Академический Документы
Профессиональный Документы
Культура Документы
Linux Filesystem
Management
Workbook 3. Linux Filesystem Management
Table of Contents
1. Disk Recognition and Partitioning .......................................................................................................6
Discussion ..........................................................................................................................................6
Disk Partitions ..........................................................................................................................6
Partitioning with fdisk..............................................................................................................9
Viewing Partitions in /proc/partitions...........................................................................18
Examples..........................................................................................................................................18
Partitioning a New Drive ........................................................................................................18
Online Exercises...............................................................................................................................21
Specification ...........................................................................................................................22
Deliverables ............................................................................................................................22
Questions..........................................................................................................................................22
2. Creating and Managing Filesystems ..................................................................................................26
Discussion ........................................................................................................................................26
Filesystems .............................................................................................................................26
Linux Filesystems...................................................................................................................27
Creating Filesystems ..............................................................................................................28
Creating ext2 Filesystems: mke2fs ........................................................................................28
Examining Filesystems with dumpe2fs.................................................................................30
Filesystem Features ................................................................................................................32
The ext3 Journaling Filesystem..............................................................................................33
Examples..........................................................................................................................................34
Creating an ext2 Filesystem ...................................................................................................34
Creating a vfat Filesystem ......................................................................................................36
Creating an ext3 Filesystem ...................................................................................................36
Online Exercises...............................................................................................................................37
Specification ...........................................................................................................................37
Deliverables ............................................................................................................................37
Questions..........................................................................................................................................38
3. Mounting Filesystems..........................................................................................................................42
Discussion ........................................................................................................................................42
Mounting Filesystems ............................................................................................................42
Mounting Filesystems with the mount Command.................................................................50
Unmounting Filesystems with the umount Command ..........................................................52
Remounting Partitions with mount -o remount....................................................................53
Examples..........................................................................................................................................53
Creating Mount Points............................................................................................................53
Online Exercises...............................................................................................................................54
Specification ...........................................................................................................................54
Deliverables ............................................................................................................................54
Questions..........................................................................................................................................55
iii
4. The /etc/fstab File...........................................................................................................................59
Discussion ........................................................................................................................................59
The /etc/fstab File Syntax................................................................................................59
Mount Options Relevant to the /etc/fstab File .................................................................60
Specifying Devices by Filesystem Label................................................................................61
Using Filesystem Labels on the Mount Command Line ........................................................61
Adding Lines to the /etc/fstab File ..................................................................................62
Examples..........................................................................................................................................62
Defining Mount Points in the /etc/fstab File....................................................................62
Online Exercises...............................................................................................................................64
Specification ...........................................................................................................................64
Deliverables ............................................................................................................................64
Questions..........................................................................................................................................64
5. Managing Swap Space.........................................................................................................................68
Discussion ........................................................................................................................................68
Swap Space.............................................................................................................................68
Monitoring Swap Partitions: /proc/swaps and /proc/meminfo ......................................68
Initializing Swap Space with mkswap...................................................................................69
Activating Swap Space with swapon .....................................................................................69
Deactivating Swap Areas with swapoff .................................................................................70
Predefining Swap Areas in the /etc/fstab File..................................................................70
Examples..........................................................................................................................................70
Initializing Swap Partitions ....................................................................................................70
Using Swap Files ....................................................................................................................71
Online Exercises...............................................................................................................................71
Specification ...........................................................................................................................72
Deliverables ............................................................................................................................72
Questions..........................................................................................................................................72
6. Miscellaneous Filesystem Management Commands ........................................................................75
Discussion ........................................................................................................................................75
The e2label Command ...........................................................................................................75
File System Repair with fsck .................................................................................................75
The tune2fs Command...........................................................................................................76
Review: Adding a New Disk ..................................................................................................77
Examples..........................................................................................................................................78
Converting an ext2 filesystem to ext3.....................................................................................78
Online Exercises...............................................................................................................................79
Specification ...........................................................................................................................79
Deliverables ............................................................................................................................79
Questions..........................................................................................................................................79
7. SELinux: Secure Linux .......................................................................................................................83
Discussion ........................................................................................................................................83
Introduction to SELinux ("Secure Linux").............................................................................83
The targeted SELinux Policy .................................................................................................84
Enabling SELinux: /etc/sysconfig/selinux, setenforce, and getenforce ...................84
Viewing SELinux contexts: ps -Z and ls -Z...........................................................................86
rha130-5.0-0-en-2007-12-13T13:35:30-0500
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat
iv
Academy. Any other use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated,
stored in a retrieval system, or otherwise duplicated whether in electronic or print format without prior written consent of Red Hat, Inc.
If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email training@redhat.com
or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Monitoring SELinux violations: sealert and /var/log/messages ....................................87
Changing the SELinux Context of a File: chcon ...................................................................88
Restoring the SELinux Context of a File: restorecon............................................................89
Managing SELinux Booleans: getsebool and setsebool........................................................89
Administering SELinux with system-config-selinux ............................................................90
Examples..........................................................................................................................................91
Changing the SELinux Context of a File ...............................................................................91
Online Exercises...............................................................................................................................93
Specification ...........................................................................................................................94
Deliverables ............................................................................................................................94
Clean Up .................................................................................................................................95
Questions..........................................................................................................................................95
rha130-5.0-0-en-2007-12-13T13:35:30-0500
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
v
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Key Concepts
• The fdisk utility is used to display and edit partition tables.
• Disks may have up to 4 primary partitions.
• One primary partition may be used a an extended partition.
• The extended partition is then used as a container for holding multiple logical partitions.
• Every partition has an associated label which identifies how the partition is intended to be used.
Discussion
The Linux Operating System treat disks as a large array of bytes, which can be divided and structured to
serve a variety of needs. This Workbook teaches the skills that allow administrators to configure and
structure disks to their needs.
Disk Partitions
Like most modern operating systems, Linux allows disks to be divided into multiple partitions, where
each partition is effectively treated as a separate disk. The process of creating partitions is referred to as
partitioning a disk.
6
Chapter 1. Disk Recognition and Partitioning
rha130-5.0-0-en-2007-12-13T13:35:30-0500 7
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
The above figure diagrams a disk partitioned using DOS partitioning, including the features outlined
below.
• Bootloader: On bootable disks, a low level executable referred to as a bootloader resides in the MBR.
When booting, BIOS passes control to the bootloader, which is then responsible for loading and
passing control to the appropriate operating system. The bootloader will be discussed in more detail in
a later Workbook.
• Partition Table: On every disk, 64 bytes of the Master Boot Record is reserved for the disk’s partition
table. This small amount of space records information for up to 4 partitions, referred to as primary
partitions. For each partition, a starting location, an ending location, and a partition type is recorded.
Primary Partitions
Each disk can be divided into up to four primary partitions, whose properties are recorded in the partition
table located in the MBR. Linux always uses partition numbers 1 through 4 to refer to primary partitions.
In the above diagram, the first primary partition, /dev/hda1, is a FAT filesystem for Windows operating
system. The second primary partition, /dev/hda2, is a swap partition which Linux uses to implement
virtual memory. The third partition, /dev/hda3, is an ext3 filesystem which contains a Linux /boot
partition.
Logical Partitions
Within the extended partition, multiple logical partitions may be created. The partitioning information
for logical partitions is maintained as a linked list, so in theory, there is no limit to the number of logical
partitions which may be created. In practice, device drivers impose limitations. There may be no more
than 63 IDE partitions, and no more than 15 SCSI partitions. Linux always begins counting the first
logical partition as partition number 5, even if not all 4 primary partitions are used.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 8
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
In the above figure, 4 logical partitions (/dev/hda5, /dev/hda6, /dev/hda7and /dev/hda8) contain
ext3 filesystems for the /, /home, /var, and pub partitions, respectively.
We now attempt to make sense of the reported structure of the first disk.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 9
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Column Function
rha130-5.0-0-en-2007-12-13T13:35:30-0500
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation 10
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Column Function
Device The device node which references the partition, commonly used as the
"name" of the partition.
Boot Identifies the "bootable" partition. On each disk, one of the primary
partitions may be labeled "bootable". Although not used by Linux (it is used
by the MS/DOS bootloader), fdisk does report and allow the user to set the
bootable partition.
Start and End The starting and ending cylinder of the partition.
Blocks The size of the partition, in "blocks" of 1024 bytes (i.e, 1k). Usually, this is
redundant (albeit convenient) information, as it can be calculated from
cylinder boundaries. For example, for the partition /dev/hda2, multiplying
the number of cylinders by the number of kilobytes per cylinder yields
20480040 exactly.
Sometimes, especially when examining disks partitioned by some utility
other than fdisk, cylinders do not fall exactly on cylinder boundaries. For
example, when performing similar math on the first partition (/dev/hda1),
the reported number of bytes is exactly 32 kilobytes short. In such
situations, fdisk flags the reported number of blocks with an appended “+”.
Partition Labels
As seen in the above table, the partition table includes a one byte identifier that is used to assign the
partition’s "Id" (sometimes referred to as the partition’s "type", or the partition’s "label"). The Id is used
to identify the role for the partition: is it to be used as swap space, an ext3 filesystem, a FAT filesystem,
part of Linux Volume Management, or an extended partition?
Many different operating systems follow the same partition Id naming conventions. The following table
lists partition types which occur commonly within Linux, in approximate order of how commonly they
occur.
Id Label Role
83 Linux A Linux ext2 or ext3 filesystem
82 Linux Swap A Linux swap (virtual memory) partition
8e Linux LVM A Linux logical volume management physical
volume
fd Linux raid auto A Linux software RAID partition
In Linux, partition Ids are often cosmetic. A partition labeled Linux may be initialized and used for swap
space, while a partition labeled Linux Swap may be used as an ext2 filesystem. Some Ids, however, are
significant to the Linux kernel (for instance, Linux raid auto), and many are significant to other operating
systems which might be sharing the same disk. Good practice suggests that each partition’s Id should
rha130-5.0-0-en-2007-12-13T13:35:30-0500 11
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
As fdisk starts, it issues a warning that the disk exceeds 1024 cylinders. Some older BIOS’s are limited
to only accessing the first 1024 cylinders, a topic covered in a later Workbook. Usually, this warning can
be safely ignored. Next, fdisk waits patiently to be told what to do next.
Note: One of the most common mistakes by new users is to invoke fdisk with the name of a
partition, instead of a disk . For example, fdisk /dev/hda3 would cause fdisk to exit with an error.
Partitions do not have partition tables to edit; disks do.
In interactive (editing) mode, fdisk expects to be driven with single letter commands. The command “m”
displays a list of possible commands.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 12
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Fortunately, most users can survive using a small subset of these commands.
Command Function
m list command (m)enu
p (p)rint partition table
n create (n)ew partition
d (d)elete partition
t change partition (t)ype (Id)
q (q)uit without saving changes
w (w)rite changes and exit
Often, a user’s first action is orient themselves by using the “p” command to print the current partition
table.
We see again the partition table for the disk /dev/hda, with three primary partitions and over 80
gigabytes of free space.
Adding a Partition
In our discussion, we assume that the administrator wants to create two new partitions. The first will be
used as a 512 megabyte swap space, and the second will be used as a 1024 megabyte ext3 filesystem.
The “n” command is used to create a new partition.
The next question depends on the state of the drive. If no extended partitions exist (our case), fdisk asks
if the new partition should be the extended partition, or a (normal) primary partition. If an extended
partition does exist, fdisk asks if the new partition should be logical or primary. If all primary partitions
are used, fdisk just doesn’t ask.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 13
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Because three primary partitions already exist, and our administrator wants to create 2 new partitions,
she must first create an extended partition to hold them. She answers “e”. Next, fdisk prompts for the
starting cylinder number for the partition. Our administrator just presses RETURN, accepting the
suggested default 3927 (the first available cylinder).
Selected partition 4
First cylinder (3927-15505, default 3927): RETURN
Four different formats can be used when specifying the ending cylinder.
Format Interpretation
n Use ending cylinder n.
+n Use starting cylinder incremented by n cylinders.
+n M Use starting cylinder incremented by n megabytes. (A trailing K implies
kilobytes).
RETURN Use the suggested default, which is chosen to make the resulting partition as
large as possible.
Because the extended partition is a primary partition, it will be the fourth (and thus last) primary partition
on the disk. Since any disk space not included in the extended partition will become inaccessible, there is
no reason not to use the suggested cylinder (which is the last cylinder on the disk).
Our administrator does so, and then prints the new partition table.
➊ The newly added extended partition, which spans the rest of the drive.
Happy with the results, she next proceeds to add a new 512 megabyte partition. Because all four primary
partitions are now used, fdisk does not prompt for the partition type. A logical partition is the only type
available.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 14
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
rha130-5.0-0-en-2007-12-13T13:35:30-0500 15
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
➊ The partition label, which was "Linux", has changed to "Linux swap".
rha130-5.0-0-en-2007-12-13T13:35:30-0500 16
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Deleting a Partition
Were the administrator to make a mistake, or needed to remove a partition to create more room, deleting
a partition is straightforward, and would look like the following.
1. If an extended partition is deleted, all logical partitions that it contains are deleted as well.
2. Because the partitioning information for logical partitions is maintained as a linked list, they must be
numbered consecutively. If partition number 5 of 7 is deleted, partitions 6 and 7 will become
partitions 5 and 6. (This is not the case for primary partitions.)
Exiting fdisk
When finished, there are two ways to exit fdisk. First, the “q” command can be used to "quit" fdisk,
abandoning any changes. The fdisk utility does not write any changes until specifically instructed to, so
users may safely quit at any time.
With the “w” command, fdisk will "write" changes and exit. This is the normal way to exit fdisk,
implementing any specified edits.
WARNING: Re-reading the partition table failed with error 16: Device or resource busy.
The kernel still uses the old table.
The new table will be used at the next reboot.
Syncing disks.
While exiting, fdisk warns that the changes will not take effect until the next reboot. This is a fib.
Rebooting will cause the change to take affect, but so will running a relatively newer called partprobe.
The administrator runs partprobe, so the kernel will reread the partition table and implement the
changes.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 17
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
3 0 117220824 hda
3 1 4082368 hda1
3 2 20480040 hda2
3 3 5118120 hda3
3 64 78150744 hdb
3 65 72261 hdb1
3 66 2096482 hdb2
3 67 8289540 hdb3
3 69 30724281 hdb5
3 70 8385898 hdb6
3 71 28579603 hdb7
Notice the prominence of the major and minor number of each partition (and disk) in the output. The
Linux kernel internally identifies a partition by the major and minor number associated with its device
driver, not by the name of the device node, a fact that is often observed in kernel level error messages.
Examples
Upon first booting the machine, after the new drive has been connected, prince skims the kernel boot
messages for evidence of the newly detected drive. Unfortunately, the kernel is too fast for his monitor,
which does not power up to full strength until after the messages have past.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 18
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Once the system has booted, prince skims the /var/log/dmesg file, where he finds the following lines.
...
hda: Maxtor 51536H2, ATA DISK drive
hdb: ST310212A, ATA DISK drive
blk: queue c03cdfe0, I/O limit 4095Mb (mask 0xffffffff)
blk: queue c03ce124, I/O limit 4095Mb (mask 0xffffffff)
hdc: LTN485, ATAPI CD/DVD-ROM drive
ide0 at 0x1f0-0x1f7,0x3f6 on irq 14
ide1 at 0x170-0x177,0x376 on irq 15
hda: attached ide-disk driver.
hda: host protected area => 1
hda: 29336832 sectors (15020 MB) w/2048KiB Cache, CHS=1940/240/63, UDMA(66)
hdb: attached ide-disk driver.
hdb: host protected area => 1
hdb: 20005650 sectors (10243 MB) w/512KiB Cache, CHS=1323/240/63, UDMA(66)
ide-floppy driver 0.99.newide
...
Convinced that his new drive is being detected correctly, he begins partitioning the drive with the fdisk
command. He first prints the partition table with the “p” command.
As expected, the partition table is empty. As he proceeds to add his first partition, the only really
interesting interaction is when he specifies the partition’s size, using +128M.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 19
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Because the partition is going to be used as swap space, prince changes the partition’s label to the
appropriate code for Linux Swap.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 20
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Although prince only wants to add one more partition now, he will leave unallocated space on the drive.
If he were to use his last primary partition for the filesystem, he would no longer be able to make an
extended partition, and the remaining space would be wasted. Instead, prince creates an extended
partition to span the rest of the drive, and then adds his new partition as a logical partition within it.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 21
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
Online Exercises
Lab Exercise
Objective: Use fdisk to add new partitions.
Estimated Time: 10 mins.
Specification
In this lab, you will add two small partitions to a disk on your computer.
1. Use the fdisk -l command to confirm that your machine has at least 256 megabytes of unallocated
space. If your machine has multiple hard drives, the space must exist all on one drive. Create the file
~/lab3.1/disk, which contains the name of the disk you will use for this lab, as an absolute
reference. For example, if the disk you will use is /dev/hda, the file should contain the single word
/dev/hda.
2. Use the fdisk command to edit the drive’s partition table. Note that you will have to use your root
account. Add two new partitions, each 128 megabytes in size (or nearly so). Set the partition Id of
the first newly added partition to Linux Swap. The partition Id of the second newly added partition
should remain Linux. The two new partitions should be the last two partitions on the drive. Exit
fdisk, saving changes.
3. If necessary, reboot your machine in order for the new partitions to be recognized by the kernel
before grading your lab.
Deliverables
1. The file ~/lab3.1/disk, which contains the name of the drive you used for this lab, as an absolute reference.
The drive name should be the only word in the file.
2. The next to the last partition on the specified drive should be (nearly) 128 megabytes in size, and have a
partition Id of Linux Swap.
3. The last partition on the specified drive should be (nearly) 128 megabytes in size, and have a partition Id of
Linux.
Questions
Use the output from the following command to answer the next question.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 22
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation of U.S.
and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print format without
prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email training@redhat.com or phone toll-
free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
8 0 8891650 sda
8 1 136521 sda1
8 2 3502170 sda2
8 3 2096482 sda3
8 5 2096451 sda5
1. Which of the following best explains why the partition sda4 is not listed in /proc/partitions?
( ) a. The partition has been initialized with a filesystem, but the filesystem is not mounted.
( ) b. The partition is being used as the extended partition, and therefore is not accessed directly.
( ) c. The partition has been initialized as swap space, but there has not yet been a high demand placed on
physical memory.
( ) d. The disk has not yet had a partition sda4 allocated.
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 23
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
5. Which of the following commands could be used to add the partition /dev/sda8?
( ) a. fdisk -a /dev/sda8
( ) b. fdisk /dev/sda8
( ) c. fdisk -l /dev/sda8
( ) d. fdisk --add /dev/sda8
( ) e. None of the above
6. Assuming that the system Id’s indicate the true use of the partitions, approximately how much partition space is
allocated to swap space?
( ) a. 128 megabytes
( ) b. 520 megabytes
( ) c. 8.4 gigabytes
( ) d. 5.5 megabytes
( ) e. Not enough information is provided
rha130-5.0-0-en-2007-12-13T13:35:30-0500 24
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 1. Disk Recognition and Partitioning
9. After editing the partition table with fdisk, what action must (usually) be taken for the kernel to recognize the new
partitions?
( ) a. The machine must be rebooted.
( ) b. The new partition should be added to /proc/partitions with a text editor.
( ) c. The partprobe command should be run.
( ) d. None of the above
( ) e. Either A or C
10. Which of the following fdisk commands is used to abandon all changes?
( ) a. a
( ) b. q
( ) c. x
( ) d. w
( ) e. z
rha130-5.0-0-en-2007-12-13T13:35:30-0500 25
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Key Concepts
• The mkfs command, and its filesystem specific friends, are used to create filesystems.
• The most common filesystem in Linux is the ext2 filesystem, and its close cousin, the ext3 filesystem.
• The ext3 filesystem is exactly like the ext2 filesystem, with the added feature of journaling.
• The dumpe2fs command can be used to examine ext2 and ext3 filesystems.
Discussion
Filesystems
At the lowest level, block device nodes allow disks and disk partitions to be accessed as if they were
simply an array of bytes (recall the Unix mantra, "everything is a file"). But when Linux users store
information on disks, they prefer to use the familiar constructs of files and directories. Somehow, this
array of bytes that is a disk partition must be made to act like the /home/elvis directory, and the files it
contains.
The Linux kernel implements a virtual filesystem layer, which dictates that everything that exists in a
directory tree, such as regular files, directories, device nodes, and symbolic links, must have a uniform
structure which consists of the following elements.
inodes
Inodes store all of the metadata associated with a file. A file’s metadata is all of the information
associated with a file, except for its name and its content. For example, a file’s ownerships,
permissions, and modify time are all stored in it’s inode. More than anything else, the inode
provides the identity of the file.
dentries
Dentries, whose name is a shortening of the term "Directory Entries", contain a file’s name and
location within the directory structure, and associate this identity with the file’s inode.
data
Lastly, every file has an array of bytes which constitute its content and are referenced by the file’s
inode.
The intermediate structure which occurs on a disk or disk partition that defines a particular chunk of
bytes as containing dentries, and another chunk of bytes as containing the inodes which the dentries
reference, and another chunk of bytes as containing the data which the inodes reference, is referred to as
26
Chapter 2. Creating and Managing Filesystems
a filesystem. In other operating systems, the act of initializing the filesystem on a particular partition is
referred to as formatting the partition. In Linux (and Unix), the act is usually simply referred to as
creating a filesystem.
Linux Filesystems
Filesystem design is a general problem in computer engineering, and much time and effort has been
devoted to designing filesystems which balance efficiency, robustness, capability, and simplicity
appropriately for a given situation. Because a filesystem must be closely coordinated with the operating
system that supports it, most operating systems only support one or two filesystems which are considered
"native" to that operating system.
In contrast, Linux supports a large number of filesystems, some of which are native to Linux, many of
which are shared with other operating systems. The following table contains a partial list of filesystems
supported by Linux.
Filesystem Comments
ext2 The ext2 ("extended 2") filesystem has been the native filesystem of Linux
during its rise in popularity from the mid 1990’s. The ext2 filesystem is the
model around which the virtual filesystem layer is designed, and natively
implements almost all of the features expected from a filesystem under
Linux.
ext3 The ext3 ("extended 3") filesystem, introduced around the year 2000, is an
extension of the ext2 filesystem that supports journaling. In every other way,
the ext3 filesystem is identical to the ext2 filesystem, and what is said about
one generally applies to the other. The ext3 filesystem is the default
filesystem in Red Hat Enterprise Linux.
msdos The msdos filesystem is the FAT filesystem used by DOS and Windows. It
does not support many advanced features, such as file ownerships and
permissions, and file names consist of at most 8 characters with a 3 character
extension.
vfat The vfat filesystem is an extension of the msdos filesystem that allows long
filenames.
nfs The nfs "network filesystem" is used to share directories between Linux (and
Unix) machines. One machine exports part of its directory structure over the
network, which another machine may import into its local directory structure
at the filesystem level.
smbfs The smbfs filesystem is used to share directories between Linux (and Unix)
and Windows machines. Using smbfs, a Linux machine can incorporate an
exported Windows share into its local directory structure.
iso9660 The iso9660 filesystem is a read-only filesystem commonly used on compact
disks.
rha130-5.0-0-en-2007-12-13T13:35:30-0500
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation 27
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Filesystem Comments
proc The proc filesystem is a virtual filesystem that resides entirely within the
kernel (i.e., there is no hard disk associated with the filesystem).
reiserfs The reiserfs is an alternate journaling filesystem native to Linux and
supported by Red Hat Enterprise Linux.
jfs The jfs "journaling filesystem" is a mature journaling filesystem with many
enterprise features native to IBM machines. The jfs filesystem has been
recently open sourced and ported to Linux, and is supported by Red Hat
Enterprise Linux.
More could be added to the table, but hopefully the point has been made that Linux features support for a
wide variety of filesystems. The curious should start with the fs(5) man page for more information. We
will discuss the ext2/ext3 filesystem in some detail, and acquaint ourselves with a few others from the
table as well.
Creating Filesystems
Before a block device can be used to store files, it must be initialized with a filesystem. In Red Hat
Linux, some variant of the mkfs command is used to create filesystems. These commands tend to reside
in the /sbin directory.
The mkfs command is a front-end command that expects to be called with the -t command line switch,
whose argument is the filesystem type to create. The other listed commands, which start mkfs., are
filesystem specific variants for particular filesystems. For example, mkfs -t ext2 and mkfs.ext2 are
equivalent commands.
Initializing a partition can be as easy as the following.
All versions of the mkfs commands expect some optional, filesystem specific command line switches,
and a required first argument which is the file (partition) to structure. An optional, seldom used second
argument may also be used, which specifies the size of the filesystem in blocks. The second argument is
seldom used because, by default, the filesystem will fill the entire specified partition or disk. While
anyone has permissions to execute the mkfs commands, in practice, only root has permissions to write to
the block device nodes that are being initialized.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 28
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Switch Effect
-b blocksize Specify the filesystem blocksize in bytes, where blocksize may be one of
1024, 2048, or 4096.
-c Check for bad block while creating the filesystem.
-i density Specify an inode density of density bytes per inode.
-L label Set the volume label of the filesystem to label.
-m n Set the reserved block percentage to n.
-N number Directly specify the number of inodes.
-j Create a filesystem journal
The command line switches introduce some filesystem concepts which are addressed below.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 29
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
As a general rule, the larger the filesystem, the larger the appropriate block size. By default, the mke2fs
chooses a block size of either 1k or 4k, depending on the size of the filesystem being created.
• When a filesystem is expected to contain a large number of small files, the number of inodes may need
to be increased, or the filesystem may run out.
• When the filesystem is expected to contain a small number of large files, the excess amount of space
devoted to unused inodes takes away from space that could potentially be used for storing data. As a
result, the number of inodes may want to be decreased.
There are two ways to specify the number of inodes. The -N command line switch can be used to specify
an absolute number of inodes. For situations where a statement such as "This filesystem will never
contain more than 18,112 files." can be made, this switch is appropriate. In contrast, the -i command line
switch is used to specify an inode density, in bytes per inode. When constructing the filesystem, the
mke2fs command will divide the total size of the filesystem by the density (or, more exactly, the
inverse-density) to determine the number of inodes. For situations where statements such as "I expect my
average file size to be 180 kilobytes" can be made, this is the appropriate switch.
Reserved Blocks
By default, the ext2 filesystem reserves 5% of its space for the root user. This feature attempts to provide
the administrator a little bit of wiggle room if a user on the system accidentally (or intentionally) fills the
entire filesystem. The -m command line switch allows the percentage of blocks to reserve to be specified.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 30
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
As the filesystem is being created, the mke2fs command displays details about the new filesystem,
including the following.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 31
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
➊ The filesystem label. Unlike many versions of Linux, Red Hat Enterprise Linux makes functional
use of the volume label. For reasons we will see, Anaconda initializes volume labels with the
intended mount point of the filesystem. The label can later be changed with the e2label command.
➋ The ext2 filesystem can have several features enabled, which would be listed here.
➌ The Anaconda installer embeds the acl mount option into the filesystem superblock, so that Red Hat
Enterprise Linux filesystems (which were created at install time) support access control lists by
default. Access control lists will be covered in more detail in a later lesson.
➍ The number of inodes in the filesystem.
➎ The number of blocks in the filesystem. Dividing this value by the number of inodes (found on the
previous line), we find that by default, the mke2fs command included one inode for every four
blocks.
➏ The blocksize, in this case 1024 bytes ("1k"). Because the partition was relatively small (126960
blocks at "1k" each = about 127 megabytes), the mke2fs command chose the smaller block size.
➐ Lastly, the mke2fs command generates an accounting of free blocks and other information for each
of several block groups. The role of block groups in the ext2 filesystem structure is beyond the scope
of this discussion.
More detailed information about the design of the ext2 filesystem can be found at
http://e2fsprogs.sourceforge.net.
Filesystem Features
We now use the dumpe2fs command to examine a currently mounted /dev/hda3 partition.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 32
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
needs_recovery
Recall from the previous Workbook that the kernel buffers all I/O activity associated with block devices.
While this provides a wonderful boost to performance, if the kernel were to shutdown for some reason
before committing any pending writes from its in memory cache, the internal information of the
filesystem (i.e., which blocks are being used for what purpose) could be left in an inconsistent state.
When a filesystem is mounted (i.e., used. More on this in the next Lesson), its needs_recovery flag is set.
If the filesystem is unmounted through normal techniques, as when the system is shut down from the
command line, the kernel has an opportunity to flush its pending writes to disk, and the needs_recovery
flag is removed. If the filesystem is not cleanly unmounted, however, as when the system loses power or
is switched off without being shut down, the needs_recovery flag never gets cleared. When next used
(upon next boot, for example), the needs_recovery flag will be discovered, and maintenance will be
performed on the filesystem.
has_journal
The mke2fs command subtly mentions that this ext2 filesystem has an associated journal. Earlier, we
stated that the ext3 filesystem is just an ext2 filesystem with a journal. What are we left to conclude? We
are using the dumpe2fs command to examine what is really an ext3 filesystem! Again, the ext3
filesystem is just an ext2 filesystem with the added "feature" of a journal.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 33
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Journaling Filesystems
What is the importance of a journaling filesystem? A journaling filesystem maintains a log of all of its
pending transactions, through a process commonly referred to as a "two phase commit". When writing
information to disk, a journaling filesystem takes an approach similar to the following.
1. The filesystem writes to the journal the details about the transaction it is about to perform.
2. The filesystem performs the transaction.
3. Upon successful completion, the filesystem removes the details about the transaction from the
journal.
What is gained by this extra work? Just as the captain’s log is used tell rescuers what was happening on
the ship when disaster struck, the filesystem’s journal tells filesystem repair utilities what the filesystem
was up to when a filesystem crash occurs.
When repairing an ext2 filesystem, which does not maintain a journal, the filesystem repair utility must
examine the entire filesystem, searching for any internal structuring information which is in an
inconsistent state. For even a moderately large filesystem (40 gigabytes, for example), this process can
take several minutes.
In contrast, when repairing an ext3 filesystem, the repair utility needs only to focus on the journal of
pending transactions. The repair utility can then reset the internal filesystem structures associated with
these transactions to a consistent state, and assume the rest of the filesystem is healthy. The presence of a
journal to guide the repair utility dramatically reduces the amount of time needed to begin reusing a
crashed filesystem.
Examples
rha130-5.0-0-en-2007-12-13T13:35:30-0500 34
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
• He knows that he is going to be using the filesystem for storing images, so he decides to give the
filesystem the label pics.
• As he is the only user that will routinely be using the partition, he decides not to waste space reserving
blocks for the root user, and sets the reserved block percentage to 0.
• Because he expecting to store relatively few large files, he decides to force the blocksize to 4096 bytes.
• To be safe, he has the mke2fs command check for bad blocks before creating the filesystem.
Composing the appropriate command line switches, he runs the the mke2fs command on the partition.
In order to confirm that the filesystem was created "to spec", he turn right around and runs the dumpe2fs
command, whose output is excerpted below.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 35
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Seeing no information returned from the command, an knowing no analogue to the dumpe2fs command
for the vfat filesystem, prince assumes all went well and moves along.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 36
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Seeing some signs that the journal was created, prince is satisfied that the filesystem is an ext3 filesystem.
Online Exercises
Lab Exercise
Objective: Create a new ext2 partition.
Estimated Time: 10 mins.
Specification
This lab exercise will continue to use the partition created in the previous lab exercise. Ensure that the
file ~/lab3.1/disk still exists, and that it still references the correct drive.
Create an ext2 filesystem on the last partition created in the previous exercise. The filesystem should
meet the following criteria.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 37
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
Deliverables
1. The last partition on the drive specified in the file ~/lab3.1/disk should be formatted with an ext2 filesystem,
whose label is lab3.2, has a blocksize of 2048 bytes, and has (very close to) 24,000 inodes.
Questions
3. Which of the following command lines could be used to create an ext2 filesystem with a blocksize of 2048 bytes?
( ) a. mke2fs -b 2048 /dev/hda4
( ) b. mke2fs /dev/hda4
( ) c. mke2fs -b2k /dev/hda4
( ) d. mke2fs -b2 /dev/hda4
( ) e. A and B
rha130-5.0-0-en-2007-12-13T13:35:30-0500 38
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation of U.S.
and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print format without
prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email training@redhat.com or phone toll-
free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
4. Which of the following command lines could have created this filesystem? (Assume that the filesystem has not
been modified with tune2fs since it was created.)
( ) a. mke2fs -L /home -b 2048 /dev/hdb5
( ) b. mkfs.ext3 -b 2048 /dev/hdb5
( ) c. mkfs -t ext2 -b 4096 /dev/hdb5
( ) d. mke2fs -j -L /home -b 4096 -N 3842720 /dev/hdb5
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 39
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
5. When creating this filesystem, which of the following would be the appropriate argument to the -i command line
switch to the mke2fs command to generate the appropriate number of inodes?
( ) a. -i 2
( ) b. -i 4096
( ) c. -i 8192
( ) d. -i 4
( ) e. None of the above
6. When formatting a floppy with the mke2fs command, why might one be tempted to include the -m 0 command
line switch?
( ) a. Because journaling would be too slow on a floppy, this command line switch would disable journaling.
( ) b. The command line switch would prevent any blocks being reserved for only the root user.
( ) c. The command line switch would set the number of inodes to 0, which is appropriate for temporary media
such as floppies.
( ) d. The command line switch would cause the floppy to be overwritten with binary 0’s before the filesystem is
constructed, wiping clean any previous data.
( ) e. None of the above
7. Which of the following command lines would create a filesystem with a volume label of data?
( ) a. mkfse2 -l data /dev/hda1
( ) b. mkfs.ext2 --label=data /dev/hda1
( ) c. mkfs.ext2 -m data /dev/hda1
( ) d. mkfs -t ext2 -L data /dev/hda1
( ) e. None of the above
8. Which of the following command lines would create an ext3 filesystem with a block size of 4096?
( ) a. mke2fs --journal --block=4096 /dev/hda1
( ) b. mkfs.ext3 -b 4k /dev/hda1
( ) c. mkfs -t ext2 -j -b4 /dev/hda1
( ) d. mkfs -t ext3 --block=4k /dev/hda1
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 40
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 2. Creating and Managing Filesystems
9. Which of the following command line switches causes the mke2fs command to check the disk for bad blocks
before creating a filesystem?
( ) a. -L
( ) b. -c
( ) c. -b
( ) d. -s
( ) e. None of the above
10. Your friend has just run the dumpe2fs command on his /home filesystem, and noticed that the flag
needs_recovery was set. What advice would you give him?
( ) a. He should reboot his machine immediately.
( ) b. When convenient, he should unmount the partition, and perform filesystem maintenance.
( ) c. He should not be concerned, as the flag is always set on mounted filesystems.
( ) d. He should not be concerned, as the Linux kernel automatically runs a filesystem recovery algorithm every
10 minutes.
( ) e. You do not believe him, and suspect he ran the dumpe2fs command on a partition that does not contain an
ext2 filesystem.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 41
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
Key Concepts
• The mount command is used to attach the root directories of filesystems to already existing directories
in the directory tree.
• The pre-existing directory is referred to as the mount point of the mount.
• The umount command is used to detach filesystems (which are not busy) from the directory tree.
• Various mount options can be used to qualify the capabilities of mounted filesystems.
• The remount mount option can be used to associate new options with already existing mounts.
Discussion
Mounting Filesystems
In Linux (and Unix), filesystems are gracefully combined into a single directory tree through a concept
called mounting. Every filesystem provides a root directory which servers as the base of the filesystem.
When a filesystem is mounted, its root directory is bound to an already existing directory in the system’s
directory tree, referred to as the mount point for the filesystem. Whenever the mount point is referenced,
the root directory of the mounted filesystem is presented instead.
As we elaborate on the concept of mounting, we will continue to use the IDE drive introduced in our
partitioning discussion.
42
Chapter 3. Mounting Filesystems
rha130-5.0-0-en-2007-12-13T13:35:30-0500 43
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
rha130-5.0-0-en-2007-12-13T13:35:30-0500 44
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
rha130-5.0-0-en-2007-12-13T13:35:30-0500 45
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
This filesystem contains a root directory and commonly recognized subdirectories such as /etc, /home,
and /boot. If desired, the root partition could serve as a machine’s only filesystem. The directories
above would contain subdirectories, and those subdirectories would in turn contain subdirectories, so
that every file on the system is stored in this single filesystem. For simple workstations, this may well be
the appropriate design.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 46
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
The filesystem has its own root directory, and subdirectories such as /blondie, /elvis, etc. When
mounted to the /home directory, the mount point /home becomes bound to the root directory of the
/dev/hda6 filesystem.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 47
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
rha130-5.0-0-en-2007-12-13T13:35:30-0500 48
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
Once mounted, all subsequent references to the /home directory no longer see the contents of the /home
directory on the partition /dev/hda5, but instead the root directory of the partition /dev/hda6. To the
end user, the effect is seamless. When the user asks for a ls of /home he sees the directories elvis,
madonna, etc.
The process can be continued as often as desired. The following diagram reflects the fully assembled
directory tree for the IDE drive above, with the /dev/hda6 filesystem mounted to /home, the
/dev/hda7 filesystem mounted to /var, and the /dev/hda8 filesystem mounted to /var/ftp/pub.
All filenames are listed relative to the root directory of the filesystem which contains them.
Often, the end user, who might ask for an md5sum of the file /var/ftp/pub/images/bootdisk.img,
does not realize that her absolute reference traverses three different partitions.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 49
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy.
Any other use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or
otherwise duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being
used, copied, or otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
Note: In the diagram of the IDE drive, and in our discussion, the partition /dev/hda6 has been
referred to as the "/home" partition. The fact that the directory /home does not exist in the /dev/hda6
filesystem should be emphasized. The filesystem is only referred to as the /home partition because it
is intended to be mounted on the /home directory. It could just as easily be mounted to the /etc
directory, resulting in a directory tree which contains the directories /etc/blondie, /etc/elvis, etc.
(This is possible, not desirable.)
Each execution of the mount command must somehow resolve the following four questions.
1. What device is being mounted? The first argument specifies the name of a block device to be
mounted.
2. What filesystem is the device formatted with? The filesystem can be specified with the -t command
line switch.
3. Where should the device be mounted? The second argument specifies the already existing directory
which should serve as the mount point for the filesystem.
4. Are there any options which should be associated with the mounted filesystem? Mount options are
generally specified with the -o command line switch. In the above example, the mounted filesystem
will not record file access times, and will not interpret any files as commands to be executed.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 50
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
When mounting one of these filesystem types, the filesystem does not need to be specified manually.
Mount Options
The Linux kernel supports the following mount options, which by design are generic to any filesystem. In
practice, some filesystems silently ignore some of the options. Most mount options are implemented as
complementary choices, such as exec and noexec. Such binary options are coupled in the following table.
Option Effect
ro, rw The ro option specifies that the filesystem should be mounted read only. Internal
filesystem parameters (such as the mount count, or last mount time) are not
modified as well. The default is rw.
(a)sync The sync option specifies that all transactions should occur synchronously, i.e.,
writes should bypass the kernel cache. While this option provides better integrity
(transactions are written to disk immediately), it can significantly degrade overall
system performance. The default is async. This option is currently only supported
by the ext2/ext3 and ufs filesystems.
(no)atime The noatime option specifies that file access times should not be maintained.
When access times are recorded, every read effectively becomes a write (because
the inode’s atime requires updating). If access times are not considered important,
system performance can be improved by ignoring them. Also useful on laptops,
this option can prevent the drive from "spinning up" unnecessarily. The default is
atime.
(no)dev The nodev option specifies that no files within the filesystem should be
interpreted as device nodes. The default is dev.
(no)exec The noexec option specifies that no files within the filesystem should be
interpreted as executable commands. The default is exec.
(no)suid The nosuid option specifies that the suid permission bit should not be honored on
any files within the filesystem. The suid bit allows scripts to elevate privileges
upon execution, and is commonly used to implement trap doors on compromised
systems. The default is suid.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 51
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
In addition, most filesystems support mount options specific to that filesystem. Consult the mount(8)
man page for details.
In practice, the default options are generally appropriate, and the mount command is often called with
only two arguments, as in the following.
While simple in concept, one complication often serves to frustrate attempts to unmount devices:
The umount command will only unmount filesystems which are not "busy". A filesystem is considered
busy if any process has an open file in the filesystem, or any process has a directory within the filesystem
as its current working directory. Before the filesystem can be unmounted, the process which is busying it
must be tracked down and killed (or convinced to release the files and/or directories to which it is laying
claim).
In this case, process id 1912 has a current working directory within the specified filesystem. Observation
of the bash prompt implies that the id probably belongs to the shell itself. Changing directories "out of"
the /home partition, the device can be unmounted.
[root@station home]# cd
[root@station root]# umount /home/
The lsof command (for "list open files") provides an alternative to fuser. When invoked on a directory
serving as amount point, lsof lists every currently open file within the filesystem.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 52
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
The lsof command is very versatile and is a good tool to have at your disposal, but at this point we
merely mention this one use.
Examples
Next, he mount his new partitions, one by one. Because he is using standard filesystem types, he does not
need to specify filesystem types to the mount command.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 53
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
After performing the mount, price decides he would like to protect the vfat filesystem until he can
confirm that it looks good after rebooting into Windows XP. He decides to add the ro mount option.
Online Exercises
Lab Exercise
Objective: Mount an ext2 filesystem to the specified directory, with appropriate
mount options.
Estimated Time: 10 mins.
Specification
This lab exercise will continue to use the filesystem created in the previous lab exercise. Ensure that the
file ~/lab3.1/disk still exists, and that it still references the correct drive. The last partition of the
drive should have a properly formatted ext2 filesystem.
1. Create the directory /lab3, which will serve as a mount point for your partition.
2. Mount the last partition on the specified drive to the /lab3 directory, with the noexec and noatime
mount options.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 54
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or
print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
Deliverables
1. The last partition on the drive specified in the file ~/lab3.1/disk should be mounted to the directory /lab3,
with the noexec and noatime options.
Questions
2. Which of the following command lines would mount the device /dev/hda3, formatted with the vfat filesystem,
to the mount point /dosc?
( ) a. mount -o vfat -d /dev/hda3 /dosc
( ) b. mount -t vfat /dev/hda3 /dosc
( ) c. mount -t vfat -o /dosc /dev/hda3
( ) d. mount -o vfat /dosc /dev/hda3
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 55
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation of U.S.
and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print format without
prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email training@redhat.com or phone toll-
free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
6. When accessing the file /var/www/html/index.html, how many partitions does the kernel involve?
( ) a. 1
( ) b. 3
( ) c. 0
( ) d. 2
( ) e. Not enough information is provided
rha130-5.0-0-en-2007-12-13T13:35:30-0500 56
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
7. Which is the most likely reason the /mnt/floppy device was considered busy?
( ) a. The kernel had not yet finished writing the file september.txt.
( ) b. Although the kernel had finished writing the file september.txt, the writes had not yet been committed
to disk.
( ) c. The filesystem on the /mnt/floppy device has become corrupted.
( ) d. The bash shell’s current working directory is /mnt/floppy.
( ) e. None of the above
8. Which of the following commands would resolve the problem, so that if it were immediately followed by the
same umount command listed above, the unmount would succeed?
( ) a. fuser -m /mnt/floppy
( ) b. fsck -m /mnt/floppy
( ) c. sync
( ) d. cd
( ) e. None of the above
9. Which of the following command lines would add the noatime option to an already mounted /home partition?
( ) a. mount -o noatime /dev/hda4 /home
( ) b. mount -a noatime /dev/hda4 /home
( ) c. mount -remount -o noatime /dev/hda4 /home
( ) d. mount -o remount,noatime /dev/hda4 /home
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 57
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 3. Mounting Filesystems
10. Which of the following command lines could be used to unmount the /home partition?
( ) a. unmount /home
( ) b. umount -t ext3
( ) c. umount /dev/hdb5
( ) d. unmount -a
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 58
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
Key Concepts
• The /etc/fstab file can be used to predefine mount points.
• When the mount command is called with only half of the information it needs, it consults the
/etc/fstab for the rest.
• The mount -a command attempts to mount (almost) every predefined mount point listed in the
/etc/fstab file.
• In the /etc/fstab file, devices may either be referenced by name, or by filesystem label.
Discussion
In the previous Lesson, the mount command was introduced requiring two arguments: the device to
mount, and the mount point to which to mount it. Often, however, shortcuts are taken with the mount
command, as in the following 3 examples.
Whenever the mount command is called without enough information, it looks to a "filesystem table" to
provide more: the /etc/fstab file.
Each column of the file is separated by some combination of white space (generally, spaces and/or tabs).
Each row defines a mount, with the first four column directly answering the four questions associated
59
Chapter 4. The /etc/fstab File
with each mount posed in the previous lesson: what, where, with which filesystem, and how. The latter
two columns are more subtle, and are described in the table below.
Whenever the mount command is called with just a mount point, or just a device, as its lone argument, it
looks for a matching line within the /etc/fstab file to supply the remaining information. Examples of
successful commands have been given above. Notice the reference to the /etc/fstab file when the
following unsuccessful mount command complains.
The mount -a command specifies to mount "all". The command reads the /etc/fstab line by line, and
performs all appropriate mounts. The mount -a command is executed as part of the system startup.
Option Effect
defaults Use default options: rw, suid, dev, exec, auto, nouser, and async. (The word
defaults has the same effect as specifying no options, but something must hold the
place of the fourth column in the /etc/fstab file.)
rha130-5.0-0-en-2007-12-13T13:35:30-0500
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation 60
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
Option Effect
(no)auto The noauto option specifies that the partition should not be mounted when
executing mount -a. This option is generally used on lines defining mount points
for temporary media, such as floppies, CD-ROM’s, and USB drives.
user By default, only root may perform mounts. The user option specifies that anyone
should be able to perform the predefined mount.
When discussing the mke2fs command, we mentioned that Red Hat Enterprise Linux makes functional
use of a filesystem labels. This is it. Rather than specifying a device directly, the device can be specified
by filesystem label. Think of the second line as saying, "Examine all known filesystems, and mount the
one labeled "/home" to the /home directory.
By convention, Anaconda (the Red Hat Enterprise Linux Installer) labels filesystems by their intended
mount point. This way, the filesystem internally "knows" where it is intended to be mounted. As the
fourth line above implies, however, this is merely convention. Any label will suffice.
Why does Red Hat Enterprise Linux add this extra level of indirection, with its associated complexity?
Because device names can be fickle. There are two situations that can lead to devices shifting identities.
1. Deleting Logical Partitions: Recall that logical partitions are maintained as a linked list, and if
logical partition /dev/hda6 were to be deleted, logical partitions /dev/hda7 and /dev/hda8
would shift to /dev/hda6 and /dev/hda7.
2. Adding (or Removing) SCSI Drives: When a SCSI drive is added or removed from the system,
SCSI drives can shift identities. What was /dev/sdb on a previous boot might become /dev/sdc.
In the latter case, a move as innocently intentioned as adding a SCSI disk to the system could throw a
traditional /etc/fstab file out of whack, potentially leaving the system unbootable. Identifying
filesystems by filesystem label rather than device names protects against such unfortunate events.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 61
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
Similarly, devices can be identified on the mount command line (and the /etc/fstab file) by their
"UUID" (Universal Unique Identifier). Refer to the mount(8) and fstab(5) man pages for more
information.
• A /etc/fstab line defines a "place" for the filesystem. While the filesystem could be mounted at any
time to any directory, defining a default mount point has the effect of giving the files a home in the
directory tree.
• The mount becomes part of system bootup process. Unless the noauto option is added, the mount will
occur automatically as the system boots.
• Users other than root can perform the mount. By default, only root may perform a mount. If the user
or owner option is specified in the /etc/fstab file, however, this privilege may be bestowed to other
users.
In principle, adding a line to the /etc/fstab file is easy, and may be performed with any text editor.
Care must be taken, however, not to mangle the syntax of the file. Because of the mount -a command,
the /etc/fstab file plays a fundamental role in the system’s bootup process. A mangled or
mis-specified /etc/fstab file can leave the system unbootable. When editing the /etc/fstab file,
text editors (or word processors) that implement "word wrapping" should be avoided like the plague.
Examples
rha130-5.0-0-en-2007-12-13T13:35:30-0500 62
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
He decides that the line specifying the /boot partition looks as good as any. Before proceeding, he
makes a backup of the /etc/fstab file, just in case.
Because he did not give his vfat filesystem a volume label, he must refer to it by device name.
Fortunately, it is an IDE drive and a primary partition, so it should be safe. He saves the file and quits the
editor.
Lastly, he tests out his configuration by first unmounting his partitions, and then simulating a system
startup by running the mount -a command.
Realizing his mistake, he corrects the /etc/fstab file (replacing LABEL=/ogg with LABEL=ogg), and
tries again.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 63
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
Online Exercises
Lab Exercise
Objective: Create a /etc/fstab entry which correctly defines a mount point for
your drive.
Estimated Time: 10 mins.
Specification
This exercise will continue to use the filesystem created and mounted in the previous 2 exercises. Ensure
that the file ~/lab3.1/disk still exists, and that it still references the correct drive. The last partition of
the drive should have a properly formatted ext2 filesystem.
1. Add a line to your /etc/fstab file which defines the mount performed in the last lab. To recap, the
last partition of the specified drive should be mounted to the directory /lab3, with the noatime and
noexec options.
2. The line should refer to your partition not by device name, but by filesystem label.
3. Add the appropriate customization so that your filesystem is not mounted by default on system
boots.
4. Configure the line appropriately so that the filesystem would not be archived by the dump command.
5. Unmount the partition before grading your exercise.
Deliverables
1. A properly configured /etc/fstab file which mounts the last partition on the specified drive to the directory
/lab3 with the noexec and noatime options. The partition should not be mounted automatically on system
boots, and should not be included in archives created by the dump command. The partition should be
referenced by filesystem label.
2. The partition should not be currently mounted.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 64
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation of U.S.
and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print format without
prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email training@redhat.com or phone toll-
free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
Questions
Use the following transcript to answer the next 5 questions.
1. Which of the following mount points would not be used by a mount -a command?
( ) a. /var/ftp/pub
( ) b. /dev/pts
( ) c. /home
( ) d. /dos
( ) e. All of the above mount points would be used.
2. Which of the following command lines would attempt to mount the /dev/hda5 partition?
( ) a. mount /dev/hda5
( ) b. mount /dos
( ) c. mount /dev/hda5 /mnt/dos
( ) d. All of the above
( ) e. A and B only
3. Which of the following command lines would attempt to mount a filesystem to the /mnt/boot directory?
( ) a. mount -a
( ) b. mount /boot
( ) c. mount -L /boot
( ) d. A and C
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 65
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a
violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in
electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
4. What is the most likely reason that the third column of the last line contains the word auto?
( ) a. Because a FAT or ext2 or otherwise formatted floppy could be inserted into the drive, the filesystem type
should be probed for each mount.
( ) b. When a floppy is inserted into the drive, the filesystem should be automatically mounted.
( ) c. Upon bootup, the system should attempt to mount the floppy automatically.
( ) d. The auto filesystem is the most common filesystem used on floppy drives.
( ) e. None of the above adequately explain the configuration.
7. What command could be used to create the label referred to by the LABEL= syntax in the /etc/fstab file?
( ) a. mke2fs
( ) b. fdisk
( ) c. mount
( ) d. fuser
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 66
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation of U.S.
and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print format without
prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email training@redhat.com or phone toll-
free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 4. The /etc/fstab File
8. What is suspicious about the first column of this file, which leads you to believe that there must be some mistake?
( ) a. A logical partition is being used as the root partition, which is not allowed.
( ) b. A device of type "none" is being mounted to the /proc partition, which makes no sense.
( ) c. All of the partitions are being mounted from a single drive.
( ) d. There is a jump from 4 to 6 in the listed partitions, with no mention of partition number 5.
( ) e. The file implies that all 4 primary partitions contain a filesystem, but a logical partition exists as well.
9. What is suspicious about the second column of this file, which leads you to believe that there must be some
mistake?
( ) a. Partitions are configured to be mounted to both /var/data and /var, but partitions may only be mounted
to directories contained by the root partition.
( ) b. The mount point tmp is specified as a relative reference.
( ) c. Filesystems are configured to be mounted to directories in the /dev directory, but the /dev directory may
only contain device nodes.
( ) d. A partition is configured to be mounted to /, but only the kernel may mount the root partition.
( ) e. A filesystem is configured to be mounted to /proc, but the kernel automatically mounts /proc as part of
its bootup process.
10. What is suspicious about the last column of this file, which leads you to believe that there must be some mistake?
( ) a. The column contains the value 0, when only the values greater than 0 are allowed.
( ) b. The column contains multiple entries for the value "2", which will result in an error when the fsck
command tries to decide which to check first.
( ) c. The column contains the value "2", when only the values 1 and 0 are meaningful.
( ) d. The last column only exists for legacy reasons, so the fact that it contains non-zero values is suspect.
( ) e. The column contains multiple entries for the value "1", when the value 1 is only supposed to be used for
the root partition.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 67
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 5. Managing Swap Space
Key Concepts
• Partitions and Files may be used as Swap Space to extend a system’s apparent memory.
• Swap areas must be initialized with the mkswap command.
• Swap areas are activated with the swapon command, and deactivated with the complementary
swapoff command.
• Swap areas may be listed in the /etc/fstab file in order to be activated automatically at system
startup.
Discussion
Swap Space
Linux allows block devices to be used to extend the system’s physical memory. In other operating
systems, disk space used for such a purpose is often referred to as "virtual memory". In Linux (and
Unix), it is referred to as swap space, and the act of using the disk based memory is referred to as
swapping out memory to disk.
In Linux, swap space may be allocated either as an entire partition or as a file in an already existing (and
mounted) filesystem. The former is the more common, but can be more difficult to set up once the system
is installed. The latter is less efficient, but can be quickly put into place if some upcoming operation is
going to require large amounts of memory.
Disk based memory is dramatically slower to access than RAM. As a result, swap space is generally used
to overcome temporary peak memory demands, and not as a general replacement for physical memory. If
a system is consistently using large amounts of swap space, more physical memory would greatly
improve its performance.
Users new to Linux are sometimes surprised to discover that, even when not running processes
demanding large amounts of memory, the Linux kernel uses swap space. Recall that the Linux kernel
primarily uses memory for two purposes: process memory, and caching I/O operations. Sometimes, the
kernel will sacrifice seldom used process memory for the sake of increasing the size of the I/O cache,
"swapping out" portions of seldom used processes in an attempt to improve overall system performance.
The fact that the Linux kernel is using a little bit of swap space does not necessarily imply that more
physical memory is required.
In a similar vein, even systems with large amounts of physical memory should provide some amount of
swap space. The Linux kernel prefers to have the option of swapping memory to disk available as it
develops its memory optimization strategies. Systems which do not provide swap space are officially
considered an unsupported configuration by Red Hat.
68
Chapter 5. Managing Swap Space
The already familiar proc filesystem file /proc/meminfo lists the total amount of currently allocated
swap space, along with physical memory statistics.
Like creating a filesystem, initializing swap space with the mkswap command is a one time action.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 69
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 5. Managing Swap Space
The swapon command also allows priorities to be set with the -p command line switch. Swap areas with
higher priorities will be used before swap areas with lower priorities. See the swapon(2) man page for
details.
Examples
Next, he activates the swap space with the swapon command, and confirms that it activated properly by
examining /proc/swaps.
In order to activate the swap partition automatically at system bootup, he adds a line to the /etc/fstab
file. Following the same technique used with his filesystems, he finds a similar line and duplicates it.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 70
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 5. Managing Swap Space
Now, by editing a single word, his new swap partition is incorporated into the bootup process.
After creating the file, she treats it as if it were a partition, first initializing it for use as swap space, and
then activating the file.
She then performs her compilation. When finished, she cleans up by first deactivating the swap space,
and the removing the file.
Online Exercises
Lab Exercise
Objective: Initialize a swap partition, and configure your /etc/fstab file so that
the partition is activated automatically at system startup.
Estimated Time: 15 mins.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 71
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 5. Managing Swap Space
Specification
This exercise will use the first partition created in the first Exercise of this Workbook. Ensure that the file
~/lab3.1/disk still exists, and that it still references the correct drive. The next to the last partition of
the specified drive should be about 128 megabytes in size, and have a partition id of Linux Swap.
Note: In the process of grading your lab, the swap space will be deactivated and reactivated. If the
reactivation fails, you should manually restart the swap space (step 2) before regrading.
Deliverables
1. A properly initialized and activated swap partition, which is the next to the last partition on the specified drive.
2. A properly configured /etc/fstab file, such that the swap partition is automatically activated at bootup.
Questions
1. What is the threshold amount of physical memory, above which allocating swap space is no longer recommended?
( ) a. 128 megabytes
( ) b. 256 megabytes
( ) c. 512 megabytes
( ) d. 1 gigabyte
( ) e. A swap partition should always be created, no matter how much physical memory is available.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 72
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 5. Managing Swap Space
( ) d. /etc/swaptab
( ) e. None of the above
3. Which file is used to define swap partitions which should be activated automatically as the system boots?
( ) a. /etc/swaptab
( ) b. /etc/fstab
( ) c. /proc/swaps
( ) d. /var/state/swap
( ) e. none of the above
4. What command line would be used to initialize a disk partition to be used as swap space?
( ) a. swapinit /dev/hda3
( ) b. mkswap /dev/hda3
( ) c. mkfs -t swap /dev/hda3
( ) d. fdisk /dev/hda3
( ) e. None of the above
5. What command line would be used to initialize a file to be used as swap space?
( ) a. mkswap /tmp/swapfile
( ) b. mkswap -f /tmp/swapfile
( ) c. swapinit -f /tmp/swapfile
( ) d. mkswapfile /tmp/swapfile
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 73
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 5. Managing Swap Space
7. Which of the following lines could be used to define a swap area that should be activated at system startup in the
/etc/fstab file?
9. Which of the following command lines could be used to activate a swap partition with a priority of 3?
( ) a. mkswap -p 3 /dev/hda3; swapon /dev/hda3
( ) b. swap /dev/hda3 3
( ) c. mount -t swap -o pri=3 /dev/hda3
( ) d. swapon -p 3 /dev/hda3
( ) e. none of the above
10. Which of the following commands could confirm that a swap partition is active with a priority of 3?
( ) a. cat /proc/swaps
( ) b. cat /proc/meminfo
( ) c. top
( ) d. cat /proc/slabinfo
( ) e. A and B
rha130-5.0-0-en-2007-12-13T13:35:30-0500 74
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem
Management Commands
Key Concepts
• The e2label command can be used to examine and set ext2 and ext3 filesystem labels.
• The fsck command is used to check and repair filesystems.
• The tune2fs command can be used to modify already existing ext2 and ext3 filesystems.
• With the -j command line switch, the tune2fs command can convert ext2 filesystems into ext3
filesystems.
Discussion
In this last Lesson of the Workbook, we cover a few miscellaneous commands and concepts that have not
yet been addressed, and end with a summary which ties together the skills developed in this Workbook
and places them into context with one another.
Recall that in Red Hat Enterprise Linux, you should not change volume names without also considering
the configuration of the /etc/fstab file. After performing this example, unless the LABEL= reference
for the /boot partition is also changed in the /etc/fstab file, the /dev/hda1 partition will probably
not be mounted when the machine reboots.
75
Chapter 6. Miscellaneous Filesystem Management Commands
Traditionally, Unix provides a fsck command, named for "(f)ile (s)ystem (c)hec(k)", which is used to
diagnose and fix filesystem corruptions. The act of executing the fsck command on a filesystem is often
referred to as "fisking" the partition.
Much like the mkfs command, Linux uses a front-end fsck command, backed by several file-system
specific versions which start fsck..
The fsck command can be called with the -t command line switch to specify a filesystem type, or the
filesystem specific version of the command can be used. If fsck is used without the -t switch, it will try to
automatically determine the filesystem type, though this could be risky for heavily damaged filesystems.
Because the ext2 filesystem is so common, yet another name for the fsck.ext2 command exists, e2fsck.
The commands fsck -t ext2, fsck.ext2, and e2fsck are all synonyms.
Using fsck
The fsck command is generally called with the name of the partition to check as its lone argument. If the
fsck command finds a problem which it can fix without a risk of losing data, it will implement the fix. If
there is a possibility of losing data, the fsck command will pause and prompt to ask if it should
implement the fix. For administrators not blessed with a detailed knowledge of internal ext2 filesystem
design, there is really little choice but to say "yes". In fact, the fsck command is often invoked with the -y
command line switch, which in effect says "don’t ask, just do it".
rha130-5.0-0-en-2007-12-13T13:35:30-0500 76
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem Management Commands
it must be unmounted. The following table lists some of the parameters which may be modified by the
tune2fs command.
Switch Effect
-c n Set the maximum mount count to n. After the filesystem has been mounted n
times, a mandatory fsck check of the filesystem occurs.
-j Add an ext3 filesystem journal.
-L name Set the volume name to name. This option is identical in function to the e2label
command.
-m n Set the reserved blocks percentage to n.
Again, this command is only necessary if the system does not already contain an ext3 filesystem.
Because the ext3 filesystem is the default, this is rarely the case.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 77
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem Management Commands
1. Physical Connection: Physically connect the disk to the machine. Upon rebooting, the new disk
should be identified in the stream of kernel messages seen on the console at bootup, or logged in the
file /var/log/dmesg. If evidence of the new drive is not found, there is a BIOS or physical
connectivity problem which must be addressed before continuing.
2. Partitioning: The disk is subdivided into multiple partitions using the fdisk command. As we are
considering a newly connected drive, the system will probably not have to be rebooted, as would be
the case for repartitioning a drive already in use.
3. Formatting: Any partitions which are going to be used as filesystems must be initialized with the
appropriate variant of the mkfs command, such as mkfs.ext3. Likewise, any partitions which are
going to be used as swap space must be initialized with the mkswap command.
4. Mounting: Filesystems must be mounted to a mount point before they can be used. Using the
mkdir command to create the mount point is an often overlooked step. Analogously, any swap
partitions must be activated with the swapon command.
5. Updating /etc/fstab: If the filesystem is to be mounted (or the swap area activated)
automatically at bootup, the appropriate lines should be added to the /etc/fstab file.
Examples
Next, he operates on the ext2 filesystem with the tune2fs command, using the -j command line switch to
specify that a journal should be added. Because his memory is hazy, he first confirms that he has the right
partition by examining its label.
Having finished the conversion, he tries performing the mount as an ext3 filesystem manually.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 78
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem Management Commands
Online Exercises
Lab Exercise
Objective: Use filesystem maintenance commands to modify existing filesystems.
Estimated Time: 20 mins.
Specification
This exercise will continue to use the filesystem created and mounted in the previous Exercises. Ensure
that the file ~/lab3.1/disk still exists, and that it still references the correct drive. The last partition of
the drive should have a properly formatted ext2 filesystem.
1. Use the appropriate commands to convert your ext2 filesystem into an ext3 filesystem. Do not create
a new filesystem. Any information contained in the filesystem should be preserved.
2. Change the filesystem label to lab3.6.
3. Update your /etc/fstab file, so that the appropriate label is used, and the filesystem is mounted as
an ext3 filesystem.
4. Unmount the partition before grading your exercise.
Deliverables
1. The last partition of the specified drive should be an ext3 filesystem, with a label of lab3.6, and no blocks
reserved for root. The contents of the filesystem should be preserved in the process.
2. An appropriately configured /etc/fstab file, updated to refer to the new label and the ext3 filesystem.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 79
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem Management Commands
Questions
1. Which of the following command lines could be used to check and repair an ext2 filesystem?
( ) a. fsck /dev/hda3
( ) b. fsck -t ext2 /dev/hda3
( ) c. fsck.ext2 /dev/hda3
( ) d. e2fsck /dev/hda3
( ) e. All of the above
2. Which of the following command lines could be used to assign the label /data to an ext2 filesystem?
( ) a. e2label /data /dev/hda3
( ) b. e2label -L /data /dev/hda3
( ) c. e2label /dev/hda3 /data
( ) d. label -t ext2 /dev/hda3 /data
( ) e. None of the above
3. Which of the following commands could you get away with not using?
( ) a. e2label
( ) b. mkswap
( ) c. fdisk
( ) d. mount
( ) e. All of the above commands are required.
4. What is the most reasonable ordering for the commands you will use?
( ) a. mke2fs, mkswap, fdisk, mount, swapon
( ) b. fdisk, swapon, mkswap, mke2fs, mount
( ) c. mount, fdisk, mke2fs, mkswap, swapon
( ) d. fdisk, mke2fs, mkswap, mount, swapon
( ) e. mkswap, swapon, mke2fs, mount, fdisk
rha130-5.0-0-en-2007-12-13T13:35:30-0500 80
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem Management Commands
6. Which of the following command lines could be used to create an ext2 filesystem on the first logical partition, and
assign it the label /data3?
( ) a. mke2fs -L /data3 /dev/hdd5
( ) b. mke2fs /dev/hdd5; e2label /dev/hda5 /data3
( ) c. mke2fs /dev/hdd5; tune2fs -L /dev/hda5 /data3
( ) d. All of the above
( ) e. None of the above
7. Once the ext2 filesystems have been created, and are all mounted, you decide that you would like the filesystem
on partition /dev/hdd2 to be an ext3 filesystem instead. Which command line could be used to convert the filesystem
to ext3 (without losing any data already in the filesystem)?
( ) a. tune2fs -j /dev/hdd2
( ) b. umount /dev/hdd2 && mkfs.ext3 /dev/hdd2
( ) c. umount /dev/hdd2 && tune2fs -j /dev/hdd2
( ) d. umount /dev/hdd2 && mke2fs -j /dev/hdd2
( ) e. None of the above
8. You decide that you would like to check and repair the filesystem on partition /dev/hdd3. You unmount the
partition. What command could you run next to perform the check?
( ) a. swapoff /dev/hdd3
( ) b. fsck.vfat /dev/hdd3
( ) c. fisk /dev/hdd3
( ) d. fsck /dev/hdd3
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 81
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 6. Miscellaneous Filesystem Management Commands
9. The check and repair utility used above mentions that it has restored some file, but could not find names for.
Where should you look for these files?
( ) a. The /lost+found directory in your root partition.
( ) b. The lost+found directory in the repaired filesystem’s root directory.
( ) c. The /proc/lost+found directory.
( ) d. The /tmp/lost+found directory.
( ) e. None of the above
10. You realize that your previously installed Red Hat Enterprise Linux system had not used the ext3 filesystem.
After successfully converting your new ext2 filesystem to ext3, what additional command should be run?
( ) a. ext3init
( ) b. kudzu
( ) c. mkinitrd
( ) d. setup
( ) e. mkext3
rha130-5.0-0-en-2007-12-13T13:35:30-0500 82
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
Key Concepts
• Red Hat Enterprise Linux 4 ships with a new security mechanism implemented by the kernel, known
as SELinux.
• SELinux potentially casts every process into a SELinux domain, and every resource (such as files) into
a SELinux security context. A SELinux policy then specifies which processes can access which
resources.
• The SELinux policy is implemented at a low level, and is in general not configurable by an end system
administrator.
• The SELinux policy that ships with Red Hat Enterprise Linux 4 is know as the targeted policy, and
only effects selected networking daemons.
• The system can boot into one of three SELinux related states, enforcing, permissive, or disabled.
• The default state can be set by editing the /etc/sysconfig/selinux configuration file.
• The SELinux state can be immediately switched from enforcing to permissive and back using the
setenforce command.
• SELinux domains and contexts can be examined by adding the new -Z command line switch to the
traditional ps and ls commands.
• The SELinux context of a file can be modified using the new chcon command.
Discussion
83
Chapter 7. SELinux: Secure Linux
SELinux falls way to the flexible and complex side of the simple-flexible spectrum. From the Red Hat
perspective, as an administrator, you should never need to write or modify your own SELinux policy.
Instead, in Red Hat Enterprise Linux, your SELinux related decisions should be limited to to the
following.
• dhcpd
• httpd
• mysqld
• named
• nscd
• ntpd
• portmap
• postgres
• snmpd
• squid
• syslogd
• and more...
Unless you are managing files which are used by one of the included applications, the targeted SELinux
policy should not hinder interactive uses of a Red Hat Enterprise Linux workstation. As only syslogd
from this list is relevant to this course, managing SELinux is not a major focus. However, any
administrator of a Red Hat Enterprise Linux system should at least be aware of the topics covered in this
lesson.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 84
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
• enforcing: Any action that would violate the SELinux policy is prohibited, and the violation is logged
as a kernel message.
• permissive: Any action that would violate the SELinux policy generates a warning (in the form of a
kernel message), but the action is allowed to continue.
• disabled.
The default state is specified as part of the installation process, and recorded in the file
/etc/sysconfig/selinux. The default SELinux state can be changed by editing this file, or the state
can be changed immediately using the setenforce command.
➊ The default SELinux state can be set using SELINUX. Changes will apply on the next boot.
➋ The policy can be chosen using SELINUXTYPE.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 85
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
Note that getenforce merely displays the current state. The setenforce command takes effect
immediately, but does not change the default state if the machine is rebooted. These commands are often
helpful in debugging SELinux configuration problems.
[student@station ~]$ ps ax -Z
LABEL PID TTY STAT TIME COMMAND
system_u:system_r:init_t 1 ? Ss 0:00 init [5]
system_u:system_r:kernel_t 2 ? S 0:00 [migration/0]
system_u:system_r:kernel_t 3 ? SN 0:00 [ksoftirqd/0]
system_u:system_r:kernel_t 4 ? S 0:00 [watchdog/0]
...
system_u:system_r:httpd_t 1631 ? S 0:00 /usr/sbin/httpd
system_u:system_r:xfs_t 1651 ? Ss 0:00 xfs -droppriv
system_u:system_r:crond_t:SystemLow-SystemHigh 1672 ? Ss 0:00 /usr/sbin/atd
system_u:system_r:rpm_t 1697 ? S 0:00 /usr/sbin/yum-updatesd
system_u:system_r:avahi_t 1709 ? Ss 0:00 avahi-daemon: running
...
system_u:system_r:unconfined_t:SystemLow-SystemHigh 2030 ? Ss 0:00 sshd: root@
pts/0
root:system_r:unconfined_t:SystemLow-SystemHigh 2032 pts/0 Ss 0:00 -bash
root:system_r:unconfined_t:SystemLow-SystemHigh 2058 pts/0 R+ 0:00 ps ax -Z
root:system_r:unconfined_t:SystemLow-SystemHigh 2059 pts/0 D+ 0:00 -bash
Notice that the domain type of interactive processes, such as the bash shell and the ps command started
from the shell, domain type is unconfined_t, implying that the process is not restrained by any SELinux
context. User interactive shells, and generally processes started them, are generally not effected by the
default SELinux targeted policy.
The SELinux context of files can be seen by adding -Z to the ls command. In the following example, the
-a switch is only necessary because the fairly recently created home directory has not yet collected any
"nonhidden" files.
[student@station ~]$ ls -a -Z
drwx------ student student user_u:object_r:user_home_dir_t .
drwxr-xr-x root root system_u:object_r:home_root_t ..
-rw-r--r-- student student user_u:object_r:user_home_t .bash_logout
-rw-r--r-- student student user_u:object_r:user_home_t .bash_profile
-rw-r--r-- student student user_u:object_r:user_home_t .bashrc
drwxr-xr-x student student user_u:object_r:user_home_t Desktop
-rw-r--r-- student student user_u:object_r:user_home_t .zshrc
Note that all of these files have the type user_home_t. Some were created by the user student as she, for
example, fired up the Firefox web browser, others were created automatically when the account was
rha130-5.0-0-en-2007-12-13T13:35:30-0500 86
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
added (before the student ever logged on). The user_u portion of the SELinux context denotes that the
file was created by the user.
Exploration of the filesystem with the ls -Z command will produce a large number of SELinux types
associated with various files. (The /etc and /var directories are particularly interesting).
Realize that knowing the SELinux domain of a process, or the SELinux context of a file, is not enough.
You also need to know what the current policy dictates. Unfortunately, with the current set of SELinux
tools, examining the current policy is not easy, and the effects of the SELinux policy are generally only
discovered when something tries to violate it.
Following the log message’s advice, we can use the sealert command to reveal much more information
about the violation.
Detailed Description
SELinux has denied /usr/sbin/httpd access to potentially mislabeled file(s)
(/var/www/html/index.html). This means that SELinux will not allow
/usr/sbin/httpd to use these files. It is common for users to edit files in
their home directory or tmp directories and then move (mv) them to system
directories. The problem is that the files end up with the wrong file
context which confined applications are not allowed to access.
Allowing Access
If you want /usr/sbin/httpd to access this files, you need to relabel them
using restorecon -v /var/www/html/index.html. You might want to relabel the
entire directory using restorecon -R -v /var/www/html.
Additional Information
rha130-5.0-0-en-2007-12-13T13:35:30-0500 87
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
By examining the detailed message, we deduce that the file /var/www/html/index.html did not have
the appropriate SELinux context.
If the targeted SELinux policy is causing a problem, an administrator generally has three options.
1. Disable SELinux.
2. Change the SELinux context of the file which is causing the violation.
3. Tweak the policy through the use of SELinux booleans.
We’ve already discussed how to disable SELinux (recall the setenforce command and the
/etc/sysconfig/selinux configuration file). In the following sections, we discuss changing a file’s
SELinux context and tweaking a policy through the use of SELinux booleans.
Table 7-1. Common Command Line Switches for the chcon Command
Switch Effect
-R, --recursive change files and directories recursively
--reference=FILE Use the security context of FILE to define the
resulting context.
-u, --user=USER; -r, --role=ROLE; -t, set USER, ROLE, or TYPE component of the
--type=TYPE file’s security context, respectively.
Most commonly, an administrator would like a problematic file to take on the context of a "known good"
file. As an example, the following command would cause /etc/named.conf to inherit the SELinux
security context of /etc/named.conf.rpmorig.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 88
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
As the sealert message implied, an adminstrator can trivially align the file’s SELinux type with the
expectations of the SELinux policy using the restorecon command.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 89
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
SElinux booleans can be modified with the complementary setsebool command. For example, the
default policy does not allow users to access their home directory using the FTP service. The setsebool
command can be used to enable home directory access.
By default, setsebool modifies the policy dynamically, and the default will be restored the next time the
machine reboots. The -P command line switch causes the modification to persist across reboots.
On the first "Status" panel, "Relabel on next reboot" can be selected. This has the effect of running
restorecon -R / early in the bootup process, effectively resetting the SELinux state of the entire
filesystem. This is accomplished by createing the file /.autorelabel, which is discovered by startup
scripts upon a reboot.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 90
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
The system-config-selinux utility has many other capabilities, most of which relate to policies other than
the targeted policy. While interesting, they are beyond the scope of this course. (Browsing the File
Labelling panel, however, can provide insight into the behaviour of restorecon.)
Examples
[prince@station ~]$ su
Password:
[root@station prince]# cp elvis_in_austin.html /var/www/html/
[root@station prince]# mv elvis_in_pheonix.html /var/www/html/
[root@station prince]# ls -l /var/www/html/
total 56
-rw-r--r-- 1 root root 219 Jul 31 19:38 elvis_in_austin.html
-rw-rw-r-- 1 prince prince 228 Jul 31 19:37 elvis_in_pheonix.html
Seeing that each of the files is readable by all, he’s satisfied that the webserver (which runs as the user
apache) will be able to read the file. He next opens a browser, and references the files.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 91
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
Austin native Fred Anderson claims to have seen Elvis watching the bats
fly from a underneath the Congress St. bridge in Austin TX. When
...
[prince@localhost ~]$ elinks -dump http://localhost/elvis_in_pheonix.html
Forbidden
[prince@localhost ~]$ su -
Password:
[root@station ~]# getenforce
Enforcing
[root@station ~]# setenforce 0
[root@station ~]# getenforce
Permissive
Pheonix native John Doe claims to have seen Elvis riding a llama, jousting
a cactus with a fishing pole. When approached, however, Elvis and the
...
Convinced that the SELinux policy was causing the problem, he looks for a log message in
/var/log/messages.
...
Allowing Access
If you want /usr/sbin/httpd to access this files, you need to relabel them
using restorecon -v /var/www/html/elvis_in_pheonix.html. You might want to
relabel the entire directory using restorecon -R -v /var/www/html.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 92
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is
a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether
in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed
please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
Additional Information
Because elvis_in_austin.html is copied to /var/www/html using cp, the resulting file is a newly
created file, which inherits the user who created it (root) and the SELinux context of the directory in
which it is created (httpd_sys_content_t).
In contrast, the file elvis_in_pheonix.html is moved to its new destination using the mv command.
Moving a files does not create a new one, but relocates an already existing one. As a result, the user who
created it (prince) and more pertinently the SELinux context (user_home_t) is retained. When the web
server process tries to read a file of type user_home_t, a SELinux policy violation occurs.
To fix the situation, prince (as root) uses the chcon command to pass the SELinux context from the
"good" file to the "bad", and setenforce to restore SELinux to the enforcing state.
Now, the web server can view the file with ease.
Pheonix native John Doe claims to have seen Elvis riding a llama, jousting
a cactus with a fishing pole. When approached, however, Elvis and the
...
Note: If you are confused by the use of the web server above, or the reference to the term
"document root", don’t be too concerned, and take heart that we needed to stretch to find an
example of a problem caused by SELinux for this course.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 93
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
Online Exercises
Lab Exercise
Objective: Set appropriate SELinux contexts for a files
Estimated Time: 20 mins.
Specification
1. Your system should be in the SELinux enforcing state. If this is not the case, edit the
/etc/sysconfig/selinux file appropriately, and reboot your machine. You should be able to
reproduce the following command.
[root@station4 html]# getenforce
Enforcing
2. In this lab, you will publish files using your web server. If you have not yet started your web server
(and you probably haven’t), start it using the service command.
[root@station8 ~]# service httpd start
Starting httpd: [ OK ]
[root@station8 ~]# service httpd status
httpd (pid 15611 15610 15609 15608 15607 15606 15605 15604 15601) is running...
3. You would like to publish a copy of your /var/log/dmesg file. (Don’t worry if you don’t know
what it is yet.) Copy the file to the /var/www/html directory, and observe the ownerships and
permissions. You should be able to view the contents by pointing any browser to
http://localhost/dmesg.
4. You would also like to publish a copy of the /var/log/rpmpkgs file, but you realize this file is
updated nightly. In order to automatically publish the updates as well, hard link the file into the
/var/www/html directory.
[root@station4 html]# ln /var/log/rpmpkgs /var/www/html/
[root@station4 html]# ls -i /var/log/rpmpkgs /var/www/html/rpmpkgs
180333 /var/log/rpmpkgs 180333 /var/www/html/rpmpkgs
[root@station8 html]# ll /var/www/html/rpmpkgs
-rw-r--r-- 2 root root 23076 Jul 2 04:04 /var/www/html/rpmpkgs
Although the file /var/www/html/rpmpkgs is readable by all, you should still not be able to
access http://localhost/rpmpkgs from a web browser. Why?
5. Use the chcon command, referencing the "working" file /var/www/html/dmesg, to assign
/var/log/html/rpmpkgs the appropriate SELinux security context. If completed successfully,
you should be able to access http://localhost/rpmpkgs from a web browser.
Use ls -Z to observe the SELinux context of /var/log/rpmpkgs. Why did it change as well?
rha130-5.0-0-en-2007-12-13T13:35:30-0500 94
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or
print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
Deliverables
Clean Up
After you have completed the exercise, restore your system to the desired SELinux state, remove
/var/www/html/rpmpkgs, and restore the appropriate context on /var/log/rpmpkgs with the
following command.
Questions
2. What is the name of the default Red Hat Enterprise Linux 5 SELinux policy?
( ) a. targeted
( ) b. strong
( ) c. shadowman
( ) d. full
( ) e. None of the above.
rha130-5.0-0-en-2007-12-13T13:35:30-0500 95
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
4. Which of the following processes would you expect to be most constrained by the default Red Hat Enterprise
Linux 5 SELinux policy?
( ) a. bash
( ) b. dd
( ) c. ls
( ) d. httpd
( ) e. ps
5. Which of the following command lines could be used to most directly determine the current SELinux state?
( ) a. lscon
( ) b. ps -axZ
( ) c. service selinux status
( ) d. getenforce
( ) e. cat /proc/selinux
6. Which of the following commands can be used to immediately change the SELinux state of a machine?
( ) a. selinux
( ) b. setstate
( ) c. setenforce
( ) d. chcon
( ) e. None of the above
rha130-5.0-0-en-2007-12-13T13:35:30-0500 96
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other use is a violation
of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise duplicated whether in electronic or print
format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or otherwise improperly distributed please email
training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.
Chapter 7. SELinux: Secure Linux
7. Which of the following commands would view the SELinux domain of the process with process ID 3452?
( ) a. selinux 3452
( ) b. ps -Z 3452
( ) c. getenforce -p 3452
( ) d. lscon -p 3452
( ) e. None of the above
8. Which of the following command would display the SELinux security context of the file /etc/passwd?
( ) a. ls -Z /etc/passwd
( ) b. selinux /etc/passwd
( ) c. getenforce /etc/passwd
( ) d. lscon /etc/passwd
( ) e. None of the above
9. What file would you examine in order to see logs of SELinux violations?
( ) a. /var/log/selinux
( ) b. /var/log/messages
( ) c. /var/log/secure
( ) d. /var/log/dmesg
( ) e. None of the above
10. Which of the following commands would cause the file foo to inherit the SELinux security context of the file
bam?
rha130-5.0-0-en-2007-12-13T13:35:30-0500 97
Copyright (c) 2003-2007 Red Hat, Inc. All rights reserved. For use only by a student enrolled in a Red Hat Academy course taught at a Red Hat Academy. Any other
use is a violation of U.S. and international copyrights. No part of this publication may be photocopied, duplicated, stored in a retrieval system, or otherwise
duplicated whether in electronic or print format without prior written consent of Red Hat, Inc. If you believe Red Hat course materials are being used, copied, or
otherwise improperly distributed please email training@redhat.com or phone toll-free (USA) +1 866 626 2994 or +1 (919) 754 3700.