3. General options

The general options are not needed most of the time. They allow for increased flexibility and security.

• Read-only It is possible to protect a partition from writing. Even the superuser won't be able to write there. This is seldom used on a normal hard drive partition though.
• User mountable This is generally used with the following option, and is useful for removable media. It allows anyone to activate the connection at any time. Normally, only root (the superuser) can establish a mount.
• Do not mount at boot time Especially useful for removable media, it prevents the system from trying to establish a mount at boot time.
• No program allowed to execute This is a security feature, which is especially useful for removable media. If you set the user mountable option on a removable media, it allows any user to come and install a set of files, specifically setup, to give him full access to your system (administrator privileges). This option would prevent this situation from occurring.
• No special device file support This is a security feature. Special devices are generally created with proper access rights in the /dev directory. They may be created in other places too, with the mknod command. This feature prevents mounting media with special devices created with relaxed security. Such devices would defeat all security on the system.
• No setuid programs allowed This is yet another security feature. It is a compromise between full access and the above option (no execution allowed). If you set this option, the system will deny privileged programs their special rights. A privileged program is one that switches the user to another identity while it is running (generally root). This allows the user to do special tasks that only the supervisor can do.
• User quota enabled This flag tells the kernel to enable quota accounting on the filesystem. Quota accounting maintains, for each user in real time, the amount of disk space used and the amount of files and directories they own. Limits may be imposed on some or all users. This is controlled separately for each file system. The file quota.user is created in the root of the filesystem (linuxconf will create it for you if you activate this feature). The utility quotacheck is run to initialize the file with the current state of the filesystem. The kernel, from now on, will silently update this for each user account. This is useful for preventing a single user from filling the disk.
• Group quota enabled This is the same feature as user quota enabled, but for groups. The group quotas hold the sum of the quotas of all file members of the group. A file quota.group is created when this feature is enabled and the utility quotacheck is used to initialize the file. While a user may be under his personal quota limit, the quota of his group may be over its limit. The user will be prevented from creating new files and/or growing them.