X-gvfs-hide seemingly ignored for locked, unmounted LUKS partition: is this behavior a bug?

rayd-9000 · July 22, 2023, 10:19pm

I am using xubuntu 22.04.2 with gvfs 1.48.2 and glib 2.72.4.

I have a LUKS partition on my hard drive which is not unlocked or mounted during boot. My goal is to have this partition NOT be displayed as an icon on my desktop when it is locked and unmounted. (Actually I don’t want it to show up when it is unlocked either, but I am able to control the icon being displayed in that case.)

To this end, I created a dummy entry in /etc/fstab for the locked partition with mount option x-gvfs-hide, in addition to the entry for the unlocked volume which was already there:

/dev/nvme0n1p5  /mnt/nvme0n1p5 auto nosuid,nodev,nofail,noauto,x-gvfs-hide 0 0
/dev/mapper/blah  /mnt/blah  ext4  user,noauto,x-gvfs-hide,noatime  0  0

However, upon boot, the LUKS partition is shown on the desktop, seemingly because GIO includes it in its list of mountable volumes:

$ gio mount --list --detail
Drive(0): THNSN5512GPU7 NVMe TOSHIBA 512GB
  Type: GProxyDrive (GProxyVolumeMonitorUDisks2)
  ids:
   unix-device: '/dev/nvme0n1'
  themed icons:  [drive-harddisk-solidstate]  [drive-harddisk]  [drive]  [drive-harddisk-solidstate-symbolic]  [drive-harddisk-symbolic]  [drive-symbolic]
  symbolic themed icons:  [drive-harddisk-solidstate-symbolic]  [drive-harddisk-symbolic]  [drive-symbolic]  [drive-harddisk-solidstate]  [drive-harddisk]  [drive]
  is_removable=0
  is_media_removable=0
  has_media=1
  is_media_check_automatic=1
  can_poll_for_media=0
  can_eject=0
  can_start=0
  can_stop=0
  start_stop_type=shutdown
  sort_key=00coldplug/00fixed/nvme0n1
  Volume(0): 195 GB Encrypted
    Type: GProxyVolume (GProxyVolumeMonitorUDisks2)
    ids:
     class: 'device'
     unix-device: '/dev/nvme0n1p5'
     uuid: '4a92e82d-1412-46f9-b302-833350dc5b31'
    uuid=4a92e82d-1412-46f9-b302-833350dc5b31
    symbolic themed icons:  [drive-harddisk-solidstate-symbolic]  [drive-harddisk-symbolic]  [drive-symbolic]  [drive-harddisk-solidstate]  [drive-harddisk]  [drive]
    can_mount=1
    can_eject=0
    should_automount=0
    sort_key=gvfs.time_detected_usec.1690057768434940

When I unlock the LUKS partition (but even before mounting), the /dev/mapper/blah entry is created, and the partition immediately disappears from GIO’s list of volumes and also from the desktop, as expected:

$ sudo cryptsetup luksOpen /dev/nvme0n1p5 blah
Enter passphrase for /dev/nvme0n1p5: 
$ gio mount --list --detail
Drive(0): THNSN5512GPU7 NVMe TOSHIBA 512GB
  Type: GProxyDrive (GProxyVolumeMonitorUDisks2)
  ids:
   unix-device: '/dev/nvme0n1'
  themed icons:  [drive-harddisk-solidstate]  [drive-harddisk]  [drive]  [drive-harddisk-solidstate-symbolic]  [drive-harddisk-symbolic]  [drive-symbolic]
  symbolic themed icons:  [drive-harddisk-solidstate-symbolic]  [drive-harddisk-symbolic]  [drive-symbolic]  [drive-harddisk-solidstate]  [drive-harddisk]  [drive]
  is_removable=0
  is_media_removable=0
  has_media=1
  is_media_check_automatic=1
  can_poll_for_media=0
  can_eject=0
  can_start=0
  can_stop=0
  start_stop_type=shutdown
  sort_key=00coldplug/00fixed/nvme0n1

So: is this is a gvfs bug, or am I just doing things wrong? Is there a different way to accomplish my ultimate goal of hiding this partition from the desktop?

oholy · July 25, 2023, 11:34am

It should work if you set the UDISKS_IGNORE attribute over udev rule, see x-gvfs-hide not working for specific partition (due to it being LUKS type?) (#587) · Issues · GNOME / gvfs · GitLab.

The dummy entry doesn’t work as the logic for crypto blocks doesn’t read those options currently:

But maybe the logic could be changed to take this into account, just I am not sure that such a dummy entry won’t have some unwanted side-effects…

rayd-9000 · July 26, 2023, 3:28am

Using a udev rule worked a treat, thanks. Gvfs issue #587 was directly on point, not sure how I missed that when searching!

Anyway, for any one reading this later, I removed the dummy entry from /etc/fstab, and instead created /etc/udev/rules.d/99-hideluks.rules owned by root with 644 permissions, containing the following text:

KERNEL=="nvme0n1p5", ENV{UDISKS_IGNORE}="1"

Matching on ID_FS_UUID or ID_SERIAL rather than KERNEL should also work and would avoid partition naming and numbering issues.

system · August 25, 2023, 3:28am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.