Shared directory - always requires authentication in Files / Nautilus

ianonfedora · October 14, 2019, 3:54pm

Hi,

I create a shared dir for my users, owned by their group:

mkdir -p /project
chmod 2770 /project
chown :project /project

I put my users in the group ‘project’.

They can cd to this dir and list/create files fine at the cmdline. However if they use File / Nautlius it always prompts for their password “Authentication Required”. I see this in the journal if it helps any:

Oct 14 16:02:54 hostname audit[17992]: USER_AUTH pid=17992 uid=1001 auid=1001
ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='op=PAM:authentication grantors=pam_succeed_if,pam_localuser,pam_unix
acct="john" exe="/usr/lib/polkit-1/polkit-agent-helper-1" hostname=? addr=?
terminal=? res=success'

Oct 14 16:02:54 hostname audit[17992]: USER_ACCT pid=17992 uid=1001 auid=1001
ses=11 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023
msg='op=PAM:accounting grantors=pam_unix,pam_localuser acct="john"
exe="/usr/lib/polkit-1/polkit-agent-helper-1" hostname=? addr=? terminal=?
res=success'

Oct 14 16:02:54 hostname polkitd[5709]: Operator of unix-session:11
successfully authenticated as unix-user:john to gain TEMPORARY authorization for
action org.gtk.vfs.file-operations for unix-process:12751:59551078
[/usr/bin/nautilus --gapplication-service] (owned by unix-user:john)

Is this something about polkit getting in the way?

Thanks for any help in advance!

ianonfedora · November 11, 2019, 11:49am

Turns out this was my own misunderstanding with Ansible and YAML - if you ran the code above you would NOT reproduce the problem. The Ansible task was:

   file:
     dest: "/project"
     # Set sticky (only owners can delete/rename files) and setgid (group is inherited)
     mode: 2770
     group: project
     state: directory

However the mode as written above is interpreted as the number 2,770 which is not the mode intended. It should be forced to a string with quotes instead:

     mode: '2770'

To quote the Ansible documentation on the file module (ansible.com):

For those used to /usr/bin/chmod remember that modes are actually octal numbers. You must either add a leading zero so that Ansible’s YAML parser knows it is an octal number (like 0644 or 01777 ) or quote it (like '644' or '1777' ) so Ansible receives a string and can do its own conversion from string into number.

system · December 9, 2019, 11:49am

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Gnome sharing settings Ask Fedora f36 , gnome	1	707	May 31, 2022
Gnome Files - Failed to launch "directory", could not activate remote peer Ask Fedora f35 , gnome	7	1873	March 21, 2022
Ignition: When a file is created, parent dir is still owned by "root" Project Discussion coreos-wg	5	437	August 9, 2022
Running `sudo -n /any/thing` inside a Toolbx fails with 'sudo: a password is required' Ask Fedora problem	0	235	June 28, 2023
How to set up a shared folder with FTP connection Ask Fedora networking	11	2089	March 24, 2022

Shared directory - always requires authentication in Files / Nautilus

Related Topics