all right. Hello and welcome to module 104.3.
Gonna talk here about mounting and mounting file systems, and the convict file naturally can be found underneath the etc. Directory that C. F s tap
The file has a few fields not too many to worry about, pretty easy to deal with.
And we control lots of different aspect of the mounting process,
whether or not we want a false system to mount when we boot.
If we do want it to mount, you can set several different options to control
security characteristics and use your behavior.
We could also specify the order of mounting, which will talk about here in just a moment.
First of all, weaken in the options section. We can specify auto
just what it sounds like it will automatically mount. That's typically what you want for a production system
unless you've got a file systems that you only occasionally used for things like development work or archive data,
other things that you just don't need at all times.
There, there by you would specify no auto in those cases.
Now we can tell the system that only route user can mount a false system by using no user.
If I specify user than anybody can mounted, that's in a regular group.
We can also control whether or not binaries are executed,
which could be a very good security benefit if you think about it. Because
if I if we allow regular users to execute binary programs from their home directory,
then they could potentially execute dangerous programs or malware. So we wantto think closely about that
rewrite. Read only these self evident as far as what those mean,
and then we can also deal with the sink or a sink. Option.
Sink is a little bit safer, in a sense, because any time you read or write from a file
or change anything, the effects are more or less immediately written to that follow system.
Casing will cue up a little bit of that information before actually making those changes. So it's a minor thing to think about.
Could be good for performance reasons, however, to use the A sink option.
So the F s tabbed files I was mentioning has all the different options that we need to specify for a file system.
tell it, what will we mounted where will be mounted which directory, which might point
false system type and then the options, which we were just looking at and slide a little bit back from here.
Also, the dump command could be used to back up a file system
by setting up a Krahn job in some other factors that will allow you to do that.
Most modern linens environments are probably not using the built in backup feature your most likely using a
an application for backups. But you do have a native functionality here to perform backups.
You could also use scripts that you concoct using the find command of the Tar Command, running them with crown jobs and so on. There's lots of different options there,
and then our last point is about the order of mounting file systems.
The order is important because there may be certain file system that need to be in place before certain service's confront or programs. Could we started, our demons could be running,
and the order, if you're building a multi tier application or something could be could be important.
Last thing to think about is users being allowed to mount their own media.
Typically, this is a thumb drive.
They're obviously lots of risks with allowing users to do this. But
if you if you want to have the capability, you can, uh,
you can create that.
All right, so let's have a look at the
Yep, that's Tab Foe.
go ahead and edit this.
You'll notice that we have our root ball system here and a swap
You may think this is a good best practice the way I do, but
open a couple of extra lines, put some common characters. They're just so I could separate
My custom file system mounts from anything that's already included with the operating system. It's good to keep them separate
just visually it anyway, it's easier to find what you're looking for.
So my first file system is underneath Deb S. D. B one.
So I'm specifying the device file,
then the Mount Point itself, which is my data. In this case.
a E x t three file system,
I can pick defaults,
which gives me some reasonable options
that I can explore. Remember, we talked about the auto mount option. That's that's more the default settings.
I can also specify. Re only read right
Prohibit the execution of binaries, which could be good for security reasons.
I can set up Thea Fall systems also
be backed up by putting the dump command in this field.
If I don't want to use the dump command,
then I can just leave that field as zero.
Maybe I'm doing my backups with
third party software, as I mentioned earlier.
And then we have the last field.
The last field is the file system check field. So
if I've got a zero here,
that means don't perform file system check when the system boots
Usually this what actions they usually typically it set for
this valley will be set to one.
If I am specifying my root file system, you'll notice Currently it's set to zero here.
I consented to one. If I want a guarantee that route gets checked upon Buddha
and then I probably would set it to two. If it's some other file system,
so too is more appropriate in this case.
And I'm gonna add my second file system.
The best would be to
and this is a mount point called My data too.
This one is. Looks sorry about that.
Virtual machines. A little bit sluggish right now, for some reason.
All right, so except fast is the file system here.
this one. I want Thio.
There's a couple things. If I've got a
user follow system, user mounted false system, we can have some options there. Which I'll talk about it a little bit.
But maybe I want to make sure this one is mounted. We not f w Sorry about that
And maybe I want to also
enforce the no exact
So those are my my characteristics of my data to once I mounted
and then zero because I'm not dumping it. And two, because it's a
fall system. Oops. It's not part of my operating system, so
I'm gonna give it a label of two.
I think right now my file systems are still mounted from a
previous exercise. They are so I can see my date on my data to there
Amount those using the you Mount Command,
because if I change the parameters for the file system, I need a mounted and re mounted
in order for that thio work correctly.
Now what I can do to test what I've just created is to reboot the system
and everything should mount up correctly when I reboot. This is a good test.
I can certainly amount the file systems manually. But a reboot is a better test because I want to verify that in the future, when the system reboots,
everything will work as expected.
So I'm just gonna issue the reboot. Come in quickly.
I'm gonna go ahead and pause here, since this will take a moment.
All right, so the reboot has concluded and gonna run my
And there's much of our systems
happily mounted as I specified.
And of course, you can do different tests. You can set this for read. Only try to create a file. You could try to put it behind her program there, try to run it
to satisfy yourself that those controls actually do work.
Now let's have a look at
which is user multiple false systems.
Now there are definitely some security considerations to think about.
Having users being able to mount their own file systems could be a great convenience for the administrator, because they don't have to deal with
necessarily doing this work for each user individually.
But we have to make sure that we
put the right controls in place so that this doesn't become a security risk and
doesn't cause any kind of potential impact to production.
So a couple of a default settings to consider
the no exact setting is by default.
Now, if I put a the user option in that C. F s tab and I follow it with the exact option than I could override this.
But that might be important as a default, because typically we don't want users running programs from their own
We may not be able to have proper controls in place, and that's bad for security. Overall,
Another feature to think about is, uh, this is in general, actually, is the no. A time no access time feature,
whether it's you surmountable or our system operating system Mount Herbal.
We want to consider using this because if if we don't generate access time information,
then we can get a little bit better performance. So for
applications where you've got a lot of files that are being written to regularly in large numbers of files, database applications. Something of that nature.
This might be an interesting option to consider.
Then we have the actual commands themselves. You'll notice we see Soo Do
command to use in this case
because I can set up sue commands which allow a user to make their own directory
like a slash media user one USB.
The mixture command with the dash P will make all the intermediary directors for you.
So if any of these directories does not exist, make your best people will create them as needed so I can create a whole directory treat.
Then we're gonna The user would typically change the ownership of that mount point to their to their own I d. So change ownership to use her one,
and we make it rewriteable and execute herbal
for the actual permissions.
You wouldn't do this for most follow systems when its user amount herbal is probably what you want.
I could also run the D message command to find my USB device if I'm not sure what it's called.
But it might be something like we see here, Dev stc one
so I can just put this this line right here right into my Etsy F s tab.
So I allow divest E C one to be mounted.
Actually, home store wouldn't be the right folder here. Will be slash media slash user one slash USB
and to make a little error there. But
I specified. That is User Montel.
I can specify the you mask which you haven't
talked about too much yet.
I'm even specifying a character set that I'd like to to use. The no auto option means that this will not automatically MT
when I boot, which is probably what we want for a user multiple system because they may not have their media actually attached
at the time that with the system boots. So in order to avoid errors, no auto safer
and then we're not gonna mother dumped command. That's why we've got a zero here and we're not gonna force a file system check.
So once this entries in F s tab, then I can just run the Mount Command
allow that file system to be accessible to users.
So just as long as we pay attention to the
security considerations, this should be a safe thing to dio
Okay, so we've covered some of the details as the F S tab did a quick little test to make sure that we can see that it works.
And we also touched on the mount and you mount commands for mounting an amounting file Systems.
Next, we'll talk about disc quotas. See in the next section. Thank you.