Set Mount and Filesystem Options

You can also specify options for each filesystem mount through the options field in the /etc/fstab configuration file or through the -o option to mount. Some options are quite handy; for example, disabling the suid bit for security reasons or speeding up performance by disabling the update of the atime (access time) property for directories and files (see Table A-2).

Option

Effect

noatime

Disables updating the atime property, which contains the date

of last access for files and directories. Speeds up some filesystem

operations.

noexec

Disables the ability to execute files stored within the particular

mount point (even if the executable right is set).

nosuid

Ignores the suid bits on files and folders.

nodev

Disables device nodes (character and block devices) within the

mount point.

Table A-2

Mount Options

Another important task is to set proper options for a filesystem. This can be accomplished with the tune2fs tool for ext2 and ext3 filesystems. Two important settings are the reserved-blocks-percentage and reserved-block-count options. These options allow reserving a part of a filesystem for the root user. Setting those options prevents unprivileged users from filling up the whole filesystem.

host ~ # tune2fs -m 5 /dev/hda1 tune2fs 1.39 (2 9-May-2 00 6)

Setting reserved blocks percentage to 5% (196608 blocks) host ~ # tune2fs -l /dev/hda1 | grep Reserved Reserved block count: 196608

Reserved blocks uid: 0 (user root)

Reserved blocks gid: 0 (group root)

Preventing unprivileged users from filling up a specific filesystem makes sense, because a full filesystem might prevent certain daemons from working properly. Let's assume /var/log is on the same filesystem as /. What happens if an unprivileged user puts large files into /tmp that consume the whole remaining disk space? This will influence the systems logging daemons and it will certainly also influence other system operations that rely on writing data to /var.

Was this article helpful?

0 0
The Ultimate Computer Repair Guide

The Ultimate Computer Repair Guide

Read how to maintain and repair any desktop and laptop computer. This Ebook has articles with photos and videos that show detailed step by step pc repair and maintenance procedures. There are many links to online videos that explain how you can build, maintain, speed up, clean, and repair your computer yourself. Put the money that you were going to pay the PC Tech in your own pocket.

Get My Free Ebook


Post a comment