1994-05-26 06:35:07 +00:00
|
|
|
.\" Copyright (c) 1994
|
|
|
|
.\" The Regents of the University of California. All rights reserved.
|
2001-07-15 07:53:42 +00:00
|
|
|
.\"
|
1994-05-26 06:35:07 +00:00
|
|
|
.\" This code is derived from software donated to Berkeley by
|
|
|
|
.\" Jan-Simon Pendry.
|
|
|
|
.\"
|
|
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
|
|
.\" modification, are permitted provided that the following conditions
|
|
|
|
.\" are met:
|
|
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
|
|
.\" may be used to endorse or promote products derived from this software
|
|
|
|
.\" without specific prior written permission.
|
|
|
|
.\"
|
|
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
.\" SUCH DAMAGE.
|
|
|
|
.\"
|
|
|
|
.\" @(#)mount_union.8 8.6 (Berkeley) 3/27/94
|
1999-08-28 00:22:10 +00:00
|
|
|
.\" $FreeBSD$
|
1994-05-26 06:35:07 +00:00
|
|
|
.\"
|
2006-12-02 19:35:56 +00:00
|
|
|
.Dd November 30, 2006
|
2001-05-23 14:58:19 +00:00
|
|
|
.Dt MOUNT_UNIONFS 8
|
|
|
|
.Os
|
1994-05-26 06:35:07 +00:00
|
|
|
.Sh NAME
|
2001-05-23 14:58:19 +00:00
|
|
|
.Nm mount_unionfs
|
2002-08-21 18:11:48 +00:00
|
|
|
.Nd mount union file systems
|
1994-05-26 06:35:07 +00:00
|
|
|
.Sh SYNOPSIS
|
2000-11-20 16:52:27 +00:00
|
|
|
.Nm
|
1994-05-26 06:35:07 +00:00
|
|
|
.Op Fl br
|
|
|
|
.Op Fl o Ar options
|
|
|
|
.Ar directory
|
|
|
|
.Ar uniondir
|
|
|
|
.Sh DESCRIPTION
|
|
|
|
The
|
1998-07-15 06:13:45 +00:00
|
|
|
.Nm
|
2002-07-06 19:34:18 +00:00
|
|
|
utility attaches
|
1994-05-26 06:35:07 +00:00
|
|
|
.Ar directory
|
|
|
|
above
|
|
|
|
.Ar uniondir
|
|
|
|
in such a way that the contents of both directory trees remain visible.
|
|
|
|
By default,
|
|
|
|
.Ar directory
|
|
|
|
becomes the
|
|
|
|
.Em upper
|
|
|
|
layer and
|
|
|
|
.Ar uniondir
|
|
|
|
becomes the
|
|
|
|
.Em lower
|
|
|
|
layer.
|
|
|
|
.Pp
|
|
|
|
The options are as follows:
|
|
|
|
.Bl -tag -width indent
|
|
|
|
.It Fl b
|
2006-12-02 19:35:56 +00:00
|
|
|
Deprecated. Use
|
|
|
|
.Fl o
|
|
|
|
.Ar below
|
|
|
|
instead.
|
|
|
|
.It Fl o
|
|
|
|
Options are specified with a
|
|
|
|
.Fl o
|
|
|
|
flag followed by an option.
|
|
|
|
The following options are available:
|
|
|
|
.Bl -tag -width indent
|
|
|
|
.It Cm below
|
1994-05-26 06:35:07 +00:00
|
|
|
Invert the default position, so that
|
|
|
|
.Ar directory
|
|
|
|
becomes the lower layer and
|
|
|
|
.Ar uniondir
|
|
|
|
becomes the upper layer.
|
|
|
|
However,
|
|
|
|
.Ar uniondir
|
|
|
|
remains the mount point.
|
2006-12-02 19:35:56 +00:00
|
|
|
.It Cm copymode=traditional | transparent | masquerade
|
|
|
|
Specifies the way to create a file or a directory in the upper layer
|
|
|
|
automatically when needed.
|
|
|
|
.Ar traditional
|
|
|
|
uses the same way as the old unionfs for backward compatibility, and
|
|
|
|
.Ar transparent
|
|
|
|
duplicates the file and directory mode bits and the ownership in the
|
|
|
|
lower layer to the created file in the upper layer.
|
|
|
|
For behavior of the
|
|
|
|
.Ar masquerade
|
|
|
|
mode, see
|
|
|
|
.Sx MASQUERADE MODE .
|
|
|
|
.It Cm udir=mode
|
|
|
|
Specifies directory mode bits in octal for
|
|
|
|
.Ar masquerade
|
|
|
|
mode.
|
|
|
|
.It Cm ufile=mode
|
|
|
|
Specifies file mode bits in octal for
|
|
|
|
.Ar masquerade
|
|
|
|
mode.
|
|
|
|
.It Cm gid=gid
|
|
|
|
Specifies group for
|
|
|
|
.Ar masquerade
|
|
|
|
mode.
|
|
|
|
.It Cm uid=uid
|
|
|
|
.uid
|
|
|
|
Specifies user for
|
|
|
|
.Ar masquerade
|
|
|
|
mode.
|
|
|
|
.El
|
1994-05-26 06:35:07 +00:00
|
|
|
.El
|
|
|
|
.Pp
|
2002-08-21 18:11:48 +00:00
|
|
|
To enforce file system security, the user mounting the file system
|
1994-05-26 06:35:07 +00:00
|
|
|
must be superuser or else have write permission on the mounted-on
|
|
|
|
directory.
|
2004-07-18 01:51:59 +00:00
|
|
|
In addition, the
|
2005-01-10 16:17:34 +00:00
|
|
|
.Va vfs.usermount
|
|
|
|
.Xr sysctl 8
|
2004-07-18 01:51:59 +00:00
|
|
|
variable must be set to 1 to permit file system mounting by ordinary users.
|
2006-12-02 19:35:56 +00:00
|
|
|
However, note that
|
|
|
|
.Ar transparent
|
|
|
|
and
|
|
|
|
.Ar masquerade
|
|
|
|
mode require
|
|
|
|
.Va vfs.usermount
|
|
|
|
be set to 0 because this functionality can only be used by superusers.
|
1994-05-26 06:35:07 +00:00
|
|
|
.Pp
|
|
|
|
Filenames are looked up in the upper layer and then in the
|
|
|
|
lower layer.
|
|
|
|
If a directory is found in the lower layer, and there is no entry
|
|
|
|
in the upper layer, then a
|
|
|
|
.Em shadow
|
|
|
|
directory will be created in the upper layer.
|
2006-12-02 19:35:56 +00:00
|
|
|
The ownership and the mode bits are set depending on the
|
|
|
|
.Ar copymode
|
|
|
|
option. In
|
|
|
|
.Ar traditional
|
|
|
|
mode, it will be owned by the user who originally did the
|
|
|
|
union mount, with mode 0777
|
|
|
|
.Dq rwxrwxrwx
|
|
|
|
modified by the umask in effect at that time.
|
1994-05-26 06:35:07 +00:00
|
|
|
.Pp
|
|
|
|
If a file exists in the upper layer then there is no way to access
|
|
|
|
a file with the same name in the lower layer.
|
|
|
|
If necessary, a combination of loopback and union mounts can be made
|
|
|
|
which will still allow the lower files to be accessed by a different
|
|
|
|
pathname.
|
|
|
|
.Pp
|
|
|
|
Except in the case of a directory,
|
2002-08-21 18:11:48 +00:00
|
|
|
access to an object is granted via the normal file system access checks.
|
1994-05-26 06:35:07 +00:00
|
|
|
For directories, the current user must have access to both the upper
|
|
|
|
and lower directories (should they both exist).
|
|
|
|
.Pp
|
|
|
|
Requests to create or modify objects in
|
|
|
|
.Ar uniondir
|
|
|
|
are passed to the upper layer with the exception of a few special cases.
|
|
|
|
An attempt to open for writing a file which exists in the lower layer
|
|
|
|
causes a copy of the
|
|
|
|
.Em entire
|
|
|
|
file to be made to the upper layer, and then for the upper layer copy
|
|
|
|
to be opened.
|
|
|
|
Similarly, an attempt to truncate a lower layer file to zero length
|
|
|
|
causes an empty file to be created in the upper layer.
|
|
|
|
Any other operation which would ultimately require modification to
|
|
|
|
the lower layer fails with
|
2000-11-22 16:02:00 +00:00
|
|
|
.Er EROFS .
|
1994-05-26 06:35:07 +00:00
|
|
|
.Pp
|
2002-08-21 18:11:48 +00:00
|
|
|
The union file system manipulates the namespace, rather than
|
|
|
|
individual file systems.
|
1994-05-26 06:35:07 +00:00
|
|
|
The union operation applies recursively down the directory tree
|
|
|
|
now rooted at
|
|
|
|
.Ar uniondir .
|
2002-08-21 18:11:48 +00:00
|
|
|
Thus any file systems which are mounted under
|
1994-05-26 06:35:07 +00:00
|
|
|
.Ar uniondir
|
|
|
|
will take part in the union operation.
|
|
|
|
This differs from the
|
|
|
|
.Em union
|
|
|
|
option to
|
|
|
|
.Xr mount 8
|
|
|
|
which only applies the union operation to the mount point itself,
|
|
|
|
and then only for lookups.
|
2006-12-02 19:35:56 +00:00
|
|
|
.Sh MASQUERADE MODE
|
|
|
|
When a file
|
|
|
|
.Pq or a directory
|
|
|
|
is created in the upper layer, the
|
|
|
|
.Ar masquerade
|
|
|
|
mode sets it the fixed access mode bits given in
|
|
|
|
.Ar ufile Pq for files
|
|
|
|
or
|
|
|
|
.Ar udir Pq for directories
|
|
|
|
option and the owner given in
|
|
|
|
.Ar udir
|
|
|
|
and
|
|
|
|
.Ar gid
|
|
|
|
options, instead of ones in the lower layer. Note that in the
|
|
|
|
.Ar masquerade
|
|
|
|
mode and when owner of the file or directory matches
|
|
|
|
one specified in
|
|
|
|
.Ar uid
|
|
|
|
option, only mode bits for the owner will be modified.
|
|
|
|
More specifically, the file mode bits in the upper layer will
|
|
|
|
be
|
|
|
|
.Pq mode in the lower layer
|
|
|
|
OR
|
|
|
|
.Pq Po mode given in .Ar ufile
|
|
|
|
AND 0700
|
|
|
|
.Pc , and the ownership will be the same as one in the lower layer.
|
|
|
|
.Pp
|
|
|
|
The default values for
|
|
|
|
.Ar ufile , udir , uid ,
|
|
|
|
and
|
|
|
|
.Ar gid
|
|
|
|
are as follow:
|
|
|
|
.Pp
|
|
|
|
.Bl -bullet -compact
|
|
|
|
.It
|
|
|
|
If both
|
|
|
|
.Ar ufile
|
|
|
|
and
|
|
|
|
.Ar udir
|
|
|
|
are not specified, access mode bits in the mount point will be used.
|
|
|
|
.It
|
|
|
|
If both
|
|
|
|
.Ar uid
|
|
|
|
and
|
|
|
|
.Ar gid
|
|
|
|
are not specified, ownership in the mount point will be used.
|
|
|
|
.It
|
|
|
|
If either
|
|
|
|
.Ar udir
|
|
|
|
or
|
|
|
|
.Ar ufile
|
|
|
|
is not specified, the other will be the same as the specified one.
|
|
|
|
.It
|
|
|
|
If either
|
|
|
|
.Ar uid
|
|
|
|
or
|
|
|
|
.Ar gid
|
|
|
|
is not specified, the other will be the same as the specified one.
|
|
|
|
.El
|
1994-05-26 06:35:07 +00:00
|
|
|
.Sh EXAMPLES
|
|
|
|
The commands
|
|
|
|
.Bd -literal -offset indent
|
2006-12-02 19:35:56 +00:00
|
|
|
mount -t cd9660 -o ro /dev/cd0 /usr/src
|
|
|
|
mount -t unionfs -o noatime /var/obj /usr/src
|
1994-05-26 06:35:07 +00:00
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
mount the CD-ROM drive
|
2006-12-02 19:35:56 +00:00
|
|
|
.Pa /dev/cd0
|
1994-05-26 06:35:07 +00:00
|
|
|
on
|
|
|
|
.Pa /usr/src
|
|
|
|
and then attaches
|
|
|
|
.Pa /var/obj
|
|
|
|
on top.
|
|
|
|
For most purposes the effect of this is to make the
|
|
|
|
source tree appear writable
|
2006-12-02 19:35:56 +00:00
|
|
|
even though it is stored on a CD-ROM. The
|
|
|
|
.Fl o Ar noatime
|
|
|
|
option is useful to avoid unnecessary copying from the lower to the
|
|
|
|
upper layer.
|
|
|
|
.Pp
|
|
|
|
The commands
|
|
|
|
.Bd -literal -offset indent
|
|
|
|
mount -t cd9660 -o ro /dev/cd0 /usr/src
|
|
|
|
chown 2020 /usr/src
|
|
|
|
mount -t unionfs -o noatime -o copymode=masquerade -o uid=builder \\
|
|
|
|
-o udir=755 -o ufile=644 /var/obj /usr/src
|
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
also mount the CD-ROM drive
|
|
|
|
.Pa /dev/cd0
|
|
|
|
on
|
|
|
|
.Pa /usr/src
|
|
|
|
and then attaches
|
|
|
|
.Pa /var/obj
|
|
|
|
on top. Furthermore, the owner of all files and directories in /usr/src
|
|
|
|
is a regular user with uid
|
|
|
|
.Pq 2020
|
|
|
|
when seen from the upper layer. Note that for the access mode bits,
|
|
|
|
ones in the lower layer
|
|
|
|
.Pq on the CD-ROM, in this example
|
|
|
|
are still used without change.
|
|
|
|
Thus, write privilege to the upper layer can be controlled
|
|
|
|
independently from access mode bits and ownership in the lower layer.
|
|
|
|
If a user does not have read privilege from the lower layer,
|
|
|
|
one cannot still read even when the upper layer is mounted by using
|
|
|
|
.Ar masquerade
|
|
|
|
mode.
|
1994-05-26 06:35:07 +00:00
|
|
|
.Pp
|
|
|
|
The command
|
|
|
|
.Bd -literal -offset indent
|
2006-12-02 19:35:56 +00:00
|
|
|
mount -t unionfs -o noatime -o below /sys $HOME/sys
|
1994-05-26 06:35:07 +00:00
|
|
|
.Ed
|
|
|
|
.Pp
|
|
|
|
attaches the system source tree below the
|
|
|
|
.Pa sys
|
|
|
|
directory in the user's home directory.
|
|
|
|
This allows individual users to make private changes
|
|
|
|
to the source, and build new kernels, without those
|
|
|
|
changes becoming visible to other users.
|
|
|
|
Note that the files in the lower layer remain
|
|
|
|
accessible via
|
|
|
|
.Pa /sys .
|
|
|
|
.Sh SEE ALSO
|
|
|
|
.Xr intro 2 ,
|
|
|
|
.Xr mount 2 ,
|
|
|
|
.Xr unmount 2 ,
|
|
|
|
.Xr fstab 5 ,
|
|
|
|
.Xr mount 8 ,
|
2001-05-24 13:13:56 +00:00
|
|
|
.Xr mount_nullfs 8
|
2005-01-18 10:09:38 +00:00
|
|
|
.Sh HISTORY
|
|
|
|
The
|
|
|
|
.Nm
|
|
|
|
utility first appeared in
|
|
|
|
.Bx 4.4 .
|
2006-12-02 19:35:56 +00:00
|
|
|
.Pp
|
|
|
|
The
|
|
|
|
.Fl r
|
|
|
|
option for hiding the lower layer completely was removed in
|
|
|
|
.Fx 7.0
|
|
|
|
because this is identical to using
|
|
|
|
.Xr mount_nullfs 8 .
|
|
|
|
.Sh AUTHORS
|
|
|
|
In
|
|
|
|
.Fx 7.0 ,
|
|
|
|
.An Masanori OZAWA Aq ozawa@ongs.co.jp
|
|
|
|
reimplemented handling of locking, whiteout, and file mode bits, and
|
|
|
|
.An Hiroki Sato Aq hrs@FreeBSD.org
|
|
|
|
wrote about the changes in this manual page.
|
1994-05-26 06:35:07 +00:00
|
|
|
.Sh BUGS
|
2002-12-12 17:26:04 +00:00
|
|
|
THIS FILE SYSTEM TYPE IS NOT YET FULLY SUPPORTED (READ: IT DOESN'T WORK)
|
2004-07-02 21:45:06 +00:00
|
|
|
AND USING IT MAY, IN FACT, DESTROY DATA ON YOUR SYSTEM.
|
|
|
|
USE AT YOUR
|
|
|
|
OWN RISK.
|
|
|
|
BEWARE OF DOG.
|
|
|
|
SLIPPERY WHEN WET.
|
2000-11-22 16:02:00 +00:00
|
|
|
.Pp
|
1998-12-22 11:52:10 +00:00
|
|
|
This code also needs an owner in order to be less dangerous - serious
|
2000-11-22 16:02:00 +00:00
|
|
|
hackers can apply by sending mail to
|
2006-12-02 19:35:56 +00:00
|
|
|
.Aq freebsd-fs@FreeBSD.org
|
2000-11-22 16:02:00 +00:00
|
|
|
and announcing
|
1998-12-22 11:52:10 +00:00
|
|
|
their intent to take it over.
|
2000-11-22 16:02:00 +00:00
|
|
|
.Pp
|
2002-08-21 18:11:48 +00:00
|
|
|
Without whiteout support from the file system backing the upper layer,
|
1994-05-26 06:35:07 +00:00
|
|
|
there is no way that delete and rename operations on lower layer
|
|
|
|
objects can be done.
|
2000-11-22 16:02:00 +00:00
|
|
|
.Er EROFS
|
1994-05-26 06:35:07 +00:00
|
|
|
is returned for this kind of operations along with any others
|
|
|
|
which would make modifications to the lower layer, such as
|
|
|
|
.Xr chmod 1 .
|
|
|
|
.Pp
|
|
|
|
Running
|
|
|
|
.Xr find 1
|
|
|
|
over a union tree has the side-effect of creating
|
|
|
|
a tree of shadow directories in the upper layer.
|
2006-12-02 19:35:56 +00:00
|
|
|
.Pp
|
|
|
|
The current implementation does not support copying extended attributes
|
|
|
|
for
|
|
|
|
.Xr acl 9 ,
|
|
|
|
.Xr mac 9 ,
|
|
|
|
or so on to the upper layer. Note that this may be a security issue.
|
|
|
|
.Pp
|
|
|
|
A shadow directory, which is one automatically created in the upper
|
|
|
|
layer when it exists in the lower layer and does not exist in the
|
|
|
|
upper layer, is always created with the superuser privilege.
|
|
|
|
However, a file copied from the lower layer in the same way
|
|
|
|
is created by the user who accessed it. Because of this,
|
|
|
|
if the user is not the superuser, even in
|
|
|
|
.Ar transparent
|
|
|
|
mode the access mode bits in the copied file in the upper layer
|
|
|
|
will not always be the same as ones in the lower layer.
|
|
|
|
This behavior should be fixed.
|