mount.2: Restructure discussion of 'mountflags' into functional groups

[thirdparty/man-pages.git] / man2 / mount.2

.\" Copyright (C) 1993 Rickard E. Faith <faith@cs.unc.edu>
.\" and Copyright (C) 1994 Andries E. Brouwer <aeb@cwi.nl>
.\" and Copyright (C) 2002, 2005 Michael Kerrisk <mtk.manpages@gmail.com>
.\"
.\" %%%LICENSE_START(VERBATIM)
.\" Permission is granted to make and distribute verbatim copies of this
.\" manual provided the copyright notice and this permission notice are
.\" preserved on all copies.
.\"
.\" Permission is granted to copy and distribute modified versions of this
.\" manual under the conditions for verbatim copying, provided that the
.\" entire resulting derived work is distributed under the terms of a
.\" permission notice identical to this one.
.\"
.\" Since the Linux kernel and libraries are constantly changing, this
.\" manual page may be incorrect or out-of-date.  The author(s) assume no
.\" responsibility for errors or omissions, or for damages resulting from
.\" the use of the information contained herein.  The author(s) may not
.\" have taken the same level of care in the production of this manual,
.\" which is licensed free of charge, as they might when working
.\" professionally.
.\"
.\" Formatted or processed versions of this manual, if unaccompanied by
.\" the source, must acknowledge the copyright and authors of this work.
.\" %%%LICENSE_END
.\"
.\" Modified 1996-11-04 by Eric S. Raymond <esr@thyrsus.com>
.\" Modified 2001-10-13 by Michael Kerrisk <mtk.manpages@gmail.com>
.\"     Added note on historical behavior of MS_NOSUID
.\" Modified 2002-05-16 by Michael Kerrisk <mtk.manpages@gmail.com>
.\"     Extensive changes and additions
.\" Modified 2002-05-27 by aeb
.\" Modified 2002-06-11 by Michael Kerrisk <mtk.manpages@gmail.com>
.\"     Enhanced descriptions of MS_MOVE, MS_BIND, and MS_REMOUNT
.\" Modified 2004-06-17 by Michael Kerrisk <mtk.manpages@gmail.com>
.\" 2005-05-18, mtk, Added MNT_EXPIRE, plus a few other tidy-ups.
.\" 2008-10-06, mtk: move umount*() material into separate umount.2 page.
.\" 2008-10-06, mtk: Add discussion of namespaces.
.\"
.TH MOUNT 2 2016-03-15 "Linux" "Linux Programmer's Manual"
.SH NAME
mount \- mount filesystem
.SH SYNOPSIS
.nf
.B "#include <sys/mount.h>"
.sp
.BI "int mount(const char *" source ", const char *" target ,
.BI "          const char *" filesystemtype ", unsigned long " mountflags ,
.BI "          const void *" data );
.fi
.SH DESCRIPTION
.BR mount ()
attaches the filesystem specified by
.I source
(which is often a pathname referring to a device,
but can also be the pathname of a directory or file,
or a dummy string) to the location (a directory or file)
specified by the pathname in
.IR target .

Appropriate privilege (Linux: the
.B CAP_SYS_ADMIN
capability) is required to mount filesystems.

Values for the
.I filesystemtype
argument supported by the kernel are listed in
.I /proc/filesystems
(e.g., "btrfs", "ext4", "jfs", "xfs", "vfat", "fuse",
"tmpfs", "cgroup", "proc", "mqueue", "nfs", "cifs", "iso9660").
Further types may become available when the appropriate modules
are loaded.

The
.I data
argument is interpreted by the different filesystems.
Typically it is a string of comma-separated options
understood by this filesystem.
See
.BR mount (8)
for details of the options available for each filesystem type.

A call to
.BR mount ()
performs one of a number of general types of operation.
depending on the bits specified in
.IR mountflags .
The choice of operation is determined by testing the bits set in
.IR mountflags ,
with the tests being conducted in the order listed here:
.IP * 3
Remount an existing mount:
.IR mountflags
includes
.BR MS_REMOUNT .
.IP *
Create a bind mount:
.IR mountflags
includes
.BR MS_BIND .
.IP *
Change the propagation type of an existing mount:
.IR mountflags
includes one of
.BR MS_SHARED ,
.BR MS_PRIVATE ,
.BR MS_SLAVE ,
or
.BR MS_UNBINDABLE .
.IP *
Move an existing mount to a new location:
.IR mountflags
includes
.BR MS_MOVE .
.IP *
Create a new mount:
.IR mountflags
includes none of the above flags.
.PP
Each of these operations is detailed later in this page.
Further flags may be specified in
.IR mountflags
to modify the behavior of
.BR mount (),
as described below.
.\"
.SS Additional mount flags
The list below describes the additional flags that can be specified in
.IR mountflags .
Note that some operation types ignore some or all of these flags,
as described later in this page.
.\"
.\" FIXME 2.6.25 Added MS_I_VERSION, which needs to be documented.
.\"
.TP
.BR MS_DIRSYNC " (since Linux 2.5.19)"
Make directory changes on this filesystem synchronous.
(This property can be obtained for individual directories
or subtrees using
.BR chattr (1).)
.TP
.BR MS_LAZYTIME " (since Linux 4.0)"
.\" commit 0ae45f63d4ef8d8eeec49c7d8b44a1775fff13e8
.\" commit fe032c422c5ba562ba9c2d316f55e258e03259c6
.\" commit a26f49926da938f47561f386be56a83dd37a496d
Reduce on-disk updates of inode timestamps (atime, mtime, ctime)
by maintaining these changes only in memory.
The on-disk timestamps are updated only when:
.RS
.IP (a) 5
the inode needs to be updated for some change unrelated to file timestamps;
.IP (b)
the application employs
.BR fsync (2),
.BR syncfs (2),
or
.BR sync (2);
.IP (c)
an undeleted inode is evicted from memory; or
.IP (d)
more than 24 hours have passed since the inode was written to disk.
.RE
.IP
This mount option significantly reduces writes
needed to update the inode's timestamps, especially mtime and atime.
However, in the event of a system crash, the atime and mtime fields
on disk might be out of date by up to 24 hours.

Examples of workloads where this option could be of significant benefit
include frequent random writes to preallocated files,
as well as cases where the
.B MS_STRICTATIME
mount option is also enabled.
(The advantage of combining
.BR MS_STRICTATIME
and
.BR MS_LAZYTIME
is that
.BR stat (2)
will return the correctly updated atime, but the atime updates
will be flushed to disk only in the cases listed above.)
.TP
.B MS_MANDLOCK
Permit mandatory locking on files in this filesystem.
(Mandatory locking must still be enabled on a per-file basis,
as described in
.BR fcntl (2).)
Since Linux 4.5,
.\" commit 95ace75414f312f9a7b93d873f386987b92a5301
this mount option requires the
.B CAP_SYS_ADMIN
capability.
.\" FIXME Describe the MS_MOVE flag in more detail
.TP
.B MS_NOATIME
Do not update access times for (all types of) files on this filesystem.
.TP
.B MS_NODEV
Do not allow access to devices (special files) on this filesystem.
.TP
.B MS_NODIRATIME
Do not update access times for directories on this filesystem.
This flag provides a subset of the functionality provided by
.BR MS_NOATIME ;
that is,
.BR MS_NOATIME
implies
.BR MS_NODIRATIME .
.TP
.B MS_NOEXEC
Do not allow programs to be executed from this filesystem.
.\" (Possibly useful for a filesystem that contains non-Linux executables.
.\" Often used as a security feature, e.g., to make sure that restricted
.\" users cannot execute files uploaded using ftp or so.)
.TP
.B MS_NOSUID
Do not honor set-user-ID and set-group-ID bits or file capabilities
when executing programs from this filesystem.
.\" (This is a security feature to prevent users executing set-user-ID and
.\" set-group-ID programs from removable disk devices.)
.TP
.B MS_RDONLY
Mount filesystem read-only.
.\"
.\" FIXME Document MS_REC, available since 2.4.11.
.\" This flag has meaning in conjunction with MS_BIND and
.\" also with the shared subtree flags.
.TP
.BR MS_RELATIME " (since Linux 2.6.20)"
When a file on this filesystem is accessed,
update the file's last access time (atime) only if the current value
of atime is less than or equal to the file's last modification time (mtime)
or last status change time (ctime).
This option is useful for programs, such as
.BR mutt (1),
that need to know when a file has been read since it was last modified.
Since Linux 2.6.30, the kernel defaults to the behavior provided
by this flag (unless
.BR MS_NOATIME
was specified), and the
.B MS_STRICTATIME
flag is required to obtain traditional semantics.
In addition, since Linux 2.6.30,
the file's last access time is always updated if it
is more than 1 day old.
.\" Matthew Garrett notes in the patch that added this behavior
.\" that this lets utilities such as tmpreaper (which deletes
.\" files based on last access time) work correctly.
.TP
.BR MS_SILENT " (since Linux 2.6.17)"
Suppress the display of certain
.RI ( printk ())
warning messages in the kernel log.
This flag supersedes the misnamed and obsolete
.BR MS_VERBOSE
flag (available since Linux 2.4.12), which has the same meaning.
.TP
.BR MS_STRICTATIME " (since Linux 2.6.30)"
Always update the last access time (atime) when files on this
filesystem are accessed.
(This was the default behavior before Linux 2.6.30.)
Specifying this flag overrides the effect of setting the
.BR MS_NOATIME
and
.BR MS_RELATIME
flags.
.TP
.B MS_SYNCHRONOUS
Make writes on this filesystem synchronous (as though
the
.B O_SYNC
flag to
.BR open (2)
was specified for all file opens to this filesystem).
.PP
From Linux 2.4 onward, the
.BR MS_NODEV ", " MS_NOEXEC ", and " MS_NOSUID
flags are settable on a per-mount-point basis.
From kernel 2.6.16 onward,
.B MS_NOATIME
and
.B MS_NODIRATIME
are also settable on a per-mount-point basis.
The
.B MS_RELATIME
flag is also settable on a per-mount-point basis.
.\"
.SS Remounting an existing mount
An existing mount may be remounted by specifying
.B MS_REMOUNT
in
.IR mountflags .
This allows you to change the
.I mountflags
and
.I data
of an existing mount without having to unmount and remount the filesystem.
.I target
should be the same value specified in the initial
.BR mount ()
call;
.I source
and
.I filesystemtype
are ignored.

The
.I mountflags
and
.I data
arguments should match the values used in the original
.BR mount ()
call, except for those parameters that are being deliberately changed.

The following
.I mountflags
can be changed:
.BR MS_RDONLY ,
.BR MS_SYNCHRONOUS ,
and
.BR MS_MANDLOCK ;
before kernel 2.6.16, the following could also be changed:
.B MS_NOATIME
and
.BR MS_NODIRATIME ;
and, additionally, before kernel 2.4.10, the following could also be changed:
.BR MS_NOSUID ,
.BR MS_NODEV ,
and
.BR MS_NOEXEC .

Since Linux 3.17,
.\" commit ffbc6f0ead47fa5a1dc9642b0331cb75c20a640e
if none of
.BR MS_NOATIME ,
.BR MS_NODIRATIME ,
.BR MS_RELATIME ,
or
.BR MS_STRICTATIME
is specified in
.IR mountflags ,
then the remount operation preserves the existing values of these flags
(rather than defaulting to
.BR MS_RELATIME ).

Since Linux 2.6.26, this flag can also be used to make
.\" See https://lwn.net/Articles/281157/
an existing bind mount read-only by specifying
.IR mountflags
as:

    MS_REMOUNT | MS_BIND | MS_RDONLY

Note that only the
.BR MS_RDONLY
setting of the bind mount can be changed in this manner.
.\"
.SS Creating a bind mount
If
.I mountflags
includes
.BR MS_BIND
(available since Linux 2.4),
.\" since 2.4.0-test9
then perform a bind mount.
A bind mount makes a file or a directory subtree visible at
another point within the single directory hierarchy.
Bind mounts may cross filesystem boundaries and span
.BR chroot (2)
jails.

The
.IR filesystemtype
and
.IR data
arguments are ignored.

The remaining bits in the
.I mountflags
argument are also ignored, with the exception of
.BR MS_REC .
(The bind mount has the same mount options as
the underlying mount point.)
However, see the discussion of remounting above,
for a method of making an existing bind mount read-only.
.\"
.SS Changing the propagation type of an existing mount
[TBC]
.\"
.\" FIXME 2.6.15 added flags for "shared subtree" functionality:
.\"
.\"     MS_PRIVATE
.\"             All mounts are private by default. Previously shared mounts
.\"             can be re-marked PRIVATE.
.\"     MS_SHARED
.\"             Mount points that are marked SHARED propagate mount events
.\"             to one another after being cloned.
.\"                     mount --make-rshared ==> MS_SHARED | MS_REC
.\"     MS_SLAVE
.\"             A previously shared mount point can be marked SLAVE, meaning
.\"             it receives propagated events, but does not propagate events.
.\"     MS_UNBINDABLE
.\"             mounts cannot be bound into other places, and will not be
.\"             propagated into new subtrees    
.\"
.\" These settings are visible in /proc/$$/mountinfo
.\"
.\" These need to be documented on this page.
.\" See:
.\"
.\" * Documentation/filesystems/sharedsubtree.txt
.\"
.\" * http://lwn.net/Articles/159077/
.\"
.\" * https://www.kernel.org/doc/ols/2006/ols2006v2-pages-209-222.pdf
.\"       Shared-Subtree Concept, Implementation, and Applications in Linux
.\"       Al Viro viro@ftp.linux.org.uk
.\"       Ram Pai linuxram@us.ibm.com
.\"
.\" * http://www.ibm.com/developerworks/linux/library/l-mount-namespaces/index.html
.\"       Applying mount namespaces
.\"
.\"       Uncover practical applications for advanced Linux mounts features
.\"       Serge E. Hallyn (sergeh@us.ibm.com), Software Engineer, IBM
.\"       Ram Pai (linuxram@us.ibm.com), Software Engineer, IBM
.\"       Date:  17 Sep 2007
.\"
.SS Moving a mount
If
.I mountflags
contains the flag
.BR MS_MOVE ,
then move a subtree:
.I source
specifies an existing mount point and
.I target
specifies the new location to which that mount point is to be relocated.
The move is atomic: at no point is the subtree unmounted.
The remaining bits in the
.IR mountflags
argument are ignored, as are the
.IR filesystemtype
and
.IR data
arguments.
.\"
.SS Creating a new mount point
If none of
.BR MS_REMOUNT ,
.BR MS_BIND ,
.BR MS_MOVE ,
.BR MS_SHARED ,
.BR MS_PRIVATE ,
.BR MS_SLAVE ,
or
.BR MS_UNBINDABLE
is specified in
.IR mountflags ,
then
.BR mount ()
performs its default action: creating a new mount point.
.IR source
specifies the source for the new mount point, and
.IR target
specifies the directory at which to create the mount point.

The
.I filesystemtype
and
.I data
arguments are employed, and further bits may be specified in
.IR mountflags
to modify the behavior of the call.
.\"
.SH RETURN VALUE
On success, zero is returned.
On error, \-1 is returned, and
.I errno
is set appropriately.
.SH ERRORS
The error values given below result from filesystem type independent
errors.
Each filesystem type may have its own special errors and its
own special behavior.
See the Linux kernel source code for details.
.TP
.B EACCES
A component of a path was not searchable.
(See also
.BR path_resolution (7).)
Or, mounting a read-only filesystem was attempted without giving the
.B MS_RDONLY
flag.
Or, the block device
.I source
is located on a filesystem mounted with the
.B MS_NODEV
option.
.\" mtk: Probably: write permission is required for MS_BIND, with
.\" the error EPERM if not present; CAP_DAC_OVERRIDE is required.
.TP
.B EBUSY
.I source
is already mounted.
Or, it cannot be remounted read-only,
because it still holds files open for writing.
Or, it cannot be mounted on
.I target
because
.I target
is still busy (it is the working directory of some thread,
the mount point of another device, has open files, etc.).
.TP
.B EFAULT
One of the pointer arguments points outside the user address space.
.TP
.B EINVAL
.I source
had an invalid superblock.
Or, a remount
.RB ( MS_REMOUNT )
was attempted, but
.I source
was not already mounted on
.IR target .
Or, a move
.RB ( MS_MOVE )
was attempted, but
.I source
was not a mount point, or was \(aq/\(aq.
.TP
.B ELOOP
Too many links encountered during pathname resolution.
Or, a move was attempted, while
.I target
is a descendant of
.IR source .
.TP
.B EMFILE
(In case no block device is required:)
Table of dummy devices is full.
.TP
.B ENAMETOOLONG
A pathname was longer than
.BR MAXPATHLEN .
.TP
.B ENODEV
.I filesystemtype
not configured in the kernel.
.TP
.B ENOENT
A pathname was empty or had a nonexistent component.
.TP
.B ENOMEM
The kernel could not allocate a free page to copy filenames or data into.
.TP
.B ENOTBLK
.I source
is not a block device (and a device was required).
.TP
.B ENOTDIR
.IR target ,
or a prefix of
.IR source ,
is not a directory.
.TP
.B ENXIO
The major number of the block device
.I source
is out of range.
.TP
.B EPERM
The caller does not have the required privileges.
.SH VERSIONS
The definitions of
.BR MS_DIRSYNC ,
.BR MS_MOVE ,
.BR MS_PRIVATE ,
.BR MS_REC ,
.BR MS_RELATIME ,
.BR MS_SHARED ,
.BR MS_SLAVED ,
.BR MS_STRICTATIME
and
.BR MS_UNBINDABLE
were added to glibc headers in version 2.12.
.\"
.SH CONFORMING TO
This function is Linux-specific and should not be used in
programs intended to be portable.
.SH NOTES
Since Linux 2.4 a single filesystem can be mounted at
multiple mount points, and multiple mounts can be stacked
on the same mount point.
.\" Multiple mounts on same mount point: since 2.3.99pre7.

The
.I mountflags
argument may have the magic number 0xC0ED (\fBMS_MGC_VAL\fP)
in the top 16 bits.
(All of the other flags discussed in DESCRIPTION
occupy the low order 16 bits of
.IR mountflags .)
Specifying
.BR MS_MGC_VAL
was required in kernel versions prior to 2.4,
but since Linux 2.4 is no longer required and is ignored if specified.

The original
.B MS_SYNC
flag was renamed
.B MS_SYNCHRONOUS
in 1.1.69
when a different
.B MS_SYNC
was added to \fI<mman.h>\fP.
.LP
Before Linux 2.4 an attempt to execute a set-user-ID or set-group-ID program
on a filesystem mounted with
.B MS_NOSUID
would fail with
.BR EPERM .
Since Linux 2.4 the set-user-ID and set-group-ID bits are
just silently ignored in this case.
.\" The change is in patch-2.4.0-prerelease.
.\"

.SS Per-process namespaces
Starting with kernel 2.4.19, Linux provides
per-process mount namespaces.
A mount namespace is the set of filesystem mounts that
are visible to a process.
Mount-point namespaces can be (and usually are)
shared between multiple processes,
and changes to the namespace (i.e., mounts and unmounts) by one process
are visible to all other processes sharing the same namespace.
(The pre-2.4.19 Linux situation can be considered as one in which
a single namespace was shared by every process on the system.)

A child process created by
.BR fork (2)
shares its parent's mount namespace;
the mount namespace is preserved across an
.BR execve (2).

A process can obtain a private mount namespace if:
it was created using the
.BR clone (2)
.BR CLONE_NEWNS
flag,
in which case its new namespace is initialized to be a
.I copy
of the namespace of the process that called
.BR clone (2);
or it calls
.BR unshare (2)
with the
.BR CLONE_NEWNS
flag,
which causes the caller's mount namespace to obtain a private copy
of the namespace that it was previously sharing with other processes,
so that future mounts and unmounts by the caller are invisible
to other processes (except child processes that the caller
subsequently creates) and vice versa.

The Linux-specific
.I /proc/PID/mounts
file exposes the list of mount points in the mount
namespace of the process with the specified ID; see
.BR proc (5)
for details.
.SH SEE ALSO
.BR umount (2),
.BR namespaces (7),
.BR path_resolution (7),
.BR lsblk (8),
.BR findmnt (8),
.BR mount (8),
.BR umount (8)