« back to all changes in this revision
Viewing changes to help/glossary.html
- browse files at revision 1
- compare with another revision
- download diff
- download tarball
- view history from revision 1
- Committer: Bazaar Package Importer
- Author(s): David Martínez Moreno
- Date: 2002-01-12 03:35:17 UTC
- Revision ID: james.westby@ubuntu.com-20020112033517-tspnkaz5z9o0y6b2
Tags: upstream-0.4
Import upstream version 0.4
- files added:
- attributes
- concepts
- files
- help
- style
added
removed
help/glossary.html
1
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
2
<!-- http://linux-ntfs.sourceforge.net/ntfs/help/glossary.html -->
3
4
<html lang="en">
5
<head>
6
<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-1">
7
<meta name="description" content="NTFS Documentation">
8
<link rel="stylesheet" type="text/css" href="../style/ntfsdoc.css">
9
<link rel="stylesheet" type="text/css" href="../style/glossary.css">
10
<link rel="start" type="text/html" href="../index.html" title="NTFS Documentation">
11
<title>Glossary - NTFS Documentation</title>
12
</head>
13
14
<body>
15
<table border="0" class="toolbar" summary="" cellspacing="0">
16
<tr>
17
<td class="toolbar"><a accesskey="1" class="toolbar" href="../index.html">Home</a>
18
<td class="toolbar"> </td>
19
<td class="toolbar"><a accesskey="2" class="toolbar" href="../files/index.html">Files</a></td>
20
<td class="toolbar"> </td>
21
<td class="toolbar"><a accesskey="3" class="toolbar" href="../attributes/index.html">Attributes</a></td>
22
<td class="toolbar"> </td>
23
<td class="toolbar"><a accesskey="4" class="toolbar" href="../concepts/index.html">Concepts</a></td>
24
<td class="toolbar"> </td>
25
<td class="toolbar"><a accesskey="5" class="toolbar" href="../help/glossary.html">Glossary</a></td>
26
<td class="toolbar"> </td>
27
<td class="toolbar"><a accesskey="6" class="toolbar" href="../help/index.html">Help</a></td>
28
</tr>
29
</table>
30
31
<h1>NTFS - Glossary</h1>
32
33
<h2>Overview</h2>
34
35
<big>
36
<a href="#a" accesskey="a">A</a> <a href="#b" accesskey="b">B</a>
37
<a href="#c" accesskey="c">C</a> <a href="#d" accesskey="d">D</a>
38
<a href="#e" accesskey="e">E</a> <a href="#f" accesskey="f">F</a>
39
<a href="#g" accesskey="g">G</a> <a href="#h" accesskey="h">H</a>
40
<a href="#i" accesskey="i">I</a> <a href="#j" accesskey="j">J</a>
41
<a href="#k" accesskey="k">K</a> <a href="#l" accesskey="l">L</a>
42
<a href="#m" accesskey="m">M</a> <a href="#n" accesskey="n">N</a>
43
<a href="#o" accesskey="o">O</a> <a href="#p" accesskey="p">P</a>
44
<a href="#q" accesskey="q">Q</a> <a href="#r" accesskey="r">R</a>
45
<a href="#s" accesskey="s">S</a> <a href="#t" accesskey="t">T</a>
46
<a href="#u" accesskey="u">U</a> <a href="#v" accesskey="v">V</a>
47
<a href="#w" accesskey="w">W</a> <a href="#x" accesskey="x">X</a>
48
<a href="#y" accesskey="y">Y</a> <a href="#z" accesskey="z">Z</a>
49
</big>
50
51
<p>
52
This is a glossary of all terms.
53
Some entries refer to other entries, e.g. <q>See also</q>.
54
Some entries have an entire page of their own, e.g. <q>More...</q>
55
If your browser supports access keys, then you can jump around this
56
document by using, for example, Alt-M for the M section.
57
</p>
58
59
<dl>
60
<dd><a name="a"></a></dd>
61
62
<dt>. <a href="#dot">(See Dot, Root Directory)</a></dt>
63
64
<dd><a name="ace"></a></dd>
65
<dt>Access Control Entry (ACE)</dt>
66
<dd>
67
An Access Control Entry is the smallest unit of security.
68
It contains a SID (either a user or a group) and permissions information.
69
The permission will be one of <q>Access Allowed</q>, <q>Access Denied</q>
70
or <q>System Audit</q>. This object has flags to determine how the
71
permissions should be inherited.
72
<br>See also:
73
<a href="#sid">SID</a>,
74
<a href="#acl">ACL</a> and
75
<a href="#audit">Auditing</a>
76
</dd>
77
78
<dd><a name="acl"></a></dd>
79
<dt>Access Control List (ACL)</dt>
80
<dd>
81
This security structure contains a list of ACEs.
82
<br>See also:
83
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a>,
84
<a href="#sid">SID</a>,
85
<a href="#acl">ACL</a> and
86
<a href="#audit">Auditing</a>
87
</dd>
88
89
<dt>ACE <a href="#ace">(See Access Control Entry)</a></dt>
90
91
<dt>ACL <a href="#acl">(See Access Control List)</a></dt>
92
93
<dd><a name="attrdef"></a></dd>
94
<dt>$AttrDef <a href="../files/attrdef.html">(More...) </a></dt>
95
<dd>
96
This <a href="#metadata">metadata</a> file contains the definitions
97
of all the <a href="#attribute">attributes</a> that are allowed on an
98
NTFS <a href="#volume">volume</a>.
99
</dd>
100
101
<dd><a name="attribute"></a></dd>
102
<dt>Attribute</dt>
103
<dd>
104
on disk a file is stored as a set of attributes
105
resident / non res
106
</dd>
107
108
<dd><a name="attribute_list"></a></dd>
109
<dt>$ATTRIBUTE_LIST <a href="../attributes/attribute_list.html">(More...) </a></dt>
110
<dd>
111
This <a href="#attribute">attribute</a> is used when a file's
112
attributes won't fit in a single MFT File Record. It has a list
113
of all the attributes and where they can be found. The $ATTRIBUTE_LIST
114
is always stored in the Base FILE Record.
115
<br>See also:
116
<a href="#file_record">File Record</a>
117
<a href="#mft">$MFT</a>
118
<a href="#base_file_record">Base FILE Record</a>
119
</dd>
120
121
<dd><a name="audit"></a></dd>
122
<dt>Audit, Auditing</dt>
123
<dd>
124
As part of the security permissions of a file,
125
any actions performed on the file can be recorded.
126
For example a file could be required to log all the people who tried
127
to read it, but didn't have the permissions to do so.
128
</dd>
129
</dl>
130
131
<hr>
132
133
<dl>
134
<dd><a name="b"></a></dd>
135
136
<dd><a name="b+_tree"></a></dd>
137
<dt>B+ Tree</dt>
138
<dd>
139
A B+ tree is a variant of the binary tree.
140
Instead of one data element per node, there are many.
141
(In NTFS the actual number depends on the lengths of
142
the names and the cluster size). The B+ tree retains
143
the efficiency of a binary tree and also performs well
144
with large numbers of data elements (because the tree tends
145
to grow wide rather than deep).
146
<br>See also:
147
<a href="#binary_tree">Binary Tree</a> and
148
<a href="#balanced_tree">Balanced Tree</a>.
149
</dd>
150
151
<dd><a name="baad"></a></dd>
152
<dt>BAAD</dt>
153
<dd>
154
During chkdsk, if NTFS finds a multi-sector item (MFT, INDEX BLOCK, etc)
155
where the multi-sector header doesn't match the values at the end of the
156
sector, it marks the item with the magic number 'BAAD', and fill it with zeroes
157
(except for a short at the end of each sector...)
158
<pre>
159
FIXME
160
"BAAD" == corrupt record
161
"CHKD" == chkdsk ???
162
"FILE" == mft entry
163
"HOLE" == ??? (NTFS 3.0+?)
164
"INDX" == index buffer
165
RSTR & ???
166
</pre>
167
<br>See also:
168
<a href="#chkdsk">chkdsk</a> and
169
<a href="#fsck">fsck</a>.
170
</dd>
171
172
<dd><a name="bad"></a></dd>
173
<dt>$Bad</dt>
174
<dd>
175
This is the named Data Stream representing bad clusters on a volume.
176
<br>See also:
177
<a href="#badclus">$BadClus</a>.
178
</dd>
179
180
<dd><a name="badclus"></a></dd>
181
<dt>$BadClus <a href="../files/badclus.html">(More...) </a></dt>
182
<dd>
183
This <a href="#metadata">metadata</a> file lists all the unreadable
184
<a href="#cluster">clusters</a> on the <a href="#volume">volume</a>.
185
</dd>
186
187
<dd><a name="balanced_tree"></a></dd>
188
<dt>Balanced Tree</dt>
189
<dd>
190
Often binary trees can become very uneven. By reorganising
191
the data, the tree can be balanced such that no a node has
192
similar numbers of children to it's left and right.
193
<br>See also:
194
<a href="#b+_tree">B+ Tree</a> and
195
<a href="#binary_tree">Binary Tree</a>.
196
</dd>
197
198
<dd><a name="base_file_record"></a></dd>
199
<dt>Base FILE Record</dt>
200
<dd>
201
If the attributes don't fit into a single MFT record
202
then the Base FILE Record holds enough information to
203
locate the other records.
204
<br>See also:
205
<a href="#attribute_list">$ATTRIBUTE_LIST</a>,
206
<a href="#file_record">FILE Record</a> and
207
<a href="#mft">$MFT</a>.
208
</dd>
209
210
<dd><a name="binary"></a></dd>
211
<dt>Binary</dt>
212
<dd>
213
Maths carried out in base two. In this documentation, certain flags
214
fields are represented in binary, for the sake of clarity. e.g.
215
00001000<sub>2</sub>, 010000000<sub>2</sub>.
216
<br>See also:
217
<a href="#decimal">Decimal</a>,
218
<a href="#hex">Hex</a> and
219
<a href="#units">Units</a>.
220
</dd>
221
222
<dd><a name="binary_tree"></a></dd>
223
<dt>Binary Tree</dt>
224
<dd>
225
This is an efficient way of storing sorted data in order.
226
Each node in the tree represents a data element.
227
The left child node is a collection of all the elements that come before it.
228
The right child node is a collection of all the elements that come after it.
229
<br>See also:
230
<a href="#b+_tree">B+ Tree</a> and
231
<a href="#balanced_tree">Balanced Tree</a>.
232
</dd>
233
234
<dd><a name="bit"></a></dd>
235
<dt>Bit</dt>
236
<dd>
237
One binary digit, one or zero.
238
<br>See also:
239
<a href="#units">Units</a>,
240
</dd>
241
242
<dt>$Bitmap <a href="../files/bitmap.html">(More...) </a></dt>
243
<dd>
244
This <a href="#metadata">metadata</a> file keeps track of
245
which <a href="#cluster">clusters</a> are in use on the
246
<a href="#volume">volume</a>.
247
</dd>
248
249
<dt>$BITMAP <a href="../attributes/bitmap.html">(More...) </a></dt>
250
<dd>
251
This <a href="#attribute">attribute</a> keeps track of which
252
<a href="#record">records</a> are in use in an index.
253
</dd>
254
255
<dd><a name="block"></a></dd>
256
<dt>Block</dt>
257
<dd>
258
In Linux terminology, this is a cluster. Block device In Linux
259
terminology, this is a storage unit. Cluster The minimum allocation
260
unit. Clusters are a fixed power of 2 of the sector size (called the
261
cluster factor), and their size can be between 512 bytes and 4 KB
262
(Sometimes 64 KB, but 4 KB is the largest cluster size that the current
263
NTFS compression engine can operate with. That limit may be related to
264
the 4 KB page size used on the Intel i386 CPU). This size can be set
265
with the Windows NT format utility, whose default is: Volume size
266
Cluster size 1 to 512 MB Sector size 512 MB to 1 GB 1 KB 1 GB to 2 GB 2
267
KB more than 2 GB 4 KB
268
</dd>
269
270
<dd><a name="boot"></a></dd>
271
<dt>$Boot <a href="../files/boot.html">(More...) </a></dt>
272
<dd>
273
This <a href="#metadata">metadata</a> file points at the boot sector
274
of the <a href="#volume">volume</a>. It contains information about
275
the size of the <a href="#volume">volume</a>, <a href="#cluster">clusters</a>
276
and the <a href="#mft">MFT</a>.
277
</dd>
278
279
<dd><a name="byte"></a></dd>
280
<dt>Byte <a href="#units">(See Units)</a></dt>
281
</dl>
282
283
<hr>
284
285
<dl>
286
<dd><a name="c"></a></dd>
287
288
<dd><a name="chkdsk"></a></dd>
289
<dt>chkdsk</dt>
290
<dd>
291
This is a DOS and Windows utility to check and repair filesystems.
292
Its name is an abbreviation of check disk.
293
<br>See also:
294
<a href="#fsck">fsck</a>.
295
</dd>
296
297
<dd><a name="cluster"></a></dd>
298
<dt>Cluster</dt>
299
<dd>
300
This is the smallest unit of disk that NTFS uses
301
and it is a multiple of the sector size.
302
It is determined when the volume is formatted and
303
cannot be altered afterwards.
304
<br>See also:
305
<a href="#sector">Sector</a>,
306
<a href="#boot">$Boot</a> and
307
<a href="#volume">Volume</a>.
308
</dd>
309
310
<dd><a name="compression"></a></dd>
311
<dt>Compression</dt>
312
<dd>
313
NTFS supports file- and directory-level compression.
314
The compression is performed transparently when the file
315
is read or written. Any new files in a compressed
316
directory will automatically be compressed.
317
<br>See also:
318
<a href="#compression_unit">Compression Unit</a>
319
</dd>
320
321
<dd><a name="compression_unit"></a></dd>
322
<dt>Compression Unit</dt>
323
<dd>
324
Each file marked to be compressed is divided into sixteen
325
cluster blocks, known as compression units. If one of these
326
blocks cannot be compressed into fifteen clusters or less
327
it is left uncompressed. This division also helps accessing
328
a file randomly, ie it isn't necessary to decompress the whole
329
file.
330
<br>See also:
331
<a href="#cluster"></a>
332
<a href="#compression"></a>
333
</dd>
334
</dl>
335
336
<hr>
337
338
<dl>
339
<dd><a name="d"></a></dd>
340
341
<dd><a name="data"></a></dd>
342
<dt>$DATA <a href="../attributes/data.html">(More...) </a></dt>
343
<dd>
344
This <a href="#attribute">attribute</a> contains the actual
345
data for a file. This <a href="#stream">stream</a> may also
346
have a name.
347
</dd>
348
349
<dd><a name="data_runs"></a></dd>
350
<dt>Data Runs <a href="../concepts/data_runs.html">(More...) </a></dt>
351
<dd>
352
Non-resident attributes are stored in intervals of clusters called runs.
353
Each run is represented by its starting cluster and its length.
354
The runs map the VCNs of a file to the LCNs of a volume.
355
<br>See also:
356
<a href="#attribute">Attribute</a>,
357
<a href="#cluster">Cluster</a>,
358
<a href="#lcn">LCN</a>,
359
<a href="#vcn">VCN</a> and
360
<a href="#volume">Volume</a>.
361
</dd>
362
363
<dd><a name="decimal"></a></dd>
364
<dt>Decimal</dt>
365
<dd>
366
Maths carried out in base ten. In this documentation,
367
numbers that are neither in <a href="#hex">hex</a>, nor
368
<a href="#binary">binary</a>, are in decimal,
369
e.g. 16 (sixteen), 23 (twenty-three).
370
<br>See also:
371
<a href="#binary">Binary</a>,
372
<a href="#hex">Hex</a> and
373
<a href="#units">Units</a>.
374
</dd>
375
376
<dd><a name="directory"></a></dd>
377
<dt>Directory <a href="../concepts/directory.html">(More...) </a></dt>
378
<dd>
379
An NTFS directory is an index attribute. NTFS uses index attributes to collate
380
file names. A directory entry contains the name of the file and a copy of the
381
file's standard information attribute (time stamp information). This approach
382
provides a performance boost for directory browsing because NTFS does not need
383
to read the files' MFT records to print directory information.
384
</dd>
385
386
<dd><a name="dos_file_permissions"></a></dd>
387
<dt>DOS File Permissions <a href="#file_permissions">(see File Permissions)</a></dt>
388
389
<dd><a name="dot"></a></dd>
390
<dt>Dot, Root Directory <a href="../files/dot.html">(More...) </a></dt>
391
<dd>
392
Root directory of the disk
393
</dd>
394
395
<dd><a name="drive"></a></dd>
396
<dt>Drive <a href="#volume">(See Volume)</a></dt>
397
398
<dd><a name="dynamic_disk"></a></dd>
399
<dt>Dynamic Disk</dt>
400
<dd>
401
<pre>
402
Dynamic disk SDS, win2k
403
</pre>
404
</dd>
405
</dl>
406
407
<hr>
408
409
<dl>
410
<dd><a name="e"></a></dd>
411
412
<dd><a name="ea"></a></dd>
413
<dt>$EA <a href="../attributes/ea.html">(More...) </a></dt>
414
<dd>
415
This <a href="#attribute">attribute</a> is used to implement
416
the <a href="#hpfs">HPFS</a> extended attribute under NTFS.
417
It is only used for OS/2 compatibity.
418
</dd>
419
420
<dd><a name="ea_information"></a></dd>
421
<dt>$EA_INFORMATION <a href="../attributes/ea_information.html">(More...) </a></dt>
422
<dd>
423
This <a href="#attribute">attribute</a> is used to implement
424
the <a href="#hpfs">HPFS</a> extended attribute under NTFS.
425
It is only used for OS/2 compatibity.
426
</dd>
427
428
<dd><a name="efs"></a></dd>
429
<dt>$EFS</dt>
430
<dd>
431
$EFS is the named $LOGGED_UTILITY_STREAM of any encrypted file.
432
<br>See also:
433
<a href="#logged_utility_stream">$LOGGED_UTILITY_STREAM</a>.
434
</dd>
435
436
<dd><a name="extend"></a></dd>
437
<dt>$Extend <a href="../files/extend.html">(More...) </a></dt>
438
<dd>
439
This <a href="#metadata">metadata</a> directory contains the
440
<a href="#metadata">metadata</a> files:
441
<a href="#objid">$ObjId</a>,
442
<a href="#quota">$Quota</a>,
443
<a href="#reparse">$Reparse</a>.
444
</dd>
445
</dl>
446
447
<hr>
448
449
<dl>
450
<dd><a name="f"></a></dd>
451
452
<dd><a name="file"></a></dd>
453
<dt>File <a href="../concepts/file.html">(More...) </a></dt>
454
<dd>
455
In the NTFS terminology, a file can be a normal file, directory
456
(like in Linux) or a system file.
457
</dd>
458
459
<dd><a name="file_name"></a></dd>
460
<dt>$FILE_NAME <a href="../attributes/file_name.html">(More...) </a></dt>
461
<dd>
462
This <a href="#attribute">attribute</a> represents the file's name.
463
A file can have one or more names, which can be in any directory.
464
This is the NTFS equivalent to Unix's hard links.
465
</dd>
466
467
<dd><a name="filename_namespace"></a></dd>
468
<dt>Filename Namespace <a href="../concepts/filename_namespace.html">(More...) </a></dt>
469
<dd>
470
Not all characters are valid in DOS filenames.
471
For compatibity NTFS stores which namespace the name belongs to.
472
</dd>
473
474
<dd><a name="file_permissions"></a></dd>
475
<dt>File Permissions</dt>
476
<dd>
477
NTFS supports the standard set of DOS file permissions, namely
478
<q>Archive</q>, <q>System</q>, <q>Hidden</q> and <q>Read Only</q>.
479
In addition, NTFS supports <q>Compressed</q> and <q>Encrypted</q>.
480
<br>See also:
481
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a> and
482
<a href="#compression">Compression</a>
483
</dd>
484
485
<dd><a name="file_record"></a></dd>
486
<dt>FILE Record</dt>
487
<dd>
488
The $MFT is made up of FILE records, so named because of
489
a magic number of <q>FILE</q>. Each record has a standard
490
header and a list of attributes. If the attributes don't
491
fit into a single record, then more records will be used
492
and a $ATTRIBUTE_LIST attribute will be needed.
493
<br>See also:
494
<a href="#attribute">Attribute</a>,
495
<a href="#attribute_list">Attribute List</a>,
496
<a href="#magic_number">Magic Number</a> and
497
<a href="#mft">$MFT</a>.
498
</dd>
499
500
<dd><a name="file_record_segment"></a></dd>
501
<dt>File Record Segment (FRS)</dt>
502
<dd>
503
<pre>
504
FRS = MFT File Record
505
</pre>
506
</dd>
507
508
<dd><a name="file_reference"></a></dd>
509
<dt>File Reference</dt>
510
<dd>
511
Each file record has a unique number identifying it.
512
The first 48 bits are a sequentially allocated number
513
which is the offset in the $MFT. The last 16 bits
514
are a sequence number. Every time the record is altered
515
this number is incremented. The sequence number can
516
help detect errors on the volume.
517
518
<br>See also:
519
<a href="#file_record">File Record</a>,
520
<a href="#mft">$MFT</a> and
521
<a href="#volume">Volume</a>.
522
</dd>
523
524
<dd><a name="file_runs"></a></dd>
525
<dt>File Runs <a href="#data_runs">(See Data Runs)</a></dt>
526
527
<dd><a name="filesize"></a></dd>
528
<dt>File Size</dt>
529
<dd>
530
There are three file sizes that NTFS records.
531
Each of them stores the number of bytes
532
<ul>
533
<li>R) Real. The number of bytes of data.</li>
534
<li>A) Allocated. The size taken up on disk.</li>
535
<li>I) Initialised. Size of compressed file.</li>
536
</ul>
537
538
If the file is compressed, the Initialised Size may be smaller
539
than the Real Size.
540
</dd>
541
542
<dd><a name="filesystem"></a></dd>
543
<dt>Filesystem</dt>
544
<dd>
545
The physical structure an operating system uses to store and organize files on a storage unit.
546
A commonly used filesystem is FAT (used by DOS).
547
</dd>
548
549
<dd><a name="fixup"></a></dd>
550
<dt>Fixup <a href="#update_sequence">(See Update Sequence)</a></dt>
551
552
<dd><a name="fork"></a></dd>
553
<dt>Fork <a href="#resource_fork">(See Resource Fork)</a></dt>
554
555
<dd><a name="fragmented"></a></dd>
556
<dt>Fragmented</dt>
557
<dd>
558
(un)f file
559
</dd>
560
561
<dd><a name="frs"></a></dd>
562
<dt>FRS <a href="#file_record_segment">(See File Record Segment)</a></dt>
563
564
<dd><a name="fsck"></a></dd>
565
<dt>fsck</dt>
566
<dd>
567
This is a utility to check and repair filesystems.
568
Its name is an abbreviation of filesystem check.
569
</dd>
570
</dl>
571
572
<hr>
573
574
<dl>
575
<dd><a name="g"></a></dd>
576
577
<dd><a name="gb"></a></dd>
578
<dt>GB <a href="#units">(See Units)</a></dt>
579
580
<dd><a name="guid"></a></dd>
581
<dt>GUID <a href="#units">(See Units)</a></dt>
582
<dd>
583
<pre>
584
The valid format for a GUID is {XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX}
585
586
Globally Unique Identifier (GUID)
587
588
GUID structures store globally unique identifiers (GUID). A GUID is a
589
128-bit value consisting of one group of eight hexadecimal digits, followed
590
by three groups of four hexadecimal digits each, followed by one group of
591
twelve hexadecimal digits. GUIDs are Microsoft's implementation of the
592
distributed computing environment (DCE) universally unique identifier (UUID).
593
Example of a GUID:
594
1F010768-5A73-BC91-0010A52216A7
595
596
order stored on disk?
597
598
01020304-0506-0708-090A0B0C0D0E0F010
599
600
0x00 04030201
601
0x04 0605
602
0x06 0807
603
0x08 090A0B0C0D0E0F010
604
</pre>
605
</dd>
606
607
</dl>
608
609
<hr>
610
611
<dl>
612
<dd><a name="h"></a></dd>
613
614
<dd><a name="hex"></a></dd>
615
<dt>Hex, Hexadecimal</dt>
616
<dd>
617
Maths carried out in base sixteen. In this documentation,
618
many numbers represented in hex, e.g. 0x02E0, 0xF100.
619
<br>See also:
620
<a href="#binary">Binary</a>,
621
<a href="#decimal">Decimal</a> and
622
<a href="#units">Units</a>.
623
</dd>
624
625
<dd><a name="hfs"></a></dd>
626
<dt>HFS <a href="#hfs">(See Hierarchical File System)</a></dt>
627
628
<dt>Hierarchical File System (HFS)</dt>
629
<dd>
630
The MacOS filesystem.
631
</dd>
632
633
<dd><a name="hpfs"></a></dd>
634
<dt>High Performance File System (HPFS)</dt>
635
<dd>
636
The OS/2 filesystem. Remember: once upon a time, OS/2 had to be the
637
operating system developed by both IBM and Microsoft. There was a break
638
between the 2 giants. IBM continued to develop OS/2 (it became OS/2
639
Warp), and that explains why OS/2 knows how to execute Windows
640
applications. Microsoft decided to make its own operating system:
641
Windows NT. HPFS design influenced NTFS design, so the 2 filesystems
642
share many features.
643
</dd>
644
645
<dt>HPFS <a href="#hpfs">(See High Performance File System)</a></dt>
646
</dl>
647
648
<hr>
649
650
<dl>
651
<dd><a name="i"></a></dd>
652
653
<dd><a name="i30"></a></dd>
654
<dt>$I30</dt>
655
<dd>
656
This is the named index used by directories.
657
The name refers to attribute 0x30 ($FILE_NAME).
658
<br>See also:
659
<a href="#attribute">Attribute</a>,
660
<a href="#directory">Directory</a>,
661
<a href="#file_name">$FILE_NAME</a> and
662
<a href="#index">Index</a>
663
</dd>
664
665
<dd><a name="index"></a></dd>
666
<dt>Index</dt>
667
<dd>
668
(just the whole index idea)
669
</dd>
670
671
<dd><a name="index_allocation"></a></dd>
672
<dt>$INDEX_ALLOCATION <a href="../attributes/index_allocation.html">(More...) </a></dt>
673
<dd>
674
This <a href="#attribute">attribute</a> contains the location of the entries
675
that make up an index.
676
</dd>
677
678
<dd><a name="index_root"></a></dd>
679
<dt>$INDEX_ROOT <a href="../attributes/index_root.html">(More...) </a></dt>
680
<dd>
681
This <a href="#attribute">attribute</a> is the root of an index.
682
The index is stored as a balanced binary tree.
683
The only attribute which is indexed is <a href="#file_name">$FILE_NAME</a>
684
and the index is called <a href="#i30">$I30</a>.
685
</dd>
686
687
<dd><a name="indx_record"></a></dd>
688
<dt>INDX Record <a href="../concepts/index_record.html">(More...) </a></dt>
689
<dd>
690
Index records are used by directories, $Quota, $Reparse
691
and $Secure. The contents depend on the type of index
692
being kept. Directories store $FILE_NAME attributes.
693
<br>See also:
694
<a href="#directory">Directory</a>,
695
<a href="#i30">$I30</a>,
696
<a href="#quota">$Quota</a>,
697
<a href="#reparse">$Reparse</a> and
698
<a href="#secure">$Secure</a>.
699
</dd>
700
701
<dd><a name="infinite_logging_area"></a></dd>
702
<dt>Infinite Logging Area</dt>
703
<dd>
704
Something contained in $LogFile. It consists of a
705
sequence of 4KB log records.
706
<br>See also:
707
<a href="#logfile">$LogFile</a>
708
</dd>
709
710
<dd><a name="inode"></a></dd>
711
<dt>Inode</dt>
712
<dd>
713
An inode is the filesystems representation of a file, directory, device, etc.
714
In NTFS every inode it represented by an MFT FILE record.
715
<br>See also:
716
<a href="#directory">Directory</a>,
717
<a href="#file">File</a>,
718
<a href="#file_record">FILE Record</a> and
719
<a href="#filesystem">Filesystem</a>
720
</dd>
721
</dl>
722
723
<hr>
724
725
<dl>
726
<dd><a name="j"></a></dd>
727
728
<dd><a name="j"></a></dd>
729
<dt>$J</dt>
730
<dd>
731
$J is a named data stream of the Metadata File $UsnJrnl.
732
<br>See also:
733
<a href="#usnjrnl">$UsnJrnl</a>
734
</dd>
735
736
<dd><a name="junction_point"></a></dd>
737
<dt>Junction Point</dt>
738
<dd>
739
Microsoft term for a mount point, available in NT 5.0.
740
</dd>
741
</dl>
742
743
<hr>
744
745
<dl>
746
<dd><a name="k"></a></dd>
747
748
<dd><a name="kb"></a></dd>
749
<dt>KB <a href="#units">(See Units)</a></dt>
750
</dl>
751
752
<hr>
753
754
<dl>
755
<dd><a name="l"></a></dd>
756
757
<dt>LCN <a href="#lcn">(See Logical Cluster Number)</a></dt>
758
759
<dd><a name="log_record"></a></dd>
760
<dt>Log Record</dt>
761
<dd>
762
One 4KB chunk of the infinite logging area. It starts with
763
the magic number 'RCRD' and a fixup, then has undocumented variable
764
length data. [The log record might be further subdivided - I cannot
765
imagine they waste 4KB if they only have to log a few bytes. Custer
766
mentions high level and low level 'records'. High level are: - allocate
767
inode n, - make a directory entry foo in directory m low level are: -
768
modify inode n with the new contents of <1KB>]
769
</dd>
770
771
<dd><a name="logfile"></a></dd>
772
<dt>$LogFile <a href="../files/logfile.html">(More...) </a></dt>
773
<dd>
774
This <a href="#metadata">metadata</a> file is used
775
to guarantee data integrity in case of a system failure. It has two
776
copies of the restart area and the infinite logging area. The log file
777
is near the centre of the volume, just after the second cluster of
778
the boot file. [Better say 'run' than cluster. The boot file usually
779
extends over several clusters at the beginning of the disk, and then has
780
a single run of just one cluster (the copy of the boot sector). Also,
781
isn't it 'infinite'?]
782
Transactional logging file
783
</dd>
784
785
<dd><a name="logged_utility_stream"></a></dd>
786
<dt>$LOGGED_UTILITY_STREAM <a href="../attributes/logged_utility_stream.html">(More...) </a></dt>
787
<dd>
788
This <a href="#attribute">attribute</a> is used by encrypted files.
789
</dd>
790
791
<dd><a name="lcn"></a></dd>
792
<dt>Logical Cluster Number (LCN)</dt>
793
<dd>
794
A volume is divided into clusters. They are
795
numbered sequentially, starting at zero.
796
<br>See also:
797
<a href="#cluster">Cluster</a> and
798
<a href="#volume">Volume</a>.
799
</dd>
800
801
<dd><a name="lsn"></a></dd>
802
<dt>Logical Sequence Number (LSN)</dt>
803
<dd>
804
A serial number used to
805
identify an NTFS log record.
806
</dd>
807
808
<dt>LSN <a href="#lsn">(See Logical Sequence Number)</a></dt>
809
</dl>
810
811
<hr>
812
813
<dl>
814
<dd><a name="m"></a></dd>
815
816
<dd><a name="magic_number"></a></dd>
817
<dt>Magic Number</dt>
818
<dd>
819
Most of the on-disk structures in NTFS have a unique constant identifying them.
820
This number is usually located at the beginning of the structure and can be
821
used as a sanity check.
822
</dd>
823
824
<dd><a name="master_file_table"></a></dd>
825
<dt>Master File Table <a href="#master_file_table">(See $MFT)</a></dt>
826
827
<dd><a name="max"></a></dd>
828
<dt>$Max</dt>
829
<dd>
830
$Max is a named Data Stream of $UsnJrnl.
831
<br>See also:
832
<a href="#usnjrnl">$UsnJrnl</a>
833
</dd>
834
835
<dd><a name="mb"></a></dd>
836
<dt>MB <a href="#units">(See Units)</a></dt>
837
838
<dd><a name="metadata"></a></dd>
839
<dt>Metadata</dt>
840
<dd>
841
Data on the storage unit used by the filesystem only, as a
842
frame to access user data. Metadata constitutes the structure of the
843
filesystem). Metadata examples from various filesystems include FATs,
844
inode tables, free block lists, free block bitmaps, logging areas, and
845
the superblock.
846
847
<pre>
848
meta-data
849
850
Data about data. In data processing, meta-data is definitional data
851
that provides information about or documentation of other data managed
852
within an application or environment.
853
854
For example, meta data would document data about data elements or
855
attributes, (name, size, data type, etc) and data about records or
856
data structures (length, fields, columns, etc) and data about data
857
(where it is located, how it is associated, ownership, etc.). Meta
858
data may include descriptive information about the context, quality
859
and condition, or characteristics of the data.
860
</pre>
861
</dd>
862
863
<dd><a name="mft"></a></dd>
864
<dt>$MFT <a href="../files/mft.html">(More...) </a></dt>
865
<dd>
866
This <a href="#metadata">metadata</a> file, the Master File Table,
867
is an index of all the files on the volume. It contains the
868
attributes of each file and the root of any indexes.
869
</dd>
870
871
<dd><a name="mftmirr"></a></dd>
872
<dt>$MFTMirr <a href="../files/mftmirr.html">(More...) </a></dt>
873
<dd>
874
This <a href="#metadata">metadata</a> file stores a copy of
875
the first four records of $MFT. It is a safety measure
876
which probably only gets used when chkdsk is run.
877
</dd>
878
879
<dd><a name="mountmgrdatabase"></a></dd>
880
<dt>$MountMgrDatabase</dt>
881
<dd>
882
$MountMgrDatabase is a named Data Stream of dot (the root directory).
883
It contains a list of mounted volumes.
884
<br>See also:
885
<a href="#dot">Dot, Root Directory</a>.
886
</dd>
887
888
<dd><a name="mst"></a></dd>
889
<dt>MST <a href="#multi_sector_transfer">(See Multi-Sector Transfer)</a></dt>
890
891
<dd><a name="multi_sector_transfer"></a></dd>
892
<dt>Multi-Sector Transfer</dt>
893
<dd>
894
<pre>
895
multiple sectors, fixup, safety checks
896
</pre>
897
</dd>
898
</dl>
899
900
<hr>
901
902
<dl>
903
<dd><a name="n"></a></dd>
904
905
<dd><a name="nibble"></a></dd>
906
<dt>Nibble</dt>
907
<dd>
908
Half of a byte (4 bits).
909
</dd>
910
911
<dd><a name="nt_authority"></a></dd>
912
<dt>NT Authority</dt>
913
<dd>
914
The NT Authority defines the scope of the security identifier.
915
Numbers 0 - 4 represent internal identifiers, e.g.
916
World, Local. 5 represents the NT Authority.
917
<br>See also:
918
<a href="#nt_sub_authority">NT Sub Authority</a>
919
<a href="#sid">SID</a>
920
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a>
921
</dd>
922
923
<dd><a name="ntfs"></a></dd>
924
<dt>NTFS <a href="../attributes/volume_information.html">(More...) </a></dt>
925
<dd>
926
NTFS is the file system of Windows NT, Windows 2000 and Windows XP.
927
<br>See also:
928
<a href="#filesystem">Filesystem</a>
929
</dd>
930
931
<dd><a name="nt_sub_authority"></a></dd>
932
<dt>NT Sub Authority</dt>
933
<dd>
934
The Sub Authority can contain any number of fields (five is usual).
935
Sub Authorities beginning with 21 (0x15) denote a NT Domain identifier.
936
<a href="#nt_authority">NT Authority</a>
937
<a href="#sid">SID</a>
938
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a>
939
</dd>
940
</dl>
941
942
<hr>
943
944
<dl>
945
<dd><a name="o"></a></dd>
946
947
<dd><a name="o"></a></dd>
948
<dt>$O</dt>
949
<dd>
950
This is one of the named indexes belonging to $Quota and $ObjId.
951
<br>See also:
952
<a href="#index">Index</a>,
953
<a href="#q">$Q</a>,
954
<a href="#objid">$ObjId</a> and
955
<a href="#quota">$Quota</a>.
956
</dd>
957
958
<dd><a name="object_id"></a></dd>
959
<dt>$OBJECT_ID <a href="../attributes/object_id.html">(More...) </a></dt>
960
<dd>
961
This <a href="#attribute">attribute</a> stores a mapping between a
962
SID and a Security Hash.
963
</dd>
964
965
<dd><a name="objid"></a></dd>
966
<dt>$ObjId <a href="../files/objid.html">(More...) </a></dt>
967
<dd>
968
This <a href="#attribute">attribute</a> record's the unique identifiers
969
given to files and directorys when using Distributed Link Tracking.
970
</dd>
971
</dl>
972
973
<hr>
974
975
<dl>
976
<dd><a name="p"></a></dd>
977
978
<dd><a name="pam"></a></dd>
979
<dt>PAM</dt>
980
<dd>
981
Pluggable Authentication Modules (PAM) are a set of libraries
982
for validating security on Linux.
983
</dd>
984
985
<dd><a name="partition"></a></dd>
986
<dt>Partition <a href="#volume">(See Volume)</a></dt>
987
988
<dd><a name="partition_table"></a></dd>
989
<dt>Partition Table</dt>
990
<dd>
991
<pre>
992
partition table...
993
SFS Win2K dynamic disk
994
</pre>
995
</dd>
996
997
<dd><a name="permissions"></a></dd>
998
<dt>Permissions</dt>
999
<dd>
1000
There are two mechanisms for storing permissions in NTFS.
1001
One is a superset of DOS File Permissions, which includes
1002
<q>Read Only</q> and <q>Hidden</q>.
1003
The other is based on ACEs and allows granting specific
1004
permissions to specific users.
1005
<br>See also:
1006
<a href="#ace">$ACE</a>,
1007
<a href="#file_permissions">File Permissions</a> and
1008
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a>
1009
</dd>
1010
1011
<dd><a name="posix"></a></dd>
1012
<dt>POSIX</dt>
1013
<dd>
1014
An acronym (pronounced like positive) for Portable Operating System
1015
Interface, suggested by Richard M. Stallman. It is a set of
1016
international standards (ISO/IEC 9945-1:1996(E), ANSI/IEEE Std 1003.1
1017
1996 Edition) to interface with Unix-like exploitation systems, e.g.
1018
Linux. NTFS does not support Unix-like device files.
1019
</dd>
1020
1021
<dd><a name="property_set"></a></dd>
1022
<dt>$PROPERTY_SET <a href="../attributes/property_set.html">(More...) </a></dt>
1023
<dd>
1024
<pre>obsolete</pre>
1025
</dd>
1026
</dl>
1027
1028
<hr>
1029
1030
<dl>
1031
<dd><a name="q"></a></dd>
1032
1033
<dd><a name="q"></a></dd>
1034
<dt>$Q</dt>
1035
<dd>
1036
This is one of the named indexes belonging to $Quota.
1037
<br>See also:
1038
<a href="#index">Index</a>,
1039
<a href="#o">$O</a> and
1040
<a href="#quota">$Quota</a>.
1041
</dd>
1042
1043
<dd><a name="quota"></a></dd>
1044
<dt>$Quota <a href="../files/quota.html">(More...) </a></dt>
1045
<dd>
1046
This <a href="#metadata">metadata</a> file stores information
1047
about file quotas.
1048
</dd>
1049
</dl>
1050
1051
<hr>
1052
1053
<dl>
1054
<dd><a name="r"></a></dd>
1055
1056
<dd><a name="r"></a></dd>
1057
<dt>$R</dt>
1058
<dd>
1059
This is the named index belonging to $Reparse.
1060
<br>See also:
1061
<a href="#index">Index</a>,
1062
<a href="#reparse">$Reparse</a>.
1063
</dd>
1064
1065
<dd><a name="rcrd_record"></a></dd>
1066
<dt>RCRD Record</dt>
1067
<dd>
1068
This record is used in the $LogFile. Each represents
1069
an atomic transaction that is to be performed.
1070
<br>See also:
1071
<a href="#logfile">$LogFile</a> and
1072
<a href="#transaction">Transaction</a>
1073
</dd>
1074
1075
<dd><a name="record"></a></dd>
1076
<dt>Record</dt>
1077
<dd>
1078
There are several record types in NTFS.
1079
FILE Record are used in the $MFT, INDX Records in indexes,
1080
RCRD and RSTR Records in the $LogFile.
1081
<br>See also:
1082
<a href="#file_record">FILE Record</a>,
1083
<a href="#indx_record">INDX Record</a>,
1084
<a href="#rcrd_record">RCRD Record</a> and
1085
<a href="#rstr_record">RSTR Record</a>
1086
</dd>
1087
1088
<dd><a name="recursion"></a></dd>
1089
<dt>Recursion <a href="#recursion">(See Recursion)</a></dt>
1090
1091
<dd><a name="reference"></a></dd>
1092
<dt>Reference</dt>
1093
<dd>
1094
file (are there any others?)
1095
</dd>
1096
1097
<dd><a name="reparse"></a></dd>
1098
<dt>$Reparse <a href="../files/reparse.html">(More...) </a></dt>
1099
<dd>
1100
This <a href="#metadata">metadata</a> file stores information
1101
about reparse points.
1102
</dd>
1103
1104
<dd><a name="reparse_point"></a></dd>
1105
<dt>$REPARSE_POINT <a href="../attributes/reparse_point.html">(More...) </a></dt>
1106
<dd>
1107
This <a href="#attribute">attribute</a> stores information about
1108
reparse points.
1109
</dd>
1110
1111
<dd><a name="resource_fork"></a></dd>
1112
<dt>Resource Fork</dt>
1113
<dd>
1114
In MacOS's filesystem, HFS, files are allowed to have multiple
1115
data streams. These are called resource forks.
1116
<br>See also:
1117
<a href="#hfs">HFS</a> and
1118
<a href="#stream">Stream</a>.
1119
</dd>
1120
1121
<dd><a name="roll-back"></a></dd>
1122
<dt>Roll-back</dt>
1123
<dd>
1124
When an NTFS volume is mounted, it is checked to see if it
1125
is in a consistant state. If it isn't then the $LogFile is
1126
consulted and transactions are undone until the disk returns
1127
to a consistant state. This does not guarantee data integrity,
1128
only disk integrity.
1129
<br>See also:
1130
<a href="#logfile">$LogFile</a>,
1131
<a href="#transaction">Transaction</a> and
1132
<a href="#volume">Volume</a>.
1133
</dd>
1134
1135
<dd><a name="root_directory"></a></dd>
1136
<dt>Root Directory <a href="#dot">(See Dot, Root Directory)</a></dt>
1137
1138
<dd><a name="rstr_record"></a></dd>
1139
<dt>RSTR Record</dt>
1140
<dd>
1141
Two copies of this are in $LogFile. A restart area has the
1142
magic number 'RSTR' followed by a fixup and some other data, including
1143
three LSNs. A restart area has a pointer into the log area, such as the
1144
first and last log records written and the last checkpoint record
1145
written. (that is three - now which is which?)
1146
</dd>
1147
1148
<dd><a name="runs"></a></dd>
1149
<dt>Runs <a href="#data_runs">(See Data Runs)</a></dt>
1150
</dl>
1151
1152
<hr>
1153
1154
<dl>
1155
<dd><a name="s"></a></dd>
1156
1157
<dd><a name="sdh"></a></dd>
1158
<dt>$SDH</dt>
1159
<dd>
1160
This is one of the named indexes belonging to $Secure.
1161
<br>See also:
1162
<a href="#index">Index</a>,
1163
<a href="#sii">$SII</a> and
1164
<a href="#secure">$Secure</a>.
1165
</dd>
1166
1167
<dd><a name="sds"></a></dd>
1168
<dt>$SDS</dt>
1169
<dd>
1170
This is the named data stream belonging to $Secure.
1171
<br>See also:
1172
<a href="#secure">$Secure</a> and
1173
<a href="#stream">Stream</a>
1174
</dd>
1175
1176
<dd><a name="sector"></a></dd>
1177
<dt>Sector</dt>
1178
<dd>
1179
Unit of data on the physical storage unit. The storage controller
1180
can only access data in multiples of this unit. A sector is usually 512
1181
bytes, but can be 1 KB on certain Asian hard disks.
1182
</dd>
1183
1184
<dd><a name="secure"></a></dd>
1185
<dt>$Secure <a href="../files/secure.html">(More...) </a></dt>
1186
<dd>
1187
This <a href="#metadata">metadata</a> file stores a table of security
1188
descriptors used by the volume.
1189
</dd>
1190
1191
<dd><a name="security"></a></dd>
1192
<dt>Security</dt>
1193
<dd>
1194
There are two levels of security in NTFS.
1195
There are the DOS File Permissions, such as <q>Read Only</q> and <q>Hidden</q>
1196
and an ACL model which grants specific permissions to specific users.
1197
<br>See also:
1198
<a href="#ace">ACE</a>,
1199
<a href="#acl">ACL</a>,
1200
<a href="#permissions">Permissions</a>,
1201
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a> and
1202
<a href="#sid">SID</a>.
1203
</dd>
1204
1205
<dd><a name="security_descriptor"></a></dd>
1206
<dt>$SECURITY_DESCRIPTOR <a href="../attributes/security_descriptor.html">(More...) </a></dt>
1207
<dd>
1208
This attribute stores all the security information about a file or
1209
directory. It contains an ACL for auditing, an ACL for permissions and
1210
a SID to show the user and group of the owner.
1211
<br>See also:
1212
<a href="#attribute">Attribute</a>,
1213
<a href="#acl">ACL</a>,
1214
<a href="#ace">ACE</a> and
1215
<a href="#sid">SID</a>.
1216
</dd>
1217
1218
<dd><a name="sid"></a></dd>
1219
<dt>Security Identifier (SID)</dt>
1220
<dd>
1221
This variable-length identifier uniquely identifies a user
1222
or a group on an NT domain. It is used in the security permissions.
1223
<br>See also:
1224
<a href="#ace">ACE</a>,
1225
<a href="#acl">ACL</a> and
1226
<a href="#security_descriptor">$SECURITY_DESCRIPTOR</a>.
1227
</dd>
1228
1229
<dd><a name="sequence_array"></a></dd>
1230
<dt>Sequence Array <a href="#sid">(See Update Sequence)</a></dt>
1231
1232
<dt>SID <a href="#sid">(See Security Identifier)</a></dt>
1233
1234
<dd><a name="sii"></a></dd>
1235
<dt>$SII</dt>
1236
<dd>
1237
This is one of the named indexes belonging to $Secure.
1238
<br>See also:
1239
<a href="#index">Index</a>,
1240
<a href="#sdh">$SDH</a> and
1241
<a href="#secure">$Secure</a>.
1242
</dd>
1243
1244
<dd><a name="sparse_file"></a></dd>
1245
<dt>Sparse File</dt>
1246
<dd>
1247
NTFS supports sparse files. If a file contains large, contiguous,
1248
blocks of zeros, then NTFS can choose to not waste any space storing
1249
these portions on disk. They are represented as data runs containing
1250
nothing. When read from disk, NTFS simply substitutes zeros.
1251
<br>See also:
1252
<a href="#data_runs">Data Runs</a>.
1253
</dd>
1254
1255
<dd><a name="standard_information"></a></dd>
1256
<dt>$STANDARD_INFORMATION <a href="../attributes/standard_information.html">(More...) </a></dt>
1257
<dd>
1258
This <a href="#attribute">attribute</a> contains information about a file,
1259
such as its file permissions and when it was created.
1260
</dd>
1261
1262
<dd><a name="stream"></a></dd>
1263
<dt>Stream</dt>
1264
<dd>
1265
All data on NTFS is stored in streams, which can have names.
1266
A file can have more than one data streams,
1267
but exactly one must have no name.
1268
The <q>size</q> of a file is the size of its unnamed data attribute.
1269
</dd>
1270
1271
<dd><a name="symbolic_link"></a></dd>
1272
<dt>$SYMBOLIC_LINK</dt>
1273
<dd>
1274
This <a href="#attribute">attribute</a>
1275
This attribute, like <a href="#volume_version">$VOLUME_VERSION</a>
1276
existed in NTFS v1.2, but wasn't used.
1277
It does not longer exist in NTFS v3.0+.
1278
</dd>
1279
</dl>
1280
1281
<hr>
1282
1283
<dl>
1284
<dd><a name="t"></a></dd>
1285
1286
<dd><a name="tb"></a></dd>
1287
<dt>TB <a href="#units">(See Units)</a></dt>
1288
1289
<dd><a name="time_stamp"></a></dd>
1290
<dt>Time Stamp</dt>
1291
<dd>
1292
NTFS stores four significant times referring to files and directories.
1293
They are: File creation time; Last modification time; Last modification
1294
of the MFT record; Last access time. NTFS stores dates as the number
1295
of 100ns units since Jan 1<sup>st</sup> 1601.
1296
Unix, stores dates as the number of seconds since Jan 1<sup>st</sup> 1970.
1297
<pre>
1298
standardise 4 time fields name & description concept page?
1299
refer to 4 times as:
1300
C creation
1301
A alter (modification)
1302
M mft (mft changed)
1303
R read (last access)
1304
1305
FIXME:
1306
NOTE: There is conflicting information about the meaning of each of the time
1307
fields but the meaning as defined below has been verified to be
1308
correct by practical experimentation on Windows NT4 SP6a and is hence
1309
assumed to be the one and only correct interpretation.
1310
1311
creation_time
1312
Time file was created. Updated when a filename is changed(?).
1313
1314
last_data_change_time
1315
Time the data attribute was last modified.
1316
1317
last_mft_change_time
1318
Time this mft record was last modified.
1319
1320
last_access_time
1321
Approximate time when the file was last accessed (obviously this is not
1322
updated on read-only volumes). In Windows this is only updated when
1323
accessed if some time delta has passed since the last update.
1324
</pre>
1325
<pre>
1326
N.B. There is conflicting information about the meaning of each of the time
1327
fields but the meaning as defined below has been verified to be
1328
correct by practical experimentation on Windows NT4 SP6a and is hence
1329
assumed to be the one and only correct interpretation.
1330
</pre>
1331
1332
<br>See also:
1333
<a href="#file_record">File Record</a>
1334
</dd>
1335
1336
<dd><a name="transaction"></a></dd>
1337
<dt>Transaction</dt>
1338
<dd>
1339
A transaction on a system is a set of operations (on that
1340
system) that constitutes a unit. This unit can't be divided. Before the
1341
transaction, the state of the system is well defined. During the
1342
transaction, it is undefined. After the transaction, it is well defined
1343
again. A transaction can't be half-realized: if no operation fails, the
1344
transaction is realized. If on the contrary an error occurs in one or
1345
more of the operations, the transaction is not realized. A set of (even
1346
atomic) operations is not atomic by definition. A transaction is a model
1347
that provides a kind of atomicity to this set of operations.
1348
</dd>
1349
</dl>
1350
1351
<hr>
1352
1353
<dl>
1354
<dd><a name="u"></a></dd>
1355
1356
<dd><a name="unfragmented"></a></dd>
1357
<dt>Unfragmented <a href="#fragmented">(see Fragmented)</a></dt>
1358
1359
<dd><a name="unicode"></a></dd>
1360
<dt>Unicode</dt>
1361
<dd>
1362
International character set coded on 16 bits (ASCII is coded on
1363
7 bits and Latin-1 coded on 8 bits). Unicode can represent every symbol
1364
of almost every language in the world.
1365
</dd>
1366
1367
<dd><a name="units"></a></dd>
1368
<dt>Units</dt>
1369
<dd>
1370
Every size in this document is measured in bytes (unless clearly marked).
1371
The abbreviations for sizes are:
1372
<br><br>
1373
1374
<table border="1" summary="" cellspacing="0">
1375
<tr>
1376
<th>Abbr.</th>
1377
<th>Name</th>
1378
<th class="numeric">Exactly</th>
1379
<th class="numeric">Approx.</th>
1380
</tr>
1381
<tr>
1382
<td>KB</td>
1383
<td>Kilobyte</td>
1384
<td class="numeric">2<sup>10</sup></td>
1385
<td class="numeric">10<sup>3</sup></td>
1386
</tr>
1387
<tr>
1388
<td>MB</td>
1389
<td>Megabyte</td>
1390
<td class="numeric">2<sup>20</sup></td>
1391
<td class="numeric">10<sup>6</sup></td>
1392
</tr>
1393
<tr>
1394
<td>GB</td>
1395
<td>Gigabyte</td>
1396
<td class="numeric">2<sup>30</sup></td>
1397
<td class="numeric">10<sup>9</sup></td>
1398
</tr>
1399
<tr>
1400
<td>TB</td>
1401
<td>Terabyte</td>
1402
<td class="numeric">2<sup>40</sup></td>
1403
<td class="numeric">10<sup>12</sup></td>
1404
</tr>
1405
</table>
1406
1407
<br>
1408
<pre>see also Binary, Decimal, Hexadecimal</pre>
1409
1410
N.B. Technically, the correct abbreviation for 1024 bytes
1411
is KiB, which stands for kilobinary bytes.
1412
</dd>
1413
1414
<dd><a name="upcase"></a></dd>
1415
<dt>$UpCase <a href="../files/upcase.html">(More...) </a></dt>
1416
<dd>
1417
This <a href="#metadata">metadata</a> file contains 128KB of capital
1418
letters. For each character in the Unicode alphabet, there
1419
is an entry in this file. It is used to compare and sort filenames.
1420
</dd>
1421
1422
<dd><a name="update_sequence"></a></dd>
1423
<dt>Update Sequence</dt>
1424
<dd>
1425
Several structures in NTFS have sequence numbers in them
1426
to check for consistancy errors. They are FILE, INDX, RCRD
1427
and RSTR records. Before the record is written to disk,
1428
the last two bytes of each sector are copied to an array
1429
in the header. The update sequence number is then
1430
incremented and written to the end of each sector. If
1431
any disk corruption occurs, this technique could detect it.
1432
1433
<pre>
1434
The Update Sequence Array (usa) is an array of the __u16 values which belong
1435
to the end of each sector protected by the update sequence record in which
1436
this array is contained. Note that the first entry is the Update Sequence
1437
Number (usn), a cyclic counter of how many times the protected record has
1438
been written to disk. The values 0 and -1 (ie. 0xffff) are not used. All
1439
last __u16's of each sector have to be equal to the usn (during reading) or
1440
are set to it (during writing). If they are not, an incomplete multi sector
1441
transfer has occured when the data was written.
1442
The maximum size for the update sequence array is fixed to:
1443
maximum size = usa_ofs + (usa_count * 2) = 510 bytes
1444
The 510 bytes comes from the fact that the last __u16 in the array has to
1445
(obviously) finish before the last __u16 of the first 512-byte sector.
1446
This formula can be used as a consistency check in that usa_ofs +
1447
(usa_count * 2) has to be less than or equal to 510.
1448
</pre>
1449
1450
<br>See also:
1451
<a href="#file_record">FILE Record</a>
1452
<a href="#indx_record">INDX Record</a>
1453
<a href="#rcrd_record">RCRD Record</a>
1454
<a href="#rstr_record">RSTR Record</a>
1455
</dd>
1456
1457
<dd><a name="usnjrnl"></a></dd>
1458
<dt>$UsnJrnl <a href="../files/usnjrnl.html">(More...) </a></dt>
1459
<dd>
1460
<pre>used for logging</pre>
1461
</dd>
1462
</dl>
1463
1464
<hr>
1465
1466
<dl>
1467
<dd><a name="v"></a></dd>
1468
1469
<dd><a name="vcn"></a></dd>
1470
<dt>VCN <a href="#vcn">(See Virtual Cluster Number)</a></dt>
1471
1472
<dt>Virtual Cluster Number (VCN)</dt>
1473
<dd>
1474
When representing the data runs of a file, the clusters
1475
are given virtual cluster numbers. Cluster zero refers
1476
to the first cluster of the file. The data runs map the
1477
VCNs to LCNs so that the file can be located on the volume.
1478
<br>See also:
1479
<a href="#cluster">Cluster</a>,
1480
<a href="#lcn">LCN</a> and
1481
<a href="#volume">Volume</a>.
1482
</dd>
1483
1484
<dd><a name="volume"></a></dd>
1485
<dt>Volume</dt>
1486
<dd>
1487
(=drive=partition) (extended, striped, mirrored (not supported))
1488
A logical NTFS partition. It is a group of physical partitions
1489
(see the fdisk utility, you can set up mirroring and stripping) that act
1490
as one (somewhat like the Linux md block devices).
1491
</dd>
1492
1493
<dt>$Volume <a href="../files/volume.html">(More...) </a></dt>
1494
<dd>
1495
This <a href="#metadata">metadata</a> file contains information
1496
such as the name, serial number and whether the volume needs
1497
checking for errors.
1498
</dd>
1499
1500
<dd><a name="volume_information"></a></dd>
1501
<dt>$VOLUME_INFORMATION <a href="../attributes/volume_information.html">(More...) </a></dt>
1502
<dd>
1503
This <a href="#attribute">attribute</a> contains information
1504
such as the serial number, creation time and whether the volume
1505
needs checking for errors.
1506
</dd>
1507
1508
<dd><a name="volume_name"></a></dd>
1509
<dt>$VOLUME_NAME <a href="../attributes/volume_name.html">(More...) </a></dt>
1510
<dd>
1511
This <a href="#attribute">attribute</a> stores the name of the
1512
volume in Unicode.
1513
</dd>
1514
1515
<dd><a name="volume_version"></a></dd>
1516
<dt>$VOLUME_VERSION</dt>
1517
<dd>
1518
This <a href="#attribute">attribute</a>
1519
This attribute, like <a href="#symbolic_link">$SYMBOLIC_LINK</a>
1520
existed in NTFS v1.2, but wasn't used.
1521
It does not longer exist in NTFS v3.0+.
1522
</dd>
1523
1524
<dd><a name="w"></a></dd>
1525
<dd><a name="x"></a></dd>
1526
<dd><a name="y"></a></dd>
1527
<dd><a name="z"></a></dd>
1528
</dl>
1529
1530
<br>
1531
<a class="contact" href="http://linux-ntfs.sourceforge.net/ntfs/help/glossary.html">Online</a>
1532
<!-- The two validators will only work if this page is visible on the web -->
1533
<a class="contact" href="http://validator.w3.org/check/referer">Validate HTML</a>
1534
<a class="contact" href="http://jigsaw.w3.org/css-validator/check/referer">Validate CSS</a>
1535
<a class="contact" href="mailto:webmaster@flatcap.org">$Id: glossary.html,v 1.13 2001/07/11 17:09:23 flatcap Exp $</a>
1536
</body>
1537
</html>
1538
Loggerhead is a web-based interface for Breezy
Version: 2.0.1