Section 1.8. My CDDVD Is Locked


1.8. My CD/DVD Is Locked

When you press the eject button on your CD or DVD drive, you'd think that the drive should open. Unfortunately, it doesn't always happen. Anything that is using a file or reading a directory on that CD/DVD can keep your system from opening that drive. This could be something as simple as a user whose current directory lies on the CD/DVD drive.

If you're running Linux as a server, you probably need to accept the locking of the CD/DVD drive. Other users may be installing Linux from a shared DVD on your system and may need access to the data on the drive. While you may have good reasons as an administrator to unlock a drive, be aware that you may be interrupting some task being run by one or more of your users (or fellow administrators).

On the other hand, if you're working with a single-user Linux workstation, users won't understand why their CD/DVD is locked. They'll just complain, and you'll be annoyed, as they won't be interested in learning "simple" commands such as umount. All they'll tell you is that the CD is broken.

In this annoyance, I'll show you how I believe servers and workstations should be configured with respect to the CD/DVD drive. The defaults vary depending on your distribution. Based on those defaults, if you still have problems, there are a series of common steps that you can follow.

1.8.1. Recommended /etc/fstab Defaults for a CD/DVD on a Server

When you configure a server, you'll want full control over any CD/DVD drives on your system. Generally, you'll want to limit privileges to administrative users. Take the following default entry from my /etc/fstab on Red Hat Enterprise Linux 4, with a regular CD/DVD drive:

 /dev/hdc  /media/cdrecorder  auto  pamconsole,exec,noauto,managed 0 0 

The applicable entry from my SUSE Linux workstation is:

 /dev/cdrecorder  /media/cdrecorder  subfs  noauto,users,gid=users 0 0 

Finally, the associated directive from my Debian system is:

 /dev/hdc  /media/cdrecorder  auto  ro,users,noauto,unhide,exec 0 0 

As you should already know, the first column is the CD/DVD drive device file, and the second column is the default directory where the drive is mounted. The third column specifies the filesystem, such as ext3 or reiserfs. auto auto-detects the filesystem. subfs represents the Linux removable-media-handling system and is most closely associated with SUSE. The fourth column specifies the mount options, and that's the focus for this annoyance. (For more information on the fifth and sixth columns, which are rarely changed these days, see the fstab manpage.) Examine the options described in Table 1-9. This table is not comprehensive, but is limited to options that may contribute to problems unmounting a CD/DVD drive.

Table 1-9. Some /etc/fstab mount options

Option

Description

auto / noauto

Generally, noauto is best for removable media; otherwise, Linux will try to mount the CD/DVD even if there's nothing in that drive.

user / nouser

Many distributions permit mounting and unmounting by all users with the user directive; the nouser directive limits mount privileges to the root user.

pamconsole

A Red Hat innovation that supports mounting by all users. It works only for explicit mounting at the console. However, this does not prevent regular users from mounting automatically in the GUI, thanks to other options.

userid=xxxx

Limits mount access to a specific user.

gid=xxxx

Limits mount access to a specific group.

exec/noexec

exec allows binary commands to be run from the CD/DVD.

managed

Any directive with this parameter is rewritten by the fstab-sync command when you reboot.

nosuid

Prevents execution of SUID or SGID scripts on the CD/DVD.

unhide

Supports reading of some hidden partitions, such as DVDs.


With these options in mind, I recommend that you change the directives associated with the CD/DVD drive in your /etc/fstab to disallow mounts by regular users. I'd change the SUSE Linux 9.3 directive to delete users access by user and group:

 /dev/cdrecorder  /media/cdrecorder  subfs  noauto 0 0 

I'd change the Debian Sarge directive to delete regular user access by removing the users and uid options.

 /dev/hdc  /media/cdrecorder  auto  ro,noauto,unhide,exec 0 0 

The situation with Red Hat Enterprise Linux 4/Fedora Core is different. The directive associated with the CD/DVD drive is governed by the relatively new Hardware Abstraction Layer daemon, using the storage-policy.fdi configuration file. On Fedora Core, this file is located in the /usr/share/hal/fdi/90systempolicy/ subdirectory; on Red Hat Enterprise Linux 4, it's located in the /usr/share/hal/fdi/90defaultpolicy/ directory.

By default, the user who owns the device file associated with the CD/DVD drive can also mount and unmount that drive. In other words, based on the following, the user michael, and no other regular user, is allowed to mount the CD/DVD drive associated with /dev/hdd:

 $ ls -l /dev/hdd brw------- 1 michael disk 22, 64 Jul 22 02:35 /dev/hdd 

If the specified user is your regular account as an administrator, that's generally good enough for a server.

As an alternative to changing fstab, you can remove the following line from the noted storage-policy.fdi configuration file:

 <merge key="storage.policy.default.mount_option.pamconsole" type="bool">true</merge> 

When you restart the HAL daemon with the /etc/init.d/haldaemon restart command, not even the regular owner of the CD/DVD device file is allowed to mount that drive. Access is limited to the root user, and that's appropriate on a server.

1.8.2. Recommended Defaults for a CD/DVD on a Workstation

Workstations should be configured differently from servers. One difference is in the way they handle removable media. Regular users expect CDs and DVDs to be automatically mounted when placed in their drives.

It's important that the applicable directives in /etc/fstab support access by normal users. Based on the directives from the previous section, I'd make sure at least the user option is included in the appropriate directive; the following example works on my SUSE Professional workstation:

 /dev/cdrecorder  /media/cdrecorder  subfs  noauto,users,gid=users 0 0 

The following works well on a Debian Sarge workstation:

 /dev/hdc  /media/cdrecorder  auto  ro,users,noauto,unhide,exec 0 0 

The situation is a bit different with Red Hat/Fedora workstations. The directive is acceptable as is; all you need to do is make sure the owner of the CD/DVD device file, such as /dev/hdc or /dev/hdd, is the primary user of the workstation.

1.8.2.1. Modifying the GUI device-management tool

GNOME provides removable device-management tools that are not affected by the options in /etc/fstab. For example, in the GNOME Desktop Environment, run the gnome-volume-properties command. This starts the Drives and Media Preferences tool, which allows you to control how GNOME reacts when you insert a CD/DVD into the drive. On a server, I recommend that you disable all automatic mounting.

There is no corresponding stable utility available on the KDE Desktop Environment; the last information I can find on the Kautorun software is from 2000. However, you can take advantage of the .kde/Autostart directory to create your own Autorun system on KDE. The Autorun system is available only on Red Hat distributions. The associated RPM doesn't work on SUSE Linux, so if you want Autorun on KDE for SUSE or Debian Linux, you'll have to compile it from the source code. To do so, take the following steps:

  1. Download the latest source package from the Autorun project web site at http://sourceforge.net/projects/autorun/.

  2. Unpack the package. For this example, I've downloaded it to my /home/michael directory, so I've run the following commands (substitute the version number for versionnum):

     cd /home/michael tar xzvf autorun-versionnum.tar.gz 

  3. Navigate to the directory that's created; it's the autorun-versionnum subdirectory:

     cd autorun-versionnum 

  4. Configure the source code; the local configure file is already set up as a script for this purpose:

     ./configure 

    Address any errors that may arise during the configuration process. I did not find any errors when I ran this command on my SUSE and Debian Linux workstations.

  5. Run the following command as the root user (to make sure you have permissions and PATH access to appropriate directories) to compile the code:

     make 

    You may get errors at this point because of other packages that you may need to install. Some educated guesses may be required. For example, on my Debian workstation, I installed the libxml-parser-perl package because of the following error message:

     checking for XML::Parser... configure: error: XML::Parser perl module is required for intltool 

    Some error messages are simpler; the following from my SUSE workstation led me to install the xmlto RPM (and several dependencies):

     make[2]: xmlto: Command not found 

  6. Run the following command to install the compiled packages in appropriate locations:

     make install 

    Pay attention to the final messages, which list the location of the Autorun.desktop script.

  7. Copy the Autorun.desktop script to an appropriate location on desired users' home directories, and, if necessary, make sure ownership is appropriate:

     cp /usr/local/share/autorun/Autorun.desktop /home/michael/.kde/Autostart/ chown michael.users /home/michael/.kde/Autostart/Autorun.desktop 

  8. Update the Autorun.desktop script to point to the actual location of the autorun command; when I compiled from source, it was copied to the /usr/local/bin directory. The next time you start KDE, it will automatically look for and mount any drive in your CD/DVD drive.

Remember to tell your users how they can unmount their drivesat least how they can right-click on the CD/DVD icon in their GUI desktops to bring up a menu that lets them unmount the drive. I describe this and other options in the next section.

1.8.3. Getting the CD/DVD Out

As problems with a CD/DVD drive can vary, I provide a simple checklist of steps you can take. The first steps may seem elementary for geeks but are shown because we all forget the obvious sometimes:

  1. If you're in the GUI, you may see an icon related to the CD/DVD drive. Right-click on it; on the menu that appears, you'll probably have an option such as "eject" or "umount." Click on the available option (if both are available, try "eject" first).

    You may get an error message to the effect that the mounted volume is not in /etc/fstab (especially if you're not the root user). In that case, proceed to the next step.

  2. Check to see if your CD/DVD drive is mounted. You can do so with the mount command (by itself). If you're not sure how your CD/DVD drive is mounted, check your /etc/fstab and /etc/auto.misc configuration files for clues.

    It's certainly possible for another administrator to mount your CD/DVD drive on a different directory, which should show up in the output to the mount command.

    You can get a more complete list of mounted devices from the /proc/mounts file.

    If your system has mounted the CD through your /etc/auto.misc file, see "Regular Users Can't Mount the CD/DVD Drive" in Chapter 7.


  3. If your drive is mounted on a directory defined by /etc/fstab (or another directory shown in the output from mount), try ejecting it. For example, if it's mounted on /media/cdrecorder, try the following command:

     eject /media/cdrecorder 

    If your drive is automounted as configured in /etc/auto.misc, the eject command may not work. But after there's been no activity for a timeout defined in /etc/auto.master, the automounter automatically unmounts the drive.

    If you get an error message such as:

     umount: /media/cdrecorder: device is busy 

    you know that some process, local or remote, is trying to read the device. Before you unmount the CD/DVD, you'll need to somehow stop the process. Proceed to the next step.

  4. Try unmounting the drive in question with a command such as the following. Remember, the umount command is spelled differently from the English-language word:

     umount /media/cdrecorder 

    You can substitute the device to be unmounted. You may get an error message such as that described in the previous step. Otherwise, try pressing the button on your drive to see whether you can manually eject the disk.

  5. If you're still having problems unmounting the drive, you should now try to identify the process that's reading the drive. That's where the list-open-files (lsof) command can help. It even shows files shared via Samba; for example, the following output from the lsof +D /media/cdrecorder command points to a remote user accessing your CD via Samba (the +D switch is key; without it, the command doesn't know where to start looking):

     COMMAND  PID    USER   FD   TYPE DEVICE SIZE NODE NAME smbd    4812 michael  cwd    DIR  22,64 2048 1856 /media/cdrecorder 

    The limitation of the lsof command is that it can't help you with files opened via a shared NFS directory.

  6. If you've shared your CD/DVD via Samba, you can check if anyone has accessed any of your Samba shares with the smbstatus command.

  7. If you've shared your CD/DVD via NFS, checking access is more problematic. The showmount -a command, in concert with the shares defined in /etc/exports, can only help you define the workstations that have accessed shares from your NFS server.

  8. If there are current users on other workstations using your CD/DVD, warn them. You may need to use other means, such as Instant Messaging, to warn them that you're about to cut off all processes that access the CD/DVD. Then issue the following command as root:

     fuser -km /media/cdrecorder 

Ejecting CDs and DVDs Used by Games

One problem with some game installations can be solved (in advance) by exporting the following environment variable:

 export SETUP_CDROM=/media/dvd 

You can then run the installation program for the game. You should be able to eject the CD when prompted and insert the next CD in the installation sequence.




Linux Annoyances for Geeks
Linux Annoyances for Geeks: Getting the Most Flexible System in the World Just the Way You Want It
ISBN: 0596008015
EAN: 2147483647
Year: 2004
Pages: 144
Authors: Michael Jang

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net