Intro to Linux: File Systems, Permissions, and Hardware Fundamentals

Hello again everyone. So, for the past few years now I’ve really been getting more and more into working with Linux. I know that’s a broad statement… Linux is just about on every device you see these days; mobile phones, computers, laptops, tablets, supercomputers, refrigerators, cars, custom motorcycles… everything! And how many different distros are there? hundreds!

I won’t start any debates on how good or bad Linux is as a whole, or how Linux is as an overall Operating System… but I will go into how to use it, understand it, and operate it. This is the first part of many blogs I’ll be posting about how to use Linux, and we’ll start here with the file system. The reason why we’ll start with the file system is that it’s really the basis for everything you’ll be doing in Linux. I say that because Linux thinks everything is a file. Devices, files, folders… everything is a file. And everything can be referenced (pretty much) from the command line.

It was a toss up for me on whether to start with this or my next blog (the Bash shell). I mean, literally everything you do in Linux requires the file system or Bash, or both, to complete any task. But we’ll start here and build up from there.


Table of Contents


Before we really get going, I’ll need you to start the “Terminal” program on your Linux machine. If you’re on Red Hat (or one of its derivatives) it may look something like this:


What is a File System?

We won’t touch on any other Operating System here than Linux. Specifically, the Linux kernel really is the Operating System, but we’ll cover that in my third blog (Understanding the Linux Kernel and Processes). For now just realize that the Linux Kernel is the underlying Operating System that allows data to be pulled from the local hard drive, which hosts a file system, and run as a process.

From here on out when I refer to the Linux file system, I’ll be talking mainly about the EXT3 and EXT4 file systems. Don’t worry about what that means for now, we’ll cover that later.

The base directory in Linux, is referred to as the “root” directory of the file system and is generally expressed in text as a simple forward slash: “/”. Every file and folder from here is referred to as part of the “directory tree”.

To see all the objects in any directory, you can use the Bash shell command “ls”, which is short for “list”. This is what it looks like when you list the contents of my current Red Hat home directory:

This command was run with no “arguments”, it is just a simple command that is just asking for a listing of the files and folders that are in my “home” folder.

This next picture is a screenshot of what the exact same folder looks like with 3 command line arguments. The ‘a’ is for “all” (including hidden stuff), the ‘l’ is for a “long” listing, and the ‘h’ says that we want to see this in a “human” readable format.

As you can see, there is a lot more information here, specifically, info regarding a lot of info about the file system. We’ll start with the easy parts of this output. We’ll look at the file, “.bash_logout” for this example.

-rw-r--r--  1 serdman83 serdman83  176 Jan 27  2011 .bash_logout

The first serdman83 is my username, and the second one is the group. These represent the user and group that own the file. This is very important to understand that the user and group are two very different things. The username is tied directly to me, which you can probably figure out, and the group is my primary group. Your primary group normally is the same as your username (except in rare cases). We’ll talk more about that later in another blog.

The number “176” is a dynamic number. It’s the size in bytes of the file, and this file is quite small. As you can probably guess, this file was created on Jan 27, 2011, and obviously, the file name is “.bash_logout”. We’ll talk more about this file later, but try to remember what this “long” listing means.

All of this information, plus more, is all stored in the file system.



What is a terminal? According to Wikipedia, the definition of a terminal is, “The Linux console is a system console support in the Linux kernel. The Linux console was the first functionality of the kernel, developed as early as in 1991 (see history of Linux). On PC architecture, it is common to use VGA-compatible video hardware. Implementations of computer graphics on Linux are excluded from the scope of this article. Linux console, like pure text mode, uses monospace fonts.”

What’s all this mean? You’ve already seen a Linux terminal above. The Linux terminal is what you see when you’re working with the command line. It’s how you open files, view directories, run programs, etc…

But how do you use a terminal? Well, I’m going to cover that for you real quick here. It’s not going to be horribly in-depth, but we’ll do a 5 second intro.

The first and most important thing to remember is that if you get stuck in a terminal that you’ve made a bunch of changes to and it’s not working right, you can always just enter the “reset” command to return it to normal behavior.

There are also Control Sequences that can be passed to the Bash shell. These are most always entered with a key combination which includes the “Ctrl” (Control) key. We’ll cover a handful of the more popular control sequences that you’ll find yourself using.

Ctrl + C = Probably the most used control sequence you’ll use. This will terminate almost any program that is currently running. There are programs that are setup to ignore this sequence, but just remember that the vast majority of programs do not.

Ctrl + D = If you’ve entered a command that didn’t work, it may still be waiting for you to complete your input. Try a Ctrl+D to see if that completed the input. This control sequence is used to force complete a user input.

Ctrl + H = If, for some reason, your backspace key isn’t working, you can use the old Ctrl+H for single character backspace.

Ctrl + J = This command is an alternative to using the RETURN key. It’s just another way to perform a line feed.

Ctrl + L = This does the same thing as the “clear” command. It will clear or refresh the screen for you.

Ctrl + U = There are some commands that you can type into the Bash Terminal that can be very long. If for instance you realize you don’t need that command anymore, you can Ctrl+U to erase the whole line.

Ctrl + Z = This sequence is used for suspending a program. We’ll be talking about this later. If you suspend a program, you haven’t terminated it, it’s still running in the background.


Navigating the Filesystem

The Linux filesystem is actually really a simple concept. Every shell, or terminal, has a current working directory. Current working directory (cwd) is like saying, where am I at. Wouldn’t it be nice to see where you’re at though? We’ll you’re in luck, because Linux has come a long way. While most traditional versions of Linux were totally command line driven, modern versions are rivaling Windows and OSX in spectacular fashion. Without getting into what a window manager is in too great of detail, there are versions that are just as easy to work with as Windows XP, Windows 7 and Apple’s OSX.

In various versions of Linux, there are, I would say 3 main Window Managers. Gnome (and various forks of the original Gnome), KDE, and (Unity) only because of Ubuntu. There are many others out there, like XFCE, Enlightenment, Fluxbox, and LXDE, but we won’t be getting into those in these blogs. I personally like Gnome, probably because that’s what I started with so many years ago.

Here’s what some of them Look like:
Gnome 2.28
KDE 4.x
Ubuntu Unity

But in staying with the command line for the time being, you can view the directory tree quite easily. Below, I have shown what the output of the “tree” command looks like. For a text based output it shows you quite nicely what your directory structure looks like from your Current Working Directory. In this case my “cwd” was my home folder.

From the command line I can see that the “Desktop”, “Downloads”, “Documents”, and other folders are in my cwd. To go into those folders I can just “cd”, or Change Directory, and tell the Bash Shell, my Terminal, to go there. Like this:

In there, I’ve introduced two new commands, “cd” and “pwd”, as well as I’ve shown that Linux is CaSe SeNsItIvE… If I had typed, “cd documents”, the command would have failed because there is no “documents” folder. The folder is named, “Documents”. The cd command tells the Bash Shell that I want to move into a new directory, and “Documents/” is the directory I want to move into. “Documents/” is the command line ‘argument’ that I provided the program “cd”. You can issue the “cd” command with no arguments as well; it will take you where ever you are at back to your home directory. The “pwd” command is another program that has a sole purpose of “P”rint “W”orking “D”irectory. The “pwd” command takes no arguments.

This also brings to mind the relative and absolute paths that you can see in that screenshot. There is an absolute path, “/home/serdman83/Documents”, and a relative path, “Documents/”. The Absolute path is exactly where a object is based on where it is located from the root of the system. In this case the root of the system, as in all Linux systems, is “/”. So my Documents directory is located in “/home/serdman83/Documents”. Because I was already in my home directory, “/home/serdman83/”, I can tell the shell to move into the “Documents/” directory because relative to my “cwd”, “Documents” is a sub folder.


Other Important Directories

Lets talk about other important directories in the filesystem. We’ll start with the Root of the system, which is represented by a simple “/”. Root, not the username but the directory, is the holding section of the entire system. Everything you see will always come from the root directory because there is directory higher than the root directory. If you do a listing of the root directory, this is very similar to what you’ll see:

As you can see there are a lot of folders in here. Let’s talk about some of them. The first one we’ll talk about are the “/bin/ and “/sbin” directories. These directories are special because they hold almost all of the programs that run on a computer. The “/bin” folder holds the programs that normal computer users use, such as “ls”, “pwd”, etc… We’ll definitely cover more later. The “/bin” folder is supplemented by the “/usr/bin” folder also, which holds other programs that normal users can run. Any program that runs with no elevated rights can be put in these two folders. On the other hand, the “/sbin” folder holds many more programs that only the root user can run. It is supplemented with the “/usr/sbin” folder which holds many programs as well.

To make this easier, just remember that the “/bin” and “/usr/bin” folders hold programs that generally any user should be able to run. And the “/sbin” and the “/usr/sbin” folders hold programs that require elevated rights (such as the Root account) to run.

The next folder is the “/boot” folder. Generally, you’ll almost never go into this directory and store files. This directory holds information for booting the machine. In every Red Hat and Debian based machine I’m aware of, this folder holds the information for the Linux Kernel, the RAM Drive and some other configuration files such as the Grub boot loader.

“/Dev” is the next directory we’ll talk about. Similar to “/boot”, you’ll never save anything in this folder either. The purpose of this directory is to hold all the information about every single device that is attached to your computer. We’ll talk much more about this in another blog.

The next directory is “/etc”. This directory holds all the configuration data for all the programs and software that are installed on your Linux machine. You’ll most likely use this folder frequently if you’re planning on making changes to the way any software runs on your computer. Every single thing that runs or is installed in Linux can be modified with a configuration file. Windows is tied to the Windows Registry and the “C:\Windows\” directory for everything, while Linux uses the “/etc” and “/var” directories. There is no Linux Registry for security and stability reasons, but there are plenty of configuration files that offer the same functionality. We’ll be touching on this much more in the future blogs here.

Quickly, I’ll touch on the “/lib” directory, which holds all the library files on your computer. Any software that requires extra software libraries will be calling some file that resides in here.

The “/mnt” and “/media” folders are similar just because when Linux mounts a folder, network share, local USB drive, or CD/DVD drive, you’ll most likely find it in one of these two folders. If you’re virtualizing your Linux install, and you’re sharing folders with your host machine, those folders will appear in one of these two directories as well.

Next is “/tmp”. Just as you would expect, this directory is for temporary files. By default, any file that is put in here has a life span of 10 days. More accurately, if a file’s access date is 10 days or more, that file will be deleted. So if I create a file today, and don’t touch it for 10 days, Linux will automatically delete it after that. This is the only directory that you’ll find that anyone has rights to write to. By default, all other folders in a Linux system can only be written to by the Root user. The exception to that is every user’s personal home directory, and the “/tmp” directory.

The last directory we’ll cover here is the “/var” directory. If you’re hosting a web server, it’ll be in here. Your system mail is delivered here. Many things happen in this directory. You’ll find that many configuration files are also in here, but there are also log files, news group information (if it’s setup), ftp files that your machine is hosting and many other things too. We’ll talk much more on this in other blogs.

So you’re thinking, “dude, this is so boring, when are we going to get to the fun stuff?” And here’s my answer: “We’re there, you just don’t know it yet.”

All of this stuff is the core building blocks of Linux. If you understand this stuff at a good level, you’ll be so much better off using Linux in the long run.


How to Manage Files and Directories

We’ll touch first on redirection of output. The thing to remember here is that output in Linux defaults to the console. To redirect the output you use the “>” greater than or “<" less than signs. Here you can see that I've run the "pwd" command to print my working directory. I've them redirected my output to the pwd.txt file. Then I used "cat" (short for concatenate) to print the pwd.txt file back out to the screen. While this doesn't seem to be that important, you'll surely find it useful down the road.


We can now try to copy that file to a new directory. But first let’s create the new directory, then we’ll copy the file into it.


Let’s cover copying directories while we’re talking about copying.


As you can see, I listed my “newdir/”, then I copied my “newdir/” to another folder named, “newdir2/” and then I listed my current working directory recursively.

Now that we have two copies of the same “pwd.txt” we can delete one of them. So let’s go over how to remove directories too. In order to remove a file you use the “rm” command.

What if you wanted to move a file instead of copying it? How about renaming a file? Well, Linux doesn’t have a rename command, you just move a file to a new name. Like this.

Here you’ll see that I first Changed Directory (cd) into my “newdir/” directory, then I listed in Long format, all the files in human readable format of that directory. Then I moved the pwd.txt file into a new name (newpwd.txt). Following that I moved the newpwd.txt file back up one directory (to my home directory). Lastly, I showed what tab complete does by changing directories back to my home folder and issuing the “ls -alh” command again. But this time when I issued the “ls -alh” command, I typed the word “new” behind it, and pressed tab twice.


I hope I didn’t move too fast through that last screenshot. Changing directories backwards is easy because the Linux kernel understands two periods “..” as “go back one directory”. And the Tab complete is extremely useful because it will attempt to complete whatever it is you’re typing. Try it in almost any command, at almost any time. You’ll find it very useful.


Don’t get too hasty in moving files around though. Be absolutely sure that what you are doing is exactly right. In Linux, there is no “undo” function. If you move a file to a directory that contains a file with the same name you can overwrite, or “clobber”, the original file with the one you moved.


File Globbing and File Names

Unlike Windows, Linux files can contain just about every character on the keyboard. If you wrap a file name in single quotes (‘ ‘) you can use any of these characters in a file: ‘!@#$%^&*()_+-=\|][}{:;?><,.~`' In doing that you can cause a nightmare for developers and users of files with those characters in them. So while you can technically use those chars, I really recommend NOT doing so. One special char that I want to touch on here is the period (.). The reason why is that, like Windows and Mac, there can be files that are "hidden". In Linux, you can't really hide a file. There are no Alternate Data Streams (ADS) in the Linux File System, so a “ls -alh” will show you every file in a folder. But if you want to “hide” a file from a regular “ls” command you can start the file name with a period. Files like “.bash_history”, “.bashrc” and folders like “.ssh/” (all of these should be in your home directory), are not visible with a plain “ls” command.

Now we’ll talk about file globbing. This is really simple, and a really simple concept, but you need to understand the ramifications of what you’re doing. By using the asterisk (*), you can specify many files at the same time. And while we’re at it, let’s introduce “tab-complete” since they’re pretty similar.

Let’s see a screenshot of tab complete, then a screenshot of file globbing:

So as you can see in the first picture, the tab complete helps because I know there is a folder that starts with “lab” but I’m not sure exactly what it is. So if I type “lab” and then hit the “Tab” key twice I can see what other files and folders start with the letters “lab”.

The file globbing was nice because I wanted to move all the files and folders that start with “lab” into a folder called “all-labs”. I was able to do this as you can see.

File globbing is also nice to use when you have a folder with a ton of files in it and you’re looking for all the files that end in “.conf”. So to find them all, you could issue this command:

ls -alh *.conf


File Ownership

Before we get too much further, how a file can be managed by permissions as well as ownership.

Let’s first talk about Linux Users. All of the users for a system reside in the “/etc/passwd” file and in modern Linux (and UNIX) systems their passwords are managed in the “/etc/shadow” file. We’ll talk more about both of these files later, but you should at least know that these two files are extremely important.

As you well know, with any computer system, you log on with a username. The /etc/passwd file holds all the information about the user. As you can see from this screenshot there is a standard format to the file as well.

As you can see in the above screenshot, there are 7 columns in every single line item, and they are separated by colons (:). Let’s review these fields real quick.

Field 1 is your username. Pretty strait forward.
Field 2 is your password. But it isnt stored here. Remember, it’s in the /etc/shadow file, and the “x” designates that.
Field 3 is your user ID. When your account is created, you’re assigned a unique number. While it can be changed, it’s highly advisable not to.
Field 4 is your primary group ID. This is normally the same number as your user ID, but it can be different for special circumstances.
Field 5 is the GECOS field. It’s deprecated, meaning it’s not used anymore, but it needs to be there for backward compatibility. Normally it just holds the users full name.
Field 6 is for your home folder. It tell the Operating System where your home folder is located. For the VAST MAJORITY of the time, your folder will be a sub-directory of the “/home/” folder.
Field 7 is the shell that you’re assigned. Most of the time it’s the bash shell, but on other systems it can be others. We’ll talk about shells later.

As a NOTE on Field 7, if you see that a user or service has the shell “/sbin/nologin”, that user’s account is basically disabled.


As for the password field (field 2), whenever you change your password, the password is stored encrypted in the “shadow” file. You can change your password with the “passwd” command. See here:

I cheated a bit, because I’m lazy and don’t feel like changing my password, but you would be prompted for your current password, then your new password, then your new password again (just to make sure that you didn’t fat finger it).


I just mentioned that there is a system account. There are actually three different types of accounts: Normal User, System User and the Root User. They are different and in the case of the Root user, it is the user that has more privileges than any other user on the machine.

Normal user accounts and groups usually start their UID and GID numbers above the number 500, service accounts are usually below 500, and the Root user account is ALWAYS 0 (zero).


Groups in Linux

I mentioned groups and Group IDs above because part of the file permissions includes group permissions. You’re user account will always be part of at least one group: your primary group. We talked about your primary group in the last section, but now we’ll get into the secondary groups.

All the users on the Linux system you’re working on have the option of being placed into a secondary group, which is controlled by the “/etc/group” file. This file looks fairly similar to the “/etc/passwd” file, but it plays an entirely different role. Lets look at the “/etc/group” file and dig into what it does.

As you can see above, there are a lot of groups on the system. In total on my test box, you can see 106 groups defined. The file itself, like the “/etc/passwd” file, is comprised of many fields. While the “/etc/passwd” file has 7 fields, the “/etc/group” file only has 4.

Field 1 is the group name.
Field 2 is the group password. This field is rarely ever used. It is normally filled with an “X” just as a placeholder.
Field 3 is the Group ID, or GID. It’s always a whole integer value.
Field 4 is comprised of all the secondary groups that a user is also part of. Make sure this field always ends in a real group name. If it ends in a “,” you’ll be booting to recovery mode.

Overall, this is really all you need to know about Linux groups. It’s pretty easy, you’re either in a group, or you’re not.

So what if you’re not in a group that you want to be in? Lets say you want to be part of the “Motorcycle” group. First, if you have the password for the Root account, you need to log in as root, and then you can use the “usermod” and “groupmod” programs to modify your information.

The “usermod” program is very powerful. We’ll only touch on what it can do for groups here; we’ll cover the rest of it as we move forward.

The “usermod -g” will change the primary group membership for the user you’re changing (remember, the primary group is stored in the “/etc/passwd” file). The “usermod -G” will take a list of comma separated group names and overwrite the secondary group memberships for whatever user you’re referencing. And lastly, the “usermod -a” will take a list of comma separated groups and APPEND them to the already existing secondary groups for the user you are changing.

Not to get too in depth on this, we’ll move forward, but we’ll be back to this later.

File Owners

Now that you know what is needed about Users and Groups, lets talk about file ownership.

If you look at a file with a long listing, you’ll see that same information I showed you before:

serdman83 @ newstudent05 ~ :) ?> ls -alh
total 62244
drwxr-xr-x 11 serdman83 serdman83     4096 2013-04-22 12:27 ./
drwxr-xr-x  3 serdman83 serdman83     4096 2011-12-15 14:47 ../
-rw-------  1 serdman83 serdman83    24309 2013-06-14 17:23 .bash_history
-rw-r--r--  1 serdman83 serdman83      220 2011-12-15 14:47 .bash_logout
-rw-r--r--  1 serdman83 serdman83     3860 2012-11-09 15:16 .bashrc
drwx------  2 serdman83 serdman83     4096 2011-12-15 16:02 .cache/

As you can see, in here, you see my username listed twice. That’s actually not my username in the 4th field, it’s my primary group name.

Before we get to my username, lets look at the columns that are there.

The first column is the file permissions. It specifies what the owner, group and other permissions are for the file. We’ll cover this more in a minute.
The Second column is the number of hard links. We’ll get into file linking in a little bit as it is also very important.
The third column is the file owner. This output shows that I am the file owner.
The fourth column shows the group owner. In this case, my group is the owner of this file, but it could be changed to some other group.
The fifth column is the size of the file in bytes.
The Sixth and Seventh columns are the date and time the file was created.
The Eighth and final column is the file name.


User and Group Information

We’re going to cover some commands here that will help you down the road for system administration. First off, we’ll discuss information about the “whoami” command.

It’s pretty easy to figure out what it does. You issue the command “whoami” to the command line and Linux will tell you who you are.


So what if you know who you are, but you want to know what information there is about your user account? Or someone else’s account?

This is where the ID command comes into play. The “id” command has 4 arguments, and we’ll cover them here.

-g will tell you the the primary group for a user.
-G will tell you all the groups a user is part of.
-u will tell you the user’s UID number.
-n will tell you the user’s username or group name instead of just printing out the UIDs and/or GIDs.

Let’s see some examples:


So how do you know who to look up if you don’t want to look through all the user and group information held in the “/etc/passwd” and “/etc/group” files?

That’s easily done by just finding other users that are logged into a computer. You can do that with 3 other commands. Those commands are “users”, “w” and “who”.

The “users” command will output all the users logged into the system at the moment the command was issued.


Don’t let it deceive you if you see the same user logged on more than once. You can see more than one person logged in multiple times if they have multiple shells (terminals) open.

Next is the “w” command. As you can see below, it’s much more detailed than the “users” command. It also has a nice header to tell you what each of the columns are telling you. In addition to that, it tells you system up time, what users are currently logged in and it tells you the load averages on the CPU for the last minute, 5 minutes and 15 minutes.


The next command is the “who” command. It’s slightly different than the “w” command, but is equally important.


As you can see from the screenshot I’ve provided, there are multiple columns, but this time no header.

The first column is the username for who is logged in.
The second column is the terminal that they’ve logged in to.
The third and fourth column are the date and time that the user logged in.


Logging in as a Different User

The last thing I want to cover here is logging in as a different user. We’re straying away from actually talking about the file system, but I did bring up a couple things regarding the “root” account so I feel it’s only fair that I tell you how to log in as root (if you don’t already know).

It’s real easy actually. See below.


You can do that for any account you know the password for. You can “su” and then any account name you know is on the system.


File Permissions

Now that we’ve covered user identities, file ownership, groups, and all that stuff, let’s get back to the file system and file permissions.

There’s two way to control file system permissions for a file. The first way is called generic permissions. I call them generic because you’re using letters to map permissions. The other way is with Octal permissions. This is where you use numbers to modify the file permissions.

Let’s start by discussing what we’re doing here. Below is a folder called “newdir” and a file called “newpwd.txt”.

drwxrwxr-x. 2 serdman83 serdman83 4.0K May 13 17:14 newdir/
-rw-rw-r--. 1 serdman83 serdman83   16 May 13 16:59 newpwd.txt

Lets look at the file permissions before we look at the folder permissions.

The file permissions are “-rw-rw-r–“.

You will always see these 10 spaces filled with some characters.
The first character is a hyphon (-). The reason why is that it’s a file. You notice on the directory it’s a “d” (for directory).
The next three characters are “rw-” These are the permissions associated with the owner of the file. It means the owner (a user) is allowed to read and write to the file, but can’t execute or run the file.
The next three characters are also “rw-“. These permissions are associated with the group of the file. This means that the group that owns the file is allowed to read and write to the file, but again, cant execute it.
The next three characters are “r–“. These permissions are Everyone else. This means that anyone else is allowed to read the file, but can’t write (or change) or execute the file.

I need to cover that first column better so that you know what you’re looking at here. Below is a table of the possible characters that you’ll see in the first character’s position.

Regular File             -      Storing data
Directories              d      Organizing files
Symbolic Links           l      Referring to other files
Character Device Nodes   c      Accessing devices
Block Device Nodes       b      Accessing devices
Named Pipes              p      Interprocess communication
Sockets                  s      Interprocess communication


After the first bit you will always, always, always, have the options of read, write and execute, for each of the Owner, Group and Other of a file.

Let’s say that you want only yourself to be able to read and modify a file, the permissions would look like this, “-rw——-”

Let’s say you want you and the group to be able to read and modify a file, but nobody else… the permissions would look like this, “-rw-rw—-”

Here’s a graphic I found at Oracle’s website and then doctored up for understanding this.


You’re probably wondering why I have the “421 421 421” and the “7 5 0” on there too.

The reason why is that when you look at binary, the first three positions are 1, then 2, then 4 (binary is read right to left). If you add up the values that are present in a file’s permissions, you’ll end up with a value between 0 (represented by a hyphon (-)) and 7. The Read position is 4, the write position is 2 and the execute bit is 1. And if you add up the three positions, you’ll find a number between 0 and 7.


Using CHOMD to Change File Permissions

So that’s great, now that we understand what the permissions look like after they’re set, you’re probably wondering how to change them.

This is where CHMOD comes into play.

As I said before, “chmod” (a program that stands for “CHange MODe”) takes different types of arguments. The first type is what I call generic. Personally, I never use this. I always use the second type of argument, Octal. But lets look at what we have here:

u    user
g    group
o    other
a    all
+    add
-    remove
=    set
r    read
w    write
x    execute

Now that we know what types of abilities we have, lets test this stuff out and change some permissions.

Below, you see a whole list of commands you can run for “chmod” with the effective permissions at the end. We’re working with an imaginary file named “linux.dat”. Make sure to look at the file’s starting permissions and ending permissions.

serdman83 @ newstudent05 ~ :) ?> ls -l linux.dat
-rw-rw-r-- 1 serdman83 serdman83 42 Apr 15 12:12 linux.dat

chmod arguments                       result of command                     effective permissions
chmod o-r linux.dat         remove readability for others                   rw-rw----
chmod g-w linux.dat         remove writability for group                    rw-r--r--
chmod ug+x linux.dat        add executability for user and group            rwxrwxr--
chmod o+w linux.dat         add writability for other                       rw-rw-rw
chmod go-rwx linux.dat      remove readability, writability,
                            and executability for group and other           rw-------
chmod a-w linux.dat         remove writability for all                      r--r--r--
chmod uo-r linux.dat        remove readability for user and other           -w-rw----
chmod go=rx linux.dat       set readability and executability but no
                            writability for group and other                 rw-r-xr-x


I hope you can see from this output that you can effectively change permissions for any file using this technique. Test it out on your own and see what you can do!


Now lets talk about Octal permissions. I think Octal is easier, but maybe that’s because I use it all the time, and I rarely ever use the other method.

With Octal you can specify permissions for entire folders of files as well as individual files. I believe it’s more powerful, and easier to script with octal notation. As we saw in the graphic before, you have User, Group and Other permissions. Lets look at that again:


750 isn’t actually, seven hundred and fifty. It’s 7-5-0. the 7 means that the owner user is allowed to Read, Write and Execute the file. The 5 means that everyone in the group that owns the file is allowed to Read and Execute the file. And if you’re not the owner or in the owner group, you aren’t allowed to do anything with the file.

664 would mean that the owner has read and write permissions, the group has read and write permissions and everyone else has read permissions.

Now, lets look at the “chmod” command with octal notation. Remember that with the other way of changing file permissions you have to calculate what the current file permissions are, and then figure out what your command should add or remove. Here, with Octal notation, you don’t have to worry about how to change the permissions, you just have to figure out what the end result should be. We’ll use the same chart as we used above.

serdman83 @ newstudent05 ~ :) ?> ls -l linux.dat
-rw-rw-r-- 1 serdman83 serdman83 42 Apr 15 12:12 linux.dat

chmod arguments             effective permissions
chmod 660 linux.dat         rw-rw----
chmod 644 linux.dat         rw-r--r--
chmod 774 linux.dat         rwxrwxr--
chmod 666 linux.dat         rw-rw-rw
chmod 600 linux.dat         rw-------
chmod 444 linux.dat         r--r--r--
chmod 260 linux.dat         -w-rw----
chmod 655 linux.dat         rw-r-xr-x

Make sense?


Changing Ownership of Files

Well that’s great, we can now work on files permissions and we understand how to interpret long listings of files using the “ls -alh” command. Now let’s look at changing ownership of files.

We know that there are two owners. There’s the actual User that owns a file, and there is the group who owns the file. There always has to be both.

With the “chown” command, you can either change the owner of one file or directory, or you can add in a “-R” and change all the files and folders recursively (starting with everything in your current working directory). Be very careful, you may have some unintended consequences by using the “-R” argument. Make sure you understand what you’re doing.

So lets look at some examples.

Below you see that I have changed the ownership of a file from me to root. See here that I was logged in as Root to do that.


On this screenshot below I showed the use of the “-R” so that I could change the ownership of the whole “all-labs” directory and all the files and folders below them.


Changing Group Ownership of Files

Now that we know how to change the ownership of a file, how about changing the group owner of a file? That is done in the exact same way as the “CHOWN” command, but instead of “chown”, we’ll use “CHGRP” (which is short for CHange GRouP).

Below, I changed the group owner from my personal group, to the Root group.

And here, I showed how to use the “-R” for recursion.


File System File Information

Before we go any further, we need to touch on some information that I brought up before. As you can see below, I’ve created a new file by echoing some data into it. The first line started the file, and the three following lines added to it. Then I showed a long listing of the file to show you that information.

If you notice, my file is 23 bytes in size, which is the Data portion of the file. There is also metadata for the file; the owner, group owner and permissions on the file. You don’t see it here, but there is other data about the file too, such as the creation data, modify data and read date. The last piece of info is the file name, commonly referred to as a “Dentry”, which is a combination of the file name and the “Inode” that it refers to.

Inode is a new word here, as well as Dentry. As I said before a Dentry is a combination of the filename and the Inode. The Inode is the file’s meta data and holds a reference to the file’s Data. Those three things are what makes up a file. I hope I explained that so you can understand. Just remember that a file will always have those three things: Inode, Dentry and Data.

As I mentioned before, an Inode contains information about what a file is. As I mentioned before, everything in Linux is a file, just that there are different types of files. Here are the different types of files that you’ll see in Linux:

Regular File             -      Storing data
Directories              d      Organizing files
Symbolic Links           l      Referring to other files
Character Device Nodes   c      Accessing devices
Block Device Nodes       b      Accessing devices
Named Pipes              p      Interprocess communication
Sockets                  s      Interprocess communication

You must remember that an Inode carries the File Type (as mentioned above), the owner and group owner of the file referenced, the times about the file (atime (access/read time), mtime (Last Modified time) and ctime (Last time the Inode information was changed)), the file length (measured in bytes) and the total amount of disk space the file uses, and lastly the link count (which we’ll talk about in the next section).


File System Linking: Difference between Hard and Soft Links

Now we’re going to talk about file linking. Just how Windows and Mac have links, so does Linux. Windows has shortcuts on the desktop (ruined by the Windows 8 UI) which are similar to links in Linux.

In Linux, there are two different kinds of links: Hard and Soft. Lets dive in and look at the difference and how you can apply them in your Linux box.

Hard Links can be used when the same file needs to be located in two different locations. Lets say there is a program that runs, that needs to see a configuration file that is located in another folder for a different program. Instead of keeping the file up to date, and replicating the changes in two different spots, you could create a hard link. Every time the configuration file is updated in one location, the changes are automatically seen in the other. The other benefit to this is if the config file is referenced by one program as “program1.conf” and the other program see’s the file as “other-program.conf” I know, this is a bad example, but stay with me here.

So the file is created for the first program in “/etc/new-program/program1.conf”. It’s just a regular file on the system’s hard drive. Let’s pretend that the file I just created in the last section (newfile-test.dat) is this program1.conf file. Now we’ll create a hard link to the file to pretend that the file is in a different location.

You can create a hard link by using the “ln” command. It’s very similar to the way that the Move command “mv” works. See here how I’ve done it:

Always remember when making links, the rule of thumb is,

"ln" <spacebar> real-file-name <spacebar> linked-file-name


Soft links are very similar to hard links. The difference between them is what happens when they are deleted. Lets look at Soft Links first, then we’ll talk about deleting them.

Soft Links can be created very similarly, but the difference is the underlying structure of the link. A soft link, or symbolic link, is like your shortcut on the desktop of your Windows box. When you create a soft, or symbolic, link, you’re just putting a file in the location that you want it, that points to the real location of the file. Let me show you:

As you can see, I created a file as root in my home folder and then created a symbolic link to that file that is named “linked-newfile.dat”.

Now that you see how to create hard and soft links, let’s talk about the differences, and why they matter.

With soft links, if I delete the source (original) file, then the link is dead. That is called a dangling link. The linked file still exists, but it’s not linked to anything. That can’t happen with a hard link because the file exists in two locations.

The other issue is, lets say I create a link to a link. And the first link references the second link, and the second link refers to the first. That’s an infinite loop and it’s called a recursive link. Unless you’re trying to wreak havoc on your machine, it’s pretty hard to do, but it is possible.

Hard Links                                                     Soft Links
Directories may not be hard linked.                            Soft links may refer to directories.

Hard links have no concept of "original" and "copy".           Soft links have a concept of "referrer" and
                                                               "referred". Removing the "referred" file results in a
Once a hard link has been created, all instances               dangling referrer.
are treated equally.                                          

Hard links must refer to files in the same filesystem.         Soft links may span filesystems (partitions).

Hard links may be shared between "chroot"ed                    Soft links may not refer to files outside of a
directories.                                                   "chroot"ed directory.


Linux File Systems, Disks and Mounting Them


Before we get into mounting disks, we need to look at how Linux looks at Disks. As we mentioned in the section named, “Other Important Directories”, there is a directory named “dev” at the root of the file system (/dev). That is where you’re going to find all the disks located by default. But that’s not how you access the data on the disk.

Before we talk about how to access the data on a disk, we need to talk about some other stuff.

Disks are devices within your computer system, and if you look at the long listing of the /dev directory, you’ll see something interesting.

As we mentioned above, there is an object that is a “block level device” in Linux, and that is a hard disk. Most of your systems these days deal in Sata devices, so that’s why we see “sd”. If it were and IDE Hard Drive, you would see “hd” there. If you saw a floppy disk, it would start with an “fd”. And if you saw a CD-Rom device, you would see a “cdrom”. Pretty strait forward.

But why is there “sda” and “sda1” and “sda2” (and so on) in there? Those are all significant in their own way and we’ll cover what all of that stuff means.

I’m not going to get too granular here, but I will say that the main thing you need to understand here is that by default no one but the Root account and the “Disk” account on your Linux box have access to do anything in this folder. That’s really important because accessing data on these devices shouldn’t be allowed to just anyone. If someone wants to access the data, they will have to see where the disk is mounted to and then see if they are allowed to write data to the mounted area.

Before a disk can be mounted, it must have been formatted with a file system…


File Systems and EXT4


What’s the big deal about File Systems? Well, the big deal is that without a file system, you wouldn’t be able to store data logically on a disk, you wouldn’t be able to easily recall that data later, and you wouldn’t be easily able to search for data on that disk.

A file system provides a template of “blocks” where the Operating System is allowed to store data. The default file system on Linux is the EXT4 File System. EXT stands for Extended, and the number 4 is the version number. So EXT4 is the fourth extended file system. It supports a lot of options that I’m not going to get super deep into here, but you can read all about it on other websites.

Essentially, before a disk can be used in Linux, it must have a file system setup on it. In Linux, this is really easy to accomplish. There are many GUI tools out there, such as GParted, but the one I’m going to cover here is the “mkfs” command line toolset. I say toolset because there are actually many “mkfs” programs in the /sbin/ directory.

You must be logged in as “root” in order to use the “mkfs” program (remember “su root”), otherwise it won’t work properly and throw errors that you may not be expecting. The programs all live in the “/sbin” directory, and if you recall, the /sbin directory is where all the programs live that only Root is allowed to run. Let’s look at the mkfs programs:

As you can see above, there are many different file systems that Linux is able to make.


Mounting File Systems and Viewing Mount Points

Since we have the ability to make filesystems, now let’s mount them!

As you may or may not know, the “mount” program is used to mount filesystems. But how do you see the partition you’ve mounted? There are no drive letters like in the Windows world.

Filesystems and partitions are actually quite simple in Linux. Recall that the root of the filesystem is always in “/”. So whenever you mount a filesystem, you mount it to a folder that is somewhere in the root of your drive. In many single Operating System desktops, you wouldn’t normally have multiple partitions in your filesystem. But in more advanced systems, there could literally be over a dozen partitions, and the end user wouldn’t know.

In my system, I actually separate out many partitions so that I can easily upgrade or migrate Operating Systems. This makes it especially easy when you move your home folder to a new machine. Imagine if the “/home” directory was actually a different Hard Drive that was automatically mounted upon the system booting. This way if you reinstalled your Linux OS, say to a different one all together (Maybe you were switching from Fedora to Ubuntu, or Debian to SUSE Linux), you could keep all the data in your “home” folder intact while reloading your OS.

That “/home” folder would be considered a mount point. You can see your mount points by just issuing the “mount” command at the terminal.

As you can see above, the mount command gives some good information to the end user. You can see that there is a single hard drive in my machine (it’s a virtual machine, but its all the same), and it is “/dev/sda”. On that disk, you can see that there are two partitions that are mounted: sda1, mount point is “/boot”; sda2, mount point at “/” (root partition).

There are some other mount points listed here. For instance, the CDROM is mounted at “/media/RHEL_6.1 x86_64 Disk 1”.

In most Linux distributions CD or DVD Rom devices are mounted in either the “/media” directory, or in the “/mnt” directory. Just from habit, I normally mount devices (DVDs, CDs, USB drives, etc..) in the “/mnt” directory.

Some people say that it’s easier in Windows to view disk drives through the “My Computer” icon that is on the desktop. In Linux it’s really easy too. The “df” command will tell you everything you want to know about your disk’s free space. Let’s take a look at what that looks like. When I use the “df” command I normally append an “-ah” on the back so that I can see everything in human readable format. But let’s look at both here:

AS you can see, the DF command can come in very handy. Also, as I said before, I almost always use “df -ah” because it’s normally the information I’m looking for. Play around with the other options though, you may find them useful.


System Hardware

As long as we’re on the subject of hard drives, why don’t we slide right into system hardware? It’s not really filesystem related but, we might as well cover some things such as… information about the hardware in your computer.

If you’re on a machine that you’ve never used before, you can find out what hardware is in it with a few different commands, and looking at a couple different log files.

When a Linux system boots, many times you’ll see a bunch of messages that the system is processing. There are portions of the hardware starting up, drivers being activated, network interfaces being brought up, services starting and many other tasks as well. All of these messages are produced by the Kernel, and they are logged in a file called “dmesg” which is located in the “/var/log/” directory. This file is different than many other logs in that it only can grow to a certain size, and it is wiped clean on every boot so you can only see logs since the most recent boot.

According to Henry’s blog site, the default size is 32K, which can be changed in a couple ways if you so choose. I don’t particularly see the need for that, but check out his blog if you want more info on that.

The dmesg log (also referred to as a buffer) can offer a lot of insight into what hardware is installed in your computer. Go ahead and check it out!

To view to contents of that log you can either “cat /var/log/dmesg” or you can just issue the “dmesg” command to the command line. Pending what version of Linux you’re using, you may need to run that as “root” or “sudo” the command.

steve @ mintdebianvm ~ :) ᛤ>   sudo cat /var/log/dmesg
[sudo] password for steve:
[    0.000000] Initializing cgroup subsys cpuset
[    0.000000] Initializing cgroup subsys cpu
[    0.000000] Linux version 3.2.0-4-amd64 ( (gcc version 4.6.3 (Debian 4.6.3-12) ) #1 SMP Debian 3.2.32-1
[    0.000000] Command line: BOOT_IMAGE=/boot/vmlinuz-3.2.0-4-amd64 root=UUID=6336df47-4713-4fe1-8327-93cbc721c8ef ro quiet
[    0.000000] BIOS-provided physical RAM map:
[   10.620051] Bluetooth: BNEP (Ethernet Emulation) ver 1.3
[   10.620051] Bluetooth: BNEP filters: protocol multicast
[   10.624155] Bluetooth: RFCOMM TTY layer initialized
[   10.624155] Bluetooth: RFCOMM socket layer initialized
[   10.624155] Bluetooth: RFCOMM ver 1.11
[   10.692260] lp: driver loaded but no devices found
[   10.825230] ppdev: user-space parallel port driver
[   10.972943] e1000: eth1 NIC Link is Up 1000 Mbps Full Duplex, Flow Control: RX
[   10.976905] ADDRCONF(NETDEV_UP): eth1: link is not ready
[   10.972943] ADDRCONF(NETDEV_CHANGE): eth1: link becomes ready

As you can see above, the file is pretty long. My dmesg buffer is over 400 lines long. For some Linux boxes that’s short… for others it’s long. It all depends on what the system is doing, and what software and hardware you have installed.


Another way to see what hardware is in your computer is to look at the Hardware Abstraction Layer. There is a process that runs on every single Linux box named, “hald”. This is the Hardware Abstraction Layer Daemon. You can actually query the “hal daemon” with a command: “lshal”, short for “list hal”. Check out the command below and try it on your computer too.

steve @ mintdebianvm ~ :) ᛤ>   lshal

Dumping 64 device(s) from the Global Device List:
udi = '/org/freedesktop/Hal/devices/computer'
  info.addons = {'hald-addon-cpufreq', 'hald-addon-acpi'} (string list)
  info.callouts.add = {'hal-storage-cleanup-all-mountpoints'} (string list)
  info.interfaces = {'org.freedesktop.Hal.Device.SystemPowerManagement'} (string list)
  info.product = 'Computer'  (string)
  info.subsystem = 'unknown'  (string)
  info.udi = '/org/freedesktop/Hal/devices/computer'  (string)
  org.freedesktop.Hal.Device.SystemPowerManagement.method_argnames = {'num_seconds_to_sleep', 'num_seconds_to_sleep', '', '', '', 'enable_power_save'} (string list)
  org.freedesktop.Hal.Device.SystemPowerManagement.method_execpaths = {'hal-system-power-suspend', 'hal-system-power-suspend-hybrid', 'hal-system-power-hibernate', 'hal-system-power-shutdown', 'hal-system-power-reboot', 'hal-system-power-set-power-save'} (string list)
  org.freedesktop.Hal.Device.SystemPowerManagement.method_names = {'Suspend', 'SuspendHybrid', 'Hibernate', 'Shutdown', 'Reboot', 'SetPowerSave'} (string list)
  org.freedesktop.Hal.Device.SystemPowerManagement.method_signatures = {'i', 'i', '', '', '', 'b'} (string list)
  org.freedesktop.Hal.version = '0.5.14'  (string)
  org.freedesktop.Hal.version.major = 0  (0x0)  (int)
  org.freedesktop.Hal.version.micro = 14  (0xe)  (int)
  org.freedesktop.Hal.version.minor = 5  (0x5)  (int)

steve @ mintdebianvm ~ :) ᛤ>   lshal --help
lshal version 0.5.14

usage : lshal [options]

    -m, --monitor        Monitor device list
    -s, --short          short output (print only nonstatic part of udi)
    -l, --long           Long output
    -t, --tree           Tree view
    -u, --show <udi>     Show only the specified device

    -h, --help           Show this information and exit
    -V, --version        Print version number



You’ll also notice a filesystem mounted on your machine named “/proc”. This is an interesting virtual directory. It, too, is much like the “dmesg” log, in that it is wiped clean on every boot. The purpose of the /proc filesystem is to hold information generated and used by the Kernel. If you do an “ls -alh” on the “/proc” directory, you’ll notice many folders named with only numbers. You’ll notice quickly that if you issue the command, “ps aux”, that those numbered folders directly correspond to the Process ID (PID) number of every process running on your computer. Web Browsers, Terminal sessions, etc… everything running is issued a PID, and every process has a folder in /proc with information about that process.

You’ll also notice that there are a ton of files in there too. Let’s examine some of them!

As you can see above, there are many files in there. I couldn’t fit all of them neatly into a screenshot, but you can look at them on your computer.

The one I thought you may be interested in was the “uptime” file. As you can see, the file outputs in seconds, how long the system has been up and running. My test system has been up for

Let’s look at a couple more files:

As you can see here, I am showing the “cpuinfo” and “meminfo” files. Both of them show some good details about the CPU and Memory installed in the system we’re using here.


Disk and USB Information

There is also information you can find about Hard Drives and USB devices. We’ll start with USB devices. Issue the “lsusb” command on your computer and look at the output.

steve @ mintdebianvm ~ :) ᛤ>   lsusb
Bus 001 Device 001: ID 1d6b:0001 Linux Foundation 1.1 root hub
Bus 001 Device 002: ID 80ee:0021 VirtualBox USB Tablet

As you can see from the output, there aren’t many USB devices on my local computer. On my Red Hat test server, there was actually nothing to report, which is why I showed the output from my Debian box.

Now lets look at the “/proc/scsi/” folder. Since I don’t know anyone who uses IDE drives anymore, I’m not going to cover that. SATA is pretty much the defacto standard for laptop and desktop systems these days. See below for some of the outputs.

There are only a couple files and sub directories in the “/proc/scsi” directories, but they are valuable knowledge for a system administrator looking to gain knowledge about the hard disks in the system.


PCI Devices and Resources

As you most likely have noticed, the “lspci” command is much like the “lsusb” command. It is a listing of all of the PCI Devices within the system you’re working on. It’s pretty strait forward, so I won’t spend much time here.

Notice in the screenshot above the devices in my test server.

Going back to the “/proc” virtual filesystem, there is a file that tracks IRQs, or Interrupt Request Lines. An IRQ is used by the hardware in your computer to get the attention of the CPU. According to WikiPedia, “… on the Intel 8259 family of PICs there are eight interrupt inputs commonly referred to as IRQ0 through IRQ7. In x86 based computer systems that use two of these PICs, the combined set of lines are referred to as IRQ0 through IRQ15. … Newer x86 systems integrate an Advanced Programmable Interrupt Controller (APIC) that conforms to the Intel APIC Architecture. These APICs support a programming interface for up to 255 physical hardware IRQ lines per APIC, with a typical system implementing support for only around 24 total hardware lines.”

If you’re running a multi-processor system, you’ll notice that there are a set of IRQs for each processor. My system only has 1 CPU so I only have one set of IRQs. You’ll also notice that IRQ 0 (zero) is always running the timer service. The reason for this is that your CPU needs to time slice every process in order to process all the information that your system is computing. The timer runs at a guaranteed rate of 1000 interrupts per second.

If you want more information about IRQs, WikiPedia has a great write-up on the subject and you can learn more about them there, but for this discussion this is about as much as you need to know.

The file I was speaking of earlier was “/proc/interrupt” and if you view it, you’ll be able to see all the IRQs and what they are tied to on your system.

There is also a file for memory information. Back in the day, RAM was in high value and hard to come by in large quantities in desktop computers. These days, just about every peripheral in your computer probably comes with it’s own memory buffer. And Linux needs to know how to handle that memory, what drivers are using memory, and how data will flow through that memory.

As you can see below, that memory is mapped in the “/proc/iomem” file.


How Filesystems Manage Devices

As I stated earlier in the File System File Information section, everything is a file. Linux needs to use a device, it calls a file. Linux needs to write data to a hard disk, it writes it to a file. Linux needs to post data to your terminal, it writes it to a file (stdout). Everything is a file.

There are virtual consoles in your system as well. These virtual consoles can be accessed by using your “Ctrl” + “Alt” + F# (where # is a number 1-8 by default. So if you press “Ctrl” + “Alt” + “F6” your screen will turn black, and then a prompt will appear waiting for you to log in. Then you need to press “Ctrl” + “Alt” + “F4” to get back to your desktop, which is just another virtual console but is running a service called “” which is what displays your GUI.

Regardless, all of those virtual consoles are actually just files. Strange, maybe, but try to echo some text to “/dev/tty6” and see what happens when you look at virtual console 6.


I hope this is a convincing fact to show you that everything is a file. We just “echoed” text into the file “/dev/tty6” and it showed up on the VC6 screen.


Again, going back to what I said before, everything is a file, just that there are different types of files. Here are the different types of files that you’ll see in Linux:

Regular File             -      Storing data
Directories              d      Organizing files
Symbolic Links           l      Referring to other files
Character Device Nodes   c      Accessing devices
Block Device Nodes       b      Accessing devices
Named Pipes              p      Interprocess communication
Sockets                  s      Interprocess communication

The two that we are going to work with now are Device Nodes and Character Device Nodes. As you see from the table above, they both deal in accessing devices. But How?

We’ll cover Block Devices first because we’re talking about hard drives. You’ll notice that any hard disk in your system, such as “/dev/sda1”, is a block level device. That means that information is transferred to and from the device that file is “attached” to in groups, or blocks. Another important fact to block level devices is that the Linux drivers allow for random access to the device, as opposed to sequential access. This is a huge benefit. Could you imagine if your computer had to read all the data on the drive before being able to pull a file located at the very end?

As for Character devices, these have to do with things like keyboard input and output, such as the virtual console (or virtual terminal) that we just “wrote” data to in the example above. Another type of Character Device would be a printer.


We’re getting there… slowly but surely! We’re on the home stretch, so lets finish this up with the last part of file system management, disk partitioning and encryption!!


More on Partitions

As I mentioned before, Linux sees hard disks through block devices that you can list in the “/dev” directory.

To expand on this, lets look at the screenshot I have for “sda” again:

As you can see from the screenshot, there is a device referred to as “/dev/sda”. That is one disk in the machine. If there was another, it would be “/dev/sdb”, and then, “/dev/sdc”, and so on.

The partitions are listed after that. You can see there are multiple partitions on “sda”, and they are “/dev/sda1”, “/dev/sda2”, and “/dev/sda3”. Using the “mount” command you can see that those three partitions are mounted to “/boot”, “/” (root), and “swap”, respectively. We’ll talk about swap space here in a bit.


Disk Partition Alignment

Every disk has something called a Master Boot Record, or MBR for short. This tells the disk exactly where certain things are located on the disk, such as the Bootloader and the Partition Table.

The Bootloader only exists on disks that are marked as bootable. The Bootloader is a low level executable that the BIOS transfers control to upon its boot cycle, and then the bootloader passes control of the boot to the partition for which an operating system is present on.

Sixty four (64) bytes of the MBR is reserved for the partition table. The partition table is just like a map, and holds information as to where partitions on the disk start and stop. 64 bytes isn’t a lot of room, which is why there is a limit to how many partitions are allowed to be made on the disk. Disks are only allowed to have 4 primary partitions.

There’s a way to get more partitions on your disk though, using “Extended Partitions”. This has been around for many years and is a genius way to fit more partitions on a disk. According to DOS partitioning, you can pick any one of the 4 partitions as an Extended Partition. This Extended Partition can be thought of as a container for other partitions that are referred to as “logical partitions”.

There is a program that you can use to alter or view partition information. That program is “fdisk”. You must be root to run the program because it queries the disks in your machine at a low level that normal users don’t have access to. Many times you’ll see people call the “fdisk” program in one of two ways:


The reason for the “fdisk -cul” is that the “c” disables some old DOS compatibility that isn’t required anymore, and the “u” prints out the information in the number of sectors, as opposed to the number of cylinders. Back in the day, and even back in OpenBSD versions 3.6 or 3.8, I remember having to partition disks by specifying the number of Cylinders, Heads and Sectors. These days, it’s so much easier… you can specify size in a variety of ways, such as K for Kilobytes, M for Megabytes and G for Gigabytes.

But we’re not even at that part yet. So let’s keep moving!

In the output of the last screenshot you can see a lot of information. You can see the total size of “sda” is 6442MB. You can see that there are three partitions on “sda”. You can see that there is a second disk in the system (sdb) that is just about 1GB in size and it has 7 partitions.


Making New Partitions

With “fdisk” you can also specify new partitions. I’ll do my best in describing this…

To start the “fdisk” utility, you need to call “fdisk” with a few arguments. See my screenshot below:

Now that we’re inside the fdisk editor, you can do a lot of damage if you’re not careful, so… be careful!

As you can see, I told fdisk that I want to edit the disk “/dev/sdb”. The first thing I want to do is look at the partition table.

So press “p” and then on the keyboard to show the partition table.

In this case, I don’t want any of these partitions on here, so I’m going to delete them all. Lets see what that looks like:

As you can see, now we have disk “sdb” with no defined partitions on it.

Now that we have an empty disk, let’s create some new partitions to see what that looks like.

As you can see from that screenshot, I chose “n” for new partition, then “p” for primary partition, then “1” for the first partition in the disk. Then I specified “+200M” to say, I want the Partition to be 200 Megabytes in size. after that, I printed the partition table again for you to see the new partition.


Making New File Systems

Now that we’ve got new partitions we can go back to our discussion on File Systems and EXT4. So just to clarify, now that we actually have a partition, you still can’t store data on there yet. Well… you could, but you wouldn’t be able to retrieve it very easily. You have to give your new partition a valid file system. The one that is pretty much the Linux standard these days is the EXT4 filesystem, so that’s the one I’ll show you how to use.

The EXT4 file system is the predecessor to the EXT3 and 2 file systems. Those file systems used what is referred to as “block mapping scheme”. The EXT4 file system now uses “extents” and also adds journaling to a long list of other add-ons, improvements and scalability.

EXT4 also supports huge file sizes (around 16TB or 16 Terabytes), huge file system sizes (1 Exabyte, which is 1024PB (Petabytes). A Petabyte is 1024TB (Terabytes). A Terabyte is 1024GB (Gigabytes)).

As we spoke about before, there are many things a file system provides. The first thing we spoke of was the structure of the file system. There is the root of the file system that is located at “/” and every folder, file, and device is located below that. And since Linux looks at everything as a file, we can also recall that every file has a number of attributes including an “Inode”, a “Dentry” and the data. We covered these words in a previous section, but you really should know and understand the meaning, so lets cover them again:

  • Inode: is a location to store all of the information, or metadata, about a file. Well, at least most of the metadata about a file. The Inode doesn’t store the actual data portion of a file or the file name. It does, on the otherhand, store the file permissions, the user and group ownership data, and three different types of data about when the file was create, modified and so-forth.
  • Dentry: is the section that stores the file name of a file. It also stores information about what folder structure is associated with a file, such as “/usr/bin/”.
  • Data: is pretty strait forward. It is the total data that is associated with a file, such as a configuration text file, or a Libre Office file, or any other user type file.

Anyway, now we need to create our file system on our new partition. See below how to do that:


Just an update. I’m not finished with this blog, but I felt there was enough starter information here to help people get going with Linux. Enjoy and keep coming back for more info as I’ll be adding to this and releasing new blogs all the time!!!




  • No Startch Press
VN:F [1.9.22_1171]
Rating: 0.0/5 (0 votes cast)
VN:F [1.9.22_1171]
Rating: 0 (from 0 votes)