Candidates should be able to properly maintain a Linux filesystem using system utilities. This objective includes manipulating standard filesystems.
Key Knowledge Areas:
The following is a partial list of used files, terms, and utilities:
Resources: Bandel97 ; the man pages for e2fsck , badblocks , dumpe2fs , debugfs and tune2fs .
Good disk maintenance requires periodic disk checks. Your best
tool is
fsck
, and should be run at least
monthly. Default checks will normally be run after 20 system
reboots, but if your system stays up for weeks or months at a
time, you'll want to force a check from time to time. Your best
bet is performing routine system backups and checking your
lost+found
directories from time to time.
The frequency of the checks at system reboot can be changed with tune2fs . This utility can also be used to change the mount count, which will prevent the system from having to check all filesystems at the 20th reboot (which can take a long time).
The dumpe2fs utility will provide important information regarding hard disk operating parameters found in the superblock, and badblocks will perform surface checking. Finally, surgical procedures to remove areas grown bad on the disk can be accomplished using debugfs .
fsck
is a utility to check and repair a
Linux filesystem. In actuality
fsck
is
simply a front-end for the various filesystem checkers
(
fsck.
fstype
)
available under Linux.
Fsck is called automatically at system startup. If the filesystem is marked “not clean” , or the maximum mount count is reached or the time between checks is exceeded, the filesystem is checked. To change the maximum mount count or the time between checks, use tune2fs .
Frequently used options to fsck include:
-s
Serialize fsck operations. This is a good idea if you're checking multiple filesystems and the checkers are in an interactive mode.
-A
Walk through the
/etc/fstab
file
and try to check all filesystems in one run. This
option is typically used from the /etc/rc system
initialization file, instead of multiple commands for
checking a single filesystem.
The root filesystem will be checked first. After that,
filesystems will be checked in the order specified by
the
fs_passno
(the sixth) field
in the
/etc/fstab
file. Filesystems
with a
fs_passno
value of 0 are
skipped and are not checked at all. If there are
multiple filesystems with the same pass number, fsck
will attempt to check them in parallel, although it will
avoid running multiple filesystem checks on the same
physical disk.
-R
When checking all filesystems with the -A flag, skip the root filesystem (in case it's already mounted read-write).
Options which are not understood by fsck are passed to
the filesystem-specific checker. These arguments(=options) must not
take
arguments, as there is no way for fsck to be able to properly
guess which arguments take options and which don't. Options and
arguments which follow the
--
are treated as
filesystem-specific options to be passed to the filesystem-specific
checker.
The filesystem checker for the ext2 filesystem is called fsck.e2fs or e2fsck . Frequently used options include:
-a
This option does the same thing as the -p option. It is provided for backwards compatibility only; it is suggested that people use -p option whenever possible.
-c
This option causes e2fsck to run the badblocks(8) program to find any blocks which are bad on the filesystem, and then marks them as bad by adding them to the bad block inode.
-C
This option causes e2fsck to write completion information to the specified file descriptor so that the progress of the filesystem check can be monitored. This option is typically used by programs which are running e2fsck. If the file descriptor specified is 0, e2fsck will print a completion bar as it goes about its business. This requires that e2fsck is running on a video console or terminal.
-f
-n
Open the filesystem read-only, and assume an answer of “no” to all questions. Allows e2fsck to be used non-interactively. (Note: if the -c, -l, or -L options are specified in addition to the -n option, then the filesystem will be opened read-write, to permit the bad-blocks list to be updated. However, no other changes will be made to the filesystem.)
-p
Automatically repair ("preen") the filesystem without any questions.
-y
Assume an answer of “yes” to all questions; allows e2fsck to be used non-interactively.
The
mk2fs
command is used to create a Linux
filesystem. It can create different types of filesystems by
specifying the
-t filesystem
or by giving
the
mkfs.filesystem
command. Actually
mkfs
is a front-end for the several
mkfs.fstype
commands. Please read the mkfs man pages and section
the section called “Creating Filesystems”
for more information.
tune2fs
is used to
“tune”
a
filesystem. This is mostly used to set filesystem check
options, such as the
maximum mount
count
and the
time between filesystem
checks
.
It is also possible to set the
mount
count
to a specific value. This can be used to
'stagger' the mount counts of the different filesystems, which
ensures that at reboot not all filesystems will be checked at
the same time.
So for a system that contains 5 partitions and is booted approximately once a month you could do the following to stagger the mount counts:
tune2fs -c 5 -C 0partition1tune2fs -c 5 -C 1partition2tune2fs -c 5 -C 2partition3tune2fs -c 5 -C 3partition4tune2fs -c 5 -C 4partition5
The maximum mount count is 20, but for a system that is not frequently rebooted a lower value is advisable.
Frequently used options include:
-c max-mount-counts
Adjust the maximum mount count between two filesystem checks. If max-mount-counts is 0 then the number of times the filesystem is mounted will be disregarded by e2fsck(8) and the kernel. Staggering the mount-counts at which filesystems are forcibly checked will avoid all filesystems being checked at one time when using journalling filesystems.
You should strongly consider the consequences of disabling mount-count-dependent checking entirely. Bad disk drives, cables, memory and kernel bugs could all corrupt a filesystem without marking the filesystem dirty or in error. If you are using journalling on your filesystem, your filesystem will never be marked dirty, so it will not normally be checked. A filesystem error detected by the kernel will still force an fsck on the next reboot, but it may already be too late to prevent data loss at that point.
-C mount-count
Set the number of times the filesystem has been mounted. Can be used in conjunction with -c to force an fsck on the filesystem at the next reboot.
-i interval-between-checks[d|m|w]
Adjust the maximal time between two filesystem checks. No suffix or d result in days, m in months, and w in weeks. A value of zero will disable the time-dependent checking.
It is strongly recommended that either -c (mount-count-dependent) or -i (time-dependent) checking be enabled to force periodic full e2fsck(8) checking of the filesystem. Failure to do so may lead to filesystem corruption due to bad disks, cables or memory or kernel bugs to go unnoticed, until they cause data loss or corruption.
-m reserved-blocks-percentage
-r reserved-blocks-count
dumpe2fs prints the super block and blocks group information for the filesystem present on device.
-b
print the blocks which are reserved as bad in the filesystem.
-h
only display the superblock information and not any of the block group descriptor detail information.
badblocks is a Linux utility to check for damaged sectors on a disk drive. It marks these sectors so that they are not used in the future and thus do not cause corruption of data. It is part of the e2fsprogs project.
It is strongly recommended that badblocks not be run directly but it
is
to be called by using the
-c
option in
e2fsck
or
mke2fs
.
-o output-file
write the list of bad blocks to
output-file
.
With
debugfs
, you can modify the disk with
direct disk writes. Since this utility is so powerful, you
will normally want to invoke it as read-only until you are
ready to actually make changes and write them to the disk. To
invoke
debugfs
in read-only mode, do not
use any switches. To open in read-write mode, add the
-w
switch. You may also want to include
in the command line the device you wish to work on, as in
/dev/hda1
or
/dev/sda1
, etc. Once it is invoked, you
should see a debugfs prompt.
When the superblock of a partition is damaged, you can specify a different superblock to use:
debugfs -b 1024 -s 8193 /dev/hda1
This means that the superblock at block 8193 will be used and the blocksize is 1024. Note that you have to specify the blocksize when you want to use a different superblock. The information about blocksize and backup superblocks can be found with:
dumpe2fs /dev/hda1
The first command to try after invocation of debugfs , is params to show the mode (read-only or read-write), and the current file system. If you run this command without opening a filesystem, it will almost certainly dump core and exit. Two other commands, open and close , may be of interest when checking more than one filesystem. Close takes no argument, and appropriately enough, it closes the filesystem that is currently open. Open takes the device name as an argument. To see disk statistics from the superblock, the command stats will display the information by group. The command testb checks whether a block is in use. This can be used to test if any data is lost in the blocks marked as “ bad ” by the badblocks command. To get the filename for a block, first use the icheck command to get the inode and then ncheck to get the filename. The best course of action with bad blocks is to mark the block “bad ” and restore the file from backup.
To get a complete list of all commands, see the man page of debugfs or type ? , lr or list_requests .
The debugging tool for the ReiserFS filesystem. It has about the same functionality as debugfs but only for the ReiserFS filesystem.
The tuning tool for the ReiserFS filesystem. It has about the same functionality as tune2fs but only for the ReiserFS filesystem.
mkswap sets up a Linux swap area on a device or in a file. (After creating the swap area, you need to invoke the swapon command to start using it. Usually swap areas are listed in /etc/fstab so that they can be taken into use at boot time by a swapon -a command in some boot script.)
xfs_info shows the filesystem geometry. xfs_info is equivalent to invoking xfs_growfs with the -n option.
xfs_check checks whether an XFS filesystem is consistent. It is normally run only when there is reason to believe that the filesystem has a consistency problem.
xfs_repair repairs corrupt or damaged XFS filesystems. xfs_repair will attempt to find the raw device associated with the specified block device and will use the raw device instead. Regardless, the filesystem to be repaired must be unmounted, otherwise, the resulting filesystem may become inconsistent or corrupt.