Consider that I have /etc/udev/rules.d/91-checkveracrypt.rules
:
ACTION=="add", ATTRS{idVendor}=="1234", ATTRS{idProduct}=="1234", RUN+="/home/user/tryveracrypt.sh"
/home/user/tryveracrypt.sh
:
reqsubstr="/dev/disk/by-id/usb-AAAAA-0:0-part1"
for word in $DEVLINKS
do
if [ "$word" == "$reqsubstr" ] ; then
/usr/bin/su user -c '/bin/bash /home/user/mountveracrypt.sh'
exit
fi
done
And finally mountveracrypt.sh
:
sudo veracrypt -t -k /home/user/key -p "" --pim=0 --protect-hidden=no /dev/disk/by-id/usb-AAAAA-0:0-part1 --slot=1 --verbose --non-interactive > /tmp/mount 2>&1
/usr/bin/veracrypt
is in /etc/sudoers
so veracrypt doesn't ask for password. Calling ./mountveracrypt.sh
as user works fine. I understand tryveracrypt.sh
is run as root, so I'm calling mountveracrypt.sh
with su user
so the mount is available to user.
If I try:
sudo su
./mountveracrypt.sh
exit (go back to user)
veracrypt -t -l
I get:
Error: No volumes mounted.
But sudo veracrypt -t -l
gets:
1: /dev/disk/by-id/usb-AAAAA-0:0-part1 /dev/mapper/veracrypt1 /media/veracrypt1
Ok. Fine. Mounting as root, the volume is only available to root. What is annoying me is when I plug the USB and it runs /udev/rules.d/
script.
cat /tmp/mount
:
Volume "/dev/disk/by-id/usb-AAAAA-0:0-part1" has been mounted.
veracrypt -t -l
:
Error: No volumes mounted.
sudo veracrypt -t -l
:
Error: No volumes mounted.
Why?? I can't access mount as user, not even as root. What am I missing?
EDIT:
I can't dismount the volume with veracrypt -d
because veracrypt doesn't see it. I need to reboot the system to unplug.
Does udev/rules run in a different user than root? Although I used whoami
and it shows root, and su user -c 'whoami'
shows user as expected.
Also, I made a script in udev/rules to mount veracrypt, copy some files and dismount, and it works fine. I just can't access files and dismount veracrypt outside the script called from udev/rules.
--fs-options
, but I'll try your ideas. It's still annoying because I can't dismount the volume withveracrypt -d
because veracrypt doesn't see it. I need to reboot the system to unplug.