What "to mount" means
Linux has one directory tree rooted at /. To reach a
block-devices, you attach it to the tree: pick a mount
point (an empty directory) and tell the kernel "from here on, under
this path, you will find the contents of such-and-such device".
sudo mkdir /mnt/data
sudo mount /dev/sdb1 /mnt/data # ext4 is detected automatically
sudo mount -t xfs /dev/sdb1 /mnt/data # set the type explicitly
Viewing current mounts
mount # all mounted filesystems (full format)
findmnt # the mount tree (more readable)
findmnt / # info about one mount point
cat /proc/mounts # raw format, always current
df -hT # sizes + filesystem types
Mount options
Pass them with -o, or in the 4th column of fstab. The most important ones:
| option | what it does |
|---|---|
ro / rw | read-only / read-write |
noexec | forbid running binaries from this filesystem (malware defense) |
nosuid | ignore setuid/setgid bits (file-permissions) |
nodev | ignore device nodes |
noatime | do not update access time on reads (faster) |
relatime | update atime only when it is well out of date (default) |
sync / async | synchronous writes vs caching |
defaults | rw,suid,dev,exec,auto,nouser,async |
user | let an ordinary user mount it |
The trio noexec,nosuid,nodev is standard for /tmp, /home, and
user-mounted volumes. It cuts the blast radius of an escalation sharply.
/etc/fstab: what to mount at boot
The format is one line per filesystem, 6 fields separated by whitespace:
# <source> <target> <fstype> <options> <dump> <pass>
UUID=abc-123 / ext4 defaults,errors=remount-ro 0 1
UUID=def-456 /home ext4 defaults,nodev 0 2
UUID=ghi-789 none swap sw 0 0
tmpfs /tmp tmpfs defaults,nosuid,nodev,size=2G 0 0
/dev/sdb1 /mnt/data xfs noatime,nofail 0 2
The fields:
- source is the UUID/LABEL/device path (UUID is more reliable, names change)
- target is the mount point
- fstype is
ext4,xfs,tmpfs,nfs,cifs,auto, and so on - options are comma-separated with no spaces
- dump is whether to include it in
dumpbackups (always0now) - pass is the
fsckorder at boot:0= do not check,1= root,2= the rest
Apply changes without a reboot:
sudo mount -a # mount everything in fstab not yet mounted
sudo systemctl daemon-reload # systemd generates .mount units from fstab
nofail is required for optional disks: if the disk is missing, it does not block boot.
tmpfs: a filesystem in RAM
sudo mount -t tmpfs -o size=512M tmpfs /mnt/ramdisk
Useful for:
/tmp(faster, cleared on reboot)/run, the runtime state of systemd, always tmpfs/dev/shm, POSIX shared memory- builds with many temporary files (CI)
Bind mount: the same content in two places
sudo mount --bind /var/data /mnt/duplicate
This is not a copy. It is a second name for the same tree. You see it in:
- chroot environments (to expose
/dev,/proc) - jails
- Docker volumes (
-v /host/path:/container/path) - read-only views:
mount --bind+mount -o remount,bind,ro
Unmounting
sudo umount /mnt/data
sudo umount -l /mnt/data # lazy: detach from the tree now, release when the last fd closes
sudo umount -f /mnt/data # force (NFS/userspace only)
# If "device is busy"
sudo lsof +D /mnt/data # see [[cmd-lsof]]: who holds files there
sudo fuser -vm /mnt/data # an alternative
NFS / CIFS
# NFS
sudo mount -t nfs server:/export/path /mnt/nfs
# fstab: server:/export/path /mnt/nfs nfs defaults,_netdev 0 0
# CIFS (Samba/Windows)
sudo mount -t cifs //server/share /mnt/win -o username=user,password=pass
The _netdev option means "requires the network, mount after network-online".