man_pages:linux:ubuntu:jammy:mount_8
jammy (8) mount.8.gz
Provided by: mount_2.37.2-4ubuntu3_amd64 bug
NAME
mount - mount a filesystem
SYNOPSIS
mount [-h|-V]
mount [-l] [-t fstype]
mount -a [-fFnrsvw] [-t fstype] [-O optlist]
mount [-fnrsvw] [-o options] device|mountpoint
mount [-fnrsvw] [-t fstype] [-o options] device mountpoint
mount --bind|--rbind|--move olddir newdir
mount --make-[shared|slave|private|unbindable|rshared|rslave|rprivate|runbindable]
mountpoint
DESCRIPTION
All files accessible in a Unix system are arranged in one big tree, the file hierarchy,
rooted at /. These files can be spread out over several devices. The mount command serves
to attach the filesystem found on some device to the big file tree. Conversely, the
umount(8) command will detach it again. The filesystem is used to control how data is
stored on the device or provided in a virtual way by network or other services.
The standard form of the mount command is:
mount -t type device dir
This tells the kernel to attach the filesystem found on device (which is of type type) at
the directory dir. The option -t type is optional. The mount command is usually able to
detect a filesystem. The root permissions are necessary to mount a filesystem by default.
See section "Non-superuser mounts" below for more details. The previous contents (if any)
and owner and mode of dir become invisible, and as long as this filesystem remains
mounted, the pathname dir refers to the root of the filesystem on device.
If only the directory or the device is given, for example:
mount /dir
then mount looks for a mountpoint (and if not found then for a device) in the /etc/fstab
file. It’s possible to use the --target or --source options to avoid ambiguous
interpretation of the given argument. For example:
mount --target /mountpoint
The same filesystem may be mounted more than once, and in some cases (e.g., network
filesystems) the same filesystem may be mounted on the same mountpoint multiple times. The
mount command does not implement any policy to control this behavior. All behavior is
controlled by the kernel and it is usually specific to the filesystem driver. The
exception is --all, in this case already mounted filesystems are ignored (see --all below
for more details).
Listing the mounts
The listing mode is maintained for backward compatibility only.
For more robust and customizable output use findmnt(8), especially in your scripts. Note
that control characters in the mountpoint name are replaced with '?'.
The following command lists all mounted filesystems (of type type):
mount [-l] [-t type]
The option -l adds labels to this listing. See below.
Indicating the device and filesystem
Most devices are indicated by a filename (of a block special device), like /dev/sda1, but
there are other possibilities. For example, in the case of an NFS mount, device may look
like knuth.cwi.nl:/dir.
The device names of disk partitions are unstable; hardware reconfiguration, and adding or
removing a device can cause changes in names. This is the reason why it’s strongly
recommended to use filesystem or partition identifiers like UUID or LABEL. Currently
supported identifiers (tags):
LABEL=label
Human readable filesystem identifier. See also -L.
UUID=uuid
Filesystem universally unique identifier. The format of the UUID is usually a series
of hex digits separated by hyphens. See also -U.
Note that mount uses UUIDs as strings. The UUIDs from the command line or from
fstab(5) are not converted to internal binary representation. The string
representation of the UUID should be based on lower case characters.
PARTLABEL=label
Human readable partition identifier. This identifier is independent on filesystem and
does not change by mkfs or mkswap operations It’s supported for example for GUID
Partition Tables (GPT).
PARTUUID=uuid
Partition universally unique identifier. This identifier is independent on filesystem
and does not change by mkfs or mkswap operations It’s supported for example for GUID
Partition Tables (GPT).
ID=id
Hardware block device ID as generated by udevd. This identifier is usually based on
WWN (unique storage identifier) and assigned by the hardware manufacturer. See ls
/dev/disk/by-id for more details, this directory and running udevd is required. This
identifier is not recommended for generic use as the identifier is not strictly
defined and it depends on udev, udev rules and hardware.
The command lsblk --fs provides an overview of filesystems, LABELs and UUIDs on available
block devices. The command blkid -p <device> provides details about a filesystem on the
specified device.
Don’t forget that there is no guarantee that UUIDs and labels are really unique,
especially if you move, share or copy the device. Use lsblk -o +UUID,PARTUUID to verify
that the UUIDs are really unique in your system.
The recommended setup is to use tags (e.g. UUID=uuid) rather than
/dev/disk/by-{label,uuid,id,partuuid,partlabel} udev symlinks in the /etc/fstab file. Tags
are more readable, robust and portable. The mount(8) command internally uses udev
symlinks, so the use of symlinks in /etc/fstab has no advantage over tags. For more
details see libblkid(3).
The proc filesystem is not associated with a special device, and when mounting it, an
arbitrary keyword - for example, proc - can be used instead of a device specification.
(The customary choice none is less fortunate: the error message 'none already mounted'
from mount can be confusing.)
The files /etc/fstab, /etc/mtab and /proc/mounts
The file /etc/fstab (see fstab(5)), may contain lines describing what devices are usually
mounted where, using which options. The default location of the fstab(5) file can be
overridden with the --fstab path command-line option (see below for more details).
The command
mount -a [-t type] [-O optlist]
(usually given in a bootscript) causes all filesystems mentioned in fstab (of the proper
type and/or having or not having the proper options) to be mounted as indicated, except
for those whose line contains the noauto keyword. Adding the -F option will make mount
fork, so that the filesystems are mounted in parallel.
When mounting a filesystem mentioned in fstab or mtab, it suffices to specify on the
command line only the device, or only the mount point.
The programs mount and umount(8) traditionally maintained a list of currently mounted
filesystems in the file /etc/mtab. The support for regular classic /etc/mtab is completely
disabled at compile time by default, because on current Linux systems it is better to make
/etc/mtab a symlink to /proc/mounts instead. The regular mtab file maintained in userspace
cannot reliably work with namespaces, containers and other advanced Linux features. If the
regular mtab support is enabled, then it’s possible to use the file as well as the
symlink.
If no arguments are given to mount, the list of mounted filesystems is printed.
If you want to override mount options from /etc/fstab, you have to use the -o option:
mount device**|dir -o options
and then the mount options from the command line will be appended to the list of options
from /etc/fstab. This default behaviour can be changed using the --options-mode
command-line option. The usual behavior is that the last option wins if there are
conflicting ones.
The mount program does not read the /etc/fstab file if both device (or LABEL, UUID, ID,
PARTUUID or PARTLABEL) and dir are specified. For example, to mount device foo at /dir:
mount /dev/foo /dir
This default behaviour can be changed by using the --options-source-force command-line
option to always read configuration from fstab. For non-root users mount always reads the
fstab configuration.
Non-superuser mounts
Normally, only the superuser can mount filesystems. However, when fstab contains the user
option on a line, anybody can mount the corresponding filesystem.
Thus, given a line
/dev/cdrom /cd iso9660 ro,user,noauto,unhide
any user can mount the iso9660 filesystem found on an inserted CDROM using the command:
mount /cd
Note that mount is very strict about non-root users and all paths specified on command
line are verified before fstab is parsed or a helper program is executed. It’s strongly
recommended to use a valid mountpoint to specify filesystem, otherwise mount may fail. For
example it’s a bad idea to use NFS or CIFS source on command line.
Since util-linux 2.35, mount does not exit when user permissions are inadequate according
to libmount’s internal security rules. Instead, it drops suid permissions and continues as
regular non-root user. This behavior supports use-cases where root permissions are not
necessary (e.g., fuse filesystems, user namespaces, etc).
For more details, see fstab(5). Only the user that mounted a filesystem can unmount it
again. If any user should be able to unmount it, then use users instead of user in the
fstab line. The owner option is similar to the user option, with the restriction that the
user must be the owner of the special file. This may be useful e.g. for /dev/fd if a login
script makes the console user owner of this device. The group option is similar, with the
restriction that the user must be a member of the group of the special file.
Bind mount operation
Remount part of the file hierarchy somewhere else. The call is:
mount --bind olddir newdir
or by using this fstab entry:
/olddir /newdir none bind
After this call the same contents are accessible in two places.
It is important to understand that "bind" does not create any second-class or special node
in the kernel VFS. The "bind" is just another operation to attach a filesystem. There is
nowhere stored information that the filesystem has been attached by a "bind" operation.
The olddir and newdir are independent and the olddir may be unmounted.
One can also remount a single file (on a single file). It’s also possible to use a bind
mount to create a mountpoint from a regular directory, for example:
mount --bind foo foo
The bind mount call attaches only (part of) a single filesystem, not possible submounts.
The entire file hierarchy including submounts can be attached a second place by using:
mount --rbind olddir newdir
Note that the filesystem mount options maintained by the kernel will remain the same as
those on the original mount point. The userspace mount options (e.g., _netdev) will not be
copied by mount and it’s necessary to explicitly specify the options on the mount command
line.
Since util-linux 2.27 mount permits changing the mount options by passing the relevant
options along with --bind. For example:
mount -o bind,ro foo foo
This feature is not supported by the Linux kernel; it is implemented in userspace by an
additional mount(2) remounting system call. This solution is not atomic.
The alternative (classic) way to create a read-only bind mount is to use the remount
operation, for example:
mount --bind olddir newdir mount -o remount,bind,ro olddir newdir
Note that a read-only bind will create a read-only mountpoint (VFS entry), but the
original filesystem superblock will still be writable, meaning that the olddir will be
writable, but the newdir will be read-only.
It’s also possible to change nosuid, nodev, noexec, noatime, nodiratime and relatime VFS
entry flags via a "remount,bind" operation. The other flags (for example
filesystem-specific flags) are silently ignored. It’s impossible to change mount options
recursively (for example with -o rbind,ro).
Since util-linux 2.31, mount ignores the bind flag from /etc/fstab on a remount operation
(if "-o remount" is specified on command line). This is necessary to fully control mount
options on remount by command line. In previous versions the bind flag has been always
applied and it was impossible to re-define mount options without interaction with the bind
semantic. This mount behavior does not affect situations when "remount,bind" is specified
in the /etc/fstab file.
The move operation
Move a mounted tree to another place (atomically). The call is:
mount --move olddir newdir
This will cause the contents which previously appeared under olddir to now be accessible
under newdir. The physical location of the files is not changed. Note that olddir has to
be a mountpoint.
Note also that moving a mount residing under a shared mount is invalid and unsupported.
Use findmnt -o TARGET,PROPAGATION to see the current propagation flags.
Shared subtree operations
Since Linux 2.6.15 it is possible to mark a mount and its submounts as shared, private,
slave or unbindable. A shared mount provides the ability to create mirrors of that mount
such that mounts and unmounts within any of the mirrors propagate to the other mirror. A
slave mount receives propagation from its master, but not vice versa. A private mount
carries no propagation abilities. An unbindable mount is a private mount which cannot be
cloned through a bind operation. The detailed semantics are documented in
Documentation/filesystems/sharedsubtree.txt file in the kernel source tree; see also
mount_namespaces(7).
Supported operations are:
mount --make-shared mountpoint
mount --make-slave mountpoint
mount --make-private mountpoint
mount --make-unbindable mountpoint
The following commands allow one to recursively change the type of all the mounts under a
given mountpoint.
mount --make-rshared mountpoint
mount --make-rslave mountpoint
mount --make-rprivate mountpoint
mount --make-runbindable mountpoint
mount(8) does not read fstab(5) when a --make-* operation is requested. All necessary
information has to be specified on the command line.
Note that the Linux kernel does not allow changing multiple propagation flags with a
single mount(2) system call, and the flags cannot be mixed with other mount options and
operations.
Since util-linux 2.23 the mount command can be used to do more propagation (topology)
changes by one mount(8) call and do it also together with other mount operations. The
propagation flags are applied by additional mount(2) system calls when the preceding mount
operations were successful. Note that this use case is not atomic. It is possible to
specify the propagation flags in fstab(5) as mount options (private, slave, shared,
unbindable, rprivate, rslave, rshared, runbindable).
For example:
mount --make-private --make-unbindable /dev/sda1 /foo
is the same as:
mount /dev/sda1 /foo
mount --make-private /foo
mount --make-unbindable /foo
COMMAND-LINE OPTIONS
The full set of mount options used by an invocation of mount is determined by first
extracting the mount options for the filesystem from the fstab table, then applying any
options specified by the -o argument, and finally applying a -r or -w option, when
present.
The mount command does not pass all command-line options to the /sbin/mount.suffix mount
helpers. The interface between mount and the mount helpers is described below in the
section EXTERNAL HELPERS.
Command-line options available for the mount command are:
- a, –all
Mount all filesystems (of the given types) mentioned in fstab (except for those whose
line contains the noauto keyword). The filesystems are mounted following their order
in fstab. The mount command compares filesystem source, target (and fs root for bind
mount or btrfs) to detect already mounted filesystems. The kernel table with already
mounted filesystems is cached during mount --all. This means that all duplicated fstab
entries will be mounted.
The option --all is possible to use for remount operation too. In this case all
filters (-t and -O) are applied to the table of already mounted filesystems.
Since version 2.35 is possible to use the command line option -o to alter mount
options from fstab (see also --options-mode).
Note that it is a bad practice to use mount -a for fstab checking. The recommended
solution is findmnt --verify.
- B, –bind
Remount a subtree somewhere else (so that its contents are available in both places).
See above, under Bind mounts.
- c, –no-canonicalize
Don’t canonicalize paths. The mount command canonicalizes all paths (from the command
line or fstab) by default. This option can be used together with the -f flag for
already canonicalized absolute paths. The option is designed for mount helpers which
call mount -i. It is strongly recommended to not use this command-line option for
normal mount operations.
Note that mount does not pass this option to the /sbin/mount.type helpers.
- F, –fork
(Used in conjunction with -a.) Fork off a new incarnation of mount for each device.
This will do the mounts on different devices or different NFS servers in parallel.
This has the advantage that it is faster; also NFS timeouts proceed in parallel. A
disadvantage is that the order of the mount operations is undefined. Thus, you cannot
use this option if you want to mount both /usr and /usr/spool.
- f, –fake
Causes everything to be done except for the actual system call; if it’s not obvious,
this "fakes" mounting the filesystem. This option is useful in conjunction with the -v
flag to determine what the mount command is trying to do. It can also be used to add
entries for devices that were mounted earlier with the -n option. The -f option checks
for an existing record in /etc/mtab and fails when the record already exists (with a
regular non-fake mount, this check is done by the kernel).
- i, –internal-only
Don’t call the /sbin/mount.filesystem helper even if it exists.
- L, –label label
Mount the partition that has the specified label.
- l, –show-labels
Add the labels in the mount output. mount must have permission to read the disk device
(e.g. be set-user-ID root) for this to work. One can set such a label for ext2, ext3
or ext4 using the e2label(8) utility, or for XFS using xfs_admin(8), or for reiserfs
using reiserfstune(8).
- M, –move
Move a subtree to some other place. See above, the subsection The move operation.
- n, –no-mtab
Mount without writing in /etc/mtab. This is necessary for example when /etc is on a
read-only filesystem.
- N, –namespace ns
Perform the mount operation in the mount namespace specified by ns. ns is either PID
of process running in that namespace or special file representing that namespace.
mount switches to the mount namespace when it reads /etc/fstab, writes /etc/mtab: (or
writes to _/run/mount) and calls the mount(2) system call, otherwise it runs in the
original mount namespace. This means that the target namespace does not have to
contain any libraries or other requirements necessary to execute the mount(2) call.
See mount_namespaces(7) for more information.
- O, –test-opts opts
Limit the set of filesystems to which the -a option applies. In this regard it is like
the -t option except that -O is useless without -a. For example, the command
mount -a -O no_netdev
mounts all filesystems except those which have the option netdev specified in the
options field in the /etc/fstab file.
It is different from -t in that each option is matched exactly; a leading no at the
beginning of one option does not negate the rest.
The -t and -O options are cumulative in effect; that is, the command
mount -a -t ext2 -O _netdev
mounts all ext2 filesystems with the _netdev option, not all filesystems that are
either ext2 or have the _netdev option specified.
- o, –options opts
Use the specified mount options. The opts argument is a comma-separated list. For
example:
mount LABEL=mydisk -o noatime,nodev,nosuid
For more details, see the FILESYSTEM-INDEPENDENT MOUNT OPTIONS and FILESYSTEM-SPECIFIC
MOUNT OPTIONS sections.
- -options-mode mode
Controls how to combine options from fstab/mtab with options from the command line.
mode can be one of ignore, append, prepend or replace. For example, append means that
options from fstab are appended to options from the command line. The default value is
prepend — it means command line options are evaluated after fstab options. Note that
the last option wins if there are conflicting ones.
- -options-source source
Source of default options. source is a comma-separated list of fstab, mtab and
disable. disable disables fstab and mtab and disables --options-source-force. The
default value is fstab,mtab.
- -options-source-force
Use options from fstab/mtab even if both device and dir are specified.
- R, –rbind
Remount a subtree and all possible submounts somewhere else (so that its contents are
available in both places). See above, the subsection Bind mounts.
- r, –read-only
Mount the filesystem read-only. A synonym is -o ro.
Note that, depending on the filesystem type, state and kernel behavior, the system may
still write to the device. For example, ext3 and ext4 will replay the journal if the
filesystem is dirty. To prevent this kind of write access, you may want to mount an
ext3 or ext4 filesystem with the ro,noload mount options or set the block device
itself to read-only mode, see the blockdev(8) command.
- s
Tolerate sloppy mount options rather than failing. This will ignore mount options not
supported by a filesystem type. Not all filesystems support this option. Currently
it’s supported by the mount.nfs mount helper only.
- -source device
If only one argument for the mount command is given, then the argument might be
interpreted as the target (mountpoint) or source (device). This option allows you to
explicitly define that the argument is the mount source.
- -target directory
If only one argument for the mount command is given, then the argument might be
interpreted as the target (mountpoint) or source (device). This option allows you to
explicitly define that the argument is the mount target.
- -target-prefix directory
Prepend the specified directory to all mount targets. This option can be used to
follow fstab, but mount operations are done in another place, for example:
mount --all --target-prefix /chroot -o X-mount.mkdir
mounts all from system fstab to /chroot, all missing mountpoint are created (due to
X-mount.mkdir). See also --fstab to use an alternative fstab.
- T, –fstab path
Specifies an alternative fstab file. If path is a directory, then the files in the
directory are sorted by strverscmp(3); files that start with "." or without an .fstab
extension are ignored. The option can be specified more than once. This option is
mostly designed for initramfs or chroot scripts where additional configuration is
specified beyond standard system configuration.
Note that mount does not pass the option --fstab to the /sbin/mount.type helpers,
meaning that the alternative fstab files will be invisible for the helpers. This is no
problem for normal mounts, but user (non-root) mounts always require fstab to verify
the user’s rights.
- t, –types fstype
The argument following the -t is used to indicate the filesystem type. The filesystem
types which are currently supported depend on the running kernel. See
/proc/filesystems and /lib/modules/$(uname -r)/kernel/fs for a complete list of the
filesystems. The most common are ext2, ext3, ext4, xfs, btrfs, vfat, sysfs, proc, nfs
and cifs.
The programs mount and umount(8) support filesystem subtypes. The subtype is defined
by a '.subtype' suffix. For example 'fuse.sshfs'. It’s recommended to use subtype
notation rather than add any prefix to the mount source (for example
'sshfs#example.com' is deprecated).
If no -t option is given, or if the auto type is specified, mount will try to guess
the desired type. mount uses the libblkid(3) library for guessing the filesystem type;
if that does not turn up anything that looks familiar, mount will try to read the file
/etc/filesystems, or, if that does not exist, /proc/filesystems. All of the filesystem
types listed there will be tried, except for those that are labeled "nodev" (e.g.
devpts, proc and nfs). If /etc/filesystems ends in a line with a single *, mount will
read /proc/filesystems afterwards. While trying, all filesystem types will be mounted
with the mount option silent.
The auto type may be useful for user-mounted floppies. Creating a file
/etc/filesystems can be useful to change the probe order (e.g., to try vfat before
msdos or ext3 before ext2) or if you use a kernel module autoloader.
More than one type may be specified in a comma-separated list, for the -t option as
well as in an /etc/fstab entry. The list of filesystem types for the -t option can be
prefixed with no to specify the filesystem types on which no action should be taken.
The prefix no has no effect when specified in an /etc/fstab entry.
The prefix no can be meaningful with the -a option. For example, the command
mount -a -t nomsdos,smbfs
mounts all filesystems except those of type msdos and smbfs.
For most types all the mount program has to do is issue a simple mount(2) system call,
and no detailed knowledge of the filesystem type is required. For a few types however
(like nfs, nfs4, cifs, smbfs, ncpfs) an ad hoc code is necessary. The nfs, nfs4, cifs,
smbfs, and ncpfs filesystems have a separate mount program. In order to make it
possible to treat all types in a uniform way, mount will execute the program
/sbin/mount.type (if that exists) when called with type type. Since different versions
of the smbmount program have different calling conventions, /sbin/mount.smbfs may have
to be a shell script that sets up the desired call.
- U, –uuid uuid
Mount the partition that has the specified uuid.
- v, –verbose
Verbose mode.
- w, –rw, –read-write
Mount the filesystem read/write. Read-write is the kernel default and the mount
default is to try read-only if the previous mount syscall with read-write flags on
write-protected devices of filesystems failed.
A synonym is -o rw.
Note that specifying -w on the command line forces mount to never try read-only mount
on write-protected devices or already mounted read-only filesystems.
- V, –version
Display version information and exit.
- h, –help
Display help text and exit.
FILESYSTEM-INDEPENDENT MOUNT OPTIONS
Some of these options are only useful when they appear in the /etc/fstab file.
Some of these options could be enabled or disabled by default in the system kernel. To
check the current setting see the options in /proc/mounts. Note that filesystems also have
per-filesystem specific default mount options (see for example tune2fs -l output for
ext_N_ filesystems).
The following options apply to any filesystem that is being mounted (but not every
filesystem actually honors them - e.g., the sync option today has an effect only for ext2,
ext3, ext4, fat, vfat, ufs and xfs):
async
All I/O to the filesystem should be done asynchronously. (See also the sync option.)
atime
Do not use the noatime feature, so the inode access time is controlled by kernel
defaults. See also the descriptions of the relatime and strictatime mount options.
noatime
Do not update inode access times on this filesystem (e.g. for faster access on the
news spool to speed up news servers). This works for all inode types (directories
too), so it implies nodiratime.
auto
Can be mounted with the -a option.
noauto
Can only be mounted explicitly (i.e., the -a option will not cause the filesystem to
be mounted).
context=context, fscontext=context, defcontext=context, and rootcontext=context
The context= option is useful when mounting filesystems that do not support extended
attributes, such as a floppy or hard disk formatted with VFAT, or systems that are not
normally running under SELinux, such as an ext3 or ext4 formatted disk from a
non-SELinux workstation. You can also use context= on filesystems you do not trust,
such as a floppy. It also helps in compatibility with xattr-supporting filesystems on
earlier 2.4.<x> kernel versions. Even where xattrs are supported, you can save time
not having to label every file by assigning the entire disk one security context.
A commonly used option for removable media is context="system_u:object_r:removable_t.
The fscontext= option works for all filesystems, regardless of their xattr support.
The fscontext option sets the overarching filesystem label to a specific security
context. This filesystem label is separate from the individual labels on the files. It
represents the entire filesystem for certain kinds of permission checks, such as
during mount or file creation. Individual file labels are still obtained from the
xattrs on the files themselves. The context option actually sets the aggregate context
that fscontext provides, in addition to supplying the same label for individual files.
You can set the default security context for unlabeled files using defcontext= option.
This overrides the value set for unlabeled files in the policy and requires a
filesystem that supports xattr labeling.
The rootcontext= option allows you to explicitly label the root inode of a FS being
mounted before that FS or inode becomes visible to userspace. This was found to be
useful for things like stateless Linux.
Note that the kernel rejects any remount request that includes the context option,
even when unchanged from the current context.
Warning: the context value might contain commas, in which case the value has to be
properly quoted, otherwise mount will interpret the comma as a separator between mount
options. Don’t forget that the shell strips off quotes and thus double quoting is
required. For example:
mount -t tmpfs none /mnt -o \
'context="system_u:object_r:tmp_t:s0:c127,c456",noexec'
For more details, see selinux(8).
defaults
Use the default options: rw, suid, dev, exec, auto, nouser, and async.
Note that the real set of all default mount options depends on the kernel and
filesystem type. See the beginning of this section for more details.
dev
Interpret character or block special devices on the filesystem.
nodev
Do not interpret character or block special devices on the filesystem.
diratime
Update directory inode access times on this filesystem. This is the default. (This
option is ignored when noatime is set.)
nodiratime
Do not update directory inode access times on this filesystem. (This option is implied
when noatime is set.)
dirsync
All directory updates within the filesystem should be done synchronously. This affects
the following system calls: creat(2), link(2), unlink(2), symlink(2), mkdir(2),
rmdir(2), mknod(2) and rename(2).
exec
Permit execution of binaries.
noexec
Do not permit direct execution of any binaries on the mounted filesystem.
group
Allow an ordinary user to mount the filesystem if one of that user’s groups matches
the group of the device. This option implies the options nosuid and nodev (unless
overridden by subsequent options, as in the option line group,dev,suid).
iversion
Every time the inode is modified, the i_version field will be incremented.
noiversion
Do not increment the i_version inode field.
mand
Allow mandatory locks on this filesystem. See fcntl(2).
nomand
Do not allow mandatory locks on this filesystem.
_netdev
The filesystem resides on a device that requires network access (used to prevent the
system from attempting to mount these filesystems until the network has been enabled
on the system).
nofail
Do not report errors for this device if it does not exist.
relatime
Update inode access times relative to modify or change time. Access time is only
updated if the previous access time was earlier than the current modify or change
time. (Similar to noatime, but it doesn’t break mutt(1) or other applications that
need to know if a file has been read since the last time it was modified.)
Since Linux 2.6.30, the kernel defaults to the behavior provided by this option
(unless noatime was specified), and the strictatime option is required to obtain
traditional semantics. In addition, since Linux 2.6.30, the file’s last access time is
always updated if it is more than 1 day old.
norelatime
Do not use the relatime feature. See also the strictatime mount option.
strictatime
Allows to explicitly request full atime updates. This makes it possible for the kernel
to default to relatime or noatime but still allow userspace to override it. For more
details about the default system mount options see /proc/mounts.
nostrictatime
Use the kernel’s default behavior for inode access time updates.
lazytime
Only update times (atime, mtime, ctime) on the in-memory version of the file inode.
This mount option significantly reduces writes to the inode table for workloads that
perform frequent random writes to preallocated files.
The on-disk timestamps are updated only when:
• the inode needs to be updated for some change unrelated to file timestamps
• the application employs fsync(2), syncfs(2), or sync(2)
• an undeleted inode is evicted from memory
• more than 24 hours have passed since the inode was written to disk.
nolazytime
Do not use the lazytime feature.
suid
Honor set-user-ID and set-group-ID bits or file capabilities when executing programs
from this filesystem.
nosuid
Do not honor set-user-ID and set-group-ID bits or file capabilities when executing
programs from this filesystem. In addition, SELinux domain transitions require
permission nosuid_transition, which in turn needs also policy capability
nnp_nosuid_transition.
silent
Turn on the silent flag.
loud
Turn off the silent flag.
owner
Allow an ordinary user to mount the filesystem if that user is the owner of the
device. This option implies the options nosuid and nodev (unless overridden by
subsequent options, as in the option line owner,dev,suid).
remount
Attempt to remount an already-mounted filesystem. This is commonly used to change the
mount flags for a filesystem, especially to make a readonly filesystem writable. It
does not change device or mount point.
The remount operation together with the bind flag has special semantics. See above,
the subsection Bind mounts.
The remount functionality follows the standard way the mount command works with
options from fstab. This means that mount does not read fstab (or mtab) only when both
device and dir are specified.
mount -o remount,rw /dev/foo /dir
After this call all old mount options are replaced and arbitrary stuff from fstab (or
mtab) is ignored, except the loop= option which is internally generated and maintained
by the mount command.
mount -o remount,rw /dir
After this call, mount reads fstab and merges these options with the options from the
command line (-o). If no mountpoint is found in fstab, then a remount with unspecified
source is allowed.
mount allows the use of --all to remount all already mounted filesystems which match a
specified filter (-O and -t). For example:
mount --all -o remount,ro -t vfat
remounts all already mounted vfat filesystems in read-only mode. Each of the
filesystems is remounted by mount -o remount,ro /dir semantic. This means the mount
command reads fstab or mtab and merges these options with the options from the command
line.
ro
Mount the filesystem read-only.
rw
Mount the filesystem read-write.
sync
All I/O to the filesystem should be done synchronously. In the case of media with a
limited number of write cycles (e.g. some flash drives), sync may cause life-cycle
shortening.
user
Allow an ordinary user to mount the filesystem. The name of the mounting user is
written to the mtab file (or to the private libmount file in /run/mount on systems
without a regular mtab) so that this same user can unmount the filesystem again. This
option implies the options noexec, nosuid, and nodev (unless overridden by subsequent
options, as in the option line user,exec,dev,suid).
nouser
Forbid an ordinary user to mount the filesystem. This is the default; it does not
imply any other options.
users
Allow any user to mount and to unmount the filesystem, even when some other ordinary
user mounted it. This option implies the options noexec, nosuid, and nodev (unless
overridden by subsequent options, as in the option line users,exec,dev,suid).
X-*
All options prefixed with "X-" are interpreted as comments or as userspace
application-specific options. These options are not stored in user space (e.g., mtab
file), nor sent to the mount.type helpers nor to the mount(2) system call. The
suggested format is X-appname.option.
x-*
The same as X-* options, but stored permanently in user space. This means the options
are also available for umount(8) or other operations. Note that maintaining mount
options in user space is tricky, because it’s necessary use libmount-based tools and
there is no guarantee that the options will be always available (for example after a
move mount operation or in unshared namespace).
Note that before util-linux v2.30 the x-* options have not been maintained by libmount
and stored in user space (functionality was the same as for X-* now), but due to the
growing number of use-cases (in initrd, systemd etc.) the functionality has been
extended to keep existing fstab configurations usable without a change.
X-mount.mkdir[=mode]
Allow to make a target directory (mountpoint) if it does not exit yet. The optional
argument mode specifies the filesystem access mode used for mkdir(2) in octal
notation. The default mode is 0755. This functionality is supported only for root
users or when mount executed without suid permissions. The option is also supported as
x-mount.mkdir, this notation is deprecated since v2.30.
nosymfollow
Do not follow symlinks when resolving paths. Symlinks can still be created, and
readlink(1), readlink(2), realpath(1), and realpath(3) all still work properly.
FILESYSTEM-SPECIFIC MOUNT OPTIONS
This section lists options that are specific to particular filesystems. Where possible,
you should first consult filesystem-specific manual pages for details. Some of those pages
are listed in the following table.
┌─────────────────┬───────────────┐
│ │ │
│Filesystem(s) │ Manual page │
├─────────────────┼───────────────┤
│ │ │
│btrfs │ btrfs(5) │
├─────────────────┼───────────────┤
│ │ │
│cifs │ mount.cifs(8) │
├─────────────────┼───────────────┤
│ │ │
│ext2, ext3, ext4 │ ext4(5) │
├─────────────────┼───────────────┤
│ │ │
│fuse │ fuse(8) │
├─────────────────┼───────────────┤
│ │ │
│nfs │ nfs(5) │
├─────────────────┼───────────────┤
│ │ │
│tmpfs │ tmpfs(5) │
├─────────────────┼───────────────┤
│ │ │
│xfs │ xfs(5) │
└─────────────────┴───────────────┘
Note that some of the pages listed above might be available only after you install the
respective userland tools.
The following options apply only to certain filesystems. We sort them by filesystem. All
options follow the -o flag.
What options are supported depends a bit on the running kernel. Further information may be
available in filesystem-specific files in the kernel source subdirectory
Documentation/filesystems.
Mount options for adfs
uid=value and gid=value
Set the owner and group of the files in the filesystem (default: uid=gid=0).
ownmask=value and othmask=value
Set the permission mask for ADFS 'owner' permissions and 'other' permissions,
respectively (default: 0700 and 0077, respectively). See also
/usr/src/linux/Documentation/filesystems/adfs.rst.
Mount options for affs
uid=value and gid=value
Set the owner and group of the root of the filesystem (default: uid=gid=0, but with
option uid or gid without specified value, the UID and GID of the current process are
taken).
setuid=value and setgid=value
Set the owner and group of all files.
mode=value
Set the mode of all files to value & 0777 disregarding the original permissions. Add
search permission to directories that have read permission. The value is given in
octal.
protect
Do not allow any changes to the protection bits on the filesystem.
usemp
Set UID and GID of the root of the filesystem to the UID and GID of the mount point
upon the first sync or umount, and then clear this option. Strange...
verbose
Print an informational message for each successful mount.
prefix=string
Prefix used before volume name, when following a link.
volume=string
Prefix (of length at most 30) used before '/' when following a symbolic link.
reserved=value
(Default: 2.) Number of unused blocks at the start of the device.
root=value
Give explicitly the location of the root block.
bs=value
Give blocksize. Allowed values are 512, 1024, 2048, 4096.
grpquota|noquota|quota|usrquota
These options are accepted but ignored. (However, quota utilities may react to such
strings in /etc/fstab.)
Mount options for debugfs
The debugfs filesystem is a pseudo filesystem, traditionally mounted on /sys/kernel/debug.
As of kernel version 3.4, debugfs has the following options:
uid=n, gid=n
Set the owner and group of the mountpoint.
mode=value
Sets the mode of the mountpoint.
Mount options for devpts
The devpts filesystem is a pseudo filesystem, traditionally mounted on /dev/pts. In order
to acquire a pseudo terminal, a process opens /dev/ptmx; the number of the pseudo terminal
is then made available to the process and the pseudo terminal slave can be accessed as
/dev/pts/<number>.
uid=value and gid=value
This sets the owner or the group of newly created pseudo terminals to the specified
values. When nothing is specified, they will be set to the UID and GID of the creating
process. For example, if there is a tty group with GID 5, then gid=5 will cause newly
created pseudo terminals to belong to the tty group.
mode=value
Set the mode of newly created pseudo terminals to the specified value. The default is
0600. A value of mode=620 and gid=5 makes "mesg y" the default on newly created pseudo
terminals.
newinstance
Create a private instance of the devpts filesystem, such that indices of pseudo
terminals allocated in this new instance are independent of indices created in other
instances of devpts.
All mounts of devpts without this newinstance option share the same set of pseudo
terminal indices (i.e., legacy mode). Each mount of devpts with the newinstance option
has a private set of pseudo terminal indices.
This option is mainly used to support containers in the Linux kernel. It is
implemented in Linux kernel versions starting with 2.6.29. Further, this mount option
is valid only if CONFIG_DEVPTS_MULTIPLE_INSTANCES is enabled in the kernel
configuration.
To use this option effectively, /dev/ptmx must be a symbolic link to pts/ptmx. See
Documentation/filesystems/devpts.txt in the Linux kernel source tree for details.
ptmxmode=value
Set the mode for the new ptmx device node in the devpts filesystem.
With the support for multiple instances of devpts (see newinstance option above), each
instance has a private ptmx node in the root of the devpts filesystem (typically
/dev/pts/ptmx).
For compatibility with older versions of the kernel, the default mode of the new ptmx
node is 0000. ptmxmode=value specifies a more useful mode for the ptmx node and is
highly recommended when the newinstance option is specified.
This option is only implemented in Linux kernel versions starting with 2.6.29.
Further, this option is valid only if CONFIG_DEVPTS_MULTIPLE_INSTANCES is enabled in
the kernel configuration.
Mount options for fat
(Note: fat is not a separate filesystem, but a common part of the msdos, umsdos and vfat
filesystems.)
blocksize={512|1024|2048}
Set blocksize (default 512). This option is obsolete.
uid=value and gid=value
Set the owner and group of all files. (Default: the UID and GID of the current
process.)
umask=value
Set the umask (the bitmask of the permissions that are not present). The default is
the umask of the current process. The value is given in octal.
dmask=value
Set the umask applied to directories only. The default is the umask of the current
process. The value is given in octal.
fmask=value
Set the umask applied to regular files only. The default is the umask of the current
process. The value is given in octal.
allow_utime=value
This option controls the permission check of mtime/atime.
20
If current process is in group of file’s group ID, you can change timestamp.
2
Other users can change timestamp.
The default is set from 'dmask' option. (If the directory is writable, utime(2) is also
allowed. I.e. ~dmask & 022)
Normally utime(2) checks that the current process is owner of the file, or that it has the
CAP_FOWNER capability. But FAT filesystems don’t have UID/GID on disk, so the normal check
is too inflexible. With this option you can relax it.
check=value
Three different levels of pickiness can be chosen:
r[elaxed]
Upper and lower case are accepted and equivalent, long name parts are truncated
(e.g. verylongname.foobar becomes verylong.foo), leading and embedded spaces are
accepted in each name part (name and extension).
n[ormal]
Like "relaxed", but many special characters (*, ?, <, spaces, etc.) are rejected.
This is the default.
s[trict]
Like "normal", but names that contain long parts or special characters that are
sometimes used on Linux but are not accepted by MS-DOS (+, =, etc.) are rejected.
codepage=value
Sets the codepage for converting to shortname characters on FAT and VFAT filesystems.
By default, codepage 437 is used.
conv=mode
This option is obsolete and may fail or be ignored.
cvf_format=module
Forces the driver to use the CVF (Compressed Volume File) module cvf__module_ instead
of auto-detection. If the kernel supports kmod, the cvf_format=xxx option also
controls on-demand CVF module loading. This option is obsolete.
cvf_option=option
Option passed to the CVF module. This option is obsolete.
debug
Turn on the debug flag. A version string and a list of filesystem parameters will be
printed (these data are also printed if the parameters appear to be inconsistent).
discard
If set, causes discard/TRIM commands to be issued to the block device when blocks are
freed. This is useful for SSD devices and sparse/thinly-provisioned LUNs.
dos1xfloppy
If set, use a fallback default BIOS Parameter Block configuration, determined by
backing device size. These static parameters match defaults assumed by DOS 1.x for 160
kiB, 180 kiB, 320 kiB, and 360 kiB floppies and floppy images.
errors={panic|continue|remount-ro}
Specify FAT behavior on critical errors: panic, continue without doing anything, or
remount the partition in read-only mode (default behavior).
fat={12|16|32}
Specify a 12, 16 or 32 bit fat. This overrides the automatic FAT type detection
routine. Use with caution!
iocharset=value
Character set to use for converting between 8 bit characters and 16 bit Unicode
characters. The default is iso8859-1. Long filenames are stored on disk in Unicode
format.
nfs={stale_rw|nostale_ro}
Enable this only if you want to export the FAT filesystem over NFS.
stale_rw: This option maintains an index (cache) of directory inodes which is used by
the nfs-related code to improve look-ups. Full file operations (read/write) over NFS
are supported but with cache eviction at NFS server, this could result in spurious
ESTALE errors.
nostale_ro: This option bases the inode number and file handle on the on-disk location
of a file in the FAT directory entry. This ensures that ESTALE will not be returned
after a file is evicted from the inode cache. However, it means that operations such
as rename, create and unlink could cause file handles that previously pointed at one
file to point at a different file, potentially causing data corruption. For this
reason, this option also mounts the filesystem readonly.
To maintain backward compatibility, -o nfs is also accepted, defaulting to stale_rw.
tz=UTC
This option disables the conversion of timestamps between local time (as used by
Windows on FAT) and UTC (which Linux uses internally). This is particularly useful
when mounting devices (like digital cameras) that are set to UTC in order to avoid the
pitfalls of local time.
time_offset=minutes
Set offset for conversion of timestamps from local time used by FAT to UTC. I.e.,
minutes will be subtracted from each timestamp to convert it to UTC used internally by
Linux. This is useful when the time zone set in the kernel via settimeofday(2) is not
the time zone used by the filesystem. Note that this option still does not provide
correct time stamps in all cases in presence of DST - time stamps in a different DST
setting will be off by one hour.
quiet
Turn on the quiet flag. Attempts to chown or chmod files do not return errors,
although they fail. Use with caution!
rodir
FAT has the ATTR_RO (read-only) attribute. On Windows, the ATTR_RO of the directory
will just be ignored, and is used only by applications as a flag (e.g. it’s set for
the customized folder).
If you want to use ATTR_RO as read-only flag even for the directory, set this option.
showexec
If set, the execute permission bits of the file will be allowed only if the extension
part of the name is .EXE, .COM, or .BAT. Not set by default.
sys_immutable
If set, ATTR_SYS attribute on FAT is handled as IMMUTABLE flag on Linux. Not set by
default.
flush
If set, the filesystem will try to flush to disk more early than normal. Not set by
default.
usefree
Use the "free clusters" value stored on FSINFO. It’ll be used to determine number of
free clusters without scanning disk. But it’s not used by default, because recent
Windows don’t update it correctly in some case. If you are sure the "free clusters" on
FSINFO is correct, by this option you can avoid scanning disk.
dots, nodots, dotsOK=[yes|no]
Various misguided attempts to force Unix or DOS conventions onto a FAT filesystem.
Mount options for hfs
creator=cccc, type=cccc
Set the creator/type values as shown by the MacOS finder used for creating new files.
Default values: '????'.
uid=n, gid=n
Set the owner and group of all files. (Default: the UID and GID of the current
process.)
dir_umask=n, file_umask=n, umask=n
Set the umask used for all directories, all regular files, or all files and
directories. Defaults to the umask of the current process.
session=n
Select the CDROM session to mount. Defaults to leaving that decision to the CDROM
driver. This option will fail with anything but a CDROM as underlying device.
part=n
Select partition number n from the device. Only makes sense for CDROMs. Defaults to
not parsing the partition table at all.
quiet
Don’t complain about invalid mount options.
Mount options for hpfs
uid=value and gid=value
Set the owner and group of all files. (Default: the UID and GID of the current
process.)
umask=value
Set the umask (the bitmask of the permissions that are not present). The default is
the umask of the current process. The value is given in octal.
case={lower|asis}
Convert all files names to lower case, or leave them. (Default: case=lower.)
conv=mode
This option is obsolete and may fail or being ignored.
nocheck
Do not abort mounting when certain consistency checks fail.
Mount options for iso9660
ISO 9660 is a standard describing a filesystem structure to be used on CD-ROMs. (This
filesystem type is also seen on some DVDs. See also the udf filesystem.)
Normal iso9660 filenames appear in an 8.3 format (i.e., DOS-like restrictions on filename
length), and in addition all characters are in upper case. Also there is no field for file
ownership, protection, number of links, provision for block/character devices, etc.
Rock Ridge is an extension to iso9660 that provides all of these UNIX-like features.
Basically there are extensions to each directory record that supply all of the additional
information, and when Rock Ridge is in use, the filesystem is indistinguishable from a
normal UNIX filesystem (except that it is read-only, of course).
norock
Disable the use of Rock Ridge extensions, even if available. Cf. map.
nojoliet
Disable the use of Microsoft Joliet extensions, even if available. Cf. map.
check={r[elaxed]|s[trict]}
With check=relaxed, a filename is first converted to lower case before doing the
lookup. This is probably only meaningful together with norock and map=normal.
(Default: check=strict.)
uid=value and gid=value
Give all files in the filesystem the indicated user or group id, possibly overriding
the information found in the Rock Ridge extensions. (Default: uid=0,gid=0.)
map={n[ormal]|o[ff]|a[corn]}
For non-Rock Ridge volumes, normal name translation maps upper to lower case ASCII,
drops a trailing ';1', and converts ';' to '.'. With map=off no name translation is
done. See norock. (Default: map=normal.) map=acorn is like map=normal but also apply
Acorn extensions if present.
mode=value
For non-Rock Ridge volumes, give all files the indicated mode. (Default: read and
execute permission for everybody.) Octal mode values require a leading 0.
unhide
Also show hidden and associated files. (If the ordinary files and the associated or
hidden files have the same filenames, this may make the ordinary files inaccessible.)
block={512|1024|2048}
Set the block size to the indicated value. (Default: block=1024.)
conv=mode
This option is obsolete and may fail or being ignored.
cruft
If the high byte of the file length contains other garbage, set this mount option to
ignore the high order bits of the file length. This implies that a file cannot be
larger than 16 MB.
session=x
Select number of session on a multisession CD.
sbsector=xxx
Session begins from sector xxx.
The following options are the same as for vfat and specifying them only makes sense when
using discs encoded using Microsoft’s Joliet extensions.
iocharset=value
Character set to use for converting 16 bit Unicode characters on CD to 8 bit
characters. The default is iso8859-1.
utf8
Convert 16 bit Unicode characters on CD to UTF-8.
Mount options for jfs
iocharset=name
Character set to use for converting from Unicode to ASCII. The default is to do no
conversion. Use iocharset=utf8 for UTF8 translations. This requires CONFIG_NLS_UTF8 to
be set in the kernel .config file.
resize=value
Resize the volume to value blocks. JFS only supports growing a volume, not shrinking
it. This option is only valid during a remount, when the volume is mounted read-write.
The resize keyword with no value will grow the volume to the full size of the
partition.
nointegrity
Do not write to the journal. The primary use of this option is to allow for higher
performance when restoring a volume from backup media. The integrity of the volume is
not guaranteed if the system abnormally ends.
integrity
Default. Commit metadata changes to the journal. Use this option to remount a volume
where the nointegrity option was previously specified in order to restore normal
behavior.
errors={continue|remount-ro|panic}
Define the behavior when an error is encountered. (Either ignore errors and just mark
the filesystem erroneous and continue, or remount the filesystem read-only, or panic
and halt the system.)
noquota|quota|usrquota|grpquota
These options are accepted but ignored.
Mount options for msdos
See mount options for fat. If the msdos filesystem detects an inconsistency, it reports an
error and sets the file system read-only. The filesystem can be made writable again by
remounting it.
Mount options for ncpfs
Just like nfs, the ncpfs implementation expects a binary argument (a struct
ncp_mount_data) to the mount system call. This argument is constructed by ncpmount(8) and
the current version of mount (2.12) does not know anything about ncpfs.
Mount options for ntfs
iocharset=name
Character set to use when returning file names. Unlike VFAT, NTFS suppresses names
that contain nonconvertible characters. Deprecated.
nls=name
New name for the option earlier called iocharset.
utf8
Use UTF-8 for converting file names.
uni_xlate={0|1|2}
For 0 (or 'no' or 'false'), do not use escape sequences for unknown Unicode
characters. For 1 (or 'yes' or 'true') or 2, use vfat-style 4-byte escape sequences
starting with ":". Here 2 gives a little-endian encoding and 1 a byteswapped bigendian
encoding.
posix=[0|1]
If enabled (posix=1), the filesystem distinguishes between upper and lower case. The
8.3 alias names are presented as hard links instead of being suppressed. This option
is obsolete.
uid=value, gid=value and umask=value
Set the file permission on the filesystem. The umask value is given in octal. By
default, the files are owned by root and not readable by somebody else.
Mount options for overlay
Since Linux 3.18 the overlay pseudo filesystem implements a union mount for other
filesystems.
An overlay filesystem combines two filesystems - an upper filesystem and a lower
filesystem. When a name exists in both filesystems, the object in the upper filesystem is
visible while the object in the lower filesystem is either hidden or, in the case of
directories, merged with the upper object.
The lower filesystem can be any filesystem supported by Linux and does not need to be
writable. The lower filesystem can even be another overlayfs. The upper filesystem will
normally be writable and if it is it must support the creation of trusted.* extended
attributes, and must provide a valid d_type in readdir responses, so NFS is not suitable.
A read-only overlay of two read-only filesystems may use any filesystem type. The options
lowerdir and upperdir are combined into a merged directory by using:
mount -t overlay overlay \
-olowerdir=/lower,upperdir=/upper,workdir=/work /merged
lowerdir=directory
Any filesystem, does not need to be on a writable filesystem.
upperdir=directory
The upperdir is normally on a writable filesystem.
workdir=directory
The workdir needs to be an empty directory on the same filesystem as upperdir.
userxattr
Use the "user.overlay." xattr namespace instead of "trusted.overlay.". This is useful
for unprivileged mounting of overlayfs.
redirect_dir={on|off|follow|nofollow}
If the redirect_dir feature is enabled, then the directory will be copied up (but not
the contents). Then the "{trusted|user}.overlay.redirect" extended attribute is set to
the path of the original location from the root of the overlay. Finally the directory
is moved to the new location.
on
Redirects are enabled.
off
Redirects are not created and only followed if "redirect_always_follow" feature is
enabled in the kernel/module config.
follow
Redirects are not created, but followed.
nofollow
Redirects are not created and not followed (equivalent to "redirect_dir=off" if
"redirect_always_follow" feature is not enabled).
index={on|off}
Inode index. If this feature is disabled and a file with multiple hard links is copied
up, then this will "break" the link. Changes will not be propagated to other names
referring to the same inode.
uuid={on|off}
Can be used to replace UUID of the underlying filesystem in file handles with null,
and effectively disable UUID checks. This can be useful in case the underlying disk is
copied and the UUID of this copy is changed. This is only applicable if all
lower/upper/work directories are on the same filesystem, otherwise it will fallback to
normal behaviour.
nfs_export={on|off}
When the underlying filesystems supports NFS export and the "nfs_export" feature is
enabled, an overlay filesystem may be exported to NFS.
With the “nfs_export” feature, on copy_up of any lower object, an index entry is
created under the index directory. The index entry name is the hexadecimal
representation of the copy up origin file handle. For a non-directory object, the
index entry is a hard link to the upper inode. For a directory object, the index entry
has an extended attribute "{trusted|user}.overlay.upper" with an encoded file handle
of the upper directory inode.
When encoding a file handle from an overlay filesystem object, the following rules
apply
• For a non-upper object, encode a lower file handle from lower inode
• For an indexed object, encode a lower file handle from copy_up origin
• For a pure-upper object and for an existing non-indexed upper object, encode
an upper file handle from upper inode
The encoded overlay file handle includes
• Header including path type information (e.g. lower/upper)
• UUID of the underlying filesystem
• Underlying filesystem encoding of underlying inode
This encoding format is identical to the encoding format file handles that are stored
in extended attribute "{trusted|user}.overlay.origin". When decoding an overlay file
handle, the following steps are followed
• Find underlying layer by UUID and path type information.
• Decode the underlying filesystem file handle to underlying dentry.
• For a lower file handle, lookup the handle in index directory by name.
• If a whiteout is found in index, return ESTALE. This represents an overlay
object that was deleted after its file handle was encoded.
• For a non-directory, instantiate a disconnected overlay dentry from the
decoded underlying dentry, the path type and index inode, if found.
• For a directory, use the connected underlying decoded dentry, path type and
index, to lookup a connected overlay dentry.
Decoding a non-directory file handle may return a disconnected dentry. copy_up of that
disconnected dentry will create an upper index entry with no upper alias.
When overlay filesystem has multiple lower layers, a middle layer directory may have a
"redirect" to lower directory. Because middle layer "redirects" are not indexed, a
lower file handle that was encoded from the "redirect" origin directory, cannot be
used to find the middle or upper layer directory. Similarly, a lower file handle that
was encoded from a descendant of the "redirect" origin directory, cannot be used to
reconstruct a connected overlay path. To mitigate the cases of directories that cannot
be decoded from a lower file handle, these directories are copied up on encode and
encoded as an upper file handle. On an overlay filesystem with no upper layer this
mitigation cannot be used NFS export in this setup requires turning off redirect
follow (e.g. "redirect_dir=nofollow").
The overlay filesystem does not support non-directory connectable file handles, so
exporting with the subtree_check exportfs configuration will cause failures to lookup
files over NFS.
When the NFS export feature is enabled, all directory index entries are verified on
mount time to check that upper file handles are not stale. This verification may cause
significant overhead in some cases.
Note: the mount options index=off,nfs_export=on are conflicting for a read-write mount
and will result in an error.
xinfo={on|off|auto}
The "xino" feature composes a unique object identifier from the real object st_ino and
an underlying fsid index. The "xino" feature uses the high inode number bits for fsid,
because the underlying filesystems rarely use the high inode number bits. In case the
underlying inode number does overflow into the high xino bits, overlay filesystem will
fall back to the non xino behavior for that inode.
For a detailed description of the effect of this option please refer to
https://www.kernel.org/doc/html/latest/filesystems/overlayfs.html?highlight=overlayfs
metacopy={on|off}
When metadata only copy up feature is enabled, overlayfs will only copy up metadata
(as opposed to whole file), when a metadata specific operation like chown/chmod is
performed. Full file will be copied up later when file is opened for WRITE operation.
In other words, this is delayed data copy up operation and data is copied up when
there is a need to actually modify data.
volatile
Volatile mounts are not guaranteed to survive a crash. It is strongly recommended that
volatile mounts are only used if data written to the overlay can be recreated without
significant effort.
The advantage of mounting with the "volatile" option is that all forms of sync calls
to the upper filesystem are omitted.
In order to avoid a giving a false sense of safety, the syncfs (and fsync) semantics
of volatile mounts are slightly different than that of the rest of VFS. If any
writeback error occurs on the upperdir’s filesystem after a volatile mount takes
place, all sync functions will return an error. Once this condition is reached, the
filesystem will not recover, and every subsequent sync call will return an error, even
if the upperdir has not experience a new error since the last sync call.
When overlay is mounted with "volatile" option, the directory
"$workdir/work/incompat/volatile" is created. During next mount, overlay checks for
this directory and refuses to mount if present. This is a strong indicator that user
should throw away upper and work directories and create fresh one. In very limited
cases where the user knows that the system has not crashed and contents of upperdir
are intact, The "volatile" directory can be removed.
Mount options for reiserfs
Reiserfs is a journaling filesystem.
conv
Instructs version 3.6 reiserfs software to mount a version 3.5 filesystem, using the
3.6 format for newly created objects. This filesystem will no longer be compatible
with reiserfs 3.5 tools.
hash={rupasov|tea|r5|detect}
Choose which hash function reiserfs will use to find files within directories.
rupasov
A hash invented by Yury Yu. Rupasov. It is fast and preserves locality, mapping
lexicographically close file names to close hash values. This option should not be
used, as it causes a high probability of hash collisions.
tea
A Davis-Meyer function implemented by Jeremy Fitzhardinge. It uses hash permuting
bits in the name. It gets high randomness and, therefore, low probability of hash
collisions at some CPU cost. This may be used if EHASHCOLLISION errors are
experienced with the r5 hash.
r5
A modified version of the rupasov hash. It is used by default and is the best
choice unless the filesystem has huge directories and unusual file-name patterns.
detect
Instructs mount to detect which hash function is in use by examining the
filesystem being mounted, and to write this information into the reiserfs
superblock. This is only useful on the first mount of an old format filesystem.
hashed_relocation
Tunes the block allocator. This may provide performance improvements in some
situations.
no_unhashed_relocation
Tunes the block allocator. This may provide performance improvements in some
situations.
noborder
Disable the border allocator algorithm invented by Yury Yu. Rupasov. This may provide
performance improvements in some situations.
nolog
Disable journaling. This will provide slight performance improvements in some
situations at the cost of losing reiserfs’s fast recovery from crashes. Even with this
option turned on, reiserfs still performs all journaling operations, save for actual
writes into its journaling area. Implementation of nolog is a work in progress.
notail
By default, reiserfs stores small files and 'file tails' directly into its tree. This
confuses some utilities such as lilo(8). This option is used to disable packing of
files into the tree.
replayonly
Replay the transactions which are in the journal, but do not actually mount the
filesystem. Mainly used by reiserfsck.
resize=number
A remount option which permits online expansion of reiserfs partitions. Instructs
reiserfs to assume that the device has number blocks. This option is designed for use
with devices which are under logical volume management (LVM). There is a special
resizer utility which can be obtained from ftp://ftp.namesys.com/pub/reiserfsprogs.
user_xattr
Enable Extended User Attributes. See the attr(1) manual page.
acl
Enable POSIX Access Control Lists. See the acl(5) manual page.
barrier=none / barrier=flush
This disables / enables the use of write barriers in the journaling code. barrier=none
disables, barrier=flush enables (default). This also requires an IO stack which can
support barriers, and if reiserfs gets an error on a barrier write, it will disable
barriers again with a warning. Write barriers enforce proper on-disk ordering of
journal commits, making volatile disk write caches safe to use, at some performance
penalty. If your disks are battery-backed in one way or another, disabling barriers
may safely improve performance.
Mount options for ubifs
UBIFS is a flash filesystem which works on top of UBI volumes. Note that atime is not
supported and is always turned off.
The device name may be specified as
ubiX_Y
UBI device number X, volume number Y
ubiY
UBI device number 0, volume number Y
ubiX:NAME
UBI device number X, volume with name NAME
ubi:NAME
UBI device number 0, volume with name NAME
Alternative ! separator may be used instead of :.
The following mount options are available:
bulk_read
Enable bulk-read. VFS read-ahead is disabled because it slows down the filesystem.
Bulk-Read is an internal optimization. Some flashes may read faster if the data are
read at one go, rather than at several read requests. For example, OneNAND can do
"read-while-load" if it reads more than one NAND page.
no_bulk_read
Do not bulk-read. This is the default.
chk_data_crc
Check data CRC-32 checksums. This is the default.
no_chk_data_crc
Do not check data CRC-32 checksums. With this option, the filesystem does not check
CRC-32 checksum for data, but it does check it for the internal indexing information.
This option only affects reading, not writing. CRC-32 is always calculated when
writing the data.
compr={none|lzo|zlib}
Select the default compressor which is used when new files are written. It is still
possible to read compressed files if mounted with the none option.
Mount options for udf
UDF is the "Universal Disk Format" filesystem defined by OSTA, the Optical Storage
Technology Association, and is often used for DVD-ROM, frequently in the form of a hybrid
UDF/ISO-9660 filesystem. It is, however, perfectly usable by itself on disk drives, flash
drives and other block devices. See also iso9660.
uid=
Make all files in the filesystem belong to the given user. uid=forget can be specified
independently of (or usually in addition to) uid=<user> and results in UDF not storing
uids to the media. In fact the recorded uid is the 32-bit overflow uid -1 as defined
by the UDF standard. The value is given as either <user> which is a valid user name or
the corresponding decimal user id, or the special string "forget".
gid=
Make all files in the filesystem belong to the given group. gid=forget can be
specified independently of (or usually in addition to) gid=<group> and results in UDF
not storing gids to the media. In fact the recorded gid is the 32-bit overflow gid -1
as defined by the UDF standard. The value is given as either <group> which is a valid
group name or the corresponding decimal group id, or the special string "forget".
umask=
Mask out the given permissions from all inodes read from the filesystem. The value is
given in octal.
mode=
If mode= is set the permissions of all non-directory inodes read from the filesystem
will be set to the given mode. The value is given in octal.
dmode=
If dmode= is set the permissions of all directory inodes read from the filesystem will
be set to the given dmode. The value is given in octal.
bs=
Set the block size. Default value prior to kernel version 2.6.30 was 2048. Since
2.6.30 and prior to 4.11 it was logical device block size with fallback to 2048. Since
4.11 it is logical block size with fallback to any valid block size between logical
device block size and 4096.
For other details see the mkudffs(8) 2.0+ manpage, sections COMPATIBILITY and BLOCK
SIZE.
unhide
Show otherwise hidden files.
undelete
Show deleted files in lists.
adinicb
Embed data in the inode. (default)
noadinicb
Don’t embed data in the inode.
shortad
Use short UDF address descriptors.
longad
Use long UDF address descriptors. (default)
nostrict
Unset strict conformance.
iocharset=
Set the NLS character set. This requires kernel compiled with CONFIG_UDF_NLS option.
utf8
Set the UTF-8 character set.
Mount options for debugging and disaster recovery
novrs
Ignore the Volume Recognition Sequence and attempt to mount anyway.
session=
Select the session number for multi-session recorded optical media. (default= last
session)
anchor=
Override standard anchor location. (default= 256)
lastblock=
Set the last block of the filesystem.
Unused historical mount options that may be encountered and should be removed
uid=ignore
Ignored, use uid=<user> instead.
gid=ignore
Ignored, use gid=<group> instead.
volume=
Unimplemented and ignored.
partition=
Unimplemented and ignored.
fileset=
Unimplemented and ignored.
rootdir=
Unimplemented and ignored.
Mount options for ufs
ufstype=value
UFS is a filesystem widely used in different operating systems. The problem are
differences among implementations. Features of some implementations are undocumented,
so its hard to recognize the type of ufs automatically. That’s why the user must
specify the type of ufs by mount option. Possible values are:
old
Old format of ufs, this is the default, read only. (Don’t forget to give the -r
option.)
44bsd
For filesystems created by a BSD-like system (NetBSD, FreeBSD, OpenBSD).
ufs2
Used in FreeBSD 5.x supported as read-write.
5xbsd
Synonym for ufs2.
sun
For filesystems created by SunOS or Solaris on Sparc.
sunx86
For filesystems created by Solaris on x86.
hp
For filesystems created by HP-UX, read-only.
nextstep
For filesystems created by NeXTStep (on NeXT station) (currently read only).
nextstep-cd
For NextStep CDROMs (block_size == 2048), read-only.
openstep
For filesystems created by OpenStep (currently read only). The same filesystem
type is also used by Mac OS X.
onerror=value
Set behavior on error:
panic
If an error is encountered, cause a kernel panic.
[lock|umount|repair]
These mount options don’t do anything at present; when an error is encountered
only a console message is printed.
Mount options for umsdos
See mount options for msdos. The dotsOK option is explicitly killed by umsdos.
Mount options for vfat
First of all, the mount options for fat are recognized. The dotsOK option is explicitly
killed by vfat. Furthermore, there are
uni_xlate
Translate unhandled Unicode characters to special escaped sequences. This lets you
backup and restore filenames that are created with any Unicode characters. Without
this option, a '?' is used when no translation is possible. The escape character is
':' because it is otherwise invalid on the vfat filesystem. The escape sequence that
gets used, where u is the Unicode character, is: ':', (u & 0x3f), ((u>>6) & 0x3f),
(u>>12).
posix
Allow two files with names that only differ in case. This option is obsolete.
nonumtail
First try to make a short name without sequence number, before trying name~num.ext.
utf8
UTF8 is the filesystem safe 8-bit encoding of Unicode that is used by the console. It
can be enabled for the filesystem with this option or disabled with utf8=0, utf8=no or
utf8=false. If uni_xlate gets set, UTF8 gets disabled.
shortname=mode
Defines the behavior for creation and display of filenames which fit into 8.3
characters. If a long name for a file exists, it will always be the preferred one for
display. There are four modes:
lower
Force the short name to lower case upon display; store a long name when the short
name is not all upper case.
win95
Force the short name to upper case upon display; store a long name when the short
name is not all upper case.
winnt
Display the short name as is; store a long name when the short name is not all
lower case or all upper case.
mixed
Display the short name as is; store a long name when the short name is not all
upper case. This mode is the default since Linux 2.6.32.
Mount options for usbfs
devuid=uid and devgid=gid and devmode=mode
Set the owner and group and mode of the device files in the usbfs filesystem (default:
uid=gid=0, mode=0644). The mode is given in octal.
busuid=uid and busgid=gid and busmode=mode
Set the owner and group and mode of the bus directories in the usbfs filesystem
(default: uid=gid=0, mode=0555). The mode is given in octal.
listuid=uid and listgid=gid and listmode=mode
Set the owner and group and mode of the file devices (default: uid=gid=0, mode=0444).
The mode is given in octal.
DM-VERITY SUPPORT (EXPERIMENTAL)
The device-mapper verity target provides read-only transparent integrity checking of block
devices using kernel crypto API. The mount command can open the dm-verity device and do
the integrity verification before on the device filesystem is mounted. Requires
libcryptsetup with in libmount (optionally via dlopen(3)). If libcryptsetup supports
extracting the root hash of an already mounted device, existing devices will be
automatically reused in case of a match. Mount options for dm-verity:
verity.hashdevice=path
Path to the hash tree device associated with the source volume to pass to dm-verity.
verity.roothash=hex
Hex-encoded hash of the root of verity.hashdevice. Mutually exclusive with
verity.roothashfile.
verity.roothashfile=path
Path to file containing the hex-encoded hash of the root of verity.hashdevice.
Mutually exclusive with verity.roothash.
verity.hashoffset=offset
If the hash tree device is embedded in the source volume, offset (default: 0) is used
by dm-verity to get to the tree.
verity.fecdevice=path
Path to the Forward Error Correction (FEC) device associated with the source volume to
pass to dm-verity. Optional. Requires kernel built with CONFIG_DM_VERITY_FEC.
verity.fecoffset=offset
If the FEC device is embedded in the source volume, offset (default: 0) is used by
dm-verity to get to the FEC area. Optional.
verity.fecroots=value
Parity bytes for FEC (default: 2). Optional.
verity.roothashsig=path
Path to pkcs7(1ssl) signature of root hash hex string. Requires
crypt_activate_by_signed_key() from cryptsetup and kernel built with
CONFIG_DM_VERITY_VERIFY_ROOTHASH_SIG. For device reuse, signatures have to be either
used by all mounts of a device or by none. Optional.
Supported since util-linux v2.35.
For example commands:
mksquashfs /etc /tmp/etc.squashfs
dd if=/dev/zero of=/tmp/etc.hash bs=1M count=10
veritysetup format /tmp/etc.squashfs /tmp/etc.hash
openssl smime -sign -in <hash> -nocerts -inkey private.key \
-signer private.crt -noattr -binary -outform der -out /tmp/etc.roothash.p7s
mount -o verity.hashdevice=/tmp/etc.hash,verity.roothash=<hash>,\
verity.roothashsig=/tmp/etc.roothash.p7s /tmp/etc.squashfs /mnt
create squashfs image from /etc directory, verity hash device and mount verified
filesystem image to /mnt. The kernel will verify that the root hash is signed by a key
from the kernel keyring if roothashsig is used.
LOOP-DEVICE SUPPORT
One further possible type is a mount via the loop device. For example, the command
mount /tmp/disk.img /mnt -t vfat -o loop=/dev/loop3
will set up the loop device /dev/loop3 to correspond to the file /tmp/disk.img, and then
mount this device on /mnt.
If no explicit loop device is mentioned (but just an option '-o loop' is given), then
mount will try to find some unused loop device and use that, for example
mount /tmp/disk.img /mnt -o loop
The mount command automatically creates a loop device from a regular file if a filesystem
type is not specified or the filesystem is known for libblkid, for example:
mount /tmp/disk.img /mnt
mount -t ext4 /tmp/disk.img /mnt
This type of mount knows about three options, namely loop, offset and sizelimit, that are
really options to losetup(8). (These options can be used in addition to those specific to
the filesystem type.)
Since Linux 2.6.25 auto-destruction of loop devices is supported, meaning that any loop
device allocated by mount will be freed by umount independently of /etc/mtab.
You can also free a loop device by hand, using losetup -d or umount -d.
Since util-linux v2.29, mount re-uses the loop device rather than initializing a new
device if the same backing file is already used for some loop device with the same offset
and sizelimit. This is necessary to avoid a filesystem corruption.
EXIT STATUS
mount has the following exit status values (the bits can be ORed):
0
success
1
incorrect invocation or permissions
2
system error (out of memory, cannot fork, no more loop devices)
4
internal mount bug
8
user interrupt
16
problems writing or locking /etc/mtab
32
mount failure
64
some mount succeeded
The command mount -a returns 0 (all succeeded), 32 (all failed), or 64 (some failed,
some succeeded).
EXTERNAL HELPERS
The syntax of external mount helpers is:
/sbin/mount.suffix spec dir [-sfnv] [-N namespace] [-o options] [-t type.subtype]
where the suffix is the filesystem type and the -sfnvoN options have the same meaning as
the normal mount options. The -t option is used for filesystems with subtypes support (for
example /sbin/mount.fuse -t fuse.sshfs).
The command mount does not pass the mount options unbindable, runbindable, private,
rprivate, slave, rslave, shared, rshared, auto, noauto, comment, x-*, loop, offset and
sizelimit to the mount.<suffix> helpers. All other options are used in a comma-separated
list as an argument to the -o option.
ENVIRONMENT
LIBMOUNT_FSTAB=<path>
overrides the default location of the fstab file (ignored for suid)
LIBMOUNT_MTAB=<path>
overrides the default location of the mtab file (ignored for suid)
LIBMOUNT_DEBUG=all
enables libmount debug output
LIBBLKID_DEBUG=all
enables libblkid debug output
LOOPDEV_DEBUG=all
enables loop device setup debug output
FILES
See also "The files /etc/fstab, /etc/mtab and /proc/mounts" section above.
/etc/fstab
filesystem table
/run/mount
libmount private runtime directory
/etc/mtab
table of mounted filesystems or symlink to /proc/mounts
/etc/mtab~
lock file (unused on systems with mtab symlink)
/etc/mtab.tmp
temporary file (unused on systems with mtab symlink)
/etc/filesystems
a list of filesystem types to try
HISTORY
A mount command existed in Version 5 AT&T UNIX.
BUGS
It is possible for a corrupted filesystem to cause a crash.
Some Linux filesystems don’t support -o sync and -o dirsync (the ext2, ext3, ext4, fat and
vfat filesystems do support synchronous updates (a la BSD) when mounted with the sync
option).
The -o remount may not be able to change mount parameters (all ext2fs-specific parameters,
except sb, are changeable with a remount, for example, but you can’t change gid or umask
for the fatfs).
It is possible that the files /etc/mtab and /proc/mounts don’t match on systems with a
regular mtab file. The first file is based only on the mount command options, but the
content of the second file also depends on the kernel and others settings (e.g. on a
remote NFS server — in certain cases the mount command may report unreliable information
about an NFS mount point and the /proc/mount file usually contains more reliable
information.) This is another reason to replace the mtab file with a symlink to the
/proc/mounts file.
Checking files on NFS filesystems referenced by file descriptors (i.e. the fcntl and ioctl
families of functions) may lead to inconsistent results due to the lack of a consistency
check in the kernel even if the noac mount option is used.
The loop option with the offset or sizelimit options used may fail when using older
kernels if the mount command can’t confirm that the size of the block device has been
configured as requested. This situation can be worked around by using the losetup(8)
command manually before calling mount with the configured loop device.
AUTHORS
Karel Zak <[email protected]>
SEE ALSO
mount(2), umount(2), filesystems(5), fstab(5), nfs(5), xfs(5), mount_namespaces(7),
xattr(7), e2label(8), findmnt(8), losetup(8), lsblk(8), mke2fs(8), mountd(8), nfsd(8),
swapon(8), tune2fs(8), umount(8), xfs_admin(8)
REPORTING BUGS
For bug reports, use the issue tracker at https://github.com/karelzak/util-linux/issues.
AVAILABILITY
The mount command is part of the util-linux package which can be downloaded from Linux
Kernel Archive <https://www.kernel.org/pub/linux/utils/util-linux/>.
man_pages/linux/ubuntu/jammy/mount_8.txt · Last modified: 2023/08/15 16:40 by 127.0.0.1