Creating and Managing File Systems

Making File Systems

The mkfs command build a file system on a block device:

sudo mkfs [options] device

mkfs is a front end for builder utilities in /sbin such as mkfs.ext4. You can use either the mkfs command with the -t fstype option or the builder utility to specify the type of file system to build. For example, the following commands are equivalent ways of creating an ext4 file system with the label Projects on the device /dev/sdb1:

sudo mkfs -t ext4 -L Projects /dev/sdb1
sudo mkfs.ext4 -L Projects /dev/sdb1

If you do not specify the file system type to makefs , it creates an ext2 file system.

To display the type of a file system, use the blkid command:

sudo blkid /dev/sdb1

/dev/sdb1: UUID="ad8113d7-b279-4da8-b6e4-cfba045f66ff" TYPE="ext4" LABEL="Projects"

The blkid command also display information about the device such as its UUID and label.

Each file system type supports a number of features that you can enable or disable by specifying additional options to mkfs or the build utility. For example, you can use the -J option to specify the size and location of the journal used by the ext3 and ext4 file system types.

For more information, see the blkid(8), mkfs(8), and mkfs.fstype(8) manual pages.

Mounting File Systems

To access a file system's contents, you must attach its block device to a mount point in the directory hierarchy. You can use the mkdir command to create a directory for use as a mount point, for example:

mkdir /var/projects

You can use an existing directory as a mount point, but its contents are hidden until you unmount the overlying file system.

The mount command attaches the device containing the file system to the mount point:

sudo mount [options] device mount_point

You can specify the device by its name, UUID, or label. For example, the following commands are equivalent ways of mounting the file system on the block device /dev/sdb1:

sudo mount /dev/sdb1 /var/projects
sudo mount UUID="ad8113d7-b279-4da8-b6e4-cfba045f66ff" /var/projects
sudo mount LABEL="Projects" /var/projects

If you do not specify any arguments, mount displays all file systems that the system currently has mounted, for example:

sudo mount

/dev/mapper/vg_host01-lv_root on / type ext4 (rw)
...

In this example, the LVM logical volume /dev/mapper/vg_host01-lv_root is mounted on /. The file system type is ext4 and is mounted for both reading and writing. (You can also use the command cat /proc/mounts to display information about mounted file systems.)

The df command displays information about home much space remains on mounted file systems, for example:

sudo df -h

Filesystem                     Size  Used Avail Use% Mounted on
/dev/mapper/vg_host01-lv_root  36G   12G   22G  36% /
...

You can use the -B (bind) option to the mount command to attach a block device at multiple mount points. You can also remount part of a directory hierarchy, which need not be a complete file system, somewhere else. For example, the following command mounts /var/projects/project1 on /mnt:

sudo mount -B /var/projects/project1 /mnt

Each directory hierarchy acts as a mirror of the other. The same files are accessible in either location, although any submounts are not replicated. These mirrors do not provide data redundancy.

You can also mount a file over another file, for example:

touch /mnt/foo
mount -B /etc/hosts /mnt/foo

In this example, /etc/hosts and /mnt/foo represent the same file. The existing file that acts as a mount point is not accessible until you unmount the overlying file.

The -B option does not recursively attach any submounts below a directory hierarchy. To include submounts in the mirror, use the -R (recursive bind) option instead.

When you use -B or -R, the file system mount options remain the same as those for the original mount point. To modify, the mount options, use a separate remount command, for example:

sudo mount -o remount,ro /mnt/foo

You can mark the submounts below a mount point as being shared, private, or secondary (slave):

mount --make-shared mount_point: Any mounts or unmounts below the specified mount point propagate to any mirrors that you create, and this mount hierarchy reflects mounts or unmount changes that you make to other mirrors.
mount --make-private mount_point: Any mounts or unmounts below the specified mount point do not propagate to other mirrors, nor does this mount hierarchy reflect mounts or unmount changes that you make to other mirrors.
mount --make-slave mount_point: Any mounts or unmounts below the specified mount point do not propagate to other mirrors, but this mount hierarchy does reflect mounts or unmount changes that you make to other mirrors.

To prevent a mount from being mirrored by using the -B or -R options, mark its mount point as being unbindable:

sudo mount --make-unbindable mount_point

To move a mounted file system, directory hierarchy, or file between mount points, use the -M option, for example:

touch /mnt/foo
mount -M /mnt/foo /mnt/bar

To unmount a file system, use the umount command, for example:

sudo umount /var/projects

Alternatively, you can specify the block device provided that it is mounted on only one mount point.

For more information, see the mount(8) and umount(8) manual pages.

About Mount Options

To modify the behavior of mount, use the -o flag followed by a comma-separated list of options or specify the options in the /etc/fstab file. The following are some of the options that are available:

auto

Allows the file system to be mounted automatically by using the mount -a command.

exec

Allows the execution of any binary files located in the file system.

loop

Uses a loop device (/dev/loop*) to mount a file that contains a file system image. See Mounting a File Containing a File System Image, Creating a File System on a File, and the losetup(8) manual page.

Note:

The default number of available loop devices is 8. You can use the kernel boot parameter max_loop=N to configure up to 255 devices. Alternatively, add the following entry to /etc/modprobe.conf:

options loop max_loop=N

In the previous example, N is the number of loop devices that you require (from 0 to 255), and reboot the system.

noauto

Disallows the file system from being mounted automatically by using mount -a.

noexec

Disallows the execution of any binary files located in the file system.

nouser

Disallows any user other than root from mounting or unmounting the file system.

remount

Remounts the file system if it is already mounted. You would usually combine this option with another option such as ro or rw to change the behavior of a mounted file system.

ro

Mounts a file system as read-only.

rw

Mounts a file system for reading and writing.

user

Allows any user to mount or unmount the file system.

For example, mount /dev/sdd1 as /test with read-only access and only root permitted to mount or unmount the file system:

sudo mount -o nouser,ro /dev/sdd1 /test

Mount an ISO image file on /mount/cdrom with read-only access by using the loop device:

sudo mount -o ro,loop ./OracleLinux-R6-U1-Server-x86_64-dvd.iso /media/cdrom

Remount the /test file system with both read and write access, but do not permit the execution of any binary files that are located in the file system:

sudo mount -o remount,rw,noexec /test

About the File System Mount Table

The /etc/fstab file contains the file system mount table, and provides all the information that the mount command needs to mount block devices or to implement binding of mounts. If you add a file system, create the appropriate entry in /etc/fstab to ensure that the file system is mounted at boot time. The following are sample entries from /etc/fstab:

/dev/sda1         /boot   ext4     defaults  1 2
/dev/sda2         /       ext4     defaults  1 1
/dev/sda3         swap    swap     defaults  0 0

The first field is the device to mount specified by the device name, UUID, or device label, or the specification of a remote file system. A UUID or device label is preferable to a device name if the device name could change, for example:

LABEL=Projects    /var/projects  ext4  defaults  1 2

The second field is either the mount point for a file system or swap to indicate a swap partition.

The third field is the file system type, for example, ext4 or swap.

The fourth field specifies any mount options.

The fifth column is used by the dump command. A value of 1 means dump the file system; 0 means the file system does not need to be dumped.

The sixth column is used by the file system checker, fsck, to determine in which order to perform file system checks at boot time. The value should be 1 for the root file system, 2 for other file systems. A value of 0 skips checking, as is appropriate for swap, file systems that are not mounted at boot time, or for binding of existing mounts.

For bind mounts, only the first four fields are specified, for example:

pathmount_point    none     bind

The first field specifies the path of the file system, directory hierarchy, or file that is to be mounted on the mount point specified by the second field. The mount point must be a file if the path specifies a file; otherwise, it must be a directory. The third and fourth fields are specified as none and bind.

For more information, see the fstab(5) manual page.

Configuring the Automounter

The automounter mounts file systems when they are accessed, rather than maintaining connections for those mounts at all times. When a file system becomes inactive for more than a certain period of time, the automounter unmounts it. Using automounting frees up system resources and improves system performance.

The automounter consists of two components: the autofs kernel module and the automount user-space daemon.

To configure a system to use automounting:

Install the autofs package and any other packages that are required to support remote file systems:
```
sudo yum install autofs
```
Edit the /etc/auto.master configuration file to define map entries. Each map entry specifies a mount point and a map file that contains definitions of the remote file systems that can be mounted, for example:
```
/-          /etc/auto.direct
/misc       /etc/auto.misc
/net        -hosts
```
Here, the /-, /misc, and /net entries are examples of a direct map, an indirect map, and a host map respectively. Direct map entries always specify /- as the mount point. Host maps always specify the keyword -hosts instead of a map file.

A direct map contains definitions of directories that are automounted at the specified absolute path. In the example, the auto.direct map file might contain an entry such as:
```
/usr/man   -fstype=nfs,ro,soft             host01:/usr/man
```
This entry mounts the file system /usr/man exported by host01 using the options ro and soft, and creates the /usr/man mount point if it does not already exist. If the mount point already exists , the mounted file system hides any existing files that it contains.

As the default file system type is NFS, the previous example can be shortened to read:
```
/usr/man   -ro,soft                        host01:/usr/man
```
An indirect map contains definitions of directories (keys) that are automounted relative to the mount point (/misc) specified in /etc/auto.master. In the example, the /etc/auto.misc map file might contain entries such as the following:
```
xyz       -ro,soft                         host01:/xyz
cd        -fstype=iso9600,ro,nosuid,nodev        :/dev/cdrom
abc       -fstype=ext3                           :/dev/hda1
fenetres  -fstype=cifs,credentials=credfile      ://fenetres/c
```
The /misc directory must already exist, but the automounter creates a mount point for the keys xyz, cd , and so on if they does not already exist, and removes them when it unmounts the file system. For example, entering a command such as ls /misc/xyz causes the automounter to the mount the /xyz directory exported by host01 as /misc/xyz.

The cd and abc entries mount local file systems: an ISO image from the CD-ROM drive on /misc/cd and an ext3 file system from /dev/hda1 on /misc/abc. The fenetres entry mounts a Samba share as /misc/fenetres.

If a host map entry exists and a command references an NFS server by name relative to the mount point (/net), the automounter mounts all directories that the server exports below a subdirectory of the mount point named for the server. For example, the command cd /net/host03 causes the automounter to mount all exports from host03 below the /net/host03 directory. By default, the automounter uses the mount options nosuid,nodev,intr options unless you override the options in the host map entry, for example:
```
/net        -hosts    -suid,dev,nointr
```
Note:

The name of the NFS server must be resolvable to an IP address in DNS or in the /etc/hosts file.

For more information, including details of using maps with NIS, NIS+, and LDAP, see the hosts.master(5) manual page.
Start the autofs service, and configure the service to start following a system reboot:
```
sudo systemctl stat autofs
sudo systemctl enable autofs
```

You can configure various settings for autofs in /etc/sysconfig/autofs, such as the idle timeout value after which a file system is automatically unmounted.

If you modify /etc/auto.master or /etc/sysconfig/autofs, restart the autofs service to make it re-read these files:

sudo systemctl restart autofs

For more information, see the automount(8), autofs(5), and auto.master(5) manual pages.

Mounting a File Containing a File System Image

A loop device allows you to access a file as a block device. For example, to mount a file that contains a DVD ISO image on the directory mount point /ISO:

sudo mount -t iso9660 -o ro,loop /var/ISO_files/V33411-01.iso /ISO

If required, create a permanent entry for the file system in /etc/fstab:

/var/ISO_files/V33411-01.iso          /ISO      iso9660    ro,loop     0 0

Creating a File System on a File

To create a file system on a file within another file system:

Create an empty file of the required size, for example:

sudo dd if=/dev/zero of=/fsfile bs=1024 count=1000000

1000000+0 records in
1000000+0 records out
1024000000 bytes (1.0 GB) copied, 8.44173 s, 121 MB/s

Create a file system on the file:

sudo mkfs.ext4 -F /fsfile

mke2fs 1.41.12 (17-May-2010)
Filesystem label=
OS type: Linux
Block size=4096 (log=2)
Fragment size=4096 (log=2)
Stride=0 blocks, Stripe width=0 blocks
62592 inodes, 250000 blocks
12500 blocks (5.00%) reserved for the super user
First data block=0
Maximum filesystem blocks=260046848
8 block groups
32768 blocks per group, 32768 fragments per group
7824 inodes per group
Superblock backups stored on blocks: 
	32768, 98304, 163840, 229376

Writing inode tables: done                            
Creating journal (4096 blocks): done
Writing superblocks and filesystem accounting information: done

This filesystem will be automatically checked every 33 mounts or
180 days, whichever comes first.  Use tune2fs -c or -i to override.

Mount the file as a file system by using a loop device:

sudo mount -o loop /fsfile /mnt

The file appears as a normal file system:

sudo mount

...
/fsfile on /mnt type ext4 (rw,loop=/dev/loop0)
# df -h
Filesystem            Size  Used Avail Use% Mounted on
...
/fsfile               962M   18M  896M   2% /mnt

If required, create a permanent entry for the file system in /etc/fstab:

/fsfile          /mnt      ext4    rw,loop     0 0

Checking and Repairing a File System

The fsck utility checks and repairs file systems. For file systems other than / (root) and /boot, mount invokes file system checking if more than a certain number of mounts have occurred or more than 180 days have elapsed without checking having being performed. You might want to run fsck manually if a file system has not been checked for several months.

Attention:

Running fsck on a mounted file system can corrupt the file system and cause data loss.

To check and repair a file system:

Unmount the file system:
```
sudo umount filesystem
```
Use the fsck command to check the file system:
```
sudo fsck [-y] filesystem
```
filesystem be a device name, a mount point, or a label or UUID specifier, for example:
```
sudo fsck UUID=ad8113d7-b279-4da8-b6e4-cfba045f66ff
```
By default, fsck prompts you to choose whether it should apply a suggested repair to the file system. If you specify the -y option, fsck assumes a yes response to all such questions.

For the ext2, ext3, and ext4 file system types, other commands that are used to perform file system maintenance include dumpe2fs and debugfs. dumpe2fs prints super block and block group information for the file system on a specified device. debugfs is an interactive file system debugger that requires expert knowledge of the file system architecture. Similar commands exist for most file system types and also require expert knowledge.

For more information, see the fsck(8) manual page.

Changing the Frequency of File System Checking

To change the number of mounts before the system automatically checks the file system for consistency:

sudo tune2fs -c mount_count device

In the previous example, device specifies the block device that corresponds to the file system.

A mount_count of 0 or -1 disables automatic checking based on the number of mounts.

Tip:

Specifying a different value of mount_count for each file system reduces the probability that the system checks all the file systems at the same time.

To specify the maximum interval between file system checks:

sudo tune2fs -i interval[unit] device

The unit can be d, w, or m for days, weeks, or months. The default unit is d for days. An interval of 0 disables checking that is based on the time that has elapsed since the last check. Even if the interval is exceeded, the file system is not checked until it is next mounted.

For more information, see the tune2fs(8) manual page.

About Access Control Lists

POSIX Access Control Lists (ACLs) provide a richer access control model than traditional UNIX Discretionary Access Control (DAC) that sets read, write, and execute permissions for the owner, group, and all other system users. You can configure ACLs that define access rights for more than just a single user or group, and specify rights for programs, processes, files, and directories. If you set a default ACL on a directory, its descendents inherit the same rights automatically. You can use ACLs with btrfs, ext3, ext4, OCFS2, and XFS file systems and with mounted NFS file systems.

An ACL consists of a set of rules that specify how a specific user or group can access the file or directory with which the ACL is associated. A regular ACL entry specifies access information for a single file or directory. A default ACL entry is set on directories only, and specifies default access information for any file within the directory that does not have an access ACL.

Configuring ACL Support

To enable ACL support:

Install the acl package:
```
sudo yum install acl
```
Edit /etc/fstab and change the entries for the file systems with which you want to use ACLs so that they include the appropriate option that supports ACLs, for example:
```
LABEL=/work      /work       ext4     acl     0 0
```
For mounted Samba shares, use the cifsacl option instead of acl.
Remount the file systems, for example:
```
sudo mount -o remount /work
```

Setting and Displaying ACLs

To add or modify the ACL rules for file, use the setfacl command:

sudo setfacl -m rules file ...

The rules take the following forms:

[d:]u: user[: permissions]: Sets the access ACL for the user specified by name or user ID. The permissions apply to the owner if a user is not specified.
[d:]g: group[: permissions]: Sets the access ACL for a group specified by name or group ID. The permissions apply to the owning group if a group is not specified.
[d:]m[:][: permissions]: Sets the effective rights mask, which is the union of all permissions of the owning group and all of the user and group entries.
[d:]o[:][: permissions]: Sets the access ACL for other (everyone else to whom no other rule applies).

The permissions are r, w, and x for read, write, and execute as used with chmod.

The d: prefix is used to apply the rule to the default ACL for a directory.

To display a file's ACL, use the getfacl command, for example:

sudo getfacl foofile

# file: foofile
# owner: bob
# group: bob
user::rw-
user::fiona:r--
user::jack:rw-
user::jill:rw-
group::r--
mask::r--
other::r--

If extended ACLs are active on a file, the -l option to ls displays a plus sign (+) after the permissions, for example:

ls -l foofile

-rw-r--r--+ 1 bob bob  105322 Apr 11 11:02 foofile

The following are examples of how to set and display ACLs for directories and files.

Grant read access to a file or directory by a user.

sudo setfacl -m u:user:r file

Display the name, owner, group, and ACL for a file or directory.

sudo getfacl file

Remove write access to a file for all groups and users by modifying the effective rights mask rather than the ACL.

sudo setfacl -m m::rx file

The -x option removes rules for a user or group.

Remove the rules for a user from the ACL of a file.

sudo setfacl -x u:user file

Remove the rules for a group from the ACL of a file.

sudo setfacl -x g:group file

The -b option removes all extended ACL entries from a file or directory.

sudo setfacl -b file

Copy the ACL of file f1 to file f2.

sudo getfacl f1 | setfacl --set-file=- f2

Set a default ACL of read and execute access for other on a directory:

sudo setfacl -m d:o:rx directory

Promote the ACL settings of a directory to default ACL settings that can be inherited.

sudo getfacl --access directory | setfacl -d -M- directory

The -k option removes the default ACL from a directory.

sudo setfacl -k directory

For more information, see the acl(5), setfacl(1), and getfacl(1) manual pages.

About Disk Quotas

Note:

For information about how to configure quotas for the XFS file system, see Setting Quotas on an XFS File System.

You can set disk quotas to restrict the amount of disk space (blocks) that users or groups can use, to limit the number of files (inodes) that users or groups can create, and to notify you when usage is reaching a specified limit. A hard limit specifies the maximum number of blocks or inodes available to a user or group on the file system. Users or groups can exceed a soft limit for a period of time known as a grace period.

Enabling Disk Quotas on File Systems

To enable user or group disk quotas on a file system:

Install or update the quota package:
```
sudo yum install quota
```
Include the usrquota or grpquota options in the file system's /etc/fstab entry, for example:
```
/dev/sdb1       /home        ext4    usrquota,grpquota   0 0
```
Remount the file system:
```
sudo mount -o remount /home
```
Create the quota database files:
```
sudo quotacheck -cug /home
```
This command creates the files aquota.user and aquota.group in the root of the file system (/home in this example).

For more information, see the quotacheck(8) manual page.

Assigning Disk Quotas to Users and Groups

To configure the disk quota for a user:

Enter the following command for a user:
```
sudo edquota username
```
or for a group:
```
sudo edquota -g group
```
The command opens a text file opens in the default editor defined by the EDITOR environment variable where you can specify the limits for the user or group, for example:
```
Disk quotas for user guest (uid 501)
Filesystem  blocks  soft  hard  inodes  soft  hard
 /dev/sdb1   10325     0     0    1054     0     0
```
The blocks and inodes entries show the user's currently usage on a file system.

Tip:

Setting a limit to 0 disables quota checking and enforcement for the corresponding blocks or inodes category.
Edit the soft and hard block limits for number of blocks and inodes, and save and close the file.

Alternatively, you can use the setquota command to configure quota limits from the command-line. The -p option allows you to apply quota settings from one user or group to another user or group.

For more information, see the edquota(8) and setquota(8) manual pages.

Setting the Grace Period

To configure the grace period for soft limits:

Enter the following command:

sudo edquota -t

The command opens a text file opens in the default editor defined by the EDITOR environment variable, where you can specify the grace period, for example:

Grace period before enforcing soft limits for users:
Time units may be: days, hours, minutes, or seconds
  Filesystem     Block grace period     Inode grace period
  /dev/sdb1            7days                  7days

Edit the grace periods for the soft limits on the number of blocks and inodes, and save and close the file.

For more information, see the edquota(8) manual page.

Displaying Disk Quotas

To display a user's disk usage:

sudo quota username

To display a group's disk usage:

sudo quota -g group

To display information about file systems where usage is over the quota limits:

sudo quota -q

Users can also use the quota command to display their own and their group's usage.

For more information, see the quota(1) manual page.

Enabling and Disabling Disk Quotas

To disable disk quotas for all users, groups on a specific file system:

sudo quotaoff -guv filesystem

To disable disk quotas for all users, groups, and file systems:

sudo quotaoff -aguv

To re-enable disk quotas for all users, groups, and file systems:

sudo quotaon -aguv

For more information, see the quotaon(1) manual page.

Reporting on Disk Quota Usage

To display the disk quota usage for a file system:

sudo repquota filesystem

To display the disk quota usage for all file systems:

sudo repquota -a

For more information, see the repquota(8) manual page.

Maintaining the Accuracy of Disk Quota Reporting

Uncontrolled system shutdowns can lead to inaccuracies in disk quota reports.

To rebuild the quota database for a file system:

Disable disk quotas for the file system:
```
sudo quotaoff -guv  filesystem
```
Unmount the file system:
```
sudo umountfilesystem
```
Enter the following command to rebuild the quota databases:
```
sudo quotacheck -guv filesystem
```
Mount the file system:
```
sudo mount filesystem
```
Enable disk quotas for the file system:
```
sudo quotaoff -guv filesystem
```

For more information, see the quotacheck(8) manual page.