Linux Fundamentals - File System Management

#readwise # Linux Fundamentals - File System Management ![rw-book-cover](https://readwise-assets.s3.amazonaws.com/static/images/article3.5c705a01b476.png) ## Metadata - Author: [[Hack The Box]] - Full Title: Linux Fundamentals - File System Management - URL: https://academy.hackthebox.com/module/18/section/2096 ## Summary File system management in Linux involves organizing and maintaining data on storage devices. Linux supports various file systems like ext4 and NTFS, each with unique features for different needs. Inodes are used to store metadata about files and help the system efficiently access them. Disk management includes partitioning drives and mounting them to directories, allowing users to access files easily. ## Highlights - `ext2` is an older file system with no journaling capabilities, which makes it less suited for modern systems but still useful in certain low-overhead scenarios (like USB drives). - `ext3` and `ext4` are more advanced, with journaling (which helps in recovering from crashes), and ext4 is the default choice for most modern Linux systems because it offers a balance of performance, reliability, and large file support. - `Btrfs` is known for advanced features like snapshotting and built-in data integrity checks, making it ideal for complex storage setups. - `XFS` excels at handling large files and has high performance. It is best suited for environments with high I/O demands - `NTFS`, originally developed for Windows, is useful for compatibility when dealing with dual-boot systems or external drives that need to work on both Linux and Windows systems. ([View Highlight](https://read.readwise.io/read/01jn0j81dr8yk7z6z1mgfhrpc9)) --- Linux's file system architecture is based on the Unix model, organized in a hierarchical structure. This structure consists of several components, the most critical being `inodes`. `Inodes` are data structures that store metadata about each file and directory, including permissions, ownership, size, and timestamps. Inodes do not store the file’s actual data or name, but they contain pointers to the blocks where the file’s data is stored on the disk. The `inode` table is a collection of these inodes, essentially acting as a database that the Linux kernel uses to track every file and directory on the system. ([View Highlight](https://read.readwise.io/read/01jn0jaa2zmjtzgkbksm9nnz40)) --- Symbolic Links In addition to regular files and directories, Linux also supports symbolic links (`symlinks`), which act as shortcuts or references to other files or directories. Symbolic links allow quick access to files located in different parts of the file system without duplicating the file itself. Symlinks can be used to streamline access or organize complex directory structures by pointing to important files across various locations. ([View Highlight](https://read.readwise.io/read/01jn0jd4rm46yq6q6qjmnt1y1p)) --- Disks & Drives Disk management on Linux involves managing physical storage devices, including hard drives, solid-state drives, and removable storage devices. The main tool for disk management on Linux is the `fdisk`, which allows us to create, delete, and manage partitions on a drive. It can also display information about the partition table, including the size and type of each partition. Partitioning a drive on Linux involves dividing the physical storage space into separate, logical sections. Each partition can then be formatted with a specific file system, such as ext4, NTFS, or FAT32, and can be mounted as a separate file system. The most common partitioning tool on Linux is also `fdisk`, `gpart`, and `GParted`. ([View Highlight](https://read.readwise.io/read/01jn0jekebsxxn6f023vdxcwtn)) --- Each logical partition or storage drive must be assigned to a specific directory in the file system. This process is known as `mounting`. Mounting involves linking a drive or partition to a directory, making its contents accessible within the overall file system hierarchy. Once a drive is mounted to a directory (also called a mount point), it can be accessed and used like any other directory on the system. The `mount` command is commonly used to manually mount file systems on Linux. However, if you want certain file systems or partitions to be automatically mounted when the system boots, you can define them in the `/etc/fstab` file. This file lists the file systems and their associated mount points, along with options like read/write permissions and file system types, ensuring that specific drives or partitions are available upon startup without needing manual intervention. ([View Highlight](https://read.readwise.io/read/01jn0jnpakzqm80yef7n8bbz1k)) --- To view the currently mounted file systems, we can use the `mount` command without any arguments. The output will show a list of all the currently mounted file systems, including the device name, file system type, mount point, and options. ([View Highlight](https://read.readwise.io/read/01jn0jp0b82cxmc673z48gbjbc)) --- To mount a file system, we can use the `mount` command followed by the device name and the mount point. For example, to mount a USB drive with the device name `/dev/sdb1` to the directory `/mnt/usb`, we would use the following command: ```sh sudo mount /dev/sdb1 /mnt/usb ``` ([View Highlight](https://read.readwise.io/read/01jn0jtfzmsy9fw8znwcd0hrms)) --- To unmount a file system in Linux, we can use the `umount` command followed by the mount point of the file system we want to unmount. ([View Highlight](https://read.readwise.io/read/01jn0jtxbe07s98j5g915dh7q7)) --- To ensure that there are no running processes that are using the file system, we can use the `lsof` command to list the open files on the file system. ([View Highlight](https://read.readwise.io/read/01jn0jvfsq1e0sn8dgsncfp6fr)) --- If we find any processes that are using the file system, we need to stop them before we can unmount the file system. ([View Highlight](https://read.readwise.io/read/01jn0jwkt4jqnysntafwck03sw)) --- Swap space is an essential part of memory management in Linux and plays a critical role in ensuring smooth system performance, especially when the available physical memory (RAM) is fully utilized. When the system runs out of physical memory, the kernel moves inactive pages of memory (data not immediately in use) to the swap space, freeing up RAM for active processes. This process is known as swapping. Creating Swap Space Swap space can be set up either during the installation of the operating system or added later using the mkswap and swapon commands. - `mkswap` is used to prepare a device or file to be used as swap space by creating a Linux swap area - `swapon` activates the swap space, allowing the system to use it Sizing and Managing Swap Space The size of the `swap space` is not fixed and depends on your system's physical memory and intended usage. For example, a system with less RAM or running memory-intensive applications might need more swap space. However, modern systems with large amounts of RAM may require less or even no swap space, depending on specific use cases. When setting up swap space, it’s important to allocate it on a dedicated partition or file, separate from the rest of the file system. This prevents fragmentation and ensures efficient use of the swap area when needed. Additionally, because sensitive data can be temporarily stored in swap space, it's recommended to encrypt the swap space to safeguard against potential data exposure. ([View Highlight](https://read.readwise.io/read/01jn0k12t6a727gxgt9dt26d1a)) ---