How to choose, install, secure, and use Linux.          Contact me

This page updated: June 2019



Basics section
Miscellaneous section

See my "Moving to Linux" page
See my "Installing Linux" page
See my "Using Linux" page







Basics



Layers / variations:
[Mostly from lowest to highest:]
Distribution: Debian, Fedora, Red Hat, Ubuntu, Xubuntu, Linux Mint, openSUSE, etc.
Debian Family Tree (!)
Which turns out to be just part of a bigger GNU/Linux Distributions Timeline (!!)

Some other variations:



Newbie questions:



More-complicated things you can do:



See my "Moving to Linux" page












Miscellaneous



If you want to contribute to the Linux community:
You could pick an app or distro and:
Jason Evangelho's "8 Ways To Contribute To The Desktop Linux Community, Without Knowing A Single Line Of Code"
LTP - Linux Test Project

Adam Zerella's "How to become a Linux kernel developer"
Arch: KernelBuild
Tamir Suliman's "Beginner's Guide to Writing your First Linux patch"
Kosta Zertsekel's "Who should I sent Linux Kernel patch to?"
The Linux Kernel documentation

Hcamael's "How to Develop Linux Driver from Scratch"



Please don't create a new distro:
Please don't create a new distro. We have far too many already. GNU/Linux Distributions Timeline

If you want/need something, do it some other way. A configuration script that modifies an existing distro. A new DE or theme. A new kernel module. Whatever is appropriate for your need.




Disk management and encryption:
Layers:
  1. Cleartext or individually encrypted files: e.g. normal files and directories; app-encrypted files such as password manager databases or encrypted SQL databases.

  2. Filesystem instances: mount-point name, and type, and device name. E.g. "/" is the mount location of an ext4 filesystem stored on /dev/sda5.

  3. Upper filesystem formats: Veracrypt containers; eCryptfs; Windows' Encrypting File System (EFS).

    Wikipedia's "ECryptfs"
    Wikipedia's "Encrypting File System" (EFS)
    Wikipedia's "VeraCrypt"

  4. Base filesystem formats: format of data stored inside a partition. E.g. ext4, fat32, NTFS, btrfs, ZFS.
    Jim Salter's "Understanding Linux filesystems: ext4 and beyond"

  5. Manager: e.g. Linux's LVM (Logical Volume Manager), or some forms of RAID, or ZFS, or btrfs.

    Presents a "virtual partition" that the layer above can use, but that single "virtual partition" could be stored across multiple physical partitions and devices.

    Wikipedia's "Logical volume management"
    Wikipedia's "Logical Volume Manager (Linux)"

  6. Device-mapper and full-volume/block-level encryption: e.g. dm-crypt (a LUKS-compliant implementation); Veracrypt "full-disk" (really, full-partition) encryption; BitLocker.

    Wikipedia's "dm-crypt"
    Wikipedia's "Linux Unified Key Setup" (LUKS)
    Wikipedia's "VeraCrypt"
    Wikipedia's "BitLocker"

  7. Physical partitions: e.g. /dev/sda5, /dev/sdb1. And a partition table (Master Boot Record (MBR) or GUID Partition Table (GPT)) to list the partitions.

  8. Disk hardware encryption (if any).

  9. Disk hardware striping/mirroring (if any). E.g. some forms of RAID.

  10. Raw media: e.g. spinning disk, SSD, flash drive. E.g. /dev/sda, /dev/sdb.




Example 1, my Linux Mint 19.2 system:
$ df -hT
Filesystem             Type      Size  Used Avail Use% Mounted on
/dev/sda5              ext4       33G   25G  7.0G  78% /
/dev/sda6              ext4      259G  182G   65G  74% /home
/dev/sda1              ext4      945M  175M  705M  20% /boot
/home/user1/.Private   ecryptfs  259G  182G   65G  74% /home/user1
  1. My password manager database file "KeePassDatabase.kdbx" is app-encrypted.
  2. It is under "/home/user1", which is the mount location of an eCryptfs filesystem stored on "/home/user1/.Private".
  3. "/home/user1/.Private" is using upper filesystem format eCryptfs.
  4. The base filesystem format of "/home" is ext4.
  5. Manager: none; not using LVM or RAID.
  6. Device-mapper and full-volume/block-level encryption: none ?
  7. Physical partitions: /home is on /dev/sda6.
    Partition table on /dev/sda is a Master Boot Record (MBR) table.
  8. Disk hardware encryption: none.
  9. Disk hardware striping/mirroring: none.
  10. Raw media: e.g. spinning disk /dev/sda.

Example 2, a Veracrypt container mounted in my Linux Mint 19.2 system:
$ df -ahT
Filesystem             Type             Size  Used Avail Use% Mounted on
/dev/sda6              ext4      259G  182G   65G  74% /home
/home/user1/.Private   ecryptfs  259G  182G   65G  74% /home/user1
/dev/mapper/veracrypt1 ext4             2.0G  1.1G  750M  60% /media/veracrypt1
  1. Plaintext file "MyBankInfo.txt" is in a 2.0GB Veracrypt container on /home/user1.
  2. It is under "/media/veracrypt1", which is the mount location of an ext4 filesystem stored on "/dev/mapper/veracrypt1".
  3. "/dev/mapper/veracrypt1" is using upper filesystem format ???.
    Both Veracrypt and ECryptfs are in here somewhere.
  4. The base filesystem format of "/dev/mapper/veracrypt1" is ext4 ?
  5. Manager: none; not using LVM or RAID.
  6. Device-mapper and full-volume/block-level encryption: none ?
  7. Physical partitions: /home is on /dev/sda6.
    Partition table on /dev/sda is a Master Boot Record (MBR) table.
  8. Disk hardware encryption: none.
  9. Disk hardware striping/mirroring: none.
  10. Raw media: e.g. spinning disk /dev/sda.



From someone on reddit:

My view on it is that there are no layers. There are just different combinations, abstractions, attachments, slices and mirrors of block devices. Upon which you can either build other block devices, or store raw data which could include filesystems.

...

The root of it is that the Linux block device is the base unit and since the other entities present block devices as their product, it gets confusing since the system is making block devices from other block devices and parts of block devices.

...

The first two items in #3 [Veracrypt containers; eCryptfs] are special types of filesystems, but the 3rd thing [Windows' Encrypting File System (EFS)] is referring to something that becomes a block device. Once it is a block device, then it can be used wherever a block device is used.

#4 is talking about filesystems and "partitions". But it's only a partition if it is referred to in a partition table (GPT, MBR, Sun, SGI, BSD). And even then, the OS only sees that data through the lens of a block device. See "man fdisk".

Trying to represent this as layers breaks pretty fast. For example with LVM, the LV is in a VG. And a VG encompasses one more more PVs. An LV can be spread across multiple PVs.

As I say, in the end actual data is on storage that shows up in Linux as a block device. http://www.haifux.org/lectures/86-sil/kernel-modules-drivers/node10.html

> [me trying to defend layers:]
> For example, can a Veracrypt container be below (contain) a LVM
> volume ? I don't think so, but maybe I'm wrong.

In Linux, Veracrypt can encrypt a file. That file can contain general data, a filesystem, or a partition table that divides up the file into partitions.

Also as a file, you can attach it to a loop device and then you can use that as an LVM PV (physical Volume) -- the first bullet here: https://www.veracrypt.fr/en/Home.html






Home     Site Map

Privacy policy