From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-195012-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by finch.gentoo.org (Postfix) with ESMTPS id C65001382C5
	for <garchives@archives.gentoo.org>; Fri, 29 Jan 2021 16:48:04 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 8CF71E0C68;
	Fri, 29 Jan 2021 16:47:59 +0000 (UTC)
Received: from mail-il1-x12f.google.com (mail-il1-x12f.google.com [IPv6:2607:f8b0:4864:20::12f])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id 04372E0BE8
	for <gentoo-user@lists.gentoo.org>; Fri, 29 Jan 2021 16:47:58 +0000 (UTC)
Received: by mail-il1-x12f.google.com with SMTP id q9so9103765ilo.1
        for <gentoo-user@lists.gentoo.org>; Fri, 29 Jan 2021 08:47:58 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=message-id:subject:from:to:date:in-reply-to:references:user-agent
         :mime-version:content-transfer-encoding;
        bh=4WtIlrqXOSjgay5VeIlVSLo1Sx2FXag1pvQCHBT9c6Q=;
        b=mSHFBvV5n4Zgnlf2fIpAHEQxfJY36X1XADANDtiNSXbdOAb4JmwIhhRkG6jHBsBiwu
         zNkV0hcMcxdxoVf60kVOM/vYKSmNfJCIovMDnvc4SXj/lc4rnBenmVedJUoQ0lmsOBZT
         3vBnVl/2InwWISjLA8oPZateWstUD+opBquWVIPRKsKY7suS318mNvUy38AMKUqGea9b
         ImfkTFssAdNyn047CePoVaI20CozEAg2iVEPhViqdySfhjZSqFCGnP9ENppO9wjn590B
         Jk1Qa/ba5pW6v3QtHftOE2PBaoKOelrVWK3/zVLdFZ9768Sn3uC2mTFR9+QTHjWii1KD
         fpZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:message-id:subject:from:to:date:in-reply-to
         :references:user-agent:mime-version:content-transfer-encoding;
        bh=4WtIlrqXOSjgay5VeIlVSLo1Sx2FXag1pvQCHBT9c6Q=;
        b=HBaHWDiS0V18pwLrfNO/BK7SO33vvZLHyEouGVzWWRSg5HP3dJU55AgGNjHjHLDTio
         j9RtxyS2TVCzkZ2flZ+4mgH/iZ7fmQCQ90WM+XhzJFIBxLgH2oTNW6fwhjc1W0oOotjM
         aC6KtZtBOvixXywdRZoO4mByRbclKUxAE1S1TYUxW9629N7mad7vJ5ckjQDx9b1fGuLB
         ZrPZR+pzPkquB2UGjAwW/OXYh7Hx/cKv9V2AC7WDYadLRe5ZhgaSauQx7UO9ewDOGu1J
         CYNIvWk8KfdQwITnJiDM+61IhjFUmR+m6k37XFfPRzUG+XRnFi0PKw63vde6zGCI9+Id
         n1/g==
X-Gm-Message-State: AOAM530uZTJOT/HpADVKjfsyMdjBByIJdEv0ly0w1cGxxdFCj5dacXx7
	I04od1yiKmT0gCrzMtQ5qouDZvCL1LM=
X-Google-Smtp-Source: ABdhPJyuSqanXYPv8qcbi1S3WPEn3d+IwZFs0hJLUvH5NIFAbSxloBwjNUm2Y3d+X+fNXUvOevHtkg==
X-Received: by 2002:a05:6e02:c2d:: with SMTP id q13mr3692205ilg.83.1611938877964;
        Fri, 29 Jan 2021 08:47:57 -0800 (PST)
Received: from [10.99.0.201] (cpe-174-97-136-98.wi.res.rr.com. [174.97.136.98])
        by smtp.gmail.com with ESMTPSA id g13sm4694067iln.12.2021.01.29.08.47.57
        for <gentoo-user@lists.gentoo.org>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 29 Jan 2021 08:47:57 -0800 (PST)
Message-ID: <d9d61dff848f2c7f34c800361cddbd77c3e89aee.camel@gmail.com>
Subject: Re: [gentoo-user] mounting USB without root password
From: "Matt Connell (Gmail)" <matthewdconnell@gmail.com>
To: gentoo-user@lists.gentoo.org
Date: Fri, 29 Jan 2021 10:47:51 -0600
In-Reply-To: <449c8861-f165-10b0-40ed-f389dbc9a0f3@sys-concept.com>
References: <b93f66fe-49e3-af54-d00b-93bc5a80e049@sys-concept.com>
	 <6b51aa05-9c4a-27d7-2e40-ac0d17938e0b@88.com>
	 <449c8861-f165-10b0-40ed-f389dbc9a0f3@sys-concept.com>
Content-Type: text/plain; charset="UTF-8"
User-Agent: Evolution 3.36.5 
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 8df74feb-0b1c-490a-b825-ba7026251410
X-Archives-Hash: bc01e0814003bbfc6134412be90b1069

On Fri, 2021-01-29 at 09:34 -0700, thelma@sys-concept.com wrote:
> I uncommented in:  sudoers (it works)
> %wheel ALL=(ALL) ALL
>  %wheel ALL=(ALL) NOPASSWD: ALL

This feels like fixing a loose screw with a sledgehammer.

This change allows any wheel group users to execute any command (via
sudo) without authenticating.  That is to say, the change is far more
broad than the originally stated issue you're trying to fix.  Do you
implicitly trust all wheel group users that much?

sysfs/udisks, as stated previously, is probably the correct tool for
the job.