The subject says that all, I can't access USB stick as an ordinary user. To be precise: $ qemu -enable-kvm -m 1024 /dev/sdc qemu: could not open disk image /dev/sdc $ ls -l /dev/sdc brw-rw---- 1 root disk 8, 32 29. kvě 07.56 /dev/sdc $ groups wheel audio cdrom video games usb users portage kavol plugdev scanner qemu (Where /dev/sdc is Kingston Patriot Mini USB flash disk.) According to the Handbook http://www.gentoo.org/doc/en/handbook/handbook-amd64.xml?part=1&chap=11 usb be able to access USB devices plugdev Be able to mount and use pluggable devices such as cameras and USB sticks So, one of these groups should allow me to access the device. But the device does have one of them, it has the "disk" group set and adding an ordinary user into "disk" group is not a good idea, as it is used for the system harddisk: # mount /dev/sda1 on / type reiserfs (rw,noatime) ... # ls -l /dev/sda1 brw-rw---- 1 root disk 8, 1 11. kvě 08.37 /dev/sda1 - so being in "disk" group would be effectively the same as getting root. Reproducible: Always
After gaining authorization from ConsoleKit (or systemd-logind) and PolicyKit (polkit) you get to do these as a normal local user That's what PolicyKit was designed to do, give more permissions but yet still restrict them to wanted actions # emerge sys-fs/udisks:2 $ udisksctl mount --help $ udisksctl mount /dev/sdc1 As in, use one of the "udev helper tools" available in tree like sys-fs/udisks that gets authorization from polkit. Group 'plugdev' was just invention of HAL, which is now gone from tree, it's not part of the default Gentoo installation And long as udisks recognizes the drive as removable, you'll get authorization as a local user, the group is irrelevant The steps it takes to recognize the drive as removable is purposely left for the helper tool(s)