文件系统的挂载选项
1、rw ro
[root@node0 test]# mount -o remount,ro /test/
[root@node0 test]# echo "abc" >> /test/file1
bash: /test/file1: Read-only file system
2、exec noexec
[root@node0 ~]# mount /dev/hdb1 /test/
[root@node0 ~]# echo "hello" > /test/file1
[root@node0 ~]# cp /bin/cat /test/
[root@node0 ~]# cd /test/
[root@node0 test]# ./cat file1
hello
[root@node0 test]# mount -o remount,noexec /test/
[root@node0 test]# ./cat file1
bash: ./cat: Permission denied
3、suid nosuid
[root@node0 test]# mount /dev/hdb1 /test/
[root@node0 test]# ls
cat cdrom file1 lost+found
[root@node0 test]# chmod 640 file1
[root@node0 test]# ls -l file1
-rw-r----- 1 root root 6 Mar 3 16:04 file1
[root@node0 test]# chmod u+s cat
[root@node0 test]# su - user1
[user1@node0 ~]$ cd /test/
[user1@node0 test]$ ./cat file1
hello
[root@node0 test]# mount -o remount,nosuid /test/
[root@node0 test]# su - user1
[user1@node0 ~]$ cd /test/
[user1@node0 test]$ ./cat file1
./cat: file1: Permission denied
4、dev nodev
[root@node0 test]# ls -l /dev/cdrom
lrwxrwxrwx 1 root root 3 Mar 3 14:47 /dev/cdrom -> hdd
[root@node0 test]# ls -l /dev/hdd
brw-rw---- 1 root disk 22, 64 Mar 3 14:47 /dev/hdd
[root@node0 test]# mknod cdrom b 22 64
[root@node0 test]# mount cdrom /mnt/
mount: block device cdrom is write-protected, mounting read-only
[root@node0 test]# umount /mnt/
[root@node0 test]# mount -o remount,nodev /test/
[root@node0 test]# ls -l cdrom
brw-r--r-- 1 root root 22, 64 Mar 3 16:13 cdrom
[root@node0 test]# mount cdrom /mnt/
mount: block device cdrom is write-protected, mounting read-only
mount: cannot mount block device cdrom read-only
[root@node0 test]# ls /mnt/
5、auto noauto
[root@node0 ~]# vim /etc/fstab
/dev/hdb1 /test ext3 noauto 0 0
[root@node0 ~]# mount -a
6、async sync
7、atime noatime
Update inode access time for each access. This is the default.
8、noacl acl