From owner-freebsd-questions@FreeBSD.ORG Sat Aug 2 04:26:03 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7252137B401 for ; Sat, 2 Aug 2003 04:26:03 -0700 (PDT) Received: from britersen.co.uk (britersen.co.uk [212.159.80.154]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3278243FAF for ; Sat, 2 Aug 2003 04:26:02 -0700 (PDT) (envelope-from petersen@petersen.plus.com) Received: from petersen (petersen@petersen.petenet.britersen.co.uk [192.168.1.1]) by britersen.co.uk (8.12.9/8.12.9) with ESMTP id h72BPrHn093457; Sat, 2 Aug 2003 12:25:59 +0100 (BST) (envelope-from petersen@petersen.plus.com) From: "Petersen" To: "'Peter Rosa'" Date: Sat, 2 Aug 2003 12:25:53 +0100 Message-ID: <039201c358e8$d9557820$1530a8c0@petenet.britersen.co.uk> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <00c501c358e6$2dcdf2e0$3501a8c0@pro.sk> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: questions@freebsd.org Subject: RE: HDDs dividing rules X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 02 Aug 2003 11:26:03 -0000 Behalf Of Peter Rosa said: > Hi all, >=20 > Everywhere I looked, I found only words as "make your > own choice of partitioning schema" etc., but I think, there > must be some rules. How you define your partitions and what mount flags you use is very much dependant on what you're using the box for. Only you can make this descision. > And what if I have an HW RAID controller. Are there some > difficulties or differences from "normal" dividing ? > Nope. > Tell us, please, something like=20 > "Divide your HDD as follows: > 1. create slices for /, /home, /etc ...... It's good because.... Making a slice for /etc is a 'bad' idea. Kernel can't read all the rc scripts if they're not on root slice - not to mention /etc/fstab (thus not being able to find any other slices to mount). > 2. mount / as RO.............. This will do a pretty good job of making it impossible for anyone to change their pass (as /etc has to be on root slice) > 3. mount /user as noexec+nosuid..........." >=20 If by this you mean /usr, this will break just about every application on the system (most binaries that aren't essential to core system live in /usr/(s)bin (or /usr/local/(s)bin if you install stuff yourself). A lot of these need to be suid/sgid too. > I think & hope these rules are well-known, but one must know > where to look for.... Nope. Every box I setup has different slice schemes - its very dependant on the usage.