[OpenIndiana-discuss] JDS: USB automount problem

Jim Klimov jimklimov at cos.ru
Fri Nov 29 15:14:00 UTC 2013 

See below

On 2013-11-29 15:46, Predrag Zecevic [Unix Systems Administrator] wrote:
> Hi,
>
> I cannot mount USB devices anymore in my /hipster installation (I mean
> automatically mount withing JDS/GNOME).
 > ...
> Nov 29 15:04:00 solarix genunix: [ID 864859 kern.notice] NOTICE:
> hald-addon-stora[2482]: missing privilege "sys_mount" (euid = 0, syscall
> = 255) needed at secpolicy_fs_owner+0x2e
>
> It looks like hald-addon-storage has some privilege problems, so I have
> added it (Profile is called 'Solarix' and I am trying to get collected
> there all missing privileges - plenty of them). But for now, I would
> like to focus on this one:
> /etc/security/exec_attr:Solarix:solaris:cmd:::/usr/lib/hal/hald-addon-storage:privs=sys_mount
>
>
> What else I have to check/change 0 what I am missing?

How do you then reference the "Solarix" profile?

I'd say that you need to look into the "hal" service definition:
root at openindiana:~# ps -ef | grep hal
     root   359   297   0   Nov 27 ?           0:12 
/usr/lib/hal/hald-addon-acpi
     root   397   297   0   Nov 27 ?           0:00 
/usr/lib/hal/hald-addon-storage
     root   297   290   0   Nov 27 ?           0:00 hald-runner
     root   344   297   0   Nov 27 ?           0:00 
/usr/lib/hal/hald-addon-network-discovery
     root   346   297   0   Nov 27 ?           0:00 
/usr/lib/hal/hald-addon-cpufreq
     root   290     1   0   Nov 27 ?           0:08 /usr/lib/hal/hald 
--daemon=yes

root at openindiana:~# svcs -p hal
STATE          STIME    FMRI
online         Nov_27   svc:/system/hal:default
                Nov_27        290 hald
                Nov_27        297 hald-runner
                Nov_27        344 hald-addon-netw
                Nov_27        346 hald-addon-cpuf
                Nov_27        359 hald-addon-acpi
                Nov_27        397 hald-addon-stor

Here we see that hald-addon-storage is spawned by hald-runner by hald,
and they all are part of the "hal" SMF service. You might need to add
the privileges involved to the startup method as part of its context,
i.e.

svccfg -s hal setprop start/privileges = astring: basic,sys_mount
svcadm refresh hal
svcadm restart hal

Would this help?
HTH,
//Jim

More information about the OpenIndiana-discuss mailing list