Have you ever accidentally saved files to a Linux mountpoint when the drive wasn’t mounted, and then couldn’t mount the drive thereafter? Or worse, had a backup run when the backup drive wasn’t mounted, only to fill your filesystem and crash the server?
These problems can be avoided by simply making your mountpoint immutable! What this means is, your mountpoint (the folder itself) cannot be written to. However, even as an immutable folder, it can be mounted to, and the filesystem of the mounted drive then controls the permissions of the folders therein.
It’s a simple Linux command. We’ll pretend our mountpoint is simply /mountpoint. Here’s all you have to do:
chattr +i /mountpoint
Brilliant! And oh, so simple.
Here’s a sample of what happens when I do this as root. Note that ‘mymountpoint’ is setup for me in my /etc/fstab file so it normally auto-mounts.
root@server:/# umount mymountpoint root@server:/# chattr +i mymountpoint root@server:/# cd mymountpoint root@server:/mymountpoint# touch test touch: cannot touch `test': Permission denied root@server:/mymountpoint# mount -a root@server:/mymountpoint# touch test root@server:/mymountpoint#
Enjoy that little tidbit!
As a side note, you might want to also get a notification if your drive isn’t mounted… so you could use the mountpoint command to send you an email if there’s a problem. Just add something like this to your backup script:
mountpoint -q /mymountpoint || mail -s "/mountpoint is not mounted for the backup" [email protected]
That simply checks if /mountpoint is a mounted mountpoint. If yes, it does nothing. If no, it will send you an email.
-Robbie
Brilliant! Thank you for this titbit!