Page MenuHomeSolus
Create Task
Maniphest T7439

GNOME Disks doesn't request sudo privilege when formatting drives (/dev/sdX)
Closed, WontfixPublic
Actions

Description

When formatting a HDD (/dev/sdX) with GNOME Disks, typically it will ask for sudo privileges before beginning the format. This is what happens on Fedora, at least (tested Fedora 28 with GNOME 3.28.2, same as Solus, and Fedora 29 with GNOME 3.30.2). On Solus, sudo privileges are never requested and the drive is formatted as if sudo privileges have been granted. This could potentially result in someone, be it the owner or third party, wiping the main OS drive for example.

This reddit thread has a bit more info regarding some of the testing I've done (with an included video from a fresh install), but it's essentially summed up in the initial paragraph.
https://www.reddit.com/r/SolusProject/comments/aasd4c/gnome_disks_doesnt_ask_for_password_for_harddrive/
https://youtu.be/OCoBhf1ZB2w (video shows that sudo privileges are not requested even on fresh install).

Event Timeline

z8fv created this task.Jan 3 2019, 5:01 AM
Herald added a project: Lacks Project. · View Herald TranscriptJan 3 2019, 5:01 AM
yursan9 added a subscriber: yursan9.Jan 3 2019, 7:31 AM

I think this is a suggestion for upstream.

z8fv added a comment.EditedJan 3 2019, 7:41 AM

I'm definitely no expert on these things, but as I stated it behaves exactly as expected on Fedora, and as far as I'm aware, Fedora is about as vanilla GNOME as it gets. So this leads me to believe this is a Solus issue. It's also throwing me about that Girtablulu in the reddit thread was saying that he was getting the sudo privilege request in his testings, on what I can only assume to be Solus.

Anyway, If I'm way off here, let me know definitively and I'll happily suggest it to the gnome disks gitlab.

Jacalz added a subscriber: Jacalz.Jan 3 2019, 8:14 AM

I am not getting any requests for typing my password when using disks and I am quite happy with not having to both with it. I don’t really see it needed when my login password for my account is the same as my sudo account...

yursan9 added a comment.Jan 3 2019, 9:13 AM

Oh, wait. I don't read the fedora bits. I think we can add custom rule in polkit, to make sure only administrator or user in certain group can format or do something equally destructive like editing mountpoint in fstab.

Girtablulu edited projects, added Software; removed Lacks Project.Jan 7 2019, 9:24 PM
DataDrake triaged this task as Needs More Info priority.Jan 20 2019, 1:27 PM
DataDrake added a subscriber: DataDrake.

I need to know which editions each of you is testing on please.

yursan9 added a comment.Jan 21 2019, 1:38 AM

I test it on Solus Budgie and Gnome

JoshStrobl closed this task as Wontfix.Oct 15 2019, 1:27 AM
JoshStrobl added a subscriber: JoshStrobl.

The reason it works this way is because we use a fork of polkit without JavaScript that has additional functionality developed by Ikey for InUnixGroups= and InUserNames=, to enable rules to apply for users in specific groups. This applies, for example, in our udisks polkit keyrules file to allow users in wheel permission to perform various udisks2 operations (handy in a live environment, for example). udisks2 is leveraged by GNOME Disks.

So, this is working as intended. You're still having to authenticate as a user on log in so I do not see how this is problematic. It's simply different than what some other operating systems do, which isn't necessarily bad or undesired.

Copyright © 2015-2021 Solus Project. The Solus logo is Copyright © 2016-2021 Solus Project. All Rights Reserved.