedesktop/UDisks2/block_devices/sda1
      │ ├─/org/freedesktop/UDisks2/block_devices/sda2
      │ ├─/org/freedesktop/UDisks2/block_devices/sda3
      │ ├─/org/freedesktop/UDisks2/block_devices/sdb
      │ ├─/org/freedesktop/UDisks2/block_devices/sdc
      │ ├─/org/freedesktop/UDisks2/block_devices/sdd
      │ ├─/org/freedesktop/UDisks2/block_devices/sde
      │ ├─/org/freedesktop/UDisks2/block_devices/sdf
      │ ├─/org/freedesktop/UDisks2/block_devices/sdg
      │ └─/org/freedesktop/UDisks2/block_devices/sdg1
      └─/org/freedesktop/UDisks2/drives
        ├─/org/freedesktop/UDisks2/drives/HGST_HUS724020ALA640_PN2134P6H414YP
        ├─/org/freedesktop/UDisks2/drives/Hitachi_HDS723020BLA642_MN3220F3316M8E
        ├─/org/freedesktop/UDisks2/drives/Hitachi_HDS723020BLA642_MN3220F33187TE
        ├─/org/freedesktop/UDisks2/drives/Hitachi_HDS723020BLA642_MN3220F3318B2E
        ├─/org/freedesktop/UDisks2/drives/ST1000LM024_HN_M101MBB_S2TPJ9CD126590
        ├─/org/freedesktop/UDisks2/drives/Samsung_SSD_850_PRO_256GB_S251NX0H811062E
        └─/org/freedesktop/UDisks2/drives/WDC_WD10JPLX_00MBPT0_JR1000D4G1YX7K

One of these dm-[0-3] entries:

$ busctl introspect org.freedesktop.UDisks2 /org/freedesktop/UDisks2/block_devices/dm_2d0 org.freedesktop.UDisks2.Block
NAME                          TYPE      SIGNATURE             RESULT/VALUE                             FLAGS
.AddConfigurationItem         method    (sa{sv})a{sv}         -                                        -
.Format                       method    sa{sv}                -                                        -
.GetSecretConfiguration       method    a{sv}                 a(sa{sv})                                -
.OpenDevice                   method    sa{sv}                h                                        -
.OpenForBackup                method    a{sv}                 h                                        -
.OpenForBenchmark             method    a{sv}                 h                                        -
.OpenForRestore               method    a{sv}                 h                                        -
.RemoveConfigurationItem      method    (sa{sv})a{sv}         -                                        -
.Rescan                       method    a{sv}                 -                                        -
.UpdateConfigurationItem      method    (sa{sv})(sa{sv})a{sv} -                                        -
.Configuration                property  a(sa{sv})             1 "fstab" 6 "fsname" ay 27 47 100 101 1… emits-change
.CryptoBackingDevice          property  o                     "/org/freedesktop/UDisks2/block_devices… emits-change
.Device                       property  ay                    10 47 100 101 118 47 100 109 45 48 0     emits-change
.DeviceNumber                 property  t                     65024                                    emits-change
.Drive                        property  o                     "/"                                      emits-change
.HintAuto                     property  b                     false                                    emits-change
.HintIconName                 property  s                     ""                                       emits-change
.HintIgnore                   property  b                     false                                    emits-change
.HintName                     property  s                     ""                                       emits-change
.HintPartitionable            property  b                     false                                    emits-change
.HintSymbolicIconName         property  s                     ""                                       emits-change
.HintSystem                   property  b                     true                                     emits-change
.Id                           property  s                     "by-id-dm-name-storage3"                 emits-change
.IdLabel                      property  s                     "storage"                                emits-change
.IdType                       property  s                     "btrfs"                                  emits-change
.IdUUID                       property  s                     "a4a78eb3-a3e4-467f-85b8-cf3bfe8747a4"   emits-change
.IdUsage                      property  s                     "filesystem"                             emits-change
.IdVersion                    property  s                     ""                                       emits-change
.MDRaid                       property  o                     "/"                                      emits-change
.MDRaidMember                 property  o                     "/"                                      emits-change
.PreferredDevice              property  ay                    21 47 100 101 118 47 109 97 112 112 101… emits-change
.ReadOnly                     property  b                     false                                    emits-change
.Size                         property  t                     2000396836864                            emits-change
.Symlinks                     property  aay                   5 33 47 100 101 118 47 100 105 115 107 … emits-change
.UserspaceMountOptions        property  as                    0                                        emits-change

HintSystem is true on this block device, so in theory it should match the first rule in my config. But that does not happen:

$ systemctl --no-block --user start udiskie
$ journalctl -f -n0 --user-unit udiskie | grep dm_2d
Aug 08 16:03:23 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:23,071] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d1
Aug 08 16:03:23 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:23,071] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:23 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:23,072] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d3
Aug 08 16:03:23 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:23,073] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d0
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,575] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,575] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d3
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,575] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d0
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,576] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d1
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,576] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d3
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,576] udiskie.mount: mounting /org/freedesktop/UDisks2/block_devices/dm_2d3 with {'options': None}
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,576] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d0
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,576] udiskie.mount: mounting /org/freedesktop/UDisks2/block_devices/dm_2d0 with {'options': None}
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,577] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d1
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,577] udiskie.mount: mounting /org/freedesktop/UDisks2/block_devices/dm_2d1 with {'options': None}
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,591] udiskie.udisks2: +++ device_changed: /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,591] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,601] udiskie.udisks2: +++ device_changed: /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,601] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,605] udiskie.udisks2: +++ device_changed: /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: DEBUG [2019-08-08 16:03:24,605] udiskie.config: DeviceFilter(match={}, ignore=False) used for /org/freedesktop/UDisks2/block_devices/dm_2d2
Aug 08 16:03:24 stratofortress udiskie[1606]: mounted /org/freedesktop/UDisks2/block_devices/dm_2d1 on /media/storage2
Aug 08 16:03:24 stratofortress udiskie[1606]: INFO [2019-08-08 16:03:24,624] udiskie.mount: mounted /org/freedesktop/UDisks2/block_devices/dm_2d1 on /media/storage2
Aug 08 16:03:24 stratofortress udiskie[1606]: mounted /org/freedesktop/UDisks2/block_devices/dm_2d0 on /media/storage1
Aug 08 16:03:24 stratofortress udiskie[1606]: INFO [2019-08-08 16:03:24,625] udiskie.mount: mounted /org/freedesktop/UDisks2/block_devices/dm_2d0 on /media/storage1
Aug 08 16:03:24 stratofortress udiskie[1606]: mounted /org/freedesktop/UDisks2/block_devices/dm_2d3 on /media/storage
Aug 08 16:03:24 stratofortress udiskie[1606]: INFO [2019-08-08 16:03:24,625] udiskie.mount: mounted /org/freedesktop/UDisks2/block_devices/dm_2d3 on /media/storage

Even more strangely, the array is "only" mounted 3 times out of 4, despite the log says the ignore=False rule matches all 4 block devices.

(full log: http://ix.io/1R1p)

[coldfix]

Hi,

apologies for ignoring this for so long:( I hadn't spent much time on udiskie for some time, but will now try to respond faster.

The issue you are observing is in fact, I believe, intended behaviour: since the HintSystem flag is unreliable in subdevices (e.g. luks plaintext devices) and usually shows true even for plaintext devices that are served from external devices, udiskie has a workaround that resolves is_external through their parent device (i.e. the crypto device) so that it can by default make use of crypto partitions that are provided from external devices.

This will somewhat change in the upcoming release (2.1.0) as a fix for #198, see c40b1eeea0817131ee37e59dc3abce2f6c44eb0e. After considering your issue, I have further simplified udiskie's behaviour (0e0ecb722a5b9a30ac2e4b76a78cf7cf412adc92) to using the HintSystem property directly again, which should prevent further such irritations. The problem with not accidentally hiding subdevices of external devices is now solved by modifying the default filter to match is_external only in combination with is_toplevel. This will also be in place starting with 2.1.0.

If you're still having this issue after upgrading to 2.1.0, please give me a note.

By the way: if you want udiskie to ignore these devices, I recommend filtering by a different more reliable property, e.g. id_uuid or id_type.

Best, Thomas