Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Mounting the disk is necessary to make it readable or writable in a specific known location. Disks can be mounted read-only (as in the case for forensic / data recovery situations) or more commonly read-write.
Simplistically, mounting tells the underlying O/S how to treat a disk and where to make it appear in the file system.
(Windows also mounts disks, it just does it a lot more "behind the scenes")
USB tend to be automatically mounted under a certain file system location (mount point) depending on how the underlying O/S is configured.
All files accessible in a Unix system are arranged in one big tree, the file hierarchy, rooted at /. These files can be spread out over several devices. The mount command serves to attach the filesystem found on some device to the big file tree. Conversely, the umount(8) command will detach it again....
Or to put it another way: anything can access a device as a raw object and read data from it. To do so the application needs to have the structure and data formats coded in and find that format that it expects. The application needs to know how to find the block it needs in that sea of data and how to read and buffer it for use.
If the operating system has been informed about the expected structure and detects that format, and MOUNTS the data, then the application only needs to know how to ask the operating system for the specific block of data using a generalized format (files and folders). The OS does the more involved job of structuring search, find, read, and buffer and only needs to serve the requests properly, and the application can be smaller, more simple, and fast.
Virtually all of the standard GNU tools are written to work on data that is mounted and addressed using the standard tree/file structure.
There are things that are best done ONLY with raw access, getting the OS and some of the drivers out of the way. For everything else, it makes better sense to mount the volume and let the OS help.
And that applies only to READING the data. When it comes to WRITING the data the slightest error has the potential to corrupt or destroy the data or structure so that it is difficult or impossible to use. Clearly, this is something where operating through a filter known to detect and use the structure properly is standadized and well tested to ensure that it is without fatal flaws.
Many things are done only with a volume mounted so that it can be easily accessed safely. If we are doing something unsafe, we mount it read only to prevent corruption. (NOTE: that is not absolute protection, but reduces the risk.) IN extreme cases when we must bypass existing structure for lower level access we address it as a raw device without mounting. Carefully.
Hello everyone, I am a new member in the Linux community...
No, Sir!
I am quite sure that you aren't "a new member" of Linux community, because looks like you aren't even yet aware that the Linux is divided/distributed on "distributions" and each one has its own target audience.
Also, considering your uberbasic questions, I guess that you are a Windows user who just contemplate the eventual installation of a Linux distribution.
While I consider admirable your intentions, the fact that you look for "good video-tutorials" about commands and alike, makes me think that Slackware (and its community) is not what you are looking for, because the Slackware is not supposed to spoon-feed you.
And be kind to buy a good Linux book and to start learning, then continuing with learning, because the Linux cannot be understanded by some good video-tutorials - it's too much information to assimilate.
And be kind to buy a good Linux book and to start learning, then continuing with learning, because the Linux cannot be understanded by some good video-tutorials - it's too much information to assimilate.
First, I agree that a good book should be preferred over learning from videos (for every subject). But I want to add that Linux is not rocket science either. As you mentioned, Slackware might not be the ideal distro if one is new to Linux, but you definitely don't need to read a book to do what you do on Windows on something like Ubuntu/Mind/Manjaro...
My point is: people are afraid that Linux is "complicated" and therefore stay away from it, which is a sad thing.
It should, however, be noted that part of this book are seriously outdated. Lynx and Links are not the only web browsers shipped with Slackware these days
Hello everyone, I am a new member in the Linux community...
Could anyone explain why we mount the disk for forensic situations or generally why we mount HDD or USB thumb in Linux?
best
This is a very broad question, with very little background information.
Please allow me to make some assumptions (or correct me if I'm wrong):
- "The disk is an original disk seized from a computer, most likely from a Windows pc, or a Mac.
- You have set up, are going to set up a Linux system, to do a forensic examination of "the disk".
- You connect "the disk" via USB or E-SATA
If you mount the disk RO on the OS (Linux distro) you use, you will see the structure "natively" and you can read from it. If you mount RW, you can also write to it "normally".
If you do not mount it, you can still read (and write!!!) from (to) it in RAW mode, e.g. with dd
If you want to be sure that you cannot write to it, your option is to use a (hardware) write-blocker. If you cannot afford this, a specialist forensic distro like Paladdin will be second best.
For examination, I recommend to follow best practice: Do not mount it. Make an image of the disk with the right software. This can be open "raw" format, with dd (or better dcfldd, rdd,ddrescue or the like), or closed formats (like EWF, with guymaker).
Then detach the disk and do your examination on the image.
For examination, there are also specialist forensic distro's available (like SANS SIFT). Or use Autopsy forensic tool. Easiest on Windows. Installing in Linux is possible, but you do have to understand what you're doing.
Questions? Happy to answer them.
Last edited by remmilou; 10-01-2021 at 03:09 PM.
Reason: Small addition
@John Stockton, I recommend you consider installing and playing with Linux in a virtual machine. Ubuntu or Linux Mint would be good starter distros. There are plenty of newbie friendly tutorials, and there's no problem with watching videos, if you learn better that way.
You'll want to learn the basics of the CLI (command line interface) and Bash, as that knowledge goes a long way in understanding and managing Linux. I recommend "The Linux Command Line" at https://linuxcommand.org/tlcl.php. The book is easy to read, the PDF is legally free to download. If you want, you can buy a print version to keep on the shelf, and support the author.
Quote:
Originally Posted by LuckyCyborg
No, Sir!
I am quite sure that you aren't "a new member" of Linux community, because looks like you aren't even yet aware that the Linux is divided/distributed on "distributions" and each one has its own target audience.
Also, considering your uberbasic questions, I guess that you are a Windows user who just contemplate the eventual installation of a Linux distribution.
While I consider admirable your intentions, the fact that you look for "good video-tutorials" about commands and alike, makes me think that Slackware (and its community) is not what you are looking for, because the Slackware is not supposed to spoon-feed you.
I think the newbie-hammer got slammed a bit hard here. We all gotta start somewhere, and sometimes we don't know what questions to ask when we're brand new. And where did he mention Slackware?
I think the newbie-hammer got slammed a bit hard here. We all gotta start somewhere, and sometimes we don't know what questions to ask when we're brand new. And where did he mention Slackware?
The OP posted initially this thread on the Slackware main forum. And s/he not at the first commit - there s/he asked for for a video-tutorial regarding shell commands:
That's why I suspected that s/he evaluate Slackware on his/her future plans.
Nothing wrong in that, it's rather admirable, BUT as someone who uses Slackware since over 10 years, I know that it's a hard nut to crack for someone who comes to it with a mindset focused in video-tutorials and not bothering at least to Google.
Heck, personally I come to Slackware with a solid Ubuntu experience and still I had issues to adapt.
Slackware is a great operating system, but I am afraid it's not for fans of Click'n'Roll...
This was my point of view, with no malice in my intentions.
And like you seen, I've guided her/him to this forums sections to be a better place for this type questions.
Last edited by LuckyCyborg; 10-01-2021 at 05:21 PM.
The OP posted initially this thread on the Slackware main forum. And s/he not at the first commit - there s/he asked for for a video-tutorial regarding shell commands:
That's why I suspected that he evaluate Slackware on his/her future plans.
Nothing wrong in that, it's rather admirable, BUT as someone who uses Slackware since over 10 years, I know that it's a hard nut to crack for someone who comes to it with a mindset focused in video-tutorials and not bothering at least to Google.
Heck, personally I come to Slackware with a solid Ubuntu experience and still I had issues to adapt.
Slackware is a great operating system, but I am afraid it's not for fans of Click'n'Roll...
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.