Linux file system

What are block devices, partitions, file systems, etc ...

view on github

File system overview overview

Table of contents

  1. Devices, partitions and inodes
  2. File permissions
  3. Links

Devices, partitions and inodes

Block devices :

  • A block device is usually /dev/sda, /dev/sdb or so. A device name refers to the entire disk.
  • Block devices files are found in /dev along with all other system peripherals.
  • Block devices can be divided into one or more logical units called partitions.

Partitions

  • The device name for a partition is the name of the block device followed by the partition number
  • For example, /dev/sda1 is the first partition on the first hard disk in the system.
  • This division is recorded in the partition table, usually found in sector 0 of the disk.
# print partition table for the first hard disk
lsblk -fmo +TYPE /dev/sda
NAME   FSTYPE LABEL UUID                                 FSAVAIL FSUSE% MOUNTPOINT      SIZE OWNER GROUP MODE       TYPE
sda                                                                                     127G             brw-rw---- disk
├─sda1 vfat         796D-9597                             505.9M     1% /boot/efi       512M             brw-rw---- part
├─sda2 ext4         5c50c063-4450-4a72-b428-02b2e1cf3d54  112.3G     1% /             122.5G             brw-rw---- part
└─sda3 swap         9660d4c3-30ef-4c99-b24e-22b31798e046                [SWAP]            4G             brw-rw---- part
  • Every partition has its own file system (see FSTYPE column above).

Inodes :

  • In a file system, a file is represented by an inode containing metadata about the file.
  • The only informations not included in an inode are file name and directory (those are stored in special "directory" files).
  • An application can retrieve this metadata using stat, which returns a stat structure.
  • Inode is useful at least so that the owner and group are not stored inside the file ...
  • Sample inode details :
stat /home/admin/some_file
     File: /home/admin/some_file
     Size: 1503            Blocks: 8          IO Block: 4096   regular file
 Device: 802h/2050d      Inode: 6041138     Links: 1
 Access: (0644/-rw-r--r--)  Uid: ( 1001/admin)   Gid: ( 1001/admin)
 Access: 2021-05-08 19:24:12.399088300 +0200
 Modify: 2021-05-06 22:07:37.869491910 +0200
 Change: 2021-05-06 22:07:37.873491926 +0200
 Birth: -
  • Use ls to display file type attributes :

    - Regular file
    d Directory
    l Symlink
    c Character device
    b Block device
    s Socket
    p Named pipe
  • Use ls -F to display file type suffixes :

    / Directory
    * Executable
    @ Symlink
    % Whiteout
    = Socket
    | Pipe FIFO

File permissions

  • 3 types of permissions exist : read, write, execute ("executing" a directory means cd into it).

Permissions per user

  • Owner Uid: r,w,x
  • Group Gid: r,w,x
  • Others: = r,w,x

Note : Owner and group are stored into the file's inode (see above).

File creation mode mask

  • Each new regular file has default permissions of 666.
  • Each new directory has default permissions of 777.
  • The file creation mode mask for the current user is then subtracted from the default permissions (see umask).
  • For example, umask 0022 means that write permissions are removed for Gid and others.

SUID and SGID for executables

  • Those flags are set when any user has to be able to run the program using another user (SUID) or group (GUID) permissions.
  • When set, the "execute" bit for owner (SUID) or group (GUID) is set to s instead of x in the permissions.
  • For instance, this commands prints all files for which either SUID or UID is set in /usr/bin :
ls -l /usr/bin/* | grep -E "^-(.{2}s|.{5}s).*$" -

Links

  • Linux links are the equivalent of Windows shortcuts and can be of 3 types :

Hard links

  • 2 or more file names are given the same inode number, thus point to the same blocks on the disk.
  • Inode numbers are unique for a partition, so a hard link can only point to a file on the same partition.
  • Each regular file is in principle a hard link.

Symbolic links

  • A file that contains the path to the target file.
  • Inodes are not used in this system, so a symlink can point to a file to a different partition.

User-space links

  • Those are only interpreted by GUI and are seen as a normal file by the kernel and the shell.