1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
|
Mapping a filesystem into the main tree
1�1.�. P�Pu�ur�rp�po�os�se�e
At this point, we are trying to logically connect a filesystem (a
local partition or a server volume) with the directory tree. The
filesystem can be located anywhere.
The following situation is not uncommon:
+�o You have a large directory, say /home/jack, which is getting bigger
and bigger.
+�o You are out of disk space.
+�o You buy a second hard drive, create a single partition on it
(/dev/hdb1 for example).
+�o You rename /home/jack to /home/jack.backup
+�o You map /dev/hdb1 to /home/jack.
+�o You copy /home/jack.backup to /home/jack.
After that, you may delete /home/jack.backup. You get the same logical
file layout, but now have space on the first drive and a lot of space
for /home/jack to grow on the second.
2�2.�. T�Ta�as�sk�k
To achieve the connection, you have to:
1. Select a hard drive partition.
2. Identify the type of filesystem. _�E_�x_�t_�2 for _�L_�i_�n_�u_�x and _�U_�m_�s_�d_�o_�s for DOS
drives.
3. Pick a mount point. It can be any directory or subdirectory.
3�3.�. G�Ge�en�ne�er�ra�al�l o�op�pt�ti�io�on�ns�s
The general options are not needed most of the time. They allow for
increased flexibility and security.
+�o Read-only
It is possible to protect a partition from writing. Even the
superuser won't be able to write there. This is seldom used on a
normal hard drive partition though.
+�o User mountable
This is generally used with the following option, and is useful for
removable media. It allows anyone to activate the connection at any
time. Normally, only root (the superuser) can establish a mount.
+�o Do not mount at boot time
Especially useful for removable media, it prevents the system from
trying to establish a mount at boot time.
+�o No program allowed to execute
This is a security feature, which is especially useful for
removable media. If you set the user mountable option on a
removable media, it allows any user to come and install a set of
files, specifically setup, to give him full access to your system
(administrator privileges). This option would prevent this
situation from occurring.
+�o No special device file support
This is a security feature.
Special devices are generally created with proper access rights in
the /dev directory. They may be created in other places too, with
the mknod command. This feature prevents mounting media with
special devices created with relaxed security. Such devices would
defeat all security on the system.
+�o No setuid programs allowed
This is yet another security feature. It is a compromise between
full access and the above option (no execution allowed).
If you set this option, the system will deny privileged programs
their special rights. A privileged program is one that switches the
user to another identity while it is running (generally root).
This allows the user to do special tasks that only the supervisor
can do.
+�o User quota enabled
This flag tells the kernel to enable quota accounting on the
filesystem. Quota accounting maintains, for each user in real time,
the amount of disk space used and the amount of files and
directories they own. Limits may be imposed on some or all users.
This is controlled separately for each file system. The file
quota.user is created in the root of the filesystem (linuxconf will
create it for you if you activate this feature). The utility
quotacheck is run to initialize the file with the current state of
the filesystem. The kernel, from now on, will silently update this
for each user account.
This is useful for preventing a single user from filling the disk.
+�o Group quota enabled
This is the same feature as user quota enabled, but for groups. The
group quotas hold the sum of the quotas of all file members of the
group. A file quota.group is created when this feature is enabled
and the utility quotacheck is used to initialize the file.
While a user may be under his personal quota limit, the quota of
his group may be over its limit. The user will be prevented from
creating new files and/or growing them.
4�4.�. (�(U�U)�)M�Ms�s-�-D�DO�OS�S a�an�nd�d H�Hp�pf�fs�s (�( O�OS�S/�/2�2 )�) o�op�pt�ti�io�on�ns�s
4�4.�.1�1.�. S�Se�ec�cu�ur�ri�it�ty�y f�fe�ea�at�tu�ur�re�es�s
Both _�M_�s_�-_�D_�O_�S and _�O_�S_�/_�2 are single-user operating systems. Their
respective filesystems lack most of the features expected in a multi-
user operating system like _�L_�i_�n_�u_�x.
For one, there is no file ownership. This means that when a _�D_�O_�S hard
drive is mounted into the _�L_�i_�n_�u_�x filesystem tree, files will be
available to every user on the machine.
Keep in mind that _�L_�i_�n_�u_�x is a multi-user system. It is fairly easy to
create user accounts on your system for co-workers so they can share
your CPU or system resources. It would be unpleasant to find out later
that everyone has access to every personal file you have in your _�D_�O_�S
partitions.
_�L_�i_�n_�u_�x offers a neat solution to this. You can logically apply an
ownership and permission flag to all files and directories on _�D_�O_�S
partitions. No special data is written to the partitions. It is simply
a presentation mode used by _�L_�i_�n_�u_�x.
Here are the options you can control
+�o Default user ID
You can assign one owner to all files and directories in the
filesystem. The default owner is root.
+�o Default group ID
You can assign one group to all files and directories in the file
system. The default group is root.
+�o Default permissions
You can selectively turn on or off every one of the nine _�U_�N_�I_�X style
permission bits. Permission bits are expressed as three groups of
three bits each. Each group has the following layout:
+�o Read access
+�o Write access
+�o Execute access
The groups are
+�o Owner permission bits
+�o Group permission bits
+�o Other users (not the owner and not a member of the group)
permission bits.
These bits are expressed in octal notation. A "one" indicates that
the corresponding permission is off. For example a value of 007,
enable full access to the owner and the group but disable all
access for other users. A value of 022 provides full access to the
owner, but disables writing for all other users.
4�4.�.2�2.�. T�Tr�ra�an�ns�sl�la�at�ti�io�on�n m�mo�od�de�e
Text files are stored in a slightly different format on _�M_�s_�-_�D_�O_�S and
_�O_�S_�/_�2, compared to _�U_�N_�I_�X and _�L_�i_�n_�u_�x. The difference lies in the way end-
of-file is identified.
_�M_�s_�-_�D_�O_�S uses a sequence of two characters, an ASCII Carriage-return
followed by an ASCII Line Feed. _�U_�N_�I_�X use only a single Line Feed.
The Ms-DOS, Umsdos and Hpfs file-systems share one option to make life
easier when sharing files on a hard drive between _�L_�i_�n_�u_�x and _�M_�s_�-_�D_�O_�S or
_�O_�S_�/_�2.
Here are the modes available:
+�o binary - This means no translation at all.
+�o auto - The translation will be activated on all files except those
with a special extension.
Here are the known binary extensions:
+�o Program code
APP BIN COM DLL DRV EXE LIB OBJ OVL OVR PIF SYS
+�o Common archivers
ARC ARJ DEB GZ LHA LZH TAR TAZ TGZ TPZ TZ TZP Z ZIP ZOO
+�o Graphics
BMP GIF GL JPG PCX TIF
+�o TeX
DVI GF PK PXL TFM VF
+�o text
The translation will be done on all files. This option should be
used with care.
Once a translation mode is selected, it is done both at read and write
times. This makes it nearly transparent to _�L_�i_�n_�u_�x applications.
Please note that the current trend is towards flexible utilities
(editors) which can handle both formats instead of using a filesystem
trick like this one.
5�5.�. O�Ot�th�he�er�r o�op�pt�ti�io�on�ns�s
New filesystems and filesystem features do appear once in a while.
These filesystems may have options unknown to _�L_�i_�n_�u_�x_�c_�o_�n_�f.
To cope with this, there is an extra option line. Normally filesystem
options are a group of keyword/value pairs, separated by a comma.
opt1=val,opt2=none,opt3,opt4=2
6�6.�. C�Co�om�mm�me�en�nt�t
You can write anything you want here, including an explanation about
the option combination you have selected.
|
