2 Creating and Managing File Systems
This chapter describes how to create, mount, check, and repair file systems, how to configure Access Control Lists, how to configure and manage disk quotas.
Making File Systems
The mkfs command build a file system on a block device:
sudo mkfs [options] device
mkfs is a front end for builder utilities in
/sbin
such as mkfs.ext4. You
can use either the mkfs command with the
-t fstype
option or
the builder utility to specify the type of file system to build.
For example, the following commands are equivalent ways of
creating an ext4
file system with the label
Projects
on the device
/dev/sdb1
:
sudo mkfs -t ext4 -L Projects /dev/sdb1 sudo mkfs.ext4 -L Projects /dev/sdb1
If you do not specify the file system type to
makefs , it creates an ext2
file system.
To display the type of a file system, use the blkid command:
sudo blkid /dev/sdb1
/dev/sdb1: UUID="ad8113d7-b279-4da8-b6e4-cfba045f66ff" TYPE="ext4" LABEL="Projects"
The blkid command also display information about the device such as its UUID and label.
Each file system type supports a number of features that you can
enable or disable by specifying additional options to
mkfs or the build utility. For example, you can
use the -J option to specify the size and
location of the journal used by the ext3
and
ext4
file system types.
For more information, see the blkid(8)
,
mkfs(8)
, and
mkfs.fstype(8)
manual pages.
Mounting File Systems
To access a file system's contents, you must attach its block device to a mount point in the directory hierarchy. You can use the mkdir command to create a directory for use as a mount point, for example:
mkdir /var/projects
You can use an existing directory as a mount point, but its contents are hidden until you unmount the overlying file system.
The mount command attaches the device containing the file system to the mount point:
sudo mount [options] device mount_point
You can specify the device by its name, UUID, or label. For
example, the following commands are equivalent ways of mounting
the file system on the block device /dev/sdb1
:
sudo mount /dev/sdb1 /var/projects sudo mount UUID="ad8113d7-b279-4da8-b6e4-cfba045f66ff" /var/projects sudo mount LABEL="Projects" /var/projects
If you do not specify any arguments, mount displays all file systems that the system currently has mounted, for example:
sudo mount
/dev/mapper/vg_host01-lv_root on / type ext4 (rw) ...
In this example, the LVM logical volume
/dev/mapper/vg_host01-lv_root
is mounted on
/
. The file system type is
ext4
and is mounted for both reading and
writing. (You can also use the command cat
/proc/mounts to display information about mounted file
systems.)
The df command displays information about home much space remains on mounted file systems, for example:
sudo df -h
Filesystem Size Used Avail Use% Mounted on /dev/mapper/vg_host01-lv_root 36G 12G 22G 36% / ...
You can use the -B (bind) option to the
mount command to attach a block device at
multiple mount points. You can also remount part of a directory
hierarchy, which need not be a complete file system, somewhere
else. For example, the following command mounts
/var/projects/project1
on
/mnt
:
sudo mount -B /var/projects/project1 /mnt
Each directory hierarchy acts as a mirror of the other. The same files are accessible in either location, although any submounts are not replicated. These mirrors do not provide data redundancy.
You can also mount a file over another file, for example:
touch /mnt/foo mount -B /etc/hosts /mnt/foo
In this example, /etc/hosts
and
/mnt/foo
represent the same file. The existing
file that acts as a mount point is not accessible until you
unmount the overlying file.
The -B option does not recursively attach any submounts below a directory hierarchy. To include submounts in the mirror, use the -R (recursive bind) option instead.
When you use -B or -R, the file system mount options remain the same as those for the original mount point. To modify, the mount options, use a separate remount command, for example:
sudo mount -o remount,ro /mnt/foo
You can mark the submounts below a mount point as being shared, private, or secondary (slave):
- mount --make-shared mount_point
-
Any mounts or unmounts below the specified mount point propagate to any mirrors that you create, and this mount hierarchy reflects mounts or unmount changes that you make to other mirrors.
- mount --make-private mount_point
-
Any mounts or unmounts below the specified mount point do not propagate to other mirrors, nor does this mount hierarchy reflect mounts or unmount changes that you make to other mirrors.
- mount --make-slave mount_point
-
Any mounts or unmounts below the specified mount point do not propagate to other mirrors, but this mount hierarchy does reflect mounts or unmount changes that you make to other mirrors.
To prevent a mount from being mirrored by using the -B or -R options, mark its mount point as being unbindable:
sudo mount --make-unbindable mount_point
To move a mounted file system, directory hierarchy, or file between mount points, use the -M option, for example:
touch /mnt/foo mount -M /mnt/foo /mnt/bar
To unmount a file system, use the umount command, for example:
sudo umount /var/projects
Alternatively, you can specify the block device provided that it is mounted on only one mount point.
For more information, see the mount(8)
and
umount(8)
manual pages.
About Mount Options
To modify the behavior of mount, use the
-o flag followed by a comma-separated list of
options or specify the options in the
/etc/fstab
file. The following are some of
the options that are available:
-
auto
-
Allows the file system to be mounted automatically by using the mount -a command.
-
exec
-
Allows the execution of any binary files located in the file system.
-
loop
-
Uses a loop device (
/dev/loop*
) to mount a file that contains a file system image. See Mounting a File Containing a File System Image, Creating a File System on a File, and thelosetup(8)
manual page.Note:
The default number of available loop devices is 8. You can use the kernel boot parameter
max_loop=N
to configure up to 255 devices. Alternatively, add the following entry to/etc/modprobe.conf
:options loop max_loop=N
In the previous example, N is the number of loop devices that you require (from 0 to 255), and reboot the system.
-
noauto
-
Disallows the file system from being mounted automatically by using mount -a.
-
noexec
-
Disallows the execution of any binary files located in the file system.
-
nouser
-
Disallows any user other than
root
from mounting or unmounting the file system. -
remount
-
Remounts the file system if it is already mounted. You would usually combine this option with another option such as
ro
orrw
to change the behavior of a mounted file system. -
ro
-
Mounts a file system as read-only.
-
rw
-
Mounts a file system for reading and writing.
-
user
-
Allows any user to mount or unmount the file system.
For example, mount /dev/sdd1
as
/test
with read-only access and only root
permitted to mount or unmount the file system:
sudo mount -o nouser,ro /dev/sdd1 /test
Mount an ISO image file on /mount/cdrom
with
read-only access by using the loop device:
sudo mount -o ro,loop ./OracleLinux-R6-U1-Server-x86_64-dvd.iso /media/cdrom
Remount the /test
file system with both read
and write access, but do not permit the execution of any binary
files that are located in the file system:
sudo mount -o remount,rw,noexec /test
About the File System Mount Table
The /etc/fstab
file contains the file system
mount table, and provides all the information that the
mount command needs to mount block devices or
to implement binding of mounts. If you add a file system, create
the appropriate entry in /etc/fstab
to ensure
that the file system is mounted at boot time. The following are
sample entries from /etc/fstab
:
/dev/sda1 /boot ext4 defaults 1 2 /dev/sda2 / ext4 defaults 1 1 /dev/sda3 swap swap defaults 0 0
The first field is the device to mount specified by the device name, UUID, or device label, or the specification of a remote file system. A UUID or device label is preferable to a device name if the device name could change, for example:
LABEL=Projects /var/projects ext4 defaults 1 2
The second field is either the mount point for a file system or
swap
to indicate a swap partition.
The third field is the file system type, for example, ext4
or
swap
.
The fourth field specifies any mount options.
The fifth column is used by the dump command. A value of 1 means dump the file system; 0 means the file system does not need to be dumped.
The sixth column is used by the file system checker, fsck, to determine in which order to perform file system checks at boot time. The value should be 1 for the root file system, 2 for other file systems. A value of 0 skips checking, as is appropriate for swap, file systems that are not mounted at boot time, or for binding of existing mounts.
For bind mounts, only the first four fields are specified, for example:
pathmount_point none bind
The first field specifies the path of the file system, directory
hierarchy, or file that is to be mounted on the mount point
specified by the second field. The mount point must be a file if
the path specifies a file; otherwise, it must be a directory. The
third and fourth fields are specified as none
and bind
.
For more information, see the fstab(5)
manual
page.
Configuring the Automounter
The automounter mounts file systems when they are accessed, rather than maintaining connections for those mounts at all times. When a file system becomes inactive for more than a certain period of time, the automounter unmounts it. Using automounting frees up system resources and improves system performance.
The automounter consists of two components: the
autofs
kernel module and the
automount
user-space daemon.
To configure a system to use automounting:
-
Install the
autofs
package and any other packages that are required to support remote file systems:sudo yum install autofs
-
Edit the
/etc/auto.master
configuration file to define map entries. Each map entry specifies a mount point and a map file that contains definitions of the remote file systems that can be mounted, for example:/- /etc/auto.direct /misc /etc/auto.misc /net -hosts
Here, the
/-
,/misc
, and/net
entries are examples of a direct map, an indirect map, and a host map respectively. Direct map entries always specify/-
as the mount point. Host maps always specify the keyword-hosts
instead of a map file.A direct map contains definitions of directories that are automounted at the specified absolute path. In the example, the
auto.direct
map file might contain an entry such as:/usr/man -fstype=nfs,ro,soft host01:/usr/man
This entry mounts the file system
/usr/man
exported byhost01
using the optionsro
andsoft
, and creates the/usr/man
mount point if it does not already exist. If the mount point already exists , the mounted file system hides any existing files that it contains.As the default file system type is NFS, the previous example can be shortened to read:
/usr/man -ro,soft host01:/usr/man
An indirect map contains definitions of directories (keys) that are automounted relative to the mount point (
/misc
) specified in/etc/auto.master
. In the example, the/etc/auto.misc
map file might contain entries such as the following:xyz -ro,soft host01:/xyz cd -fstype=iso9600,ro,nosuid,nodev :/dev/cdrom abc -fstype=ext3 :/dev/hda1 fenetres -fstype=cifs,credentials=credfile ://fenetres/c
The
/misc
directory must already exist, but the automounter creates a mount point for the keysxyz
,cd
, and so on if they does not already exist, and removes them when it unmounts the file system. For example, entering a command such as ls /misc/xyz causes the automounter to the mount the/xyz
directory exported byhost01
as/misc/xyz
.The
cd
andabc
entries mount local file systems: an ISO image from the CD-ROM drive on/misc/cd
and an ext3 file system from/dev/hda1
on/misc/abc
. Thefenetres
entry mounts a Samba share as/misc/fenetres
.If a host map entry exists and a command references an NFS server by name relative to the mount point (
/net
), the automounter mounts all directories that the server exports below a subdirectory of the mount point named for the server. For example, the command cd /net/host03 causes the automounter to mount all exports fromhost03
below the/net/host03
directory. By default, the automounter uses the mount optionsnosuid,nodev,intr
options unless you override the options in the host map entry, for example:/net -hosts -suid,dev,nointr
Note:
The name of the NFS server must be resolvable to an IP address in DNS or in the
/etc/hosts
file.For more information, including details of using maps with NIS, NIS+, and LDAP, see the
hosts.master(5)
manual page. -
Start the
autofs
service, and configure the service to start following a system reboot:sudo systemctl stat autofs sudo systemctl enable autofs
You can configure various settings for autofs
in /etc/sysconfig/autofs
, such as the idle
timeout value after which a file system is automatically
unmounted.
If you modify /etc/auto.master
or
/etc/sysconfig/autofs
, restart the
autofs
service to make it re-read these files:
sudo systemctl restart autofs
For more information, see the automount(8)
,
autofs(5)
, and
auto.master(5)
manual pages.
Mounting a File Containing a File System Image
/ISO
:
sudo mount -t iso9660 -o ro,loop /var/ISO_files/V33411-01.iso /ISO
If required, create a permanent entry for the file system in
/etc/fstab
:
/var/ISO_files/V33411-01.iso /ISO iso9660 ro,loop 0 0
Creating a File System on a File
To create a file system on a file within another file system:
-
Create an empty file of the required size, for example:
sudo dd if=/dev/zero of=/fsfile bs=1024 count=1000000
1000000+0 records in 1000000+0 records out 1024000000 bytes (1.0 GB) copied, 8.44173 s, 121 MB/s
-
Create a file system on the file:
sudo mkfs.ext4 -F /fsfile
mke2fs 1.41.12 (17-May-2010) Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) Stride=0 blocks, Stripe width=0 blocks 62592 inodes, 250000 blocks 12500 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=260046848 8 block groups 32768 blocks per group, 32768 fragments per group 7824 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376 Writing inode tables: done Creating journal (4096 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 33 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override.
-
Mount the file as a file system by using a loop device:
sudo mount -o loop /fsfile /mnt
The file appears as a normal file system:
sudo mount
... /fsfile on /mnt type ext4 (rw,loop=/dev/loop0) # df -h Filesystem Size Used Avail Use% Mounted on ... /fsfile 962M 18M 896M 2% /mnt
If required, create a permanent entry for the file system in
/etc/fstab
:/fsfile /mnt ext4 rw,loop 0 0
Checking and Repairing a File System
The fsck utility checks and repairs file
systems. For file systems other than /
(root)
and /boot
, mount invokes
file system checking if more than a certain number of mounts have
occurred or more than 180 days have elapsed without checking
having being performed. You might want to run
fsck manually if a file system has not been
checked for several months.
Attention:
Running fsck on a mounted file system can corrupt the file system and cause data loss.
To check and repair a file system:
-
Unmount the file system:
sudo umount filesystem
-
Use the fsck command to check the file system:
sudo fsck [-y] filesystem
filesystem be a device name, a mount point, or a label or UUID specifier, for example:
sudo fsck UUID=ad8113d7-b279-4da8-b6e4-cfba045f66ff
By default, fsck prompts you to choose whether it should apply a suggested repair to the file system. If you specify the -y option, fsck assumes a yes response to all such questions.
For the ext2
, ext3
, and
ext4
file system types, other commands that are
used to perform file system maintenance include
dumpe2fs and debugfs.
dumpe2fs prints super block and block group
information for the file system on a specified device.
debugfs is an interactive file system debugger
that requires expert knowledge of the file system architecture.
Similar commands exist for most file system types and also require
expert knowledge.
For more information, see the fsck(8)
manual
page.
Changing the Frequency of File System Checking
To change the number of mounts before the system automatically checks the file system for consistency:
sudo tune2fs -c mount_count device
In the previous example, device specifies the block device that corresponds to the file system.
A mount_count of 0 or -1 disables automatic checking based on the number of mounts.
Tip:
Specifying a different value of mount_count for each file system reduces the probability that the system checks all the file systems at the same time.
To specify the maximum interval between file system checks:
sudo tune2fs -i interval[unit] device
The unit can be d, w, or m for days, weeks, or months. The default unit is d for days. An interval of 0 disables checking that is based on the time that has elapsed since the last check. Even if the interval is exceeded, the file system is not checked until it is next mounted.
For more information, see the tune2fs(8)
manual page.
About Access Control Lists
POSIX Access Control Lists (ACLs) provide a richer access control model than traditional UNIX Discretionary Access Control (DAC) that sets read, write, and execute permissions for the owner, group, and all other system users. You can configure ACLs that define access rights for more than just a single user or group, and specify rights for programs, processes, files, and directories. If you set a default ACL on a directory, its descendents inherit the same rights automatically. You can use ACLs with btrfs, ext3, ext4, OCFS2, and XFS file systems and with mounted NFS file systems.
An ACL consists of a set of rules that specify how a specific user or group can access the file or directory with which the ACL is associated. A regular ACL entry specifies access information for a single file or directory. A default ACL entry is set on directories only, and specifies default access information for any file within the directory that does not have an access ACL.
Configuring ACL Support
To enable ACL support:
-
Install the
acl
package:sudo yum install acl
-
Edit
/etc/fstab
and change the entries for the file systems with which you want to use ACLs so that they include the appropriate option that supports ACLs, for example:LABEL=/work /work ext4 acl 0 0
For mounted Samba shares, use the
cifsacl
option instead ofacl
. -
Remount the file systems, for example:
sudo mount -o remount /work
Setting and Displaying ACLs
To add or modify the ACL rules for file, use the setfacl command:
sudo setfacl -m rules file ...
The rules take the following forms:
- [d:]u: user[: permissions]
-
Sets the access ACL for the user specified by name or user ID. The permissions apply to the owner if a user is not specified.
- [d:]g: group[: permissions]
-
Sets the access ACL for a group specified by name or group ID. The permissions apply to the owning group if a group is not specified.
- [d:]m[:][: permissions]
-
Sets the effective rights mask, which is the union of all permissions of the owning group and all of the user and group entries.
- [d:]o[:][: permissions]
-
Sets the access ACL for other (everyone else to whom no other rule applies).
The permissions are r
, w
,
and x
for read, write, and execute as used
with chmod.
The d: prefix is used to apply the rule to the default ACL for a directory.
To display a file's ACL, use the getfacl command, for example:
sudo getfacl foofile
# file: foofile # owner: bob # group: bob user::rw- user::fiona:r-- user::jack:rw- user::jill:rw- group::r-- mask::r-- other::r--
If extended ACLs are active on a file, the -l
option to ls displays a plus sign
(+
) after the permissions, for example:
ls -l foofile
-rw-r--r--+ 1 bob bob 105322 Apr 11 11:02 foofile
The following are examples of how to set and display ACLs for directories and files.
sudo setfacl -m u:user:r file
sudo getfacl file
sudo setfacl -m m::rx file
The -x option removes rules for a user or group.
sudo setfacl -x u:user file
sudo setfacl -x g:group file
The -b option removes all extended ACL entries from a file or directory.
sudo setfacl -b file
sudo getfacl f1 | setfacl --set-file=- f2
Set a default ACL of read and execute access for other on a directory:
sudo setfacl -m d:o:rx directory
sudo getfacl --access directory | setfacl -d -M- directory
The -k option removes the default ACL from a directory.
sudo setfacl -k directory
For more information, see the acl(5)
,
setfacl(1)
, and getfacl(1)
manual pages.
About Disk Quotas
Note:
For information about how to configure quotas for the XFS file system, see Setting Quotas on an XFS File System.
You can set disk quotas to restrict the amount of disk space (blocks) that users or groups can use, to limit the number of files (inodes) that users or groups can create, and to notify you when usage is reaching a specified limit. A hard limit specifies the maximum number of blocks or inodes available to a user or group on the file system. Users or groups can exceed a soft limit for a period of time known as a grace period.
Enabling Disk Quotas on File Systems
To enable user or group disk quotas on a file system:
-
Install or update the quota package:
sudo yum install quota
-
Include the
usrquota
orgrpquota
options in the file system's/etc/fstab
entry, for example:/dev/sdb1 /home ext4 usrquota,grpquota 0 0
-
Remount the file system:
sudo mount -o remount /home
-
Create the quota database files:
sudo quotacheck -cug /home
This command creates the files
aquota.user
andaquota.group
in the root of the file system (/home
in this example).
For more information, see the quotacheck(8)
manual page.
Assigning Disk Quotas to Users and Groups
To configure the disk quota for a user:
-
Enter the following command for a user:
sudo edquota username
or for a group:
sudo edquota -g group
The command opens a text file opens in the default editor defined by the
EDITOR
environment variable where you can specify the limits for the user or group, for example:Disk quotas for user guest (uid 501) Filesystem blocks soft hard inodes soft hard /dev/sdb1 10325 0 0 1054 0 0
The
blocks
andinodes
entries show the user's currently usage on a file system.Tip:
Setting a limit to 0 disables quota checking and enforcement for the corresponding
blocks
orinodes
category. -
Edit the soft and hard block limits for number of blocks and inodes, and save and close the file.
Alternatively, you can use the setquota command to configure quota limits from the command-line. The -p option allows you to apply quota settings from one user or group to another user or group.
For more information, see the edquota(8)
and
setquota(8)
manual pages.
Setting the Grace Period
To configure the grace period for soft limits:
-
Enter the following command:
sudo edquota -t
The command opens a text file opens in the default editor defined by the
EDITOR
environment variable, where you can specify the grace period, for example:Grace period before enforcing soft limits for users: Time units may be: days, hours, minutes, or seconds Filesystem Block grace period Inode grace period /dev/sdb1 7days 7days
-
Edit the grace periods for the soft limits on the number of blocks and inodes, and save and close the file.
For more information, see the edquota(8)
manual page.
Displaying Disk Quotas
To display a user's disk usage:
sudo quota username
To display a group's disk usage:
sudo quota -g group
To display information about file systems where usage is over the quota limits:
sudo quota -q
Users can also use the quota command to display their own and their group's usage.
For more information, see the quota(1)
manual
page.
Enabling and Disabling Disk Quotas
To disable disk quotas for all users, groups on a specific file system:
sudo quotaoff -guv filesystem
To disable disk quotas for all users, groups, and file systems:
sudo quotaoff -aguv
To re-enable disk quotas for all users, groups, and file systems:
sudo quotaon -aguv
For more information, see the quotaon(1)
manual page.
Reporting on Disk Quota Usage
To display the disk quota usage for a file system:
sudo repquota filesystem
To display the disk quota usage for all file systems:
sudo repquota -a
For more information, see the repquota(8)
manual page.
Maintaining the Accuracy of Disk Quota Reporting
Uncontrolled system shutdowns can lead to inaccuracies in disk quota reports.
To rebuild the quota database for a file system:
-
Disable disk quotas for the file system:
sudo quotaoff -guv filesystem
-
Unmount the file system:
sudo umountfilesystem
-
Enter the following command to rebuild the quota databases:
sudo quotacheck -guv filesystem
-
Mount the file system:
sudo mount filesystem
-
Enable disk quotas for the file system:
sudo quotaoff -guv filesystem
For more information, see the quotacheck(8)
manual page.