PAM (from D-Bus/HAL discussion)

Joe Ciccone jciccone at
Sat Apr 8 12:03:29 PDT 2006

Jürg Billeter wrote:
> Default HAL policy only permits root and at_console users to mount
> storage devices. Whether a user is at console or not is determined by
> checking whether the file /var/run/console/USERNAME exists. This file
> gets automatically created by e.g. pam_console or pam_foreground, iirc.
> BTW: The policy can be changed in /etc/dbus-1/system.d/hal.conf
> Jürg
  <policy group="500">
    <allow send_interface="org.freedesktop.Hal.Device.LaptopPanel"/>
    <allow send_interface="org.freedesktop.Hal.Device.Volume"/>
    <allow send_interface="org.freedesktop.Hal.Device.Volume.Crypto"/>

By adding this to the end I can now mount everything as my user and
root. group 500 is users on my system. Thanks a lot Jürg. Also as a side
note, You can't have more then one option in the policy tag, you have to
create multiple policy tags.

More information about the blfs-dev mailing list