On Thu, Apr 14, 2011 at 11:32 AM, Bastien ROUCARIES <roucaries.bast...@gmail.com> wrote: > On Thu, Apr 14, 2011 at 11:15 AM, Roger Leigh <rle...@codelibre.net> wrote: >> On Thu, Apr 14, 2011 at 10:44:08AM +0200, Bastien ROUCARIES wrote: >>> On Thu, Apr 14, 2011 at 4:20 AM, Karl Goetz <k...@kgoetz.id.au> wrote: >>> > On Wed, 13 Apr 2011 10:32:42 +0100 >>> > Roger Leigh <rle...@codelibre.net> wrote: >>> > >>> >> On Tue, Apr 12, 2011 at 12:38:03PM +0100, Roger Leigh wrote: >>> > >>> >> Following the discussion yesterday, I'd like to propose doing >>> >> something like the example below. It's possible to size a tmpfs >>> >> as a percentage of core memory, the default being -o size=50%. >>> >> Rather than setting an absolute value, we can size e.g. /run >>> >> as a percentage of total memory, which should scale with /run >>> >> usage better than a fixed value. >>> >> >>> >> Proposal: >>> > [...] >>> >> /run/shm: No default (use general tmpfs default of 20%) >>> >> /tmp: No default (use general tmpfs default of 20%) >>> > >>> > 20% doesn't seem like a lot for /tmp when people try and compile >>> > something. While its not something most people end up doing, it does >>> > seem odd to make people change their tempfs size before they can start >>> > building packages for debian/themselves. >>> > just a thought, >>> >>> And moreover for scientific computation /tmp need to be on an >>> harddisk. I do not want my 16GiB matric to go to memory when I have >>> only 8GiB of RAM.... >>> >>> Please do not put /tmp on tmpfs use a bind mount of a rw partition >> >> If it wasn't already clear, having /tmp as a tmpfs is a >> /configurable option/, and it is /not/ the default (except when >> root is read-only (ro) in fstab). > > Could you bind mount /var/tmp under /tmp in this case ?
And BTW it seems that since 2.6.14 (subtree bind mount) we could also mount bind mount of /tmp as noexec nosuid... Need to test but could work and improve your security Bastien > > Bastien that use is android phone sometime to solve math problem... > >> >> >> Regards, >> Roger >> >> -- >> .''`. Roger Leigh >> : :' : Debian GNU/Linux http://people.debian.org/~rleigh/ >> `. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/ >> `- GPG Public Key: 0x25BFB848 Please GPG sign your mail. >> >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.10 (GNU/Linux) >> >> iEYEARECAAYFAk2muxsACgkQVcFcaSW/uEjw7gCgkYgVs+3SvHhF+8Sgk4SboCQF >> thgAn38DpDR+iJCv7YdlzTA1nBEfgb8G >> =2T+k >> -----END PGP SIGNATURE----- >> >> > -- To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/banlktinlpf7u-9b7drrzhm_55skczbw...@mail.gmail.com