Transcript Mount Point
10.4 File System Mounting A file system must be mounted before it can be accessed A unmounted file system (i.e. Fig. 10-11(b)) is mounted at a mount point existing Operating System Principles unmounted volume 10.1 mount point Silberschatz, Galvin and Gagne ©2005 Mount Point 1. The OS is first given the name of the device and the mount point 2. The OS verifies that the device contains a valid file system Read the device directory and verify the directory format 3. The OS notes in the directory structure that a file system is mounted at the specified mount point 4. If the volume is unmounted, the file system is restored to the situation before mounting OS may impose semantics to clarify functionality May disallow a mount over a directory containing files; or may obscure the directory’s existing files until the file system is unmounted May allow the same file system to be mounted repeatedly, at different mount points; or it may allow only one mount per file system Operating System Principles 10.2 Silberschatz, Galvin and Gagne ©2005 Mount Examples Macintosh searches for a file system on a disk first encountered. If found, the file system is auto-mounted at the root level Windows OS maintains an extended two-level directory structure, with devices and volumes assigned drive letters. Recent Windows allow a file system to be mounted anywhere in the directory tree Windows auto-discover all devices and mount all located file systems at boot time Unix has explicit mount commands Operating System Principles 10.3 Silberschatz, Galvin and Gagne ©2005 10.5 File Sharing Sharing of files on multi-user systems is desirable Sharing may be done through a protection scheme On distributed systems, files may be shared across a network Network File System (NFS) is a common distributed file-sharing method Operating System Principles 10.4 Silberschatz, Galvin and Gagne ©2005 File Sharing – Multiple Users File sharing, file naming, and file protection are important in multiple-user systems The system may allow a user to access other user’s files by default or it may require specific access grant Most systems use the concept of file owner and group, as file attributes, to implement file sharing and protection User IDs identify users, allowing permissions and protections to be per-user Group IDs allow users to be in groups, permitting group access rights Operating System Principles 10.5 Silberschatz, Galvin and Gagne ©2005 File Sharing – Remote File Systems Uses networking to allow file system access between systems Manually via programs like FTP Both anonymous and authenticated access Automatically, seamlessly using distributed file systems, in which remote directories are visible from a local machine Semi automatically via the world wide web, where a browser is needed to access remote files, and separate operations (a wrapper for ftp) are used to transfer files Operating System Principles 10.6 Silberschatz, Galvin and Gagne ©2005 The Client-Server Model Client-server model allows clients to mount remote file systems from servers Server can serve multiple clients Client, specified by a network name or IP address, and user-on-client identification is insecure or complicated (by encryption) NFS is standard UNIX client-server file sharing protocol User’s ID on the client and server must match Once the remote file system is mounted, file operation requests are sent on behalf of the user across the network to the server via the DFS protocol Standard operating system file calls are translated into remote calls Operating System Principles 10.7 Silberschatz, Galvin and Gagne ©2005 Distributed Information Systems Also known as distributed naming services LDAP, DNS, NIS (network information service, yellow pages), Active Directory implement unified access to information needed for remote computing In Windows CIFS (common internet file system), network information is used with user authentication to create a network login. A newer version is called active directory. One distributed LDAP (lightweight directory-access protocol) could be used by an organization to store all user and resource information for all organization’s computers. The result is secure single sign-on for users. Skip 10.5.2.3, 10.5.3 Operating System Principles 10.8 Silberschatz, Galvin and Gagne ©2005 10.6 Protection Reliability is to keep the computer system from physical damage. (Chapter 12) Protection is to keep it from improper access. File owner/creator should be able to control: what can be done by whom Basic types of controlled access Read Write Execute Append Delete List Operating System Principles Other high-level functions, like copying and editing files may be implemented by making lower-level system calls 10.9 Silberschatz, Galvin and Gagne ©2005 Access Control Lists Mode of access: read, write, execute Three classes of users a) owner access 7 b) group access 6 c) public access 1 rwx 111 rwx 110 rwx 001 Ask manager to create a group (unique name), say G, and add some users to the group. For a particular file (say game) or subdirectory, define an appropriate access. owner chmod group public 761 game Attach a group to a file chgrp Operating System Principles G game 10.10 Silberschatz, Galvin and Gagne ©2005 Windows XP Access-control List Management Operating System Principles 10.11 Silberschatz, Galvin and Gagne ©2005 A Sample UNIX Directory Listing Operating System Principles 10.12 Silberschatz, Galvin and Gagne ©2005 Other Protection Approaches Associate a password with each file Disadvantages The number of passwords that a user needs to remember If only one password is used for all the files, then protection is on an all-or-none basis – Some system allow the user to associate a password with a directory Adding protection mechanisms to single-user OS is difficult Directory protection Control the creation and deletion of files in a directory Control whether a user could check the existence of a file in a directory. (Listing the contents of a directory) Operating System Principles 10.13 Silberschatz, Galvin and Gagne ©2005