udisksctl unable to mount /dev/mapper volumes
An encrypted volume, whether it be a partition, or loop device cannot be mounted with udisksctl mount -b /dev/mapper/luks-*
. I suspect this is due to missing policy kit rules. If the device is not encrypted you can mount that ie udisksctl mount -b /dev/disk
. Using less secure means cryptsetup luksOpen
and mount
methods work.
I have /usr/lib/polkit-1/polkitd --no-debug
running and /usr/bin/lxqt-policykit-agent
and have launched my sway session with dbus-run-session sway
. I am using elogind
and eudev
.
Unlocking works, ie udisksctl unlock -b /dev/device
encrypted container, ie:
# dd if=/dev/random of=test count=100000 bs=1000
# cryptsetup luksFormat test,
# cryptsetup luksOpen test test
# mkfs.ext4 /dev/mapper/test
# cryptsetup luksClose /dev/mapper/test
$ udisksctl loop-setup test
$ udisksctl unlock /dev/loop0
What doesn't work is:
udisksctl mount -b /dev/mapper/luks-*
When you click on an encrypted disk in Nautilus or Thunar this is the part that doesn't work either. It will ask you for the password, and as soon as provided the device will disappear from the side panel. Having a look at udiskctl monitor
I noticed this after unlocking:
23:45:00.698: /org/freedesktop/UDisks2/block_devices/sdb1: org.freedesktop.UDisks2.Encrypted: Properties Changed
HintEncryptionType: LUKS
23:45:00.699: Added /org/freedesktop/UDisks2/jobs/8
org.freedesktop.UDisks2.Job:
Bytes: 0
Cancelable: true
ExpectedEndTime: 0
Objects: /org/freedesktop/UDisks2/block_devices/sdb1
Operation: encrypted-unlock
Progress: 0.0
ProgressValid: false
Rate: 0
StartTime: 1643894100696853
StartedByUID: 1000
23:45:02.776: /org/freedesktop/UDisks2/jobs/8: org.freedesktop.UDisks2.Job::Completed (true, '')
23:45:02.776: Removed /org/freedesktop/UDisks2/jobs/8
23:45:02.778: Added /org/freedesktop/UDisks2/block_devices/dm_2d0
org.freedesktop.UDisks2.Block:
Configuration: []
CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sdb1'
Device: /dev/dm-0
DeviceNumber: 64768
Drive: '/'
HintAuto: false
HintIconName:
HintIgnore: false
HintName:
HintPartitionable: false
HintSymbolicIconName:
HintSystem: true
Id:
IdLabel:
IdType:
IdUUID:
IdUsage:
IdVersion:
MDRaid: '/'
MDRaidMember: '/'
PreferredDevice: /dev/dm-0
ReadOnly: false
Size: 7740588032
Symlinks:
UserspaceMountOptions:
23:45:02.778: /org/freedesktop/UDisks2/block_devices/sdb1: org.freedesktop.UDisks2.Encrypted: Properties Changed
CleartextDevice: '/org/freedesktop/UDisks2/block_devices/dm_2d0'
Whereas when I try this on Fedora, Debian etc I see:
22:50:53.494: Added /org/freedesktop/UDisks2/jobs/12
org.freedesktop.UDisks2.Job:
Bytes: 0
Cancelable: true
ExpectedEndTime: 0
Objects: /org/freedesktop/UDisks2/block_devices/sde1
Operation: encrypted-unlock
Progress: 0.0
ProgressValid: false
Rate: 0
StartTime: 1643890853492936
StartedByUID: 1000
22:50:54.808: /org/freedesktop/UDisks2/jobs/12: org.freedesktop.UDisks2.Job::Completed (true, '')
22:50:54.808: Removed /org/freedesktop/UDisks2/jobs/12
22:50:54.822: Added /org/freedesktop/UDisks2/block_devices/dm_2d1
org.freedesktop.UDisks2.Block:
Configuration: []
CryptoBackingDevice: '/org/freedesktop/UDisks2/block_devices/sde1'
Device: /dev/dm-1
DeviceNumber: 64769
Drive: '/'
HintAuto: false
HintIconName:
HintIgnore: false
HintName:
HintPartitionable: false
HintSymbolicIconName:
HintSystem: true
Id: by-id-dm-name-luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
IdLabel:
IdType: ext4
IdUUID: d8f0c988-446b-46db-a9f9-15db9431085b
IdUsage: filesystem
IdVersion: 1.0
MDRaid: '/'
MDRaidMember: '/'
PreferredDevice: /dev/mapper/luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
ReadOnly: false
Size: 7740588032
Symlinks: /dev/disk/by-id/dm-name-luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
/dev/disk/by-id/dm-uuid-CRYPT-LUKS2-7b7bdab9c4fc43afabe61240e616b5dc-luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
/dev/disk/by-uuid/d8f0c988-446b-46db-a9f9-15db9431085b
/dev/mapper/luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
UserspaceMountOptions:
org.freedesktop.UDisks2.Filesystem:
MountPoints:
Size: 7740588032
22:50:54.823: /org/freedesktop/UDisks2/block_devices/sde1: org.freedesktop.UDisks2.Encrypted: Properties Changed
CleartextDevice: '/org/freedesktop/UDisks2/block_devices/dm_2d1'
The component that seems to be blank is:
Id: by-id-dm-name-luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
IdLabel:
IdType: ext4
IdUUID: d8f0c988-446b-46db-a9f9-15db9431085b
IdUsage: filesystem
IdVersion: 1.0
and instead of pointing to the /dev/mapper device
PreferredDevice: /dev/mapper/luks-ce782db4-f9ee-4154-80e1-72c0d71b08da
it points to:
PreferredDevice: /dev/dm-0
The symlinks were also missing:
Symlinks: /dev/disk/by-id/usb-TOSHIBA_TransMemory_000000000000000000000000-0:0-part1
/dev/disk/by-partuuid/41c05551-f39c-42db-b64e-1b36a924f573
/dev/disk/by-path/pci-0000:39:00.0-usb-0:1.3:1.0-scsi-0:0:0:0-part1
/dev/disk/by-uuid/ce782db4-f9ee-4154-80e1-72c0d71b08da