Virtual Filesystem: Building a Linux Filesystem from an Ordinary File
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
You can take a disk file, format it as ext2, ext3, or reiser filesystem and then mount it, just like a physical drive. Yes, it then possible to read and write files to this newly mounted device. You can also copy the complete filesystem, since it is just a file, to another computer. If security is an issue, read on. This article will show you how to encrypt the filesystem, and mount it with ACL (Access Control Lists), which give you rights beyond the traditional read (r) write (w) and execute (x) for the 3 user groups file, owner and other.
Mounting a file This is an excellent way to investigate different filesystems without having to reformat a physical drive, which means you have the hassle of moving all your data. This method is quick, very quick compared to preparing a physical device. You can then read and write files to the mounted device; however, what is truly great about this technique is that you can explore different filesystems: reiserfs, ext3, or ext2 without having to purchase an additional physical drive. Since the same file can be mounted to more than one mount point, you can investigate sync rates.
Creating a filesystem in this manner allows you to set a hard limit on the amount of space used which, of course, will be equal to the file size. This can be an advantage if you need to move this information to other servers. Since, the contents cannot grow beyond the file, you can easily keep track of how much space is being used.
First, you want to create a 20 MB file by executing the following command.
$ dd if=/dev/zero of=disk-image count=40960
40960+0 records in
40960+0 records out
You just created a 20 MB file, because by default dd uses a block size of 512 bytes. That makes the size: 40960*512=20971520.
Next, to format this as an ext3 filesystem, you just execute the following command:
$ /sbin/mkfs -t ext3 -q disk-image
mke2fs 1.32 (09-Nov-2002)
disk-image is not a block special device.
Proceed anyway? (y,n) y
OK, it ask if you want to proceed. Answer yes. You are getting asked this question because this is a file and not a block device. That is OK. We will mount this as a loopback device so that this file will simulate a block device.
Next you need to create a directory that will serve as a mount point for the loopback device.
$ mkdir fs
You are one step away from the last step. You just want to find out what the next available loopback-device number is. Normally, loop back devices start at zero, /dev/loop0 and work their way up, /dev/loop1, /dev/loop2, ... /dev/loopn. An easy way for you to find out what loopback devices are being used is to look into /proc/mounts, since the mount command may not give you what you need.
On my computer I have no loopback devices mounted, so I'm OK to start with zero. You must do the next command as root, or with an account that has superuser privileges.
# mount -o loop=/dev/loop0 disk-image fs
That is it. You just mounted the file as a device. Now take a look at /proc/mounts, you will see this is using /dev/loop0 on my computer.
You can now create new files, write to them, read them and do everything you normally would do on a disk drive. First I'll give access to the chirico account.
# chown -R chirico.chirico /home/chirico/junk/fs
Now, under the chirico account it is possible to create files.
$ cd /home/chirico/fs
$ mkdir one two three
$ ls -l
total 15
drwx------ 2 chirico chirico 12288 Sep 3 14:28 lost+found
drwxrwxr-x 2 chirico chirico 1024 Sep 3 14:34 one
drwxrwxr-x 2 chirico chirico 1024 Sep 3 14:34 three
drwxrwxr-x 2 chirico chirico 1024 Sep 3 14:34 two
If you need to umount the filesystem, as root, just issue the umount command. In addition, if you need to free the loop back device, execute the losetup command with the -d option. You can execute both commands as follows:
Using RWX - The Old Way To Collaborate.
Before we get started with ACL, how would you setup rights on the filesystem so that users could create and save documents that others could modify? For instance, users chirico and sporkey are collaborating on a project together. Well, you have to add everyone to the same group. Assuming the filesystem is mounted the following, you would execute the following commands.
Note, if these changes do not take effect for your users, say they were logged in when you executed the commands, then, have them logout then log in again. OK, so there is an easier way. They could execute the "$ newgrp sharefs" command as well. No big deal, right? Well, keep reading and you see how ACL avoids this step.
More important, even though the _old way_ worked for you, naturally new users will need to be added to the project. What if some of these users should only need a subset of the rights. For instance, you have developers, testers, managers, and a few special people. There are limits to what the rwx type rights can do -- ACL solves a lot of these problems.
ACL, Reiserfs, And AES Encryption: The 2.6 Kernel
For the next steps I will assume that you are running Red Hat Fedora core 2. If not reference the 2.6 kernel upgrade section below. Four things will be covered in this section:
Create A File With Random Data
Setup An AES Encrypted Loopback Device With Password
Build Reiser Filesystem On The Loopback Device.
Mount With ACL Capabilities
Your installation of Fedora core 2 by default will be configured for loop, cryptoloop and aes; but, it is highly unlikely that you will have all of these modules loaded. So, execute the following commands to load these modules. You will need to do this as root.
Next, create a directory to store the files. The Reiser file system will require more space than the ext3 filesystem.
# mkdir /home/diskimg
# cd /home/diskimg
Instead of creating the file zeroed out, like you did with the ext3 filesystem, this one is going to contain random bits, which may add a little extra security.
# dd if=/dev/urandom of=disk-aes count=102400
We need to encrypt the loop device, so you need to use losetup. You will be prompted for a password, which you will need to remember when you mount the device.
# losetup -e aes /dev/loop1 ./disk-aes
Password:
This step is new also. Instead of formating the file directly, you will format the loop device. The file stays encrypted. Again, you will be prompted to continue, so just enter 'y'.
A pair of credits:
Elena Gryaznova performed testing and benchmarking.
The Defense Advanced Research Projects Agency (DARPA, www.darpa.mil) is the
primary sponsor of Reiser4. DARPA does not endorse this project; it merely
sponsors it.
Guessing about desired format.. Kernel 2.6.8-1.521 is running.
Format 3.6 with standard journal
Count of blocks on the device: 12800
Number of blocks consumed by mkreiserfs formatting process: 8212
Blocksize: 4096
Hash function used to sort names: "r5"
Journal Size 8193 blocks (first block 18)
Journal Max transaction length 1024
inode generation number: 0
UUID: 435e3495-5e2e-489d-bf55-1b5f9a44b670
ATTENTION: YOU SHOULD REBOOT AFTER FDISK!
ALL DATA WILL BE LOST ON '/dev/loop1'!
Tell your friends to use a kernel based on 2.4.18 or later, and especially not a
kernel based on 2.4.9, when you use reiserFS. Have fun.
ReiserFS is successfully created on /dev/loop1.
Create the mount point /fs and mount this device. Note you will be entering the acl option as well. Plus, you will prompted for a password.
# mkdir /fs
# mount -o loop,encryption=aes,acl ./disk-aes /fs
Password:
OK, now take a look at the mount command: it should show up as the reiser filesystem, encrypted using ACL. Wait, it says loop2. Yes, that is correct. It mounted it on /dev/loop2, which is one above what losetup specified /dev/loop1.
$ mount
/home/diskimg/disk-aes on /fs type reiserfs (rw,loop=/dev/loop2,encryption=aes,acl)
Exploring ACL
With ACL (Access Control Lists) you have finer control over the access permissions. With the rwx permission scheme you cannot easily change rights without creating new groups to handle the users. With ACL, you can set user permissions without creating a group. And, individual users can add or remove access.
These rights are set with the setfacl command. Below the command will give the users: donkey, chirico, and bozo2 access to this new file system that we mounted. Again, I'm assuming that you are using Fedora Core 2, or some distro that is setup for ACL.
This is just scratching the surface on what can be done with ACL. For more information checkout some of the references below
2.6 Kernel Upgrade
Upgrading to the 2.6 source kernel. This article will get you started on the 2.6 kernel, if you are currently running Redhat 8.0 or 9. You may want to take a look at it to see what is involved. And, if you decide to upgrade you will need to configure this kernel for the following:
This is done in the .config file, and you can download my config file from the following location: [http://prdownloads.sourceforge.net/souptonuts/configs-0.4.tar.gz?download] Just look for kernel-2.6.8.1-i686-chirico-reiserfsacl.config in the above tar gz.
In addition to upgrading the kernel, you will need the latest version of the linux utilities: ( ftp://ftp.kernel.org/pub/linux/utils/util-linux/ ). Currently there is no need to patch this version. In the past there was a patch; but, this version worked fine for me.
Advanced Linux Programming, by Mark Mitchell, Jeffrey Oldham, and Alex Samuel, of CodeSourcery LLC published by New Riders Publishing ISBN 0-7357-1043-0 First Edition, June 2001. This book is free and you can view it on line. Chapter 6 describes loopback devices.
Implementing Encrypted Home Directories W. Michael Petullo, July 23, 2003.
Lemon Parser Generator Tutorial
This is a yacc alternative that is compact and thread safe. It is used in the sqlite project.
[http://linuxgazette.net/106/chirico.html]
Recommended Reading
Read what others suggest. I started with a list of my own, and will add in suggestions from other developers, readers, opinionated people.
[http://www.advogato.org/article/794.html]
For tips on MySQL reference:
[http://prdownloads.sourceforge.net/souptonuts/README_mysql.txt?download]
For tips on Comcast Email with Home Linux Box
[http://prdownloads.sourceforge.net/souptonuts/README_COMCAST_EMAIL.txt?download]
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.