4.11.2011 | Blog
The fstab masks has puzzled me a little, because it’s not as the unix file permissions, so I thought to share the result of my research for anyone who felt the same.
The fstab exists in /etc/fstab, so let’s examine the fstab a little bit.
The fstab has got 6 columns:
Device name: This is the UNIX filename representing the physical device or partition. Typically, this name starts with /dev.
Mount point: File system type
File system type: This field represents the filesystem to be used when mounting the device or partition. Typical values for this field are ext2, ext3, reiserfs, vfat, iso9660, and udf. auto can be used if multiple filesystems can be used on removable devices such as card readers, CD-ROMs, and DVD-ROMs.
Options: These are options given to the mount, umount and eject commands. A value of defaults means to use the default options for the filesystem being used. users means that any user can mount the device. owner means that only the owner of the device can mount and unmount the device. Usually this is the administrator. rw means to mount the device for read and write access. ro means the device is mounted for read-only access. There are quite a few other options that can be placed in this field.
Dump: This is usually set to zero for removable devices.
Boot Check Priority(Pass): When set to zero, this tells Linux not to do a filesystem integrity check on this device at boot time. The boot should have value 1, if set to 2 will be checked after the boot, and 0 will not check. Enabling this option for removable devices is not recommended.
Here’s an example:
# device name mount point fs-type options dump-freq pass-num LABEL=/ / ext3 defaults 1 1 /dev/hda6 swap swap defaults 0 0 none /dev/pts devpts gid=5,mode=620 0 0 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 # Removable media /dev/cdrom /mount/cdrom udf,iso9660 noauto,owner,kudzu,ro 0 0 /dev/fd0 /mount/floppy auto noauto,owner,kudzu 0 0 # NTFS Windows XP partition /dev/hda1 /mnt/WinXP ntfs-3g quiet,defaults,locale=en_US.utf8,umask=000 0 0 # Partition shared by Windows and Linux /dev/hda7 /mnt/shared vfat auto,dmask=000 0 0 # mounting tmpfs tmpfs /mnt/tmpfschk tmpfs size=100m 0 0 # mounting cifs //pingu/ashare /store/pingu cifs credentials=/root/smbpass.txt 0 0 #mounting NFS pingu:/store /store nfs rw 0 0
- sync/async – All I/O to the file system should be done (a)synchronously.
- auto – The filesystem can be mounted automatically (at bootup, or when mount is passed the -a option). This is really unnecessary as this is the default action of mount -a anyway.
- noauto – The filesystem will NOT be automatically mounted at startup, or when mount passed -a. You must explicitly mount the filesystem.
- dev/nodev – Interpret/Do not interpret character or block special devices on the file system.
- exec / noexec – Permit/Prevent the execution of binaries from the filesystem.
- suid/nosuid – Permit/Block the operation of suid, and sgid bits.
- ro – Mount read-only.
- rw – Mount read-write.
- user – Permit any user to mount the filesystem. This automatically implies noexec, nosuid,nodev unless overridden.
- nouser – Only permit root to mount the filesystem. This is also a default setting.
- defaults – Use default settings. Equivalent to rw, suid, dev, exec, auto, nouser, async.
- _netdev – Used for network shares (nfs, samba, sshfs, etc), mounting the network share is delayed until after the boot process brings up the network (otherwise the mount will fail as the network is not up).
Fstab Mask Permissions
The umask is the default for files and folders, if you want to customize files and folders’ permissions you should use fmask and dmask same use as the umask.
I was lost first finding the mask permissions are not like the octal permission codes passed to the chmod command, however I found this table really helpful understanding how the umask permissions work.
It works as the normal octal permissions but subtracted from 7, and use the absolute value. for instance if you want to set the permissions to 0777 you will need to set it 0000 in the umask(e.g. umask=0000), if you want to set it to 0755 you will set it to 0022.
The first character represents that its an octal permissions
The second is for the owner
The third is the group
The last is for other or The World