b11927ff86
that it really wasn't intended as a security feature. Wording mostly by: simon Discussed with: secteam
492 lines
14 KiB
Groff
492 lines
14 KiB
Groff
.\" Copyright (c) 1980, 1989, 1991, 1993
|
|
.\" The Regents of the University of California. All rights reserved.
|
|
.\"
|
|
.\" Redistribution and use in source and binary forms, with or without
|
|
.\" modification, are permitted provided that the following conditions
|
|
.\" are met:
|
|
.\" 1. Redistributions of source code must retain the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer.
|
|
.\" 2. Redistributions in binary form must reproduce the above copyright
|
|
.\" notice, this list of conditions and the following disclaimer in the
|
|
.\" documentation and/or other materials provided with the distribution.
|
|
.\" 4. Neither the name of the University nor the names of its contributors
|
|
.\" may be used to endorse or promote products derived from this software
|
|
.\" without specific prior written permission.
|
|
.\"
|
|
.\" THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
.\" SUCH DAMAGE.
|
|
.\"
|
|
.\" @(#)mount.8 8.8 (Berkeley) 6/16/94
|
|
.\" $FreeBSD$
|
|
.\"
|
|
.Dd November 26, 2004
|
|
.Dt MOUNT 8
|
|
.Os
|
|
.Sh NAME
|
|
.Nm mount
|
|
.Nd mount file systems
|
|
.Sh SYNOPSIS
|
|
.Nm
|
|
.Op Fl adfpruvw
|
|
.Op Fl F Ar fstab
|
|
.Op Fl o Ar options
|
|
.Op Fl t Ar ufs | external_type
|
|
.Nm
|
|
.Op Fl dfpruvw
|
|
.Ar special | node
|
|
.Nm
|
|
.Op Fl dfpruvw
|
|
.Op Fl o Ar options
|
|
.Op Fl t Ar ufs | external_type
|
|
.Ar special node
|
|
.Sh DESCRIPTION
|
|
The
|
|
.Nm
|
|
utility calls the
|
|
.Xr mount 2
|
|
system call to prepare and graft a
|
|
.Ar "special device"
|
|
or the remote node (rhost:path) on to the file system tree at the point
|
|
.Ar node .
|
|
If either
|
|
.Ar special
|
|
or
|
|
.Ar node
|
|
are not provided, the appropriate information is taken from the
|
|
.Xr fstab 5
|
|
file.
|
|
.Pp
|
|
The system maintains a list of currently mounted file systems.
|
|
If no arguments are given to
|
|
.Nm ,
|
|
this list is printed.
|
|
.Pp
|
|
The options are as follows:
|
|
.Bl -tag -width indent
|
|
.It Fl a
|
|
All the file systems described in
|
|
.Xr fstab 5
|
|
are mounted.
|
|
Exceptions are those marked as
|
|
.Dq noauto ,
|
|
excluded by the
|
|
.Fl t
|
|
flag (see below), or if they are already mounted (except the
|
|
root file system which is always remounted to preserve
|
|
traditional single user mode behavior).
|
|
.It Fl d
|
|
Causes everything to be done except for the actual system call.
|
|
This option is useful in conjunction with the
|
|
.Fl v
|
|
flag to
|
|
determine what the
|
|
.Nm
|
|
command is trying to do.
|
|
.It Fl F Ar fstab
|
|
Specify the
|
|
.Pa fstab
|
|
file to use.
|
|
.It Fl f
|
|
Forces the revocation of write access when trying to downgrade
|
|
a file system mount status from read-write to read-only.
|
|
Also
|
|
forces the R/W mount of an unclean file system (dangerous; use with
|
|
caution).
|
|
.It Fl o
|
|
Options are specified with a
|
|
.Fl o
|
|
flag followed by a comma separated string of options.
|
|
In case of conflicting options being specified, the rightmost option
|
|
takes effect.
|
|
The following options are available:
|
|
.Bl -tag -width indent
|
|
.It Cm acls
|
|
Enable Access Control Lists, or ACLS, which can be customized via the
|
|
.Xr setfacl 1
|
|
and
|
|
.Xr getfacl 1
|
|
commands.
|
|
.It Cm async
|
|
All
|
|
.Tn I/O
|
|
to the file system should be done asynchronously.
|
|
This is a
|
|
.Em dangerous
|
|
flag to set,
|
|
and should not be used unless you are prepared to recreate the file
|
|
system should your system crash.
|
|
.It Cm current
|
|
When used with the
|
|
.Fl u
|
|
flag, this is the same as specifying the options currently in effect for
|
|
the mounted file system.
|
|
.It Cm force
|
|
The same as
|
|
.Fl f ;
|
|
forces the revocation of write access when trying to downgrade
|
|
a file system mount status from read-write to read-only.
|
|
Also
|
|
forces the R/W mount of an unclean file system (dangerous; use with caution).
|
|
.It Cm fstab
|
|
When used with the
|
|
.Fl u
|
|
flag, this is the same as specifying all the options listed in the
|
|
.Xr fstab 5
|
|
file for the file system.
|
|
.It Cm multilabel
|
|
Enable multi-label Mandatory Access Control, or MAC, on the specified file
|
|
system.
|
|
If the file system supports multilabel operation, individual labels will
|
|
be maintained for each object in the file system, rather than using a
|
|
single label for all objects.
|
|
An alternative to the
|
|
.Fl l
|
|
flag in
|
|
.Xr tunefs 8 .
|
|
See
|
|
.Xr mac 4
|
|
for more information, which cause the multilabel mount flag to be set
|
|
automatically at mount-time.
|
|
.It Cm noasync
|
|
Metadata I/O should be done synchronously, while data I/O should be done
|
|
asynchronously.
|
|
This is the default.
|
|
.It Cm noatime
|
|
Do not update the file access time when reading from a file.
|
|
This option
|
|
is useful on file systems where there are large numbers of files and
|
|
performance is more critical than updating the file access time (which is
|
|
rarely ever important).
|
|
This option is currently only supported on local file systems.
|
|
.It Cm noauto
|
|
This file system should be skipped when
|
|
.Nm
|
|
is run with the
|
|
.Fl a
|
|
flag.
|
|
.It Cm noclusterr
|
|
Disable read clustering.
|
|
.It Cm noclusterw
|
|
Disable write clustering.
|
|
.It Cm noexec
|
|
Do not allow execution of any binaries on the mounted file system.
|
|
This option is useful for a server that has file systems containing
|
|
binaries for architectures other than its own.
|
|
Note: This option was not designed as a security feature and no
|
|
guarantee is made that it will prevent malicious code execution; for
|
|
example, it is still possible to execute scripts which reside on a
|
|
.Cm noexec
|
|
mounted partition.
|
|
.It Cm nosuid
|
|
Do not allow set-user-identifier or set-group-identifier bits to take effect.
|
|
Note: this option is worthless if a public available suid or sgid
|
|
wrapper like
|
|
.Xr suidperl 1
|
|
is installed on your system.
|
|
It is set automatically when the user does not have super-user privileges.
|
|
.It Cm nosymfollow
|
|
Do not follow symlinks
|
|
on the mounted file system.
|
|
.It Cm ro
|
|
The same as
|
|
.Fl r ;
|
|
mount the file system read-only (even the super-user may not write it).
|
|
.It Cm sync
|
|
All
|
|
.Tn I/O
|
|
to the file system should be done synchronously.
|
|
.It Cm snapshot
|
|
This option allows a snapshot of the specified file system to be taken.
|
|
The
|
|
.Fl u
|
|
flag is required with this option.
|
|
Note that snapshot files must be created in the file system that is being
|
|
snapshotted.
|
|
You may create up to 20 snapshots per file system.
|
|
Active snapshots are recorded in the superblock, so they persist across unmount
|
|
and remount operations and across system reboots.
|
|
When you are done with a snapshot, it can be removed with the
|
|
.Xr rm 1
|
|
command.
|
|
Snapshots may be removed in any order, however you may not get back all the
|
|
space contained in the snapshot as another snapshot may claim some of the blocks
|
|
that it is releasing.
|
|
Note that the schg flag is set on snapshots to ensure that not even the root
|
|
user can write to them.
|
|
The unlink command makes an exception for snapshot files in that it allows them
|
|
to be removed even though they have the schg flag set, so it is not necessary to
|
|
clear the schg flag before removing a snapshot file.
|
|
.Pp
|
|
Once you have taken a snapshot, there are three interesting things that you can
|
|
do with it:
|
|
.Pp
|
|
.Bl -enum -compact
|
|
.It
|
|
Run
|
|
.Xr fsck 8
|
|
on the snapshot file.
|
|
Assuming that the file system was clean when it was mounted, you should always
|
|
get a clean (and unchanging) result from running fsck on the snapshot.
|
|
This is essentially what the background fsck process does.
|
|
.Pp
|
|
.It
|
|
Run
|
|
.Xr dump 8
|
|
on the snapshot.
|
|
You will get a dump that is consistent with the file system as of the timestamp
|
|
of the snapshot.
|
|
.Pp
|
|
.It
|
|
Mount the snapshot as a frozen image of the file system.
|
|
To mount the snapshot
|
|
.Pa /var/snapshot/snap1 :
|
|
.Bd -literal
|
|
mdconfig -a -t vnode -f /var/snapshot/snap1 -u 4
|
|
mount -r /dev/md4 /mnt
|
|
.Ed
|
|
.Pp
|
|
You can now cruise around your frozen
|
|
.Pa /var
|
|
file system at
|
|
.Pa /mnt .
|
|
Everything will be in the same state that it was at the time the snapshot was
|
|
taken.
|
|
The one exception is that any earlier snapshots will appear as zero length
|
|
files.
|
|
When you are done with the mounted snapshot:
|
|
.Bd -literal
|
|
umount /mnt
|
|
mdconfig -d -u 4
|
|
.Ed
|
|
.Pp
|
|
Further details can be found in the file at
|
|
.Pa /usr/src/sys/ufs/ffs/README.snapshot .
|
|
.El
|
|
.It Cm suiddir
|
|
A directory on the mounted file system will respond to the SUID bit
|
|
being set, by setting the owner of any new files to be the same
|
|
as the owner of the directory.
|
|
New directories will inherit the bit from their parents.
|
|
Execute bits are removed from
|
|
the file, and it will not be given to root.
|
|
.Pp
|
|
This feature is designed for use on fileservers serving PC users via
|
|
ftp, SAMBA, or netatalk.
|
|
It provides security holes for shell users and as
|
|
such should not be used on shell machines, especially on home directories.
|
|
This option requires the SUIDDIR
|
|
option in the kernel to work.
|
|
Only UFS file systems support this option.
|
|
See
|
|
.Xr chmod 2
|
|
for more information.
|
|
.It Cm update
|
|
The same as
|
|
.Fl u ;
|
|
indicate that the status of an already mounted file system should be changed.
|
|
.It Cm union
|
|
Causes the namespace at the mount point to appear as the union
|
|
of the mounted file system root and the existing directory.
|
|
Lookups will be done in the mounted file system first.
|
|
If those operations fail due to a non-existent file the underlying
|
|
directory is then accessed.
|
|
All creates are done in the mounted file system.
|
|
.El
|
|
.Pp
|
|
Any additional options specific to a file system type that is not
|
|
one of the internally known types (see the
|
|
.Fl t
|
|
option) may be passed as a comma separated list; these options are
|
|
distinguished by a leading
|
|
.Dq \&-
|
|
(dash).
|
|
Options that take a value are specified using the syntax -option=value.
|
|
For example, the
|
|
.Nm
|
|
command:
|
|
.Bd -literal -offset indent
|
|
mount -t unionfs -o -b /sys $HOME/sys
|
|
.Ed
|
|
.Pp
|
|
causes
|
|
.Nm
|
|
to execute the equivalent of:
|
|
.Bd -literal -offset indent
|
|
/sbin/mount_unionfs -b /sys $HOME/sys
|
|
.Ed
|
|
.Pp
|
|
Additional options specific to file system types
|
|
which are not internally known
|
|
(see the description of the
|
|
.Fl t
|
|
option below)
|
|
may be described in the manual pages for the associated
|
|
.Pa /sbin/mount_ Ns Sy XXX
|
|
utilities.
|
|
.It Fl p
|
|
Print mount information in
|
|
.Xr fstab 5
|
|
format.
|
|
Implies also the
|
|
.Fl v
|
|
option.
|
|
.It Fl r
|
|
The file system is to be mounted read-only.
|
|
Mount the file system read-only (even the super-user may not write it).
|
|
The same as the
|
|
.Cm ro
|
|
argument to the
|
|
.Fl o
|
|
option.
|
|
.It Fl t Ar ufs | external_type
|
|
The argument following the
|
|
.Fl t
|
|
is used to indicate the file system type.
|
|
The type
|
|
.Ar ufs
|
|
is the default.
|
|
The
|
|
.Fl t
|
|
option can be used
|
|
to indicate that the actions should only be taken on
|
|
file systems of the specified type.
|
|
More than one type may be specified in a comma separated list.
|
|
The list of file system types can be prefixed with
|
|
.Dq no
|
|
to specify the file system types for which action should
|
|
.Em not
|
|
be taken.
|
|
For example, the
|
|
.Nm
|
|
command:
|
|
.Bd -literal -offset indent
|
|
mount -a -t nonfs,nullfs
|
|
.Ed
|
|
.Pp
|
|
mounts all file systems except those of type
|
|
.Tn NFS
|
|
and
|
|
.Tn NULLFS .
|
|
.Pp
|
|
If the type is not one of the internally known types,
|
|
.Nm
|
|
will attempt to execute a program in
|
|
.Pa /sbin/mount_ Ns Sy XXX
|
|
where
|
|
.Sy XXX
|
|
is replaced by the type name.
|
|
For example, nfs file systems are mounted by the program
|
|
.Pa /sbin/mount_nfs .
|
|
.Pp
|
|
Most file systems will be dynamically loaded by the kernel
|
|
if not already present, and if the kernel module is available.
|
|
.It Fl u
|
|
The
|
|
.Fl u
|
|
flag indicates that the status of an already mounted file
|
|
system should be changed.
|
|
Any of the options discussed above (the
|
|
.Fl o
|
|
option)
|
|
may be changed;
|
|
also a file system can be changed from read-only to read-write
|
|
or vice versa.
|
|
An attempt to change from read-write to read-only will fail if any
|
|
files on the file system are currently open for writing unless the
|
|
.Fl f
|
|
flag is also specified.
|
|
The set of options is determined by applying the options specified
|
|
in the argument to
|
|
.Fl o
|
|
and finally applying the
|
|
.Fl r
|
|
or
|
|
.Fl w
|
|
option.
|
|
.It Fl v
|
|
Verbose mode.
|
|
.It Fl w
|
|
The file system object is to be read and write.
|
|
.El
|
|
.Sh ENVIRONMENT
|
|
.Bl -tag -width ".Ev PATH_FSTAB"
|
|
.It Ev PATH_FSTAB
|
|
If the environment variable
|
|
.Ev PATH_FSTAB
|
|
is set, all operations are performed against the specified file.
|
|
.Ev PATH_FSTAB
|
|
will not be honored if the process environment or memory address space is
|
|
considered
|
|
.Dq tainted .
|
|
(See
|
|
.Xr issetugid 2
|
|
for more information.)
|
|
.El
|
|
.Sh FILES
|
|
.Bl -tag -width /etc/fstab -compact
|
|
.It Pa /etc/fstab
|
|
file system table
|
|
.El
|
|
.Sh DIAGNOSTICS
|
|
Various, most of them are self-explanatory.
|
|
.Pp
|
|
.Dl XXXXX file system is not available
|
|
.Pp
|
|
The kernel does not support the respective file system type.
|
|
Note that
|
|
support for a particular file system might be provided either on a static
|
|
(kernel compile-time), or dynamic basis (loaded as a kernel module by
|
|
.Xr kldload 8 ) .
|
|
.Sh SEE ALSO
|
|
.Xr getfacl 1 ,
|
|
.Xr setfacl 1 ,
|
|
.Xr mount 2 ,
|
|
.Xr acl 3 ,
|
|
.Xr mac 4 ,
|
|
.Xr fstab 5 ,
|
|
.Xr kldload 8 ,
|
|
.Xr mount_cd9660 8 ,
|
|
.Xr mount_devfs 8 ,
|
|
.Xr mount_ext2fs 8 ,
|
|
.Xr mount_fdescfs 8 ,
|
|
.Xr mount_hpfs 8 ,
|
|
.Xr mount_linprocfs 8 ,
|
|
.Xr mount_msdosfs 8 ,
|
|
.Xr mount_nfs 8 ,
|
|
.Xr mount_ntfs 8 ,
|
|
.Xr mount_nullfs 8 ,
|
|
.Xr mount_nwfs 8 ,
|
|
.Xr mount_portalfs 8 ,
|
|
.Xr mount_procfs 8 ,
|
|
.Xr mount_smbfs 8 ,
|
|
.Xr mount_std 8 ,
|
|
.Xr mount_udf 8 ,
|
|
.Xr mount_umapfs 8 ,
|
|
.Xr mount_unionfs 8 ,
|
|
.Xr umount 8
|
|
.Sh CAVEATS
|
|
After a successful
|
|
.Nm ,
|
|
the permissions on the original mount point determine if
|
|
.Pa ..\&
|
|
is accessible from the mounted file system.
|
|
The minimum permissions for
|
|
the mount point for traversal across the mount point in both
|
|
directions to be possible for all users is 0111 (execute for all).
|
|
.Sh HISTORY
|
|
A
|
|
.Nm
|
|
utility appeared in
|
|
.At v1 .
|
|
.Sh BUGS
|
|
It is possible for a corrupted file system to cause a crash.
|