Linux maintains a record of all mounted file systems in /proc/mounts. Additionally, we can find file system mount information in /proc/self/mounts and in /etc/mtab.
The difference between the three is important: proc/mounts is a kernel-generated file that shows the filesystems mounted as reported by the kernel’s Virtual File System. On the other hand, proc/self/mounts is the same thing as /proc/<pid>/mounts, except pointing to the client’s own process.
The primary reason for this distinction is to maintain mount namespaces. For example, in a single-namespace system, both files will look identical; however, in a system with containerisation, proc/mounts will show what file systems the host sees as mounted, while /proc/self/mount will show what the containerised process is able to see.
Finally, /etc/mtab is traditionally a user-space file maintained via mount and umount. It appeared in older systems before the implementation of /proc/mounts, although today distributions simply symlink /etc/mtab to /proc/self/mounts.
The configuration file for filesystem mounts is /etc/fstab. It can be used to mount partitions, RAID devices, etc.
Static mounts
A static mount is the result of a successful /etc/fstab entry. Those entries include the following information:
| File system | Mount point | FS type | Mount options | Dump setting | fscheck order |
|---|---|---|---|---|---|
/dev/sdb1 | /mnt/data | ext4 | defaults | 0 | 2 |
UUID=<a-uuid> | /mnt/data2 | nfs | rw | 0 | 0 |
We can also manually mount a device with the mount command: mount -t >fs_type> <path/to/device> <path/to/mountpoint>. We can also use flags like --mkdir to create the directory if it doesn’t exist (instead of doing mkdir -p <path> first), as well as other options such as specifying the uid, gid, ro/rw etc for the mount.
Finally, we can use mount to mount one directory to another directory: mount --bind path/to/old/dir path/to/new/dir, see this StackOverflow discussion for a much more detailed explanation of --bind1
Note
The file system format can affect how the mount is used, and what parameters need to be passed to the
mountcommand. See also Linux network mounts.
Mount access options
Some of the options available to a mount are:
| Option | Use |
|---|---|
ro | Read only |
rw | Read write |
remount | Allows to change access |
noatime | Prevents application of timestamp log |
nodiratime | Stops updates for directory access times |
The remount option can be used to change from ro to rw and vice-versa at runtime, without the need to un-mount the device first. It is used with mount -o remount,<OPTIONS> <TARGET>. |
Mount security options
| Option | Use |
|---|---|
nodev | No special device files can be created or used |
nosuid | Prevents files from granding extra privileges when they run |
noexec | Prevents programs from executing in a location |
nodev is used so that files are always treated as just files, instead of gateways to real hardware or processes, and thus preventing security loopholes or other such things. In other words, it makes every file in the nodev directory seen as plain files. |
nosuid prevents the files on a mounted system from granting root privileges using suid or sgid bits; this means that those files are not allowed to grant any sort of privilege.
Network mounts
Footnotes
-
As I understood it, among other things, a distinct advantage of bind mounts is that a program will see it as the real directory (rather than just a symlink, for example). This is particularly useful because symlinks are resolved in userspace, while bind mounts use the kernel. As a result, we can use binds to mount file systems to
chrootedor containerised environments. ↩