Linux File Systems: Ext2 vs Ext3 vs Ext4

Ext2

Ext2 stands for second extended file system.

It was introduced in 1993. Developed by Rmy Card.

This was developed to overcome the limitation of the original ext file system.

Ext2 does not have journaling feature.

On flash drives, usb drives, ext2 is recommended, as it doesnt need to do

the over head of journaling.

Maximum individual file size can be from 16 GB to 2 TB

Overall ext2 file system size can be from 2 TB to 32 TB

Ext3

Ext3 stands for third extended file system.

It was introduced in 2001. Developed by Stephen Tweedie.

Starting from Linux Kernel 2.4.15 ext3 was available.

The main benefit of ext3 is that it allows journaling.

Journaling has a dedicated area in the file system, where all the changes are
tracked. When the system crashes, the possibility of file system corruption is
less because of journaling.

Maximum individual file size can be from 16 GB to 2 TB

Overall ext3 file system size can be from 2 TB to 32 TB

There are three types of journaling available in ext3 file system.

o

Journal Metadata and content are saved in the journal.

Ordered Only metadata is saved in the journal. Metadata are

journaled only after writing the content to disk. This is the default.

Writeback Only metadata is saved in the journal. Metadata might be

journaled either before or after the content is written to the disk.

You can convert a ext2 file system to ext3 file system directly (without
backup/restore).

Ext4

Ext4 stands for fourth extended file system.

It was introduced in 2008.

Starting from Linux Kernel 2.6.19 ext4 was available.

Supports huge individual file size and overall file system size.

Maximum individual file size can be from 16 GB to 16 TB

Overall maximum ext4 file system size is 1 EB (exabyte). 1 EB = 1024 PB

(petabyte). 1 PB = 1024 TB (terabyte).

Directory can contain a maximum of 64,000 subdirectories (as opposed to

32,000 in ext3)

You can also mount an existing ext3 fs as ext4 fs (without having to upgrade
it).

Several other new features are introduced in ext4: multiblock allocation,

delayed allocation, journal checksum. fast fsck, etc. All you need to know is
that these new features have improved the performance and reliability of the
filesystem when compared to ext3.

In ext4, you also have the option of turning the journaling feature off.

Create an ext2 file system:

mke2fs /dev/sda1

Create an ext3 file system:

mkfs.ext3 /dev/sda1
(or)
mke2fs j /dev/sda1

Create an ext4 file system:

mkfs.ext4 /dev/sda1
(or)
mke2fs -t ext4 /dev/sda1

Converting ext2 to ext3

For example, if you are upgrading /dev/sda2 that is mounted as /home, from ext2 to ext3, do the
following.
umount /dev/sda2
tune2fs -j /dev/sda2
mount /dev/sda2 /home

Note: You really dont need to umount and mount it, as ext2 to ext3 conversion can happen on a
live file system. But, I feel better doing the conversion offline.
Converting ext3 to ext4

If you are upgrading /dev/sda2 that is mounted as /home, from ext3 to ext4, do the following.
umount /dev/sda2
tune2fs -O extents,uninit_bg,dir_index /dev/sda2
e2fsck -pf /dev/sda2
mount /dev/sda2 /home

Again, try all of the above commands only on a test system, where you can afford to lose all your
data.

1. What is Journaling?
Ans : In general, Journaling file systems avoid file system corruption by
maintaining a journal. The journal is a special file that logs the changes
destined for the file system in a circular buffer. At periodic intervals, the
journal is committed to the file system. If a crash occurs, the journal can be
used as a checkpoint to recover unsaved information and avoid corrupting
of file system meta-data.
2.How many file systems supported by linux? and what are they?
Ans : As of now(09-Nov-2009) Linux will supports : Btrfs, cifs, davfs,
ext, ext2, ext3, ext4, exofs, hpfs, JFS minix, msdos, ncpfs, NiLFS(2),
ntfs, nfs, proc, smbfs, iso9660, sysv, hpfs, affs, ufs, umsdos, vfat,
xia, xfs, ZFS.
Note : Please add some more file systems which you people know in the

comment section. So that i will update the post with new file systems.
3.What is the maximum size of a partition we can create using ext2
and ext3?
Ans : 4TB partition can be created in each ext2 and ext3 file system
respectively.
4.What is the maximum size of a file we can create in ext2?
Ans : The maximum size what we can create is 2GB to 2TB. It depends on
the block size we taken when we are formatting. If the block size is 1KB we
can not create a file more than 2GB in ext2 file system.
5.What is ext in ext2 and ext3?
Ans : When linux first implemented the default file system is minixfs, in
subsequent years it was replaced its successor file system called extended
file-system. So the naming convention. So ext2 is second version of
extended file system. Same explanation is given to ext3 and ext4.
How to convert back Linux ext3 file system to ext2 file system

A. First use umount command to detach the file system mentioned from the file system
hierarchy.
For example, if your partition name is /dev/hda5, type the command:
# umount /dev/hda5

Now change the file system type to ext2 by typing the following command
# tune2fs -O ^has_journal /dev/hda5

Verify that there are no error:

# e2fsck -y /dev/hda5

Mount the file system to original mount point (for example /home or /mnt):
# mount -t ext2 /dev/hda5 /home

Go to mount point and remove .journal file

# rm -f .journal

LINUX INITRD

The special file /dev/initrd is a read-only block device. Device /dev/initrd is a RAM
disk that is initialized (e.g. loaded) by the boot loader before the kernel is started.
The kernel then can use the the block device /dev/initrd's contents for a two
phased system boot-up.

In the first boot-up phase, the kernel starts up and mounts an initial root file-system from the
contents of /dev/initrd (e.g. RAM disk initialized by the boot loader). In the second phase,
additional drivers or other modules are loaded from the initial root device's contents. After
loading the additional modules, a new root file system (i.e. the normal root file system) is
mounted from a different device.

BOOT-UP OPERATION
When booting up with initrd, the system boots as follows:

1. The boot loader loads the kernel program and /dev/initrd's contents into memory.
2. On kernel startup, the kernel uncompresses and copies the contents of the device
/dev/initrd onto device /dev/ram0 and then frees the memory used by /dev/initrd.
3. The kernel then read-write mounts device /dev/ram0 as the initial root file system.
4. If the indicated normal root file system is also the initial root file-system (e.g.
/dev/ram0 ) then the kernel skips to the last step for the usual boot sequence.
5. If the executable file /linuxrc is present in the initial root file-system, /linuxrc is
executed with uid 0. (The file /linuxrc must have executable permission. The file
/linuxrc can be any valid executable, including a shell script.)
6. If /linuxrc is not executed or when /linuxrc terminates, the normal root file system is
mounted. (If /linuxrc exits with any file-systems mounted on the initial root file-system,
then the behavior of the kernel is UNSPECIFIED. See the NOTES section for the
current kernel behavior.)
7. If the normal root file has directory /initrd, device /dev/ram0 is moved from / to
/initrd. Otherwise if directory /initrd does not exist device /dev/ram0 is unmounted.
(When moved from / to /initrd, /dev/ram0 is not unmounted and therefore processes can
remain running from /dev/ram0. If directory /initrd does not exist on the normal root
file-system and any processes remain running from /dev/ram0 when /linuxrc exits, the
behavior of the kernel is UNSPECIFIED. See the NOTES section for the current kernel
behavior.)

8. The usual boot sequence (e.g. invocation of /sbin/init) is performed on the normal root
file system.

LINUX Umask

When user create a file or directory under Linux or UNIX, she create it with a default set of
permissions. In most case the system defaults may be open or relaxed for file sharing purpose.
For example, if a text file has 666 permissions, it grants read and write permission to everyone.
Similarly a directory with 777 permissions, grants read, write, and execute permission to
everyone.

Default umask Value

The user file-creation mode mask (umask) is use to determine the file permission for newly
created files. It can be used to control the default file permission for new files. It is a four-digit
octal number. A umask can be set or expressed using:

Symbolic values

Octal values

Procedure To Setup Default umask

You can setup umask in /etc/bashrc or /etc/profile file for all users. By default most Linux distro
set it to 0022 (022) or 0002 (002). Open /etc/profile or ~/.bashrc file, enter:
# vi /etc/profile

OR
$ vi ~/.bashrc

Append/modify following line to setup a new umask:

umask 022

Save and close the file. Changes will take effect after next login. All UNIX users can override the
system umask defaults in their /etc/profile file, ~/.profile (Korn / Bourne shell) ~/.cshrc file (C
shells), ~/.bash_profile (Bash shell) or ~/.login file (defines the user's environment at login).
Explain Octal umask Mode 022 And 002

As I said earlier, if the default settings are not changed, files are created with the access mode
666 and directories with 777. In this example:
1. The default umask 002 used for normal user. With this mask default
directory permissions are 775 and default file permissions are 664.

2. The default umask for the root user is 022 result into default directory
permissions are 755 and default file permissions are 644.
3. For directories, the base permissions are (rwxrwxrwx) 0777 and for files
they are 0666 (rw-rw-rw).

In short,
1. A umask of 022 allows only you to write data, but anyone can read data.
2. A umask of 077 is good for a completely private system. No other user can
read or write your data if umask is set to 077.
3. A umask of 002 is good when you share data with other users in the same
group. Members of your group can create and modify data files; those outside
your group can read data file, but cannot modify it. Set your umask to 007 to
completely exclude users who are not group members.
But, How Do I Calculate umasks?

The octal umasks are calculated via the bitwise AND of the unary complement of the argument
using bitwise NOT. The octal notations are as follows:

Octal value : Permission

0 : read, write and execute

1 : read and write

2 : read and execute

3 : read only

4 : write and execute

5 : write only

6 : execute only

7 : no permissions

Now, you can use above table to calculate file permission. For example, if umask is set to 077,
the permission can be calculated as follows:
Bit

Targeted at

File permission

Owner

read, write and execute

Group

No permissions

Others

No permissions

To set the umask 077 type the following command at shell prompt:
$
$
$
$

umask 077
mkdir dir1
touch file
ls -ld dir1 file

Sample outputs:
drwx------ 2 vivek vivek 4096 2011-03-04 02:05 dir1
-rw------- 1 vivek vivek
0 2011-03-04 02:05 file

Task: Calculating The Final Permission For FILES

You can simply subtract the umask from the base permissions to determine the final permission
for file as follows:
666 - 022 = 644

File base permissions : 666

umask value : 022

subtract to get permissions of new file (666-022) : 644 (rw-r--r--)

Task: Calculating The Final Permission For DIRECTORIES

You can simply subtract the umask from the base permissions to determine the final permission
for directory as follows:
777 - 022 = 755

Directory base permissions : 777

umask value : 022

Subtract to get permissions of new directory (777-022) : 755 (rwxr-xr-x)

How Do I Set umask Using Symbolic Values?

The following symbolic values are used:

1. r : read
2. w : write
3. x : execute

4. u : User ownership (user who owns the file)

5. g : group ownership (the permissions granted to other users who are
members of the file's group)
6. o : other ownership (the permissions granted to users that are in neither of
the two preceding categories)

The following command will set umask to 077 i.e. a umask set to u=rwx,g=,o= will result in new
files having the modes -rw-------, and new directories having the modes drwx------:
$
$
$
$

umask u=rwx,g=,o=
mkdir dir2
touch file2
ls -ld dir2 file2

Sample umask Values and File Creation Permissions

If umask value set
to

User permission Group permission Others permission

000

all

all

all

007

all

all

none

027

all

read / execute

none

all = read, write and executable file permission

Limitations of the umask

1. The umask command can restricts permissions.
2. The umask command cannot grant extra permissions beyond what is
specified by the program that creates the file or directory. If you need to
make permission changes to existing file use the chmod command.

umask and level of security

The umask command be used for setting different security levels as follows:
umask value

Security level

Effective permission (directory)

022

Permissive

755

026

Moderate

751

027

Moderate

750

077

Severe

700

Linux: Recover Corrupted Partition From A Bad Superblock

A. Linux ext2/3 filesystem stores superblock at different backup location so it is possible to get
back data from corrupted partition.

WARNING! Make sure file system is UNMOUNTED.

If your system will give you a terminal type the following command, else boot Linux system
from rescue disk (boot from 1st CD/DVD. At boot: prompt type command linux rescue).

Mount partition using alternate superblock

Find out superblock location for /dev/sda2:
# dumpe2fs /dev/sda2 | grep superblock

Sample output:
Primary superblock at 0, Group descriptors at 1-6
Backup superblock at 32768, Group descriptors at 32769-32774
Backup superblock at 98304, Group descriptors at 98305-98310
Backup superblock at 163840, Group descriptors at 163841-163846
Backup superblock at 229376, Group descriptors at 229377-229382
Backup superblock at 294912, Group descriptors at 294913-294918
Backup superblock at 819200, Group descriptors at 819201-819206
Backup superblock at 884736, Group descriptors at 884737-884742
Backup superblock at 1605632, Group descriptors at 1605633-1605638
Backup superblock at 2654208, Group descriptors at 2654209-2654214
Backup superblock at 4096000, Group descriptors at 4096001-4096006
Backup superblock at 7962624, Group descriptors at 7962625-7962630
Backup superblock at 11239424, Group descriptors at 11239425-11239430
Backup superblock at 20480000, Group descriptors at 20480001-20480006
Backup superblock at 23887872, Group descriptors at 23887873-23887878

Now check and repair a Linux file system using alternate superblock # 32768:
# fsck -b 32768 /dev/sda2

Sample output:
fsck 1.40.2 (12-Jul-2007)
e2fsck 1.40.2 (12-Jul-2007)
/dev/sda2 was not cleanly unmounted, check forced.
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Free blocks count wrong for group #241 (32254, counted=32253).
Fix? yes
Free blocks count wrong for group #362 (32254, counted=32248).

Fix? yes
Free blocks count wrong for group #368 (32254, counted=27774).
Fix? yes
..........
/dev/sda2: ***** FILE SYSTEM WAS MODIFIED *****
/dev/sda2: 59586/30539776 files (0.6% non-contiguous), 3604682/61059048 blocks

Now try to mount file system using mount command:

# mount /dev/sda2 /mnt

You can also use superblock stored at 32768 to mount partition, enter:
# mount sb={alternative-superblock} /dev/device /mnt
# mount sb=32768 /dev/sda2 /mnt

Try to browse and access file system:

#
#
#
#

cd /mnt
mkdir test
ls -l
cp file /path/to/safe/location

Understanding UNIX / Linux filesystem Superblock

Unix / Linux filesystem blocks

The blocks used for two different purpose:
1. Most blocks stores user data aka files (user data).
2. Some blocks in every file system store the file system's metadata. So what
the hell is a metadata?

In simple words Metadata describes the structure of the file system. Most common metadata
structure are superblock, inode and directories. Following paragraphs describes each of them.

Superblock
Each file system is different and they have type like ext2, ext3 etc. Further each file system has
size like 5 GB, 10 GB and status such as mount status. In short each file system has a superblock,
which contains information about file system such as:

File system type

Size

Status

Information about other metadata structures

If this information lost, you are in trouble (data loss) so Linux maintains multiple redundant
copies of the superblock in every file system. This is very important in many emergency
situation, for example you can use backup copies to restore damaged primary super block.

Following command displays primary and backup superblock location on /dev/sda3:

# dumpe2fs /dev/hda3 | grep -i superblock

Output:
Primary superblock at 0, Group descriptors at 1-1
Backup superblock at 32768, Group descriptors at 32769-32769
Backup superblock at 98304, Group descriptors at 98305-98305
Backup superblock at 163840, Group descriptors at 163841-163841
Backup superblock at 229376, Group descriptors at 229377-229377
Backup superblock at 294912, Group descriptors at 294913-294913

Continue reading rest of the Understanding Linux file system series (this is part II):
Understanding UNIX / Linux filesystem Inodes

The inode (index node) is a fundamental concept in the Linux and UNIX filesystem. Each
object in the filesystem is represented by an inode. But what are the objects? Let us try to
understand it in simple words. Each and every file under Linux (and UNIX) has following
attributes:
=> File type (executable, block special etc)
=> Permissions (read, write etc)
=> Owner
=> Group
=> File Size
=> File access, change and modification time (remember UNIX or Linux never stores file
creation time, this is favorite question asked in UNIX/Linux sys admin job interview)
=> File deletion time
=> Number of links (soft/hard)
=> Extended attribute such as append only or no one can delete file including root user
(immutability)
=> Access Control List (ACLs)
All the above information stored in an inode. In short the inode identifies the file and its
attributes (as above) . Each inode is identified by a unique inode number within the file system.
Inode is also know as index number.

inode definition
An inode is a data structure on a traditional Unix-style file system such as UFS or ext3. An inode
stores basic information about a regular file, directory, or other file system object.

How do I see file inode number?

You can use ls -i command to see inode number of file
$ ls -i /etc/passwd

Sample Output

32820 /etc/passwd

You can also use stat command to find out inode number and its attribute:
$ stat /etc/passwdOutput:
File: `/etc/passwd'
Size: 1988
Blocks: 8
IO Block: 4096
regular file
Device: 341h/833d
Inode: 32820
Links: 1
Access: (0644/-rw-r--r--) Uid: (
0/
root)
Gid: (
0/
root)
Access: 2005-11-10 01:26:01.000000000 +0530
Modify: 2005-10-27 13:26:56.000000000 +0530
Change: 2005-10-27 13:26:56.000000000 +0530

Inode application
Many commands used by system administrators in UNIX / Linux operating systems often give
inode numbers to designate a file. Let us see he practical application of inode number. Type the
following commands:
$ cd /tmp
$ touch \"la*
$ ls -l

Soft and Hard Links

Soft links

Pointers to programs, files, or directories located elsewhere (just like Windows

shortcuts)

If the original program, file, or directory is renamed, moved, or deleted, the

soft link is broken.

If you type ls -F you can see which files are soft links because they end with
@

To create a soft link called myfilelink.txt that points to a file called myfile.txt,
use this: ln -s myfile.txt myfilelink.txt

Hard links

Pointers to programs and files, but NOT directories

If the original program or file is renamed, moved, or deleted, the hard link is
NOT broken

Hard links cannot span disk drives, so you CANNOT have a hard link on
/dev/hdb that refers to a program or file on /dev/hda

To create a hard link called myhardlink.txt that points to a file called

myfile.txt, use this: ln myfile.txt myhardlink.txt