Re: Partitioning hard drives
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Thursday, 18.11.2004 at 23:07 -0600, Jeremy Turner wrote: > On Fri, Nov 19, 2004 at 11:41:02AM -0500, Robert Storey wrote: > > There are security issues - some experts think it's a really good > > idea to keep /tmp and /var away from the root partition. > > Especially if for some reason a process starts spewing out junk to a > logfile, filling up your entire / partition. > > I also learned that if you run a mail server, having /var/mail as an > extra partition is nice, too. If you have the same logfile spew, you > will still have a place to spool incoming mail. Ditto for news, of course - I have /var/spool/news on a separate partition. A high turnover of a large number of small files ... keep it separate. In fact, the new Sarge installer had an option for a 'news' spool partition type. It chooses appropriate block sizes etc. for the filesystem. Dave. - -- Dave Ewart - [EMAIL PROTECTED] - jabber: [EMAIL PROTECTED] All email from me is now digitally signed, key from http://www.sungate.co.uk/ Fingerprint: AEC5 9360 0A35 7F66 66E9 82E4 9E10 6769 CD28 DA92 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFBnhkAnhBnac0o2pIRAgp2AJ4/KOIgabxg542Nf7UmRfsWsWraQwCg6aod wnRcFFNMSp4leuvSdRJTGPE= =Y+5w -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
Chris Lale wrote: "The Linux Logical Volume Manager. LVM supports enterprise level volume management of disk and disk subsystems by grouping arbitrary disks into volume groups. The total capacity of volume groups can be allocated to logical volumes, which are accessed as regular block devices." Which, if I had read that first, would leave me without one iota of what LVM has to offer me. On the other hand the 2nd or 3rd link on Google with a search of "LVM" yielded some nice layman's terms explinations of what LVM does. In all honesty, if I had known about it prior to my recent Laptop install I would have toyed with it then just to play with it. I will certainly attempt to do so prior to my next server install. :) -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- signature.asc Description: OpenPGP digital signature
Re: Partitioning hard drives
On Fri, 2004-11-19 at 02:59, Steve Lamb wrote: > Williams, Allen wrote: > > I was going to respond to this thread mentioning the LVM, but this looks > > like an excellent stragegy I haven't considered. Have you ever used the > > LVM to sort of accomplish the same thing by assigning extents? > > To be honest, no. No idea what the LVM is or what it offers so I can't > comment one way or the other. http://www.debian.org/distrib/packages#search_packages or aptitude search lvm "The Linux Logical Volume Manager. LVM supports enterprise level volume management of disk and disk subsystems by grouping arbitrary disks into volume groups. The total capacity of volume groups can be allocated to logical volumes, which are accessed as regular block devices." -- Chris Lale <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
Well, I in particular am a fan of using at least a separated /boot and /usr partitions, because I like to make them read-only and "noatime". When having multiuser machines I also keep /home separated. How much space for each? Well, some 8MB to /boot is more than enough and as /usr is pretty much static and I always install "test-servers" first to setup to my like I get the feel of how much /usr needs and add some more MB just to be safe... for instance I have woody servers with a 100MB /usr partition (they use about 70MB in /usr).. Desktops take 2-3Gb to /usr... The other partitions really depend on the machine you're setting up... But after all this thread, now I am having a question: As I said, I am fan of using "ro,noatime" as much as I can... and things in /bin, /sbin and /lib are pretty static, right? But we can't put those in partitions, can we? They need to be in / so that they're there at boottime, before fstab is read, right? Complaining about FHS: I was reading FHS and thinking about these things and... for instance they say /etc should contain static stuff... but we have /etc/resolv.conf that is rewritten by dhcp Now that I'm thinking, / could be "ro"... as long as it exists /home, /tmp and /var being mounted as "rw" it should work... h... i gotta double-check this for my servers... hmmm Joao Clemente -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
On Fri, Nov 19, 2004 at 11:41:02AM -0500, Robert Storey wrote: > There are security issues - some experts think it's a really good idea > to keep /tmp and /var away from the root partition. Especially if for some reason a process starts spewing out junk to a logfile, filling up your entire / partition. I also learned that if you run a mail server, having /var/mail as an extra partition is nice, too. If you have the same logfile spew, you will still have a place to spool incoming mail. Jeremy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
On Thu, Nov 18, 2004 at 06:54:53PM -0800, Steve Lamb wrote: > Tim Kelley wrote: > > Not to be pedantic, but /srv is for that ... > Eh? Never heard of that one before. It's a new addition to the Filesystem Hierarchy Standard (FHS). See: http://www.pathname.com/fhs/pub/fhs-2.3.html#SRVDATAFORSERVICESPROVIDEDBYSYSTEM They also added /media for removable media such as cdroms, floppys, and usb memory keys, etc. They were created on my sarge install. Jeremy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
On Thu, 18 Nov 2004 20:35:48 -0600 Tim Kelley <[EMAIL PROTECTED]> wrote: > Well, if you are going to have all these filesystems on the same set > of drive spindles, there really isn't any use to carving up /usr and > everything else at all. There are security issues - some experts think it's a really good idea to keep /tmp and /var away from the root partition. I don't consider myself an expert, but I've read enough about it to conclude that it's not a bad idea, particularly if you're running a server. Some of my geek books ("Maximum Linux Security" and "FreeBSD Unleashed) emphasize this. regards, Robert > Separating filesystems mainly gives the advantage of using different > mount options for each filesystem; such as mounting /var "noexec" and > /usr "read only". > > putting /var on a separate filesystem is almost always a good idea, > since it is so active; but on a different set of drives is the best > idea. > > putting /usr on a part by itself allows read only mounting if that > gets you off. Of course installing software requires an extra step. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
On Thu, 18 Nov 2004, Tim Kelley wrote: > On Wednesday 17 November 2004 08:06, Bob wrote: > > Hello list, I've read the section in the install manual about > > recommended partitioning schemes, but thought I would also see what the > > collective wisdom has to say on the matter. rest of the "collective partition wisdom" http://www.linux-1u.net/Partition/ my preference ( from the outside of the disk going in or from inside growing out of the platter ?? ) / 128MB /tmp128MB /var512MB /usr4096MB swap256MB /home rest of disk use symlinks for things *you* modified and put it into /home and only /home and /etc is backed up > Well, if you are going to have all these filesystems on the same set of drive > spindles, there really isn't any use to carving up /usr and everything else > at all. > > Separating filesystems mainly gives the advantage of using different mount > options for each filesystem; such as mounting /var "noexec" and /usr "read > only". and one wants / as small as possible so that one can boot into single user and fix the bad/broken partitions and other disk disks ( if its raid ) if / is 128MB ... only that portion has to be functional vs the entire 80GB or 250GB of disks in order for the disk to fix itself and /tmp is usually chmod 1777 ... > putting /var on a separate filesystem is almost always a good idea, since it > is so active; but on a different set of drives is the best idea. > > putting /usr on a part by itself allows read only mounting if that gets you > off. Of course installing software requires an extra step. > > In debian most all of the server packages will have most of their data in > /var > (apache, mysql, postgresql, and so forth). > > If it's a file server then /srv (or /export) separate would be a good idea as > well. i put ALL user modified files in /home ... and /etc config files is small enoug to fit onto a floppy > Really it depends on the machines purpose and what's running on it. If > your /home is nfs mounted, of course you have no use for a separate /home, do > you? and what one is comfortable with .. which includes (failsafe) backups > RAID 10 is a huge money waster as well, only in the most extreme situations > would I use it. RAID 5 is fine for four drives. raid5 with 4 disks is okay .. but it's still 25% of "wasted" disk space - lots of fun probability and statistics fun/gamble for failure analysis of 1 disks vs 4 disks in one server raid in general is a money and time waster .. but a good techie challenge for hands off raid booting/fixing/resyncing itself, all hands off except the insertaion of new replacement disk - raid helps if and only if you cannot go down because of one dead disk - but the reality is that that system will most likely go down when you replace the dead disks ... unless you have properly setup and tested the server with hotswap and inserting a brand new replacement disk - power supply, fans, nic, memory, etc all can go bad long before the disks goes bad ... - for protecting against failure, its 10x better to have a whole 2nd server ... mirrored but NOT live, and if its live, it'd be a cluster of 2 servers > If real time redundancy is not that important, you may consider a non-raid > setup. > > It depends on what you are running and what you intend to do with it. > Partitioning schemes don't exist in a vacuum; what makes sense for one > machine may be utterly stupid for another. c ya alvin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
Williams, Allen wrote: I was going to respond to this thread mentioning the LVM, but this looks like an excellent stragegy I haven't considered. Have you ever used the LVM to sort of accomplish the same thing by assigning extents? To be honest, no. No idea what the LVM is or what it offers so I can't comment one way or the other. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- signature.asc Description: OpenPGP digital signature
Re: Partitioning hard drives
Tim Kelley wrote: Not to be pedantic, but /srv is for that ... Eh? Never heard of that one before. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- signature.asc Description: OpenPGP digital signature
Re: Partitioning hard drives
On Wednesday 17 November 2004 08:06, Bob wrote: > Hello list, I've read the section in the install manual about > recommended partitioning schemes, but thought I would also see what the > collective wisdom has to say on the matter. Well, if you are going to have all these filesystems on the same set of drive spindles, there really isn't any use to carving up /usr and everything else at all. Separating filesystems mainly gives the advantage of using different mount options for each filesystem; such as mounting /var "noexec" and /usr "read only". putting /var on a separate filesystem is almost always a good idea, since it is so active; but on a different set of drives is the best idea. putting /usr on a part by itself allows read only mounting if that gets you off. Of course installing software requires an extra step. In debian most all of the server packages will have most of their data in /var (apache, mysql, postgresql, and so forth). If it's a file server then /srv (or /export) separate would be a good idea as well. Really it depends on the machines purpose and what's running on it. If your /home is nfs mounted, of course you have no use for a separate /home, do you? RAID 10 is a huge money waster as well, only in the most extreme situations would I use it. RAID 5 is fine for four drives. If real time redundancy is not that important, you may consider a non-raid setup. It depends on what you are running and what you intend to do with it. Partitioning schemes don't exist in a vacuum; what makes sense for one machine may be utterly stupid for another. -- _ _ _ _ _ _ _ _ _ _ _ _ _ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ ( t | i | m | @ | i | t | . | k | p | t | . | c | c ) \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ GPG key fingerprint = 1DEE CD9B 4808 F608 FBBF DC21 2807 D7D3 09CA 85BF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
On Wednesday 17 November 2004 17:35, Steve Lamb wrote: > I tend to put /, /usr and /var on their own partitions of decent size > (180Mb, 2.7Gb, 1.8Gb on my laptop) and then take the remainder and mount it > under it's drive name in /mnt. So for my laptop /dev/hda7, a 15Gb > partition, is mounted under /mnt/hda7. Not to be pedantic, but /srv is for that ... -- _ _ _ _ _ _ _ _ _ _ _ _ _ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ / \ ( t | i | m | @ | i | t | . | k | p | t | . | c | c ) \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ \_/ GPG key fingerprint = 1DEE CD9B 4808 F608 FBBF DC21 2807 D7D3 09CA 85BF -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
RE: Partitioning hard drives
I was going to respond to this thread mentioning the LVM, but this looks like an excellent stragegy I haven't considered. Have you ever used the LVM to sort of accomplish the same thing by assigning extents? On my last install, I set up /usr, /var, and /home that way, with 65G left over in a different physical partition for assignment as needed, but haven't run it long enough yet to get any experience in the ease or lack thereof of maintenance, growability, etc. Allen -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Steve Lamb Sent: Wednesday, November 17, 2004 6:36 PM To: [EMAIL PROTECTED] Subject: Re: Partitioning hard drives Bob wrote: > So I'd like to know if this box was yours, how would you partition the > disks...? Are there any documents other than the ones referenced by > the Debian Install Guide on how you should partition a Servers > disks...? This is a fairly common question and a search in the list archives should yield many answers from the past when this discussion has popped up. With that said... In recent years my method of patitioning has gotten rather lax but resiliant. A few years back I got nailed by having too much space in some partitions and not enough in others so I started to stray away from trying to predict how much space was needed for given situations. I tend to put /, /usr and /var on their own partitions of decent size (180Mb, 2.7Gb, 1.8Gb on my laptop) and then take the remainder and mount it under it's drive name in /mnt. So for my laptop /dev/hda7, a 15Gb partition, is mounted under /mnt/hda7. From there I create directories which are symlinked into the rest of the system. Anything which might grow excessively will be given it's own directory somewhere in the /mnt/* system. So, in this case, /home is a symlink to /mnt/hda7/home. On my server /var/www is symlinked into /mnt/hda5/www since I host a rather large picture gallery. Often I'll make a single directory called misc and symlink that into the root as a catch all directory for anything that needs large space. A throwback to how we did things in a regional ISP I used to work at a decade ago. By doing it this way I'm able to move pretty much anything around and can later expand the system by dropping in another drive or mounting to a remote filesystem via NFS (netapp, anyone?). Nothing of importance really has a permanant location. The segregation of /var, / and /usr is mainly for ease of recovery/upgrading and a nominal amount of protection against out-of-space situations than anything else. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+ ---+- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Partitioning hard drives
Bob wrote: So I'd like to know if this box was yours, how would you partition the disks...? Are there any documents other than the ones referenced by the Debian Install Guide on how you should partition a Servers disks...? This is a fairly common question and a search in the list archives should yield many answers from the past when this discussion has popped up. With that said... In recent years my method of patitioning has gotten rather lax but resiliant. A few years back I got nailed by having too much space in some partitions and not enough in others so I started to stray away from trying to predict how much space was needed for given situations. I tend to put /, /usr and /var on their own partitions of decent size (180Mb, 2.7Gb, 1.8Gb on my laptop) and then take the remainder and mount it under it's drive name in /mnt. So for my laptop /dev/hda7, a 15Gb partition, is mounted under /mnt/hda7. From there I create directories which are symlinked into the rest of the system. Anything which might grow excessively will be given it's own directory somewhere in the /mnt/* system. So, in this case, /home is a symlink to /mnt/hda7/home. On my server /var/www is symlinked into /mnt/hda5/www since I host a rather large picture gallery. Often I'll make a single directory called misc and symlink that into the root as a catch all directory for anything that needs large space. A throwback to how we did things in a regional ISP I used to work at a decade ago. By doing it this way I'm able to move pretty much anything around and can later expand the system by dropping in another drive or mounting to a remote filesystem via NFS (netapp, anyone?). Nothing of importance really has a permanant location. The segregation of /var, / and /usr is mainly for ease of recovery/upgrading and a nominal amount of protection against out-of-space situations than anything else. -- Steve C. Lamb | I'm your priest, I'm your shrink, I'm your PGP Key: 8B6E99C5 | main connection to the switchboard of souls. ---+- signature.asc Description: OpenPGP digital signature
Re: Partitioning hard drives
I won't attempt to tell you just how big each partition should be or on which drive you should locate it, but a fairly standard and secure configuration for hard disk partitioning would be to put each of the following in its own partition: / swap /boot /home /tmp /var /usr Not everyone agrees that /boot needs its own partition anymore. It had more to do with the fact that in ancient times there was a requirement that /boot be in the first 1024 cylinders, but that limitation no longer exists. If you plan to create an encrypted partition sometime in the future (perhaps /secret), you ought to allocate space for it. Encrypted partititions shouldn't be too large, since that hinders performance. I have one 650MB in size, and it's adequate for my needs (I chose that size because I want to back up the data to a CDR). You can create more than one encrypted partition if you like. regards, Robert On Wed, 17 Nov 2004 14:06:24 + Bob <[EMAIL PROTECTED]> wrote: > Hello list, I've read the section in the install manual about > recommended partitioning schemes, but thought I would also see what > the collective wisdom has to say on the matter. > > I've got two machines, one's a desktop and the others a server, I'm > getting broadband shortly and would like the server to host a web > server and mail server. It will also be running a firewall so that the > desktop can connect to the broadband connection via the server. > > The server has two IDE drives (60Gb & 40Gb) and four SCSI drives > (73Gb) in it; I intend to use RAID with the SCSI drives but haven't > decided on a mode yet, although I'm leaning to 01 (stripping and > replication). > > I've read that it's best to put certain volumes in their own > partitions, i.e. the mail spool, to limit certain types of attack, but > I'm still unsure of how to go about distributing the partitions over > all the disks. > > The server is a dual PIII 500Mhz with 750Mb RAM running on a Chaintech > 6BDU with a zero channel Adaptec ARO-1130U2 RAIDPort III card. This > box was running Woody from a single 9.1Gb SCSI drive, before I added > the 73Gb drives and the RAID card. > > I'm intending on putting Sarge on it and don't mind reinstalling a > number of times to try things out. > > So I'd like to know if this box was yours, how would you partition the > disks...? Are there any documents other than the ones referenced by > the Debian Install Guide on how you should partition a Servers > disks...? > > Thanks, > > -- > Bob > http://www.bobarnott.com/ > - > ---"Lager is an imitation Continental beer drunk only by refined > ladies, > people with digestive ailments, tourists, and other weaklings." > - Munchen Süddeutsche > Zeitung > > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact > [EMAIL PROTECTED] >
Re: Partitioning hard drives
On Wed, 17 Nov 2004 14:06:24 +, Bob <[EMAIL PROTECTED]> wrote: > > So I'd like to know if this box was yours, how would you partition the > disks...? Are there any documents other than the ones referenced by the > Debian Install Guide on how you should partition a Servers disks...? I'd say that the attaining the perfect partition scheme is an arcane art ... :D Seriously, it would depend on how you'd use your rig. Although it's really prudent that user information be in separate partition or disk from the system binaries and/or the root filesystem. Saved me a lot of times when I screw up my system back then. -- Paolo Alexis Falcone [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]