gnome-mount is a relatively new addition to the Utopia stack. It provides users with a nice GUI to configure mount options, consistently handle encrypted devices, and so on. Thus it replaces the clumsy HAL fdi policies for mount options and can also replace the hideous pmount hacks in g-v-m and pmount with something that actually works smoothly.


gnome-mount and the hal mount backend are used by upstream by default now, they did not accept our pmount-centric solution. Thus Gnome has no support for mount policies and only little support for encrypted devices in Dapper.

Use cases

  • Joe keeps his music and video collection on a USB hard disk and wants other users to access it as well. In Dapper, VFAT partitions on USB devices are always mounted with umask 077, and there is no GUI way to change this.
  • Martin carries his GPG and SSH keys on an encrypted USB stick partition. In dapper, the encrypted partition is automatically mounted (after asking for the passphrase), but the device is not integrated into HAL at all, which means that you cannot assign it to a label or configure mount policy, and the user interface sees a confusing spare dummy drive.


The changes in this specification affect the handling of removable devices in Gnome.


  • Change gnome-volume-manager and gnome-vfs2 to use gnome-mount instead of pmount-hal.

  • Fix the hal mount backend to do the same rigid policy checks than pmount currently does.
  • This will essentially deprecate pmount for the Gnome use case.



Right now, the hal mount backend (which runs as root) queries hald (which runs as user haldaemon) for attributes and decides whether or not to allow mounting. This does not fit into the agreed-upon trust model of hal, that's why we disabled this backend in dapper. The backend needs to be changed to do all policy checks on its own; the current pmount code will be used as a model for policy checks, and preferably we will also borrow code from it.

Upstream would welcome a rewrite, he just lacks time to do it.

gnome-vfs2, gnome-volume-manager

Remove our current patches to use pmount, remove luks patch from g-v-m. Upstream already defaults to using gnome-mount.

Data preservation and migration

Since until dapper we do not have any user policy settings, no data needs to be migrated.


  • Open Places → Computer. Every volume except the generic File system one should have a Drive and Volume tab in its properties dialog where you can set mount options.

  • These mount options should be respected when mounting the drive or volume. E. g. when you configure your USB stick's 2nd partition to be mounted noatime, it should apply to only the 2nd partition. If you configure the entire drive for noatime, this should apply to all volumes (i. e. partitions) of that drive.

  • create an encrypted USB stick partition with sudo luksformat /dev/sda1 (adapt device as necessary), remove/plug in the device. You should get a standard gnome-keyring password dialog, if you enter the correct password the partition gets mounted.


GnomeMount (last edited 2008-08-06 16:15:17 by localhost)