On Tue, Jul 18, 2017 at 09:08:10AM -0600, Theo de Raadt wrote: > > I've been putting mine in a dedicated partition. /var/vmm should probably > > be its own partition if used. > > > > nodev, nosuid are probably good choices there too. > > That won't work. People without an additional partition will get these > mount options. And anyways those system flags don't make any sense for > such controlled files. > > Anyways, this stuff should not be in /var at all! > > /var/ Multi-purpose log, temporary, transient, and spool files. > > Note the word transient. > > These vmm images people are creating are for their own use, and I don't > think they should be anywhere near a system directory, let alone the > system directory /var. > > I'd suggest /home/vmm as a good place to store them. >
Sure. I don't have a really strong opinion one way or the other. When I mentioned I put mine in a dedicated partition, I use /data/vmm or various places in /home if I've already fully partitioned the machine in question. I think the original mentioning of /var/vmm probably was put in there based on the similar usage of /var/www, but I won't defend that choice :) -ml