Change how devices referenced in /etc/fstab and /etc/crypttab are handled

Change how devices referenced in /etc/fstab and /etc/crypttab are handled

Hitherto we've required extra authorization (typically requiring the
user to authenticate as root) if a device is referenced in fstab or
crypttab and this actually limits the utility of these files -
e.g. why should the user need to authenticate as root just because
there are options in the fstab entry for the device? In fact, this
behavior is so annoying that people use e.g. the 'users' option for a
device which opens up extra security hole insofar that remote users
can now access the device.

Therefore, change the behavior so we treat fstab and crypttab devices
just like any other device, e.g. require the filesystem and
filesystem-system authorizations.

We also introduce options comment=udisks-auth [1] and x-udisks-auth
that can be used in fstab and crypttab respectively to force admin
authentication (the polkit actions in question are filesystem-fstab
encrypted-unlock-crypttab).

This has also been hooked up in GNOME's Disks
application

 http://people.freedesktop.org/~david/udisks-fstab-option-udisks-auth.png
 http://people.freedesktop.org/~david/udisks-crypttab-option-x-udisks-auth.png

Also mention this behavior in the udisks(8) man page.

Note that if a device is mounted at start-up, a user just can't
willy-nilly unmount the device - by default, he will still need to
authenticate as root in order to unmount the device (the polkit
action in question is 'filesystem-unmount-others')

[1] : this will be changed to x-udisks-auth when a future util-linux
release supporting arbitrary x-* options lands

Signed-off-by: David Zeuthen <davidz@redhat.com>