1.8. My CD/DVD Is
Locked
When you press the eject button on your CD or
DVD drive, you'd think that the drive should
open
. Unfortunately,
it doesn't always happen. Anything that is using a file or reading
a directory on that CD/DVD can keep your system from opening that
drive. This could be something as simple as a
user
whose current
directory lies on the CD/DVD drive.
If you're running Linux as a server, you
probably need to accept the locking of the CD/DVD drive. Other
users may be installing Linux from a shared DVD on your system and
may need access to the data on the drive. While you may have good
reasons as an administrator to unlock a drive, be aware that you
may be interrupting some task being run by one or more of your
users (or fellow administrators).
On the other hand, if you're working with a
single-user Linux workstation, users won't understand why their
CD/DVD is locked. They'll just complain, and you'll be annoyed, as
they won't be interested in learning "simple" commands such as
umount
. All they'll tell you is
that the CD is broken.
In this annoyance, I'll show you how I believe
servers and workstations should be configured with respect to the
CD/DVD drive. The defaults vary depending on your distribution.
Based on those defaults, if you still have problems, there are a
series of common steps that you can follow.
1.8.1.
Recommended /etc/fstab Defaults for a CD/DVD on a Server
When you configure a server, you'll want full
control over any CD/DVD
drives
on your system.
Generally
, you'll
want to limit privileges to administrative users. Take the
following default entry from my
/etc/fstab
on Red Hat Enterprise Linux 4, with
a regular CD/DVD drive:
/dev/hdc /media/cdrecorder auto pamconsole,exec,noauto,managed 0 0
The
applicable
entry from my SUSE Linux
workstation is:
/dev/cdrecorder /media/cdrecorder subfs noauto,users,gid=users 0 0
Finally, the associated directive from my Debian
system is:
/dev/hdc /media/cdrecorder auto ro,users,noauto,unhide,exec 0 0
As you should already know, the first column is
the CD/DVD drive device file, and the second column is the default
directory where the drive is mounted. The third column specifies
the filesystem, such as
ext3
or
reiserfs
.
auto
auto-detects the filesystem.
subfs
represents the Linux
removable-media-handling system and is most closely associated with
SUSE. The fourth column specifies the mount options, and that's the
focus for this annoyance. (For more information on the fifth and
sixth
columns
, which are rarely changed these days, see the
fstab
manpage
.) Examine the
options described in Table 1-9. This table is not comprehensive,
but is limited to options that may contribute to problems
unmounting a CD/DVD drive.
Table 1-9. Some /etc/fstab mount
options
|
Option
|
Description
|
|
auto
/
noauto
|
Generally,
noauto
is best for removable
media;
otherwise
, Linux will try to mount the CD/DVD even if
there's nothing in that drive.
|
|
user
/
nouser
|
Many distributions permit mounting and
unmounting by all users with the
user
directive; the
nouser
directive limits mount privileges to the
root
user.
|
|
pamconsole
|
A Red Hat innovation that supports mounting by
all users. It works only for explicit mounting at the console.
However, this does not prevent regular users from mounting
automatically in the GUI, thanks to other options.
|
|
userid
=
xxxx
|
Limits mount access to a specific user.
|
|
gid
=
xxxx
|
Limits mount access to a specific
group
.
|
|
exec
/
noexec
|
exec
allows binary commands to be run
from the CD/DVD.
|
|
managed
|
Any directive with this parameter is rewritten
by the
fstab-sync
command when you
reboot.
|
|
nosuid
|
Prevents execution of SUID or SGID scripts on
the CD/DVD.
|
|
unhide
|
Supports reading of some hidden partitions, such
as DVDs.
|
With these options in mind, I recommend that you
change the directives associated with the CD/DVD drive in your
/etc/fstab
to disallow mounts by
regular users. I'd change the SUSE Linux 9.3 directive to delete
users
access by user and group:
/dev/cdrecorder /media/cdrecorder subfs noauto 0 0
I'd change the Debian Sarge directive to delete
regular user access by removing the
users
and
uid
options.
/dev/hdc /media/cdrecorder auto ro,noauto,unhide,exec 0 0
The situation with Red Hat Enterprise Linux
4/Fedora Core is different. The directive associated with the
CD/DVD drive is governed by the relatively new Hardware Abstraction
Layer daemon, using the
storage-policy.fdi
configuration file. On
Fedora Core, this file is located in the
/usr/share/hal/fdi/90systempolicy/
subdirectory; on Red Hat Enterprise Linux 4, it's located in the
/usr/share/hal/fdi/90defaultpolicy/
directory.
By default, the user who owns the device file
associated with the CD/DVD drive can also mount and
unmount
that
drive. In other words, based on the following, the user
michael
, and no other regular
user, is allowed to mount the CD/DVD drive associated with
/dev/hdd
:
$
ls -l /dev/hdd
brw------- 1 michael disk 22, 64 Jul 22 02:35 /dev/hdd
If the specified user is your regular account as
an administrator, that's generally good enough for a server.
As an alternative to changing
fstab
, you can remove the following line from
the noted
storage-policy.fdi
configuration file:
<merge key="storage.policy.default.mount_option.pamconsole" type="bool">true</merge>
When you restart the HAL daemon with the
/etc/init.d/haldaemon restart
command, not even the regular owner of the CD/DVD device file is
allowed to mount that drive. Access is limited to the root user,
and that's appropriate on a server.
1.8.2.
Recommended Defaults for a CD/DVD on a Workstation
Workstations should be configured differently
from servers. One difference is in the way they handle removable
media. Regular users expect CDs and DVDs to be automatically
mounted when placed in their drives.
It's important that the applicable directives in
/etc/fstab
support access by
normal users. Based on the directives from the previous section,
I'd make sure at least the user option is included in the
appropriate directive; the following example works on my SUSE
Professional workstation:
/dev/cdrecorder /media/cdrecorder subfs noauto,users,gid=users 0 0
The following works well on a Debian Sarge
workstation:
/dev/hdc /media/cdrecorder auto ro,users,noauto,unhide,exec 0 0
The situation is a bit different with Red
Hat/Fedora workstations. The directive is acceptable as is; all you
need to do is make sure the owner of the CD/DVD device file, such
as
/dev/hdc
or
/dev/hdd
, is the primary user of the
workstation.
1.8.2.1.
Modifying the GUI device-management tool
GNOME provides removable device-management tools
that are not affected by the options in
/etc/fstab
. For example, in the GNOME Desktop
Environment, run the
gnome-volume-properties
command. This starts
the Drives and Media Preferences tool, which allows you to control
how GNOME reacts when you insert a CD/DVD into the drive. On a
server, I recommend that you disable all automatic mounting.
There is no corresponding stable utility
available on the KDE Desktop Environment; the last information I
can find on the Kautorun software is from 2000. However, you can
take advantage of the
.kde/Autostart
directory to create your own
Autorun system on KDE. The Autorun system is available only on Red
Hat distributions. The associated RPM doesn't work on SUSE Linux,
so if you want Autorun on KDE for SUSE or Debian Linux, you'll have
to compile it from the source code. To do so, take the following
steps:
-
Download the latest source package from the
Autorun project web site at
http://
sourceforge
.net/projects/autorun/.
-
Unpack the package. For this example, I've
downloaded it to my
/home/michael
directory, so I've run the following commands (substitute the
version number for
versionnum
):
cd /home/michael
tar xzvf autorun-
versionnum
.tar.gz
-
Navigate to the directory that's created; it's
the
autorun-
versionnum
subdirectory:
cd autorun-
versionnum
-
Configure the source code; the local configure
file is already set up as a script for this purpose:
./configure
Address any errors that may arise during the
configuration process. I did not find any errors when I ran this
command on my SUSE and Debian Linux workstations.
-
Run the following command as the
root
user (to make sure you have permissions
and PATH access to appropriate directories) to compile the
code:
make
You may get errors at this point because of
other packages that you may need to install. Some
educated
guesses
may be required. For example, on my Debian workstation, I installed
the
libxml-parser-perl
package
because of the following error message:
checking for XML::Parser... configure: error: XML::Parser perl module is required for
intltool
Some error messages are simpler; the following
from my SUSE workstation led me to install the
xmlto
RPM (and several dependencies):
make[2]: xmlto: Command not found
-
Run the following command to install the
compiled packages in appropriate locations:
make install
Pay attention to the final messages, which list
the location of the
Autorun.desktop
script.
-
Copy the
Autorun.desktop
script to an appropriate
location on desired users' home directories, and, if necessary,
make sure ownership is appropriate:
cp /usr/local/share/autorun/Autorun.desktop /home/michael/.kde/Autostart/
chown michael.users /home/michael/.kde/Autostart/Autorun.desktop
-
Update the
Autorun.desktop
script to point to the actual
location of the
autorun
command;
when I compiled from source, it was
copied
to the
/usr/local/bin
directory. The
next
time you
start KDE, it will automatically look for and mount any drive in
your CD/DVD drive.
Remember to tell your users how they can unmount
their drivesat least how they can right-click on the CD/DVD icon in
their GUI desktops to bring up a menu that lets them unmount the
drive. I describe this and other options in the next section.
1.8.3. Getting
the CD/DVD Out
As problems with a CD/DVD drive can vary, I
provide a simple checklist of steps you can take. The first steps
may seem elementary for
geeks
but are shown because we all forget
the obvious sometimes:
-
If you're in the GUI, you may see an icon
related
to the CD/DVD drive. Right-click on it; on the menu that
appears, you'll probably have an option such as "eject" or
"umount." Click on the available option (if both are available, try
"eject" first).
You may get an error message to the effect that
the mounted volume is not in
/etc/fstab
(
especially
if you're not the
root
user). In that case, proceed
to the next step.
-
Check to see if your CD/DVD drive is mounted.
You can do so with the
mount
command (by itself). If you're not sure how your CD/DVD drive is
mounted, check your
/etc/fstab
and
/etc/auto.misc
configuration files
for clues.
It's
certainly
possible for another
administrator to mount your CD/DVD drive on a different directory,
which should show up in the output to the
mount
command.
You can get a more complete list of mounted
devices from the
/proc/mounts
file.
|
If your system has mounted the CD through your
/etc/auto.misc
file, see "Regular
Users Can't Mount the CD/DVD Drive" in Chapter 7.
|
|
-
If your drive is mounted on a directory defined
by
/etc/fstab
(or another
directory shown in the output from
mount
), try ejecting it. For example, if it's
mounted on
/media/cdrecorder
, try
the following command:
eject /media/cdrecorder
If your drive is automounted as configured in
/etc/auto.misc
, the
eject
command may not work. But after there's
been no activity for a timeout defined in
/etc/auto.master
, the automounter
automatically unmounts the drive.
If you get an error message such as:
umount: /media/cdrecorder: device is busy
you know that some process, local or remote, is
trying to read the device. Before you unmount the CD/DVD, you'll
need to somehow stop the process. Proceed to the next step.
-
Try unmounting the drive in question with a
command such as the following. Remember, the
umount
command is spelled differently from the
English-language word:
umount /media/cdrecorder
You can substitute the device to be unmounted.
You may get an error message such as that described in the previous
step. Otherwise, try pressing the button on your drive to see
whether you can manually eject the disk.
-
If you're still having problems unmounting the
drive, you should now try to identify the process that's reading
the drive. That's where the list-open-files (
lsof
) command can help. It even shows files
shared via Samba; for example, the following output from the
lsof +D /media/cdrecorder
command
points to a remote user accessing your CD via Samba (the
+D
switch is key; without it, the
command doesn't know where to start looking):
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
smbd 4812 michael cwd DIR 22,64 2048 1856 /media/cdrecorder
The limitation of the
lsof
command is that it can't help you with
files opened via a shared NFS directory.
-
If you've shared your CD/DVD via Samba, you can
check if
anyone
has accessed any of your Samba shares with the
smbstatus
command.
-
If you've shared your CD/DVD via NFS, checking
access is more
problematic
. The
showmount
-a
command, in concert with the shares defined in
/etc/exports
, can only help you
define the workstations that have accessed shares from your NFS
server.
-
If there are current users on other workstations
using your CD/DVD, warn them. You may need to use other means, such
as Instant Messaging, to warn them that you're about to cut off all
processes that access the CD/DVD. Then issue the following command
as
root
:
fuser -km /media/cdrecorder
|
One problem with some game installations can be
solved
(in advance) by exporting the following environment
variable:
export SETUP_CDROM=/media/dvd
You can then run the installation program for
the game. You should be able to eject the CD when prompted and
insert the next CD in the installation sequence.
|
|
