search

storaged-project / udisks

The UDisks project provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies.
https://storaged.org/doc/udisks2-api/latest/
Other
348 stars 142 forks source link

NTFS issues using 2.9.1 version #818

Open fulalas opened 4 years ago

fulalas commented 4 years ago

I recently updated from udisks2-2.6.5 to udisks2-2.9.1 and now portable NTFS units are not mounted correctly unless I call mount /dev/unitCode /mnt/unitcode. This is the error: new-version

If I revert just /usr/libexec/udisks2/udisksd to 2.6.5 everything works just nice.

Also -- not sure if it's related, since it also happens on 2.6.5 -- if I install gst-plugins-base I fail to mount them even if I call the command above. This is the error: udisks-with-gst-plugins-base

I'm using Porteus x64, which is a branch of Slackware current. Kernel 5.4.57.

tbzatek commented 4 years ago

The GStreamer error is unrelated, calling mount outside of UDisks.

Assuming you're using ntfs-3g. Can you check the system logs for any udisksd messages? You should see something like

Nov 13 17:39:16 localhost.localdomain ntfs-3g[258276]: Version 2017.3.23 integrated FUSE 28
Nov 13 17:39:16 localhost.localdomain ntfs-3g[258276]: Mounted /dev/sdb (Read-Only, label "", NTFS 3.1)
Nov 13 17:39:16 localhost.localdomain ntfs-3g[258276]: Cmdline options: ro,nodev,nosuid,uid=0,gid=0,windows_names,uhelper=udisks2
Nov 13 17:39:16 localhost.localdomain ntfs-3g[258276]: Mount options: ro,nodev,nosuid,uhelper=udisks2,allow_other,nonempty,relatime,default_permissions,fsname=/dev/sdb,blkdev,blksize=4096
Nov 13 17:39:16 localhost.localdomain ntfs-3g[258276]: Global ownership and permissions enforced, configuration type 7

Also, is there a corresponding record in /etc/fstab? Please also provide output of udisksctl dump.

ncmprhnsbl commented 4 years ago

using the same setup as OP : adding: this only occurs with ntfs partitions on thumb drives and not ntfs external hard drive(sata) and then only with normal user, ie. works for root . (and unmounting for normal user works)

guest@porteus:~$ udisksctl mount -b /dev/sdc1
Error mounting /dev/sdc1: GDBus.Error:org.freedesktop.UDisks2.Error.Failed: Error mounting system-managed device /dev/sdc1: Unknown error when mounting /mnt/sdc1
guest@porteus:~$ sudo udisksctl mount -b /dev/sdc1
Mounted /dev/sdc1 at /mnt/sdc1
guest@porteus:~$ udisksctl unmount -b /dev/sdc1
Unmounted /dev/sdc1.

udisksctl dump (part)

/org/freedesktop/UDisks2/Manager:
  org.freedesktop.UDisks2.Manager:
    DefaultEncryptionType:      luks1
    SupportedEncryptionTypes:   luks1
                                luks2
    SupportedFilesystems:       ext2
                                ext3
                                ext4
                                vfat
                                ntfs
                                exfat
                                xfs
                                reiserfs
                                nilfs2
                                btrfs
                                minix
                                udf
                                f2fs
                                swap
    Version:                    2.9.1

.....................

/org/freedesktop/UDisks2/block_devices/sdc:
  org.freedesktop.UDisks2.Block:
    Configuration:              []
    CryptoBackingDevice:        '/'
    Device:                     /dev/sdc
    DeviceNumber:               2080
    Drive:                      '/org/freedesktop/UDisks2/drives/Lexar_USB_Flash_Drive_N7DKC1PXKRW5YW7RK8FC'
    HintAuto:                   true
    HintIconName:               
    HintIgnore:                 false
    HintName:                   
    HintPartitionable:          true
    HintSymbolicIconName:       
    HintSystem:                 false
    Id:                         
    IdLabel:                    
    IdType:                     
    IdUUID:                     
    IdUsage:                    
    IdVersion:                  
    MDRaid:                     '/'
    MDRaidMember:               '/'
    PreferredDevice:            /dev/sdc
    ReadOnly:                   false
    Size:                       16039018496
    Symlinks:                   /dev/disk/by-id/usb-Lexar_USB_Flash_Drive_N7DKC1PXKRW5YW7RK8FC-0:0
                                /dev/disk/by-path/pci-0000:01:00.0-usb-0:8:1.0-scsi-0:0:0:0
    UserspaceMountOptions:      
  org.freedesktop.UDisks2.PartitionTable:
    Partitions:         /org/freedesktop/UDisks2/block_devices/sdc2
                        /org/freedesktop/UDisks2/block_devices/sdc1
    Type:               dos

/org/freedesktop/UDisks2/block_devices/sdc1:
  org.freedesktop.UDisks2.Block:
    Configuration:              [('fstab', {'fsname': <b'/dev/sdc1'>, 'dir': <b'/mnt/sdc1'>, 'type': <b'ntfs-3g'>, 'opts': <b'users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show'>, 'freq': <0>, 'passno': <0>})]
    CryptoBackingDevice:        '/'
    Device:                     /dev/sdc1
    DeviceNumber:               2081
    Drive:                      '/org/freedesktop/UDisks2/drives/Lexar_USB_Flash_Drive_N7DKC1PXKRW5YW7RK8FC'
    HintAuto:                   true
    HintIconName:               
    HintIgnore:                 false
    HintName:                   
    HintPartitionable:          true
    HintSymbolicIconName:       
    HintSystem:                 false
    Id:                         by-uuid-2DD365B554E1E849
    IdLabel:                    
    IdType:                     ntfs
    IdUUID:                     2DD365B554E1E849
    IdUsage:                    filesystem
    IdVersion:                  
    MDRaid:                     '/'
    MDRaidMember:               '/'
    PreferredDevice:            /dev/sdc1
    ReadOnly:                   false
    Size:                       12831424512
    Symlinks:                   /dev/disk/by-id/usb-Lexar_USB_Flash_Drive_N7DKC1PXKRW5YW7RK8FC-0:0-part1
                                /dev/disk/by-partuuid/c3072e18-01
                                /dev/disk/by-path/pci-0000:01:00.0-usb-0:8:1.0-scsi-0:0:0:0-part1
                                /dev/disk/by-uuid/2DD365B554E1E849
    UserspaceMountOptions:      
  org.freedesktop.UDisks2.Filesystem:
    MountPoints:        
    Size:               0
  org.freedesktop.UDisks2.Partition:
    Flags:              128
    IsContained:        false
    IsContainer:        false
    Name:               
    Number:             1
    Offset:             1048576
    Size:               12831424512
    Table:              '/org/freedesktop/UDisks2/block_devices/sdc'
    Type:               0x07
    UUID:               c3072e18-01

/org/freedesktop/UDisks2/block_devices/sdc2:
  org.freedesktop.UDisks2.Block:
    Configuration:              [('fstab', {'fsname': <b'/dev/sdc2'>, 'dir': <b'/mnt/sdc2'>, 'type': <b'ext2'>, 'opts': <b'users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show'>, 'freq': <0>, 'passno': <0>})]
    CryptoBackingDevice:        '/'
    Device:                     /dev/sdc2
    DeviceNumber:               2082
    Drive:                      '/org/freedesktop/UDisks2/drives/Lexar_USB_Flash_Drive_N7DKC1PXKRW5YW7RK8FC'
    HintAuto:                   true
    HintIconName:               
    HintIgnore:                 false
    HintName:                   
    HintPartitionable:          true
    HintSymbolicIconName:       
    HintSystem:                 false
    Id:                         by-uuid-8a178457-3c81-4740-b175-0036bb882115
    IdLabel:                    
    IdType:                     ext2
    IdUUID:                     8a178457-3c81-4740-b175-0036bb882115
    IdUsage:                    filesystem
    IdVersion:                  1.0
    MDRaid:                     '/'
    MDRaidMember:               '/'
    PreferredDevice:            /dev/sdc2
    ReadOnly:                   false
    Size:                       3206545408
    Symlinks:                   /dev/disk/by-id/usb-Lexar_USB_Flash_Drive_N7DKC1PXKRW5YW7RK8FC-0:0-part2
                                /dev/disk/by-partuuid/c3072e18-02
                                /dev/disk/by-path/pci-0000:01:00.0-usb-0:8:1.0-scsi-0:0:0:0-part2
                                /dev/disk/by-uuid/8a178457-3c81-4740-b175-0036bb882115
    UserspaceMountOptions:      
  org.freedesktop.UDisks2.Filesystem:
    MountPoints:        /mnt/sdc2
    Size:               3206545408
  org.freedesktop.UDisks2.Partition:
    Flags:              0
    IsContained:        false
    IsContainer:        false
    Name:               
    Number:             2
    Offset:             12832473088
    Size:               3206545408
    Table:              '/org/freedesktop/UDisks2/block_devices/sdc'
    Type:               0x83
    UUID:               c3072e18-02

messages: (note: at time: 10.56 is when mounted via root) 

Nov 14 10:43:17 porteus dbus-daemon[719]: [system] Activating service name='org.freedesktop.UDisks2' requested by ':1.28' (uid=1000 pid=1924 comm="/usr/bin/udisksctl mount -b /dev/sda5 -o noexec,no") (using servicehelper)
Nov 14 10:43:18 porteus dbus-daemon[719]: [system] Successfully activated service 'org.freedesktop.UDisks2'
Nov 14 10:43:18 porteus kernel: [  534.108635] EXT4-fs (sda5): mounted filesystem with ordered data mode. Opts: (null)
Nov 14 10:44:49 porteus kernel: [  625.189987] usb 1-8: new high-speed USB device number 5 using xhci_hcd
Nov 14 10:44:49 porteus kernel: [  625.234182] usb 1-8: New USB device found, idVendor=05dc, idProduct=a764, bcdDevice=11.00
Nov 14 10:44:49 porteus kernel: [  625.234186] usb 1-8: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Nov 14 10:44:49 porteus kernel: [  625.234188] usb 1-8: Product: USB Flash Drive
Nov 14 10:44:49 porteus kernel: [  625.234190] usb 1-8: Manufacturer: Lexar
Nov 14 10:44:49 porteus kernel: [  625.234192] usb 1-8: SerialNumber: N7DKC1PXKRW5YW7RK8FC
Nov 14 10:44:49 porteus kernel: [  625.246242] usb-storage 1-8:1.0: USB Mass Storage device detected
Nov 14 10:44:49 porteus kernel: [  625.246440] scsi host11: usb-storage 1-8:1.0
Nov 14 10:44:49 porteus mtp-probe: checking bus 1, device 5: "/sys/devices/pci0000:00/0000:00:01.3/0000:01:00.0/usb1/1-8" 
Nov 14 10:44:49 porteus mtp-probe: bus: 1, device: 5 was not an MTP device 
Nov 14 10:44:53 porteus kernel: [  629.703678] scsi 11:0:0:0: Direct-Access     Lexar    USB Flash Drive  1100 PQ: 0 ANSI: 0 CCS
Nov 14 10:44:53 porteus kernel: [  629.705001] sd 11:0:0:0: [sdc] 31326208 512-byte logical blocks: (16.0 GB/14.9 GiB)
Nov 14 10:44:53 porteus kernel: [  629.705523] sd 11:0:0:0: [sdc] Write Protect is off
Nov 14 10:44:53 porteus kernel: [  629.709256]  sdc: sdc1 sdc2
Nov 14 10:44:53 porteus kernel: [  629.710141] sd 11:0:0:0: [sdc] Attached SCSI removable disk
Nov 14 10:44:54 porteus kernel: [  629.963794] EXT4-fs (sdc2): mounting ext2 file system using the ext4 subsystem
Nov 14 10:44:54 porteus kernel: [  629.974325] EXT4-fs (sdc2): mounted filesystem without journal. Opts: (null)
Nov 14 10:56:13 porteus ntfs-3g[2628]: Version 2017.3.23 integrated FUSE 27 
Nov 14 10:56:13 porteus ntfs-3g[2628]: Mounted /dev/sdc1 (Read-Write, label "", NTFS 3.1) 
Nov 14 10:56:13 porteus ntfs-3g[2628]: Cmdline options: rw,noatime,nodiratime,users,exec,suid,dev 
Nov 14 10:56:13 porteus ntfs-3g[2628]: Mount options: rw,nodiratime,users,exec,suid,dev,allow_other,nonempty,noatime,fsname=/dev/sdc1,blkdev,blksize=4096 
Nov 14 10:56:13 porteus ntfs-3g[2628]: Ownership and permissions disabled, configuration type 1 
Nov 14 10:56:31 porteus ntfs-3g[2628]: Unmounting /dev/sdc1 ()

external HD for comparison:

Nov 14 11:13:39 porteus kernel: [ 2355.588272] usb 1-8: new high-speed USB device number 6 using xhci_hcd
Nov 14 11:13:39 porteus kernel: [ 2355.630520] usb 1-8: New USB device found, idVendor=0480, idProduct=a00c, bcdDevice= 1.07
Nov 14 11:13:39 porteus kernel: [ 2355.630524] usb 1-8: New USB device strings: Mfr=1, Product=2, SerialNumber=3
Nov 14 11:13:39 porteus kernel: [ 2355.630527] usb 1-8: Product: External USB 3.0
Nov 14 11:13:39 porteus kernel: [ 2355.630529] usb 1-8: Manufacturer: TOSHIBA
Nov 14 11:13:39 porteus kernel: [ 2355.630531] usb 1-8: SerialNumber: 20160118020978
Nov 14 11:13:39 porteus kernel: [ 2355.641586] usb-storage 1-8:1.0: USB Mass Storage device detected
Nov 14 11:13:39 porteus kernel: [ 2355.641926] scsi host11: usb-storage 1-8:1.0
Nov 14 11:13:39 porteus mtp-probe: checking bus 1, device 6: "/sys/devices/pci0000:00/0000:00:01.3/0000:01:00.0/usb1/1-8" 
Nov 14 11:13:39 porteus mtp-probe: bus: 1, device: 6 was not an MTP device 
Nov 14 11:13:42 porteus kernel: [ 2358.629926] scsi 11:0:0:0: Direct-Access     TOSHIBA  External USB 3.0 5438 PQ: 0 ANSI: 6
Nov 14 11:13:42 porteus kernel: [ 2358.631848] sd 11:0:0:0: [sdc] 1953525164 512-byte logical blocks: (1.00 TB/932 GiB)
Nov 14 11:13:42 porteus kernel: [ 2358.632258] sd 11:0:0:0: [sdc] Write Protect is off
Nov 14 11:13:42 porteus kernel: [ 2358.632645] sd 11:0:0:0: [sdc] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
Nov 14 11:13:42 porteus kernel: [ 2358.639977]  sdc: sdc1
Nov 14 11:13:42 porteus kernel: [ 2358.642517] sd 11:0:0:0: [sdc] Attached SCSI disk
Nov 14 11:13:44 porteus ntfs-3g[3665]: Version 2017.3.23 integrated FUSE 27 
Nov 14 11:13:44 porteus ntfs-3g[3665]: Mounted /dev/sdc1 (Read-Write, label "TOSHIBA EXT", NTFS 3.1) 
Nov 14 11:13:44 porteus ntfs-3g[3665]: Cmdline options: rw,noatime,nodiratime,users,exec,suid,dev 
Nov 14 11:13:44 porteus ntfs-3g[3665]: Mount options: rw,nodiratime,users,exec,suid,dev,allow_other,nonempty,noatime,fsname=/dev/sdc1,blkdev,blksize=4096 
Nov 14 11:13:44 porteus ntfs-3g[3665]: Ownership and permissions disabled, configuration type 1

and fstab entries for device:

/dev/sdc1 /mnt/sdc1 ntfs-3g users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0
/dev/sdc2 /mnt/sdc2 ext2 users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0
tbzatek commented 3 years ago

Thanks, I was able to reproduce this locally. Let me check where the problem is.

tbzatek commented 3 years ago

@ncmprhnsbl, the problem is the users mount option you have in /etc/fstab. UDisks behaves exactly the same like when you'd call mount /mnt/sdc1 as a user:

$ mount /mnt/sdc1
Error opening '/dev/loop6': Permission denied
Failed to mount '/dev/loop6': Permission denied
Please check '/dev/loop6' and the ntfs-3g binary permissions,
and the mounting user ID. More explanation is provided at
http://tuxera.com/community/ntfs-3g-faq/#unprivileged
$ udisksctl mount -b /dev/loop6
Error mounting /dev/loop6: GDBus.Error:org.freedesktop.UDisks2.Error.Failed: Error mounting system-managed device /dev/loop6: Unknown error when mounting /mnt/sdc1

Messages from udisksd:

Error opening '/dev/loop6': Permission denied
Failed to mount '/dev/loop6': Permission denied
Please check '/dev/loop6' and the ntfs-3g binary permissions,
and the mounting user ID. More explanation is provided at
http://tuxera.com/community/ntfs-3g-faq/#unprivileged

See mount(8) manpage for explanation of the user and users mount options.

We should however improve the error message and propagate the actual error string.

tbzatek commented 3 years ago

@fulalas, please check if that's your case as well.

fulalas commented 3 years ago

@tbzatek, thanks for your feedback! :)

1- According to mount man page: Users -- Allow every user to mount and unmount the filesystem. This option implies the options noexec, nosuid, and nodev (unless overridden by subsequent options, as in the option line users,exec,dev,suid). I believe that's why Porteus is using 'users' by default.

2- The command I use to mount that works even on most recent udisks is: mount /dev/sdc1 /mnt/sdc1. There's no warning, no error, nothing; it simply works. If I call just mount /dev/sdc1 I get this output although the unit mounts nice: ntfs-3g-mount: unsafe option 'dev' ignored ntfs-3g-mount: unsafe option 'suid' ignored

3- Why you think udisks 2.6.5 was not behaving like this?

tbzatek commented 3 years ago

1- According to mount man page: Users -- Allow every user to mount and unmount the filesystem. This option implies the options noexec, nosuid, and nodev (unless overridden by subsequent options, as in the option line users,exec,dev,suid). I believe that's why Porteus is using 'users' by default.

Yes, however it's up to the mount helper (mount.ntfs-3g) whether it can access the backing block device.

2- The command I use to mount that works even on most recent udisks is: mount /dev/sdc1 /mnt/sdc1. There's no warning, no error, nothing; it simply works. If I call just mount /dev/sdc1 I get this output although the unit mounts nice: ntfs-3g-mount: unsafe option 'dev' ignored ntfs-3g-mount: unsafe option 'suid' ignored

Do you call mount /dev/sdc1 /mnt/sdc1 as an user and does that actually work for you? UDisks is not involved in that case. Then there must be something set suid or you do have access to the /dev/sdc1 device as an user (seating/cgroups/logind/ConsoleKit perhaps?). Can you provide stat /dev/sdc1 please? What's your fstab record exactly?

3- Why you think udisks 2.6.5 was not behaving like this?

This has been changed in udisks-2.9.0: commit 696fa7ac39b6d10d2e6257bf8f88136a7809ec4f Previously only the user mount option was honoured and for users the mount was done as root and requiring PolicyKit auth. That's why you started seeing the error only now, however it is the correct behaviour.

tbzatek commented 3 years ago

The Unknown error message is being discussed at https://github.com/karelzak/util-linux/issues/1208

ncmprhnsbl commented 3 years ago

apart from the extra output, this works:

$ mount /mnt/sdc1
ntfs-3g-mount: unsafe option 'dev' ignored
ntfs-3g-mount: unsafe option 'suid' ignored

something i'm not getting is why there is different behaviour for usb thumb/flash drive(ntfs) and usb HD(ntfs), which work no problem... also, shouldn't our polkit rule handle it anyway?

polkit.addAdminRule(function(action, subject) {
    return ["unix-group:wheel"];
});

// Allow users in group 'plugdev' to perform any operation on
// without having to authenticate.
//
polkit.addRule(function(action, subject) {
    if (action.id.indexOf("org.freedesktop.udisks2.") == 0 && subject.isInGroup("plugdev")) {
            return polkit.Result.YES;
    }
});

also, this standard slackware one:

/* http://udisks.freedesktop.org/docs/latest/udisks-polkit-actions.html */

polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.udisks2.filesystem-mount" &&
        subject.isInGroup("plugdev")) {
        return polkit.Result.YES;
    }
});

polkit.addRule(function(action, subject) {
    if (action.id == "org.freedesktop.udisks2.eject-media" &&
        subject.isInGroup("plugdev")) {
        return polkit.Result.YES;
    }
});
fulalas commented 3 years ago

Running stat /dev/sdc1 as guest user (non-root): File: /dev/sdc1 Size: 0 Blocks: 0 IO Block: 4096 block special file Device: 6h/6d Inode: 504 Links: 1 Device type: 8,21 Access: (0660/brw-rw----) Uid: ( 0/ root) Gid: ( 83/ plugdev) Access: 2020-12-04 10:36:40.799002333 +1300 Modify: 2020-12-04 10:36:40.799002333 +1300 Change: 2020-12-04 10:36:40.799002333 +1300 Birth: -

Yes, we can run mount as guest user and everything works just nice.

My fstab: /dev/sda5 /mnt/sda5 ntfs-3g users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0 /dev/sdb1 /mnt/sdb1 ntfs-3g users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0 /dev/sda1 /mnt/sda1 ntfs-3g users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0 /dev/sdb2 /mnt/sdb2 ntfs-3g users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0 /dev/sdc1 /mnt/sdc1 ntfs-3g users,noatime,nodiratime,suid,dev,exec,async,comment=x-gvfs-show 0 0

tbzatek commented 3 years ago

Polkit rules are ruled out in this case as udisksd drops its privileges, switches to UID of the caller and spawns the mount as an ordinary user. Polkit rules come in effect only when the mount operation is done on behalf of the daemon with daemon privileges.

And the GID that is looked up for the caller is the primary GID associated with the user. This might be a problem down the actual libmount mount context code.