summaryrefslogtreecommitdiffstats
path: root/sys-utils/mount.8
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--sys-utils/mount.847
-rw-r--r--sys-utils/mount.8.adoc32
2 files changed, 51 insertions, 28 deletions
diff --git a/sys-utils/mount.8 b/sys-utils/mount.8
index 1a09d1d..e1a5a4b 100644
--- a/sys-utils/mount.8
+++ b/sys-utils/mount.8
@@ -2,12 +2,12 @@
.\" Title: mount
.\" Author: [see the "AUTHOR(S)" section]
.\" Generator: Asciidoctor 2.0.20
-.\" Date: 2023-12-01
+.\" Date: 2024-03-20
.\" Manual: System Administration
-.\" Source: util-linux 2.39.3
+.\" Source: util-linux 2.40
.\" Language: English
.\"
-.TH "MOUNT" "8" "2023-12-01" "util\-linux 2.39.3" "System Administration"
+.TH "MOUNT" "8" "2024-03-20" "util\-linux 2.40" "System Administration"
.ie \n(.g .ds Aq \(aq
.el .ds Aq '
.ss \n[.ss] 0
@@ -387,11 +387,11 @@ Note that \fBmount\fP does not pass this option to the \fB/sbin/mount.\fP\fItype
.sp
\fB\-f, \-\-fake\fP
.RS 4
-Causes everything to be done except for the mount\-related system calls. The \-\-fake option was originally designed to write an entry to /etc/mtab without actually mounting.
+Causes everything to be done except for the mount\-related system calls. The \fB\-\-fake\fP option was originally designed to write an entry to \fI/etc/mtab\fP without actually mounting.
.sp
-The /etc/mtab is no longer maintained in userspace, and starting from version 2.39, the mount operation can be a complex chain of operations with dependencies between the syscalls. The \-\-fake option forces libmount to skip all mount source preparation, mount option analysis, and the actual mounting process.
+The \fI/etc/mtab\fP is no longer maintained in userspace, and starting from version 2.39, the mount operation can be a complex chain of operations with dependencies between the syscalls. The \fB\-\-fake\fP option forces libmount to skip all mount source preparation, mount option analysis, and the actual mounting process.
.sp
-The difference between fake and non\-fake execution is huge. This is the reason why the \-\-fake option has minimal significance for the current mount(8) implementation and it is maintained mostly for backward compatibility.
+The difference between fake and non\-fake execution is huge. This is the reason why the \fB\-\-fake\fP option has minimal significance for the current \fBmount\fP(8) implementation and it is maintained mostly for backward compatibility.
.RE
.sp
\fB\-i, \-\-internal\-only\fP
@@ -419,6 +419,16 @@ Move a subtree to some other place. See above, the subsection \fBThe move operat
Allow to make a target directory (mountpoint) if it does not exist yet. Alias to "\-o X\-mount.mkdir[=mode]", the default mode is 0755. For more details see \fBX\-mount.mkdir\fP below.
.RE
.sp
+\fB\-\-map\-groups\fP, \fB\-\-map\-users\fP \fIinner\fP:_outer_:_count_
+.RS 4
+Add the specified user/group mapping to an \fBX\-mount.idmap\fP map. These options can be given multiple times to build up complete mappings for users and groups. For more details see \fBX\-mount.idmap\fP below.
+.RE
+.sp
+\fB\-\-map\-users\fP /proc/\fIPID\fP/ns/user
+.RS 4
+Use the specified user namespace for user and group mapping in an id\-mapped mount. This is an alias for "\-o X\-mount.idmap=/proc/\fIPID\fP/ns/user" and cannot be used twice nor together with the \fIinner\fP:_outer_:_count_ option format above. For more details see \fBX\-mount.idmap\fP below.
+.RE
+.sp
\fB\-n\fP, \fB\-\-no\-mtab\fP
.RS 4
Mount without writing in \fI/etc/mtab\fP. This is necessary for example when \fI/etc\fP is on a read\-only filesystem.
@@ -463,7 +473,7 @@ For more details, see the \fBFILESYSTEM\-INDEPENDENT MOUNT OPTIONS\fP and \fBFIL
.sp
\fB\-\-onlyonce\fP
.RS 4
-Forces mount command to check if the filesystem is already mounted. This behavior is the default for \fB\-\-all\fP; otherwise, it depends on the kernel filesystem driver. Some filesystems may be mounted more than once on the same mount point (e.g. tmpfs).
+Forces \fBmount\fP command to check if the filesystem is already mounted. This behavior is the default for \fB\-\-all\fP; otherwise, it depends on the kernel filesystem driver. Some filesystems may be mounted more than once on the same mount point (e.g. tmpfs).
.RE
.sp
\fB\-\-options\-mode\fP \fImode\fP
@@ -667,15 +677,21 @@ The \fBrootcontext=\fP option allows you to explicitly label the root inode of a
Note that the kernel rejects any remount request that includes the context option, \fBeven\fP when unchanged from the current context.
.sp
\fBWarning: the\fP \fIcontext\fP \fBvalue might contain commas\fP, in which case the value has to be properly quoted, otherwise \fBmount\fP will interpret the comma as a separator between mount options. Don\(cqt forget that the shell strips off quotes and thus \fBdouble quoting is required\fP. For example:
-.RE
.RS 3
.ll -.6i
.sp
+.if n .RS 4
+.nf
+.fam C
mount \-t tmpfs none /mnt \-o \(rs
\*(Aqcontext="system_u:object_r:tmp_t:s0:c127,c456",noexec\*(Aq
+.fam
+.fi
+.if n .RE
.br
.RE
.ll
+.RE
.sp
For more details, see \fBselinux\fP(8).
.sp
@@ -944,7 +960,7 @@ The \fIlist\fP is a comma\-separated list of the filesystem names. The
automatic filesystem detection is triggered by the "auto" filesystem type or
when the filesystem type is not specified.
.sp
-Thy \fIlist\fP follows how mount
+The \fIlist\fP follows how mount
evaluates type patterns (see \fB\-t\fP for more details). Only specified filesystem
types are allowed, or all specified types are forbidden if the list is prefixed
by "no".
@@ -2363,13 +2379,12 @@ For example commands:
.if n .RS 4
.nf
.fam C
-mksquashfs /etc /tmp/etc.squashfs
-dd if=/dev/zero of=/tmp/etc.hash bs=1M count=10
-veritysetup format /tmp/etc.squashfs /tmp/etc.hash
-openssl smime \-sign \-in <hash> \-nocerts \-inkey private.key \(rs
+mksquashfs /etc /tmp/etc.raw
+veritysetup format /tmp/etc.raw /tmp/etc.verity \-\-root\-hash\-file=/tmp/etc.roothash
+openssl smime \-sign \-in /tmp/etc.roothash \-nocerts \-inkey private.key \(rs
\-signer private.crt \-noattr \-binary \-outform der \-out /tmp/etc.roothash.p7s
-mount \-o verity.hashdevice=/tmp/etc.hash,verity.roothash=<hash>,\(rs
-verity.roothashsig=/tmp/etc.roothash.p7s /tmp/etc.squashfs /mnt
+mount \-o verity.hashdevice=/tmp/etc.verity,verity.roothashfile=/tmp/etc.roothash,\(rs
+verity.roothashsig=/tmp/etc.roothash.p7s /tmp/etc.raw /mnt
.fam
.fi
.if n .RE
@@ -2473,7 +2488,7 @@ The command \fBmount\fP does not pass the mount options \fBunbindable\fP, \fBrun
.sp
\fBLIBMOUNT_FORCE_MOUNT2\fP={always|never|auto}
.RS 4
-force to use classic mount(2) system call (requires support for new file descriptors based mount API). The default is \fBauto\fP; in this case, libmount tries to be smart and use classic mount(2) only for well\-known issues. If the new mount API is unavailable, libmount can still use traditional mount(2), although LIBMOUNT_FORCE_MOUNT2 is set to \fBnever\fP.
+force to use classic \fBmount\fP(2) system call (requires support for new file descriptors based mount API). The default is \fBauto\fP; in this case, libmount tries to be smart and use classic \fBmount\fP(2) only for well\-known issues. If the new mount API is unavailable, libmount can still use traditional \fBmount\fP(2), although LIBMOUNT_FORCE_MOUNT2 is set to \fBnever\fP.
.RE
.sp
\fBLIBMOUNT_FSTAB\fP=<path>
diff --git a/sys-utils/mount.8.adoc b/sys-utils/mount.8.adoc
index 71e3723..ba8b45a 100644
--- a/sys-utils/mount.8.adoc
+++ b/sys-utils/mount.8.adoc
@@ -325,11 +325,11 @@ Note that *mount* does not pass this option to the **/sbin/mount.**__type__ help
(Used in conjunction with *-a*.) Fork off a new incarnation of *mount* for each device. This will do the mounts on different devices or different NFS servers in parallel. This has the advantage that it is faster; also NFS timeouts proceed in parallel. A disadvantage is that the order of the mount operations is undefined. Thus, you cannot use this option if you want to mount both _/usr_ and _/usr/spool_.
*-f, --fake*::
-Causes everything to be done except for the mount-related system calls. The --fake option was originally designed to write an entry to /etc/mtab without actually mounting.
+Causes everything to be done except for the mount-related system calls. The *--fake* option was originally designed to write an entry to _/etc/mtab_ without actually mounting.
+
-The /etc/mtab is no longer maintained in userspace, and starting from version 2.39, the mount operation can be a complex chain of operations with dependencies between the syscalls. The --fake option forces libmount to skip all mount source preparation, mount option analysis, and the actual mounting process.
+The _/etc/mtab_ is no longer maintained in userspace, and starting from version 2.39, the mount operation can be a complex chain of operations with dependencies between the syscalls. The *--fake* option forces libmount to skip all mount source preparation, mount option analysis, and the actual mounting process.
+
-The difference between fake and non-fake execution is huge. This is the reason why the --fake option has minimal significance for the current mount(8) implementation and it is maintained mostly for backward compatibility.
+The difference between fake and non-fake execution is huge. This is the reason why the *--fake* option has minimal significance for the current *mount*(8) implementation and it is maintained mostly for backward compatibility.
*-i, --internal-only*::
Don't call the **/sbin/mount.**__filesystem__ helper even if it exists.
@@ -346,6 +346,12 @@ Move a subtree to some other place. See above, the subsection *The move operatio
*-m*, **--mkdir**[=__mode__]::
Allow to make a target directory (mountpoint) if it does not exist yet. Alias to "-o X-mount.mkdir[=mode]", the default mode is 0755. For more details see *X-mount.mkdir* below.
+*--map-groups*, *--map-users* _inner_:_outer_:_count_::
+Add the specified user/group mapping to an *X-mount.idmap* map. These options can be given multiple times to build up complete mappings for users and groups. For more details see *X-mount.idmap* below.
+
+*--map-users* /proc/_PID_/ns/user::
+Use the specified user namespace for user and group mapping in an id-mapped mount. This is an alias for "-o X-mount.idmap=/proc/_PID_/ns/user" and cannot be used twice nor together with the _inner_:_outer_:_count_ option format above. For more details see *X-mount.idmap* below.
+
*-n*, *--no-mtab*::
Mount without writing in _/etc/mtab_. This is necessary for example when _/etc_ is on a read-only filesystem.
@@ -381,7 +387,7 @@ Note that the order of the options matters, as the last option wins if there are
For more details, see the *FILESYSTEM-INDEPENDENT MOUNT OPTIONS* and *FILESYSTEM-SPECIFIC MOUNT OPTIONS* sections.
*--onlyonce*::
-Forces mount command to check if the filesystem is already mounted. This behavior is the default for *--all*; otherwise, it depends on the kernel filesystem driver. Some filesystems may be mounted more than once on the same mount point (e.g. tmpfs).
+Forces *mount* command to check if the filesystem is already mounted. This behavior is the default for *--all*; otherwise, it depends on the kernel filesystem driver. Some filesystems may be mounted more than once on the same mount point (e.g. tmpfs).
*--options-mode* _mode_::
Controls how to combine options from _fstab_/_mtab_ with options from the command line. _mode_ can be one of *ignore*, *append*, *prepend* or *replace*. For example, *append* means that options from _fstab_ are appended to options from the command line. The default value is *prepend* -- it means command line options are evaluated after _fstab_ options. Note that the last option wins if there are conflicting ones.
@@ -521,9 +527,12 @@ The *rootcontext=* option allows you to explicitly label the root inode of a FS
Note that the kernel rejects any remount request that includes the context option, *even* when unchanged from the current context.
+
*Warning: the* _context_ *value might contain commas*, in which case the value has to be properly quoted, otherwise *mount* will interpret the comma as a separator between mount options. Don't forget that the shell strips off quotes and thus *double quoting is required*. For example:
++
____
+....
mount -t tmpfs none /mnt -o \
'context="system_u:object_r:tmp_t:s0:c127,c456",noexec'
+....
____
For more details, see *selinux*(8).
@@ -684,7 +693,7 @@ The _list_ is a comma-separated list of the filesystem names. The
automatic filesystem detection is triggered by the "auto" filesystem type or
when the filesystem type is not specified.
+
-Thy _list_ follows how mount
+The _list_ follows how mount
evaluates type patterns (see *-t* for more details). Only specified filesystem
types are allowed, or all specified types are forbidden if the list is prefixed
by "no".
@@ -1529,13 +1538,12 @@ Supported since util-linux v2.35.
For example commands:
....
-mksquashfs /etc /tmp/etc.squashfs
-dd if=/dev/zero of=/tmp/etc.hash bs=1M count=10
-veritysetup format /tmp/etc.squashfs /tmp/etc.hash
-openssl smime -sign -in <hash> -nocerts -inkey private.key \
+mksquashfs /etc /tmp/etc.raw
+veritysetup format /tmp/etc.raw /tmp/etc.verity --root-hash-file=/tmp/etc.roothash
+openssl smime -sign -in /tmp/etc.roothash -nocerts -inkey private.key \
-signer private.crt -noattr -binary -outform der -out /tmp/etc.roothash.p7s
-mount -o verity.hashdevice=/tmp/etc.hash,verity.roothash=<hash>,\
-verity.roothashsig=/tmp/etc.roothash.p7s /tmp/etc.squashfs /mnt
+mount -o verity.hashdevice=/tmp/etc.verity,verity.roothashfile=/tmp/etc.roothash,\
+verity.roothashsig=/tmp/etc.roothash.p7s /tmp/etc.raw /mnt
....
create squashfs image from _/etc_ directory, verity hash device and mount verified filesystem image to _/mnt_. The kernel will verify that the root hash is signed by a key from the kernel keyring if roothashsig is used.
@@ -1615,7 +1623,7 @@ The command *mount* does not pass the mount options *unbindable*, *runbindable*,
== ENVIRONMENT
*LIBMOUNT_FORCE_MOUNT2*={always|never|auto}::
-force to use classic mount(2) system call (requires support for new file descriptors based mount API). The default is *auto*; in this case, libmount tries to be smart and use classic mount(2) only for well-known issues. If the new mount API is unavailable, libmount can still use traditional mount(2), although LIBMOUNT_FORCE_MOUNT2 is set to *never*.
+force to use classic *mount*(2) system call (requires support for new file descriptors based mount API). The default is *auto*; in this case, libmount tries to be smart and use classic *mount*(2) only for well-known issues. If the new mount API is unavailable, libmount can still use traditional *mount*(2), although LIBMOUNT_FORCE_MOUNT2 is set to *never*.
*LIBMOUNT_FSTAB*=<path>::
overrides the default location of the _fstab_ file (ignored for suid)
generated by cgit v1.2.3 (git 2.39.1) at 2024-10-08 10:30:53 +0000