NAME | SYNOPSIS | DESCRIPTION | OPTIONS | SUMMARY OF TRUSTED SOLARIS CHANGES | FILES | ATTRIBUTES | SEE ALSO | NOTES
tmpfs is a memory-based file system which uses kernel resources relating to the VM system and page cache as a file system.
mount attaches a tmpfs file system to the file system hierarchy at the pathname location mount_point, which must already exist. If mount_point has any contents prior to the mount operation, these remain hidden until the file system is once again unmounted. The attributes (mode, owner, and group) of the root of the tmpfs filesystem are inherited from the underlying mount_point, along with some security attributes (e.g., sensitivity label), provided that those attributes are determinable. If not, the root's attributes are set to their default values.
The special argument is usually specified as swap but is in fact disregarded and assumed to be the virtual memory resources within the system.
Security attributes can be specified at mount time, with the -o or -S option on the mount command line or in the vfstab_adjunct(4) file. See the DESCRIPTION in the mount man page for more about specifying security attributes.
To succeed, the mount command must have the sys_mount
privilege. Mandatory and discretionary read access is required to both the mount point and the device being
mounted; to override MAC and DAC restrictions requires privilege as described in Intro(2). To succeed in all cases, mount –F hsfs also needs: file_mac_read
, file_dac_read
, file_mac_write
, file_dac_write
, file_mac_search
, file_dac_search
, net_privaddr
, proc_setsl
, and sys_trans_label
.
Specify ufs file system specific options in a comma-separated list with no intervening spaces. Most attributes for the -S option may also be specified for the -o option. See the -S option.
If invalid options are specified, a warning message is printed and the invalid options are ignored. The following options are available:
The sz argument controls the size of this particular tmpfs file system. If the argument is has a `k' suffix, the number will be interpreted as a number of kilobytes. An `m' suffix will be interpreted as a number of megabytes. No suffix is interpreted as bytes. In all cases, the actual size of the file system is the number of bytes specified, rounded up to the physical pagesize of the system.
Setuid execution allowed or disallowed. The default is suid. nosuid without an explicit devices implies nodevices.
Allow (disallow) access to character and block devices. The default is devices.
Note: In the Trusted Solaris environment, device special files are typically located only in the /dev and /devices directories in the root file system. All other file systems should be mounted with the nodevices option to prevent recognition of devices that may reside in any other directories. The recognition of devices is also affected by the use of the devices or nodevices options to the share(1M) command, either on the command line or in the dfstab(4) file.
Forced privileges on executables are allowed or disallowed. The default is priv. The recognition of forced privileges is also affected by the use of the priv or nopriv option to the share(1M) command, either on the command line or in the dfstab(4) file.
Overlay mount. Allow the file system to be mounted over an existing mount point, making the underlying file system inaccessible. If a mount is attempted on a pre-existing mount point without setting this flag, the mount will fail, producing the error “device busy”.
See the definition of the -S option in the OPTIONS section of the mount(1M) man page.
The nodevices and nopriv options have been added. Trusted Solaris security policy applies when mounting and unmounting file systems.
mount must run with the sys_mount
privilege. To succeed in all cases, mount also needs: file_mac_read
, file_dac_read
, file_mac_write
, file_dac_write
, file_mac_search
, file_dac_search
, net_privaddr
, proc_setsl
,
and sys_trans_label
.
Mount-time security attributes can be specified for file systems whose objects do not have any attributes (such as user and group IDs) and for file systems that do not have the Trusted Solaris extended security attributes (such as sensitivity labels). Trusted Solaris security policy applies when mounting.
See attributes(5) for descriptions of the following attributes:
ATTRIBUTE TYPE |
ATTRIBUTE VALUE |
---|---|
Availability |
SUNWcsu |
If the directory on which a file system is to be mounted is a symbolic link, the file system is mounted on the directory to which the symbolic link refers, rather than on top of the symbolic link itself.
NAME | SYNOPSIS | DESCRIPTION | OPTIONS | SUMMARY OF TRUSTED SOLARIS CHANGES | FILES | ATTRIBUTES | SEE ALSO | NOTES