Show Table of Contents
13.7. Locking Repartitioning
polkit enables you to set permissions for individual operations. For udisks2, the utility for disk management services, the configuration is located at /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy. This file contains a set of actions and default values, which can be overridden by system administrator.
Important
Remember that
polkit configuration stored in /etc overrides the configuration shipped by packages in /usr/share/.
Procedure 13.7. To Prevent Users from Changing Disks Settings
- Create a file with the same content as in
/usr/share/polkit-1/actions/org.freedesktop.udisks2.policy.cp /usr/share/polkit-1/actions/org.freedesktop.udisks2.policy /etc/share/polkit-1/actions/org.freedesktop.udisks2.policy
Do not change the/usr/share/polkit-1/actions/org.freedesktop.udisks2.policyfile, your changes will be overwritten by the next package update. - Delete the action you do not need and add the following lines to the
/etc/polkit-1/actions/org.freedesktop.udisks2.policyfile:<action id="org.freedesktop.udisks2.modify-device"> <message>Authentication is required to modify the disks settings</message> <defaults> <allow_any>no</allow_any> <allow_inactive>no</allow_inactive> <allow_active>yes</allow_active> </defaults> </action>Replacenobyauth_adminif you want to ensure only the root user is able to carry out the action. - Save the changes.
When the user tries to change the disks settings, the following message is returned:
Authentication is required to modify the disks settings
Where did the comment section go?
Red Hat's documentation publication system recently went through an upgrade to enable speedier, more mobile-friendly content. We decided to re-evaluate our commenting platform to ensure that it meets your expectations and serves as an optimal feedback mechanism. During this redesign, we invite your input on providing feedback on Red Hat documentation via the discussion platform.