11

I made a new partition for my home drive by following this guide

I have no idea what the fstab setting it suggests mean:

UUID=???????? /home ext3 nodev,nosuid 0 2

I used an install CD and used "try it without install", so that I could run with my drive unmounted. I used GParted to resize the partition, and make a new one in the unused space. I then looked up the UUID as the guide said (and used ext4 instead), and everything worked fine.

However I'd like to understand what the "nodev,nosuid 0 2" settings are. Are these the recommended settings? Is this the only valid setting? Does it matter in any way?

Michael Mrozek
  • 93,103
  • 40
  • 240
  • 233

2 Answers2

20

The Arch Linux Wiki has a comprehensive list of the field definitions in your /etc/fstab file, including those that you are asking about:

nodev - Don't interpret block special devices on the filesystem.
nosuid - Block the operation of suid, and sgid bits.

0 2 are, respectively, dump & pass:

<dump> - used by the dump utility to decide when to make a backup. Dump checks the entry and uses the number to decide if a file system should be backed up. Possible entries are 0 and 1. If 0, dump will ignore the file system; if 1, dump will make a backup. Most users will not have dump installed, so they should put 0 for the <dump> entry.

<pass> - used by fsck to decide which order filesystems are to be checked. Possible entries are 0, 1 and 2. The root file system should have the highest priority 1 - all other file systems you want to have checked should have a 2. File systems with a value 0 will not be checked by the fsck utility.

Note that UUID refers to the naming of your block device(s) (partitions); not the filetype. You can read more on the Arch Wiki.

jasonwryan
  • 73,126
6

The format of the fstab file is documented in the fstab(5) man page. The fifth column indicates whether the filesystem should be dumped; unless you know what this means, put 0. The sixth column indicates whether to check the filesystem at boot time; specify 1 for the root partition, 2 for all other internal filesystems, and 0 for external drives and filesystems from other operating systems. If the fifth and sixth columns contain zeroes, you don't need to put them (i.e. just put the first four columns).

The fourth column lists mount options; they differ to some extent from filesystem to filesystem, and they are documented in the mount(8) manual page. If you have no mount options, put defaults. Don't change the defaults put by the distribution unless you understand what you're doing. Common combinations of options are:

  • user,noauto or user,noauto,exec for filesystems that are not mounted automatically at boot time and anyone can mount explicitly.
  • acl,errors=remount,ro for ext2/ext3/ext4 filesystems with ACLs enabled; this is a common setting for OS filesystems.
  • nodev,nosuid for NFS filesystems.

nodev and nosuid add security at the expense of functionality: they forbid device files and setuid/setgid executables respectively. They're mostly useful when mounting foreign filesystems whose root user you don't trust. For a /home filesystem that's on a different partition of your local disk, they're not really useful, but the functionality they disable is unlikely to be useful (especially for nodev; setxid programs can be useful on /home occasionally).