From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 5A0E21382C5 for ; Wed, 10 Jun 2020 21:02:58 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 84157E0980; Wed, 10 Jun 2020 21:02:52 +0000 (UTC) Received: from mail-oi1-x22a.google.com (mail-oi1-x22a.google.com [IPv6:2607:f8b0:4864:20::22a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 38B3CE0953 for ; Wed, 10 Jun 2020 21:02:52 +0000 (UTC) Received: by mail-oi1-x22a.google.com with SMTP id 25so3375286oiy.13 for ; Wed, 10 Jun 2020 14:02:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to; bh=hSh77a1XLpD/hKC3uvhCZlwmLEKZ6Qgb1o98sJQDKPI=; b=ur30HXE+o9w6x0qABJGo2JthQU4EmvDfRL1X9ywY+/KuKTSFsR+uwnn8F4EadSgwf1 JUlgwD3rgpbIkn+Hmdk0HtZn39XhnEyiIPc4GdOLiyuIKyyL976w69Y/n0dMQ0IW1/iR 2XPW8ueAmdiInKR16PpiT74bPQruiK5+mXs/Cm58Z4NcnCyuE8+V+PoRbFNt/L/YfCAt OKVuuw97uoepmW2UQHN5ogXYu0VkMV6Luqkub9rmtl6YsQbNUYkOLsdCAc6zDiWrClqi LH6oyGIQECp1vvb4cz1aUXS0BX5uxO6oU7A79Ke4HNJ1EoQbc1OdoWbV32CeX+g390HX N1sg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to; bh=hSh77a1XLpD/hKC3uvhCZlwmLEKZ6Qgb1o98sJQDKPI=; b=LUx9KRtdKJS6yRwfQlICvOd/c2BL+ggWD5OPZI2ylrN3Yco8+c5HGuSWCL8ikmMLs1 JU6NgKMN720Ix6MG1oB3ZrU7aNi36/zCsxEl1LgWeT5V6Q1tCX2AvOugkbY29tbhZTRT KQQoHNGeVFqTGay1yKJlJU9SlouLAm538/q9WCX9csyxZUElf4jOFzff4ZJgFasQ8YMM ZAd2RRoZSaMYy5LK8cQUaNMuGN6LrYENgxld9XwSsiCZi3MEq0mwd5ofvhSDHCnevtrI pFPbyt3lviZJ0nAsPxNkSorp5llB2dRcJ0xmEhWSHFXsMHTGn+r1rZdlUKyF2YrVj9iL FN8Q== X-Gm-Message-State: AOAM532vCsUIWC5s/hkaPD5FpGVBavg1BYhQKypS53lGmzYbJNMKXW0c iLYz9YnFzJNVe2aLcASNsdQ= X-Google-Smtp-Source: ABdhPJwn7U4Um+DVPFPS85tcrQtCOKhtf52pQZIY9kq7zknatX+30sv+PSe1tmBDtXjtnw56RvGM3w== X-Received: by 2002:aca:ecc7:: with SMTP id k190mr3891855oih.117.1591822971287; Wed, 10 Jun 2020 14:02:51 -0700 (PDT) Received: from [192.168.0.100] (adsl-074-188-241-018.sip.asm.bellsouth.net. [74.188.241.18]) by smtp.gmail.com with ESMTPSA id b32sm242860otc.71.2020.06.10.14.02.50 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Wed, 10 Jun 2020 14:02:50 -0700 (PDT) Subject: Re: [gentoo-user] Encrypting a hard drive's data. Best method. To: gentoo-user@lists.gentoo.org References: <3082a322-c6f8-31e7-fbc4-823963307b87@gmail.com> <3056283.aeNJFYEL58@lenovo.localdomain> From: Dale Openpgp: preference=signencrypt Autocrypt: addr=rdalek1967@gmail.com; prefer-encrypt=mutual; keydata= mQINBFxc7MgBEAC+zrgEdqJJiDe/UDAB+ScmferXWfJTVjbVT2T4DQ7jiLrgP9aNUo1HioNF mrU3JPOCR32gvZyTbY1+niO5+VSo/+pSqQ785h6ZDj1klMkrg6tEzGnf2MNBpBj4houZwxQ+ WDKKTg2M9F+lv8wTIdR/JQn+hSviktLMtrghQlyLhpapsLXWLA6gMFebpQYwxUwemvan8ddX lQvJe9FGyFYvBi0dp1gl10F2O+DVZJxvX8xkX+yImVlhVJiC31gXHRcj+Qlo7gprlU7TIieF Uow6/ZvYKJ26pztVdFCg5w0rMJkF/x8Zd4A6wnuptiAPmWaQ1+YKgYDonbDUgwqFSx5/lN5z DGZ4LlioxeUTTPVvZsqBIeDz6jNFA583OYbo1/S26dqrvTFf2DKlsvoDpVfAhNlwJPjoixs0 X3FNqPv+M10n4kq5Iz7Q9E3O4s/nfFIYGocEslVka7zZPkXSaHbsn+KJlY8XV6qxtCEdh0/V XX1+1aU2J74M0JikWhpwxTZ1dP5aOyWSPPEgFFIRW6xwwC02SoRH9a7mggfGYp/YjPlONNaT SCL8sgRfvmq3D0XTbLyTjSbExxkfKDmbePQagawDE3TlI/oivHf1JaAcbwMb3LZuU4TGcOIl 5D+x7q0MUIeCop0ZFOwAnqW3AVVNvsBkv2KN+IHJryWAf0/iMQARAQABtBtEYWxlIDxyZGFs ZWsxOTY3QGdtYWlsLmNvbT6JAk4EEwEIADgWIQTZ7suruPBaS60bCYXvEM/XWu+ZnAUCXFzs yAIbIwULCQgHAgYVCgkICwIEFgIDAQIeAQIXgAAKCRDvEM/XWu+ZnN+7D/4/1dNG4aCz0+v+ 0dcjV5tY1feYEWCdHKyDzxWBxlCpd/0NPRQeNY4VMjbCl/sq7GkXi/c2SbfWDQ5BQRkkExG1 pSwuXSIehGok/4fpTi3HDAguRvzdCqlKPt7me05FyiC/WnpY5GOlJ3ruGw2qABv/RmV2q5b/ tkq7h1y1f16DTNr3/nsj8HzHcrHdXdL4kaYChSOe/dbQR9Stqak7eMyR+iwvrJMNF/CGl70P 2x5ybsXMDzRVOqNcpa5ZdhEMTVh6+vC1SOmm1BFMF8XCqBEvBbcHWDQmGYTdNCsS/ADm8CBl gvjJgLdIsAzoMu4WHQDFnzXAoArqFWgAf53isOS4AWrv29tF9b8Aa1vb7h5JEa+ArcMsA6Gl X38+GY6WXXaxKI9n3PTCWu9tPGnRh7mABjnwEosDDqmzw8aTAYECb3avDuGY2rmcjgh4H6RE w08d63j1T4d5J9wlm4TGtW/VHgbUFkATEdH3Acl/EjFiyqTiX7p8kU6Reu5enIkogA93xoQh Rmy7ZiST/5LN+ZkaOdyjIw0L+5KalslN9SKt809YxgJ6kPo657LNTFPiFvFA46/SEWcBYrzq Xk0wEW0gBRWf+BqN0qRhU0/EQ+QfRdLLFg2xtUePwlheYLXxfyDLrdCCOLWYpkzbjCZHLS4u 69smbvR9S9KBDNzJybxEWrkCDQRcXOzIARAA5IGRWTqaM44IJgBYghZg2fGj0Am7KWPhE7V7 T/EEe7vVSUEFqHtlHzI4ZK6Q0AZ9uAEjE8IJIQ7KoTjzNqAtabP0vp3s0szgtJlsZ+8vGKlQ my7fvzSrdoQL0Xn7CEwJYFXJ1EMUcYIQeoHG1cUAaXx73k9BFbjwjnUeMrqlV/ZovQlg7duW nESfQ7HZu5NrtYyY3jPMUouxiO9WQPh+IHxZbt1absF2VcvRAymD32RxGvMPbw6ChMRD/p9O 4PH7M5rXaxr78NXQX9E48vrI00f1cYb9NSN1HnSV8cW3jKObVjdBk6jPQwrMvdpgdQhUB9aZ HS/9mC9mmAgiXKyCpzXe7FPB6QznSfn4GIaC/luy1e6SLUkJhRK/niB+gq+Mfxg2zXNuDUTI cMGmpDCp3kgUoorkaltk8RW09io95BkXrGhcDNuSGZfAParBc7RXyYpbIcax8St7tEAd2oFh 4seYOPUlzuhGrPpqR/91wrFc4E1260GKauSr4UhMJv6tygBwyC0mmBMKi+ZXw6ZdZxA5fg7y 35P3TILjznCXXTDgRHq9A3NknKRMcgFacX6eIhANkMFo6oJVjuEgy1dvu1wFfDq7c+i8GAHu L4pYzyXYu6PporlNNU0xSwdVgzM/uuK0lt+UxCimgC+YR3IezgDcbfudb7h9dGIwL+bbPL0A EQEAAYkCNgQYAQgAIBYhBNnuy6u48FpLrRsJhe8Qz9da75mcBQJcXOzIAhsMAAoJEO8Qz9da 75mcXZ4P/1YXgWDZek7mhzrf6uaQzMxa92P89HeWz4PlgB/32symeEFAV04WazzBZffI8AYY rGA1Xmu/2VaB9+FOODyKhUWBc2UL0NRWBk6POwboyTdKlclmpixaN9zLcBt0YLejoRfN1B/5 aQf9/lUDZMnAiCyz0FgeqEMUshldmwWC35RqnjrCbbuk2vIqSH6BLDIXU6jQrLHE1DF0ai41 wLtQFAFXPhn45n0ZwYhVs4Z32z4sjXrIvgBgCaXa4HM+L1Klne0KiNM8ReFTTpTE0SgyDOSZ O3MOa2n77i6JbVtsbiFYnNeP3J9S/l3jevGpZEtNQOKrIm1MW8jGuHWtsDeMkT/mCcSodlkt PxIo+mMK9GpGvG2hW80LiohqNfUbNwAmr3blOYY4URPXPRnEnPs4pmTmL5owjw2dkg145i9I D42Tq+XZ6YtWt3SGzGbAYow6XwTwZ5NFAzV9UQuCGrDw4KWan6O6Z+VIYWsn0UMZlu1Obxna aocofkaUCbISK26kImuD1aA8juSHC18Qv1xUage6/UakbSxyDtACqt6hOVFKX3IA59ApdNRT +2x3iCmlvF9MJsGgFq6IpqL+Fk7iWV8Kjbz0wQOId6N9+JdQh3LrLaS7a1PowUm1z9DK5/O0 Yg+gpDnEOOFI7WM5u7a7FSM2Z/LXGVwel/0eWvLk9tN6 Message-ID: Date: Wed, 10 Jun 2020 16:02:49 -0500 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0 SeaMonkey/2.53.2 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply MIME-Version: 1.0 In-Reply-To: <3056283.aeNJFYEL58@lenovo.localdomain> Content-Type: multipart/alternative; boundary="------------694CF3EDCDEB2D50FEFD4C84" X-Archives-Salt: d5f4e120-9305-4e02-9ca0-609f96017eab X-Archives-Hash: 038a504cfb8dccbe7be4154ec018b6e1 This is a multi-part message in MIME format. --------------694CF3EDCDEB2D50FEFD4C84 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Michael wrote: > On Wednesday, 10 June 2020 07:59:19 BST Dale wrote: >> Howdy, >> >> Same topic just new question. I use KDE and am wanting to have it so >> the Device Notifier will allow me to mount the drive when I turn it on. > I probably missed in earlier threads, but is this is an externally powered USB > device? > Not USB but eSATA.  >> So far, I got it set up and when I turn the drive on and click for it to >> mount it, it asks me for a password. > Where do you "click for it"? The Device Notifier in the KDE panel thingy.  I use it to access my cameras, SD cards put in my card reader and even my cell phone.  > > >> I type in the password but it mounts it to the wrong place. > Please define "wrong place". > It mounts under /run.  I want it mounted under /home.  >> If I do it on the command line, it works as expected. > What is expected? > I was expecting it to mount from the Device Notifier just like it does from the command line. >> I have it set up in dmcrypt and fstab. So, command line >> works, KDE's Device Notifier doesn't. > For the avoidance of doubt: > > "command line" = /bin/mount > > "KDE's Device Notifier" = /usr/bin/udisksctl > > There is a difference between the two: > > $ ls -la /bin/mount > -rws--x--x 1 root root 56360 May 11 00:25 /bin/mount > > $ ls -la /usr/bin/udisksctl > -rwxr-xr-x 1 root root 60496 Nov 23 2019 /usr/bin/udisksctl > > > You run mount as root with temporarily elevated privileges and operate on > devices directly via the kernel, but can only mount such block devices if they > have a corresponding /etc/fstab entry - unless you are root. > > You run udisksctl as plain user - it is a userspace command which operates on > the udisks daemon to manipulate mountable devices via D-Bus. The default > mountpoint by udisksctl is under /run/media//LABEL > True but since I'm wanting to mount it under the same /home directory as the user doing the mounting, it shouldn't require any additional privileges.  >> It tells me I don't have >> permission to access but it also mounts it in the wrong place. I >> suspect it mounting it in the wrong place leads to the permissions >> error. It mounts under /run. I want it mounted under /home. > You may be able to achieve this via udev rules for the specific UUID of the > disk, or perhaps via a symlink from /home to the /run mountpoint. I haven't > tested this, but you could give it a spin and see what you get. > > PS. You can ignore my earlier questions, no need to answer them. The > structure of your message was perhaps back to front to assist my > understanding. :-) No problem.  Sometimes when anyone is writing, it's assumed that everyone else knows the steps that are taken.  Usually that is not the case.  It's why we always ask for error messages, commands used etc etc etc.  ;-) Based on everything I've found with google, I think the Device Notifier is badly limited.  It can get to a certain point but it can't go any further.  It seems we need a better tool or the current tool needs a little extra programming.  I was wanting to avoid the command line part in case something happened to me and someone needed to access a encrypted device.  Victor seems to confirm that with his reply.  Thanks. Dale :-)  :-) --------------694CF3EDCDEB2D50FEFD4C84 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: 8bit
Michael wrote:
On Wednesday, 10 June 2020 07:59:19 BST Dale wrote:

Howdy,

Same topic just new question.  I use KDE and am wanting to have it so
the Device Notifier will allow me to mount the drive when I turn it on. 

I probably missed in earlier threads, but is this is an externally powered USB 
device?

Not USB but eSATA.  


      

        
So far, I got it set up and when I turn the drive on and click for it to
mount it, it asks me for a password.


      

      
Where do you "click for it"?

    

    

    The Device Notifier in the KDE panel thingy.  I use it to access my
    cameras, SD cards put in my card reader and even my cell phone.  

    

    

    

      




      

        
I type in the password but it mounts it to the wrong place.  


      

      
Please define "wrong place".



    

    

    It mounts under /run.  I want it mounted under /home.  

    

    

    

      

      

        
If I do it on the command line, it works  as expected.  


      

      
What is expected?



    

    

    I was expecting it to mount from the Device Notifier just like it
    does from the command line. 

    

    

      

      

        
I have it set up in dmcrypt and fstab.  So, command line
works, KDE's Device Notifier doesn't.


      

      
For the avoidance of doubt:

"command line" = /bin/mount

"KDE's Device Notifier" = /usr/bin/udisksctl

There is a difference between the two:

$ ls -la /bin/mount
-rws--x--x 1 root root 56360 May 11 00:25 /bin/mount

$ ls -la /usr/bin/udisksctl 
-rwxr-xr-x 1 root root 60496 Nov 23  2019 /usr/bin/udisksctl


You run mount as root with temporarily elevated privileges and operate on 
devices directly via the kernel, but can only mount such block devices if they 
have a corresponding /etc/fstab entry - unless you are root.

You run udisksctl as plain user - it is a userspace command which operates on 
the udisks daemon to manipulate mountable devices via D-Bus.  The default 
mountpoint by udisksctl is under /run/media/<user_name>/LABEL



    

    

    True but since I'm wanting to mount it under the same /home
    directory as the user doing the mounting, it shouldn't require any
    additional privileges.  

    

    

    

      

      

        
It tells me I don't have
permission to access but it also mounts it in the wrong place.  I
suspect it mounting it in the wrong place leads to the permissions
error.  It mounts under /run.  I want it mounted under /home.


      

      
You may be able to achieve this via udev rules for the specific UUID of the 
disk, or perhaps via a symlink from /home to the /run mountpoint.  I haven't 
tested this, but you could give it a spin and see what you get.

PS. You can ignore my earlier questions, no need to answer them.  The 
structure of your message was perhaps back to front to assist my 
understanding.  :-)

    

    

    

    No problem.  Sometimes when anyone is writing, it's assumed that
    everyone else knows the steps that are taken.  Usually that is not
    the case.  It's why we always ask for error messages, commands used
    etc etc etc.  ;-) 

    

    Based on everything I've found with google, I think the Device
    Notifier is badly limited.  It can get to a certain point but it
    can't go any further.  It seems we need a better tool or the current
    tool needs a little extra programming.  I was wanting to avoid the
    command line part in case something happened to me and someone
    needed to access a encrypted device.  Victor seems to confirm that
    with his reply.  

    

    Thanks.

    

    Dale

    

    :-)  :-) 

  


--------------694CF3EDCDEB2D50FEFD4C84--