Linux file system overview

File system overview

Block devices :
- The device is usually /dev/sda, /dev/sdb or so. A device name refers to the entire disk.
- Block devices files are found in /dev along with all other system peripherals.
- Block devices can be divided into one or more logical units called partitions.
Partitions
- The device name for a partition is the name of the block device followed by the partition number
- For example, /dev/sda1 is the first partition on the first hard disk in the system
- This division is recorded in the partition table, usually found in sector 0 of the disk

# print partition table for the first hard disk
$ lsblk -fmo +TYPE /dev/sda
NAME   FSTYPE LABEL UUID                                 FSAVAIL FSUSE% MOUNTPOINT      SIZE OWNER GROUP MODE       TYPE
sda                                                                                     127G             brw-rw---- disk
├─sda1 vfat         796D-9597                             505.9M     1% /boot/efi       512M             brw-rw---- part
├─sda2 ext4         5c50c063-4450-4a72-b428-02b2e1cf3d54  112.3G     1% /             122.5G             brw-rw---- part
└─sda3 swap         9660d4c3-30ef-4c99-b24e-22b31798e046                [SWAP]            4G             brw-rw---- part

Every partition has its own file system (see FSTYPE column above)

Inodes :
- In a file system, a file is represented by an inode containing metadata about the file.
- The only informations not included in an inode are file name and directory (those are stored in the special "directory" files).
- An application can retrieve this metadata using stat, which returns a stat structure.
- Inode is useful at least so as owner and group are not stored inside the file ...
Sample inode details :

$ stat /home/fredyfumier/.scripts/.bash_aliases
     File: /home/fredyfumier/.scripts/.bash_aliases
     Size: 1503            Blocks: 8          IO Block: 4096   regular file
 Device: 802h/2050d      Inode: 6041138     Links: 1
 Access: (0644/-rw-r--r--)  Uid: ( 1001/fredyfumier)   Gid: ( 1001/fredyfumier)
 Access: 2021-05-08 19:24:12.399088300 +0200
 Modify: 2021-05-06 22:07:37.869491910 +0200
 Change: 2021-05-06 22:07:37.873491926 +0200
 Birth: -

Display file type attributes using ls :

- regular file

d directory

l symlink

c character device

b block device

s socket

p named pipe
Display file type suffixes using ls -F :

/ directory

* executable

@ symlink

% whiteout

= socket

| pipe FIFO


`-`	regular file
`d`	directory
`l`	symlink
`c`	character device
`b`	block device
`s`	socket
`p`	named pipe


`/`	directory
`*`	executable
`@`	symlink
`%`	whiteout
`=`	socket
`\|`	pipe FIFO

File permissions

3 types of permissions : read, write, execute ("executing" a directory means cd into it)
File permissions :
- Uid = r,w,x
- Gid = r,w,x
- others = r,w,x
File creation mode mask :
- each new regular file has default permissions of 666
- each new directory has default permissions of 777
- the file creation mode mask for the logged in user is then subtracted from the default permissions (see umask)
- for example, umask 0022 means that write permissions are removed for Gid and others
SUID and SGID for executables :
- those flags are set when any user has to be able to run the program using another user (SUID) or group (GUID) permissions
- when set, the "execute" bit for owner (SUID) or group (GUID) is set to s instead of x in the permissions
- for instance, this commands prints all files for which either SUID or UID is set in /usr/bin :

$ ls -l /usr/bin/* | grep -E "^-(.{2}s|.{5}s).*$" -