Have you ever wondered why sudo or root permission is required to mount an external drive or partition as a normal user from Terminal, but not from the file manager in Linux? As you already know, you need to be a sudo user to display, mount, and access removable media (e.g. External Hard disk drives, USB sticks, optical discs, and digital cameras) from command line. But, how can a graphical file manager (E.g. Nautilus) mount these removable storage devices without root or sudo? In this brief guide, I will explain how does a file manager mount external drives without sudo
or root
permission in Linux.
How can a file manager mount an external drive without sudo or root permission in Linux?
The file managers uses UDisks2 to mount the external drives without admin rights. UDisks2 is the 2nd version of UDisks. UDisks is now obsolete.
GNOME, KDE and various other desktop environments uses UDisks2 to allow normal users to mount removable media devices.
UDisks2 project provides a system daemon called udisksd
, and a command-line tool called udisksctl
.
The udiskd
daemon runs in the background and implements well-defined D-Bus interfaces that can be used to query and manipulate storage devices. udiskd
starts automatically at system boot and runs as root
all the time. You can verify it using command:
$ sudo systemctl status udisks2
Sample output:
● udisks2.service - Disk Manager Loaded: loaded (/lib/systemd/system/udisks2.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2020-09-09 12:09:21 IST; 3h 9min ago Docs: man:udisks(8) Main PID: 978 (udisksd) Tasks: 5 (limit: 9336) Memory: 9.3M CGroup: /system.slice/udisks2.service └─978 /usr/lib/udisks2/udisksd Sep 09 12:08:51 ostechnix systemd[1]: Starting Disk Manager... Sep 09 12:09:00 ostechnix udisksd[978]: udisks daemon version 2.8.4 starting Sep 09 12:09:21 ostechnix udisksd[978]: Acquired the name org.freedesktop.UDisks2 on the sy> Sep 09 12:09:21 ostechnix systemd[1]: Started Disk Manager.
The udisksctl
CLI utility is used to query and use the daemon. The actions that a user can perform using udisks are restricted using Polkit. Polkit is an application-level toolkit for defining and handling authorizations. It allows unprivileged processes to speak to privileged processes.
Since UDisks is already running as root, it allows the non-privileged programs (E.g. file managers) to mount or unmount storage devices without sudo or root permission. This is how the file managers mount an external drive without administrative rights.
You can test it yourself by mounting an USB drive as normal user using udisksctl
command like below:
$ udisksctl mount -b /dev/sdc1
Or,
$ udisksctl mount --block-device /dev/sdc1
Replace /dev/sdc1
with your device name.
Sample output:
Mounted /dev/sdc1 at /media/sk/ventoy.
Similarly, you can unmount the USB drive using command:
$ udisksctl unmount -b /dev/sdc1
Or,
$ udisksctl unmount --block-device /dev/sdc1
Sample output:
Unmounted /dev/sdc1.
If you ever looking for a way to securely allow regular users to mount the filesystems without super user privileges in Linux, Udisk2 is recommended!
Related read:
I didn't know mounting and unmounting drives without sudo permission is possible until I came across this question on Reddit.
Hope this helps.
Resources:
Featured image by Jessica Lewis from Pexels.
1 comment
thanks!