1 / 27

CIT 470: Advanced Network and System Administration

CIT 470: Advanced Network and System Administration. Filesystems I. Topics. Filesystems and Namespaces Filesystem Types Inodes and Superblocks Network Filesystems. Filesystems. A filesystem is a method for storing and organizing documents.

briar
Download Presentation

CIT 470: Advanced Network and System Administration

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. CIT 470: Advanced Network and System Administration Filesystems I CIT 470: Advanced Network and System Administration

  2. Topics • Filesystems and Namespaces • Filesystem Types • Inodes and Superblocks • Network Filesystems CIT 470: Advanced Network and System Administration

  3. Filesystems A filesystem is a method for storing and organizing documents. • Most filesystems offer a hierarchical tree structure of folders within folders. • Some filesystems are flat, with no folders. • Some filesystems work like a database, where files are identified by metadata, such as creator or user-created tags. CIT 470: Advanced Network and System Administration

  4. Kernel Storage Layers CIT 470: Advanced Network and System Administration

  5. Filesystem Tree Structure / bin boot tmp usr var bin lib X11R6 ls grub less vmlinuz bin lib zip menu.lst xclock xterm CIT 470: Advanced Network and System Administration

  6. UNIX has One Namespace A single tree-structured namespace which • Provides a single way to identify files by name • Contains multiple filesystems: • /dev – files represent hardware devices • /media/cdrom – ISO9660 optical media filesystem • /proc – in-memory representation of kernel data • that are added to the namespace with the mount command: mount /dev/devname /fs/location CIT 470: Advanced Network and System Administration

  7. Namespace contains many fs CIT 470: Advanced Network and System Administration

  8. Filesystem Types by Media Disk Filesystems • Filesystems designed to store files to a fixed or removable permanent storage device. • examples: ext4fs, FAT, ISO9660, NTFS Solid State Filesystems • Wear leveling: re-arrange block usage to avoid writing too many times to any one block on flash. In-Memory Filesystems • Filesystems that represent kernel data structures, e.g. procfs, devfs. Network Filesystems • Filesystems where file access operations are performed using network operations to contact a server where the data is stored on a disk or other physical medium. CIT 470: Advanced Network and System Administration

  9. Common Disk-based Filesystems Extended Filesystems • ext2: first full featured UNIX fs for Linux in 1993 • Recommended use: USB + other solid state drives. • ext3: + journaling; 2TB max file size; 16TB max vol • ext4: faster version of ext3 with larger max file + vol size Microsoft Filesystems • FAT: inefficient disk usage, slow, 8+3 filenames • 4GB maximum file size in 32-bit FAT • NTFS: modern filesystem, many versions • Supports long + old 8+3 filenames for compatibility CIT 470: Advanced Network and System Administration

  10. Ext Filesystem Structure CIT 470: Advanced Network and System Administration

  11. Superblocks and Block Groups CIT 470: Advanced Network and System Administration

  12. Inode Block Addressing CIT 470: Advanced Network and System Administration

  13. Journaling Filesystems Problem: writing to file involves many disk writes • Modify inode to change file size • (potentially) Add new data block to used block map • (potentially) Add pointer to new data block • Write to new data block Journaling filesystems perform writes by: • Write blocks to journal. • Wait for write to be committed to journal. • Write blocks to filesystem. • Discard blocks from journal. CIT 470: Advanced Network and System Administration

  14. Creating a Filesystem Select a disk partition to create filesystem on fdisk –l /dev/sda will list partitions on 1st disk fdisk –l /dev/sdb will list partitions on 2nd disk, Run mke2fs –v /dev/sda2 Creates ext2 filesystem on 2nd partition of 1st disk Wipes any data already existing on that filesystem Add a –j option to create an ext3 journaling fs. CIT 470: Advanced Network and System Administration

  15. Mounting a Filesystem • Create a mountpoint mkdir -p /stor/video • Mount filesystem on chosen directory mount -t ext3 /dev/sda2 /stor/video • Use filesystem • Unmount filesystem when done umount /dev/sda2 Happens automatically at reboot or shutdown CIT 470: Advanced Network and System Administration

  16. Automatic Mounting Filesystems in /etc/fstab are mounted on boot. Use mount to see current mounted filesystems. # /etc/fstab: static file system information. # # <device> <mnt pt> <type> <options> <dump> <pass> proc /proc proc defaults 0 0 /dev/sda1 / ext3 defaults 0 1 /dev/sda2 none swap sw 0 0 /dev/sda3 /home ext3 defaults 0 1 /dev/sdb1 /backup ext3 defaults 0 0 CIT 470: Advanced Network and System Administration

  17. Checking Filesystem Integrity fsck utility performs consistency checks • Are used blocks actually used? • Do inodes point to any unused blocks? • Are used inodes pointed to by directory entries? and repairs inconsistencies if • Sysadmin enters ‘y’ in interactive mode. • Sysadmin uses ‘-y’ argument to do all repairs. Run fsck with unmounted partition as arg: fsck –y /dev/sda2 CIT 470: Advanced Network and System Administration

  18. Access Control Read--You can read the file with cat, more, etc. Write--You can modify the file with vi, Execute--You can run the file if it’s a program. CIT 470: Advanced Network and System Administration

  19. POSIX ACLs Specify individual groups and users. Basic ACL user/group refers to owner. POSIX ACLs allow specifying users + groups. To add/modify permissions for a user: setfacl –m u:username:rw- filename To add/modify permissions for a group: setfacl –m g:groupname:rw- filename CIT 470: Advanced Network and System Administration

  20. File Attributes Attributes extend file permissions: a: append-only (only root can set) i: immutable (read-only, only root can set) s: safe-delete (overwrite, not supported yet) Use lsattr to view attributes. Most files do not have any attributes set. Use chattr to set attributes. chattr +i /boot/vmlinuz* CIT 470: Advanced Network and System Administration

  21. Network Filesystems Use filesystem to transparently share files. Examples: • NFSv3 • CIFS • AFS • NFSv4 • GoogleFS CIT 470: Advanced Network and System Administration

  22. NFS v3 Network File System • Transparent, behaves like a regular UNIX filesystem. • Uses UNIX UIDs,GIDs,perms but can work on Win. • Since NFS is stateless, file locking and recovery are handled by rpc.lockd and rpc.statd daemons. Security • Server only lets certain IP addresses mount filesystems. • Client UIDs have same permissions on server as client. • Client root UID is mapped to nobody, but • Root can su to any client UID to access any file. CIT 470: Advanced Network and System Administration

  23. How NFS Works http://www.cs.ucla.edu/~kohler/class/05f-osp/notes/lec18.html CIT 470: Advanced Network and System Administration

  24. CIFS Microsoft Network Filesystem • Derived from 1980s IBM SMB net filesystem. • Originally ran over NetBIOS, not TCP/IP. • \\svr\share\path Universal Naming Convention • Auth: NTLM (insecure), NTLMv2, Kerberos Implementation • MS Windows-centric (filenames, ACLs, EOLs) • Samba: UNIX client and server software. CIT 470: Advanced Network and System Administration

  25. AFS Distributed filesystem • Global namespace: /afs/abc.com/vol_home1 • Servers provide one or more volumes. • Volume replication with RO copies on other svrs. Cells are administrative domains within AFS. • Cells contain multiple servers. • Each server provides multiple volumes. Security • Kerberos authentication • ACLs with user-controlled groups CIT 470: Advanced Network and System Administration

  26. NFSv4 New model of NFS • Only one protocol (no separate mount,lock,etc.) • Global namespace. • Security (ACLs, Kerberos, encryption) • Cross platform + internationalized. • Better caching via delegation of files to clients. CIT 470: Advanced Network and System Administration

  27. References • Michael D. Bauer, Linux Server Security, 2nd edition, O’Reilly, 2005. • Mike Eisler, Ricardo Labiaga, Hal Stern, Managing NFS and NIS, 2nd edition, O’Reilly, 2001. • Aeleen Frisch, Essential System Administration, 3rd edition, O’Reilly, 2002. • Evi Nemeth et al, UNIX System Administration Handbook, 3rd edition, Prentice Hall, 2001. • NFS HOWTO, http://nfs.sourceforge.net/nfs-howto • RedHat, Red Hat Enterprise Linux 4 System Administration Guide, http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/sysadmin-guide/, 2005. • RedHat, Red Hat Enterprise Linux 4 Reference Guide, http://www.redhat.com/docs/manuals/enterprise/RHEL-4-Manual/ref-guide/ch-nfs.html, 2005. CIT 470: Advanced Network and System Administration

More Related