From owner-freebsd-questions@FreeBSD.ORG Mon Apr 17 10:44:43 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DABE416A404 for ; Mon, 17 Apr 2006 10:44:43 +0000 (UTC) (envelope-from keramida@freebsd.org) Received: from igloo.linux.gr (igloo.linux.gr [62.1.205.36]) by mx1.FreeBSD.org (Postfix) with ESMTP id 20F3F43D49 for ; Mon, 17 Apr 2006 10:44:42 +0000 (GMT) (envelope-from keramida@freebsd.org) Received: from gothmog.pc (aris.bedc.ondsl.gr [62.103.39.226]) (authenticated bits=128) by igloo.linux.gr (8.13.6/8.13.6/Debian-1) with ESMTP id k3HAhxds005372 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 17 Apr 2006 13:44:22 +0300 Received: from gothmog.pc (gothmog [127.0.0.1]) by gothmog.pc (8.13.6/8.13.6) with ESMTP id k3HAhp0J084842; Mon, 17 Apr 2006 13:43:51 +0300 (EEST) (envelope-from keramida@freebsd.org) Received: (from giorgos@localhost) by gothmog.pc (8.13.6/8.13.6/Submit) id k3HAhoTN084841; Mon, 17 Apr 2006 13:43:50 +0300 (EEST) (envelope-from keramida@freebsd.org) Date: Mon, 17 Apr 2006 13:43:49 +0300 (EEST) From: Giorgos Keramidas To: Brendan Grossman In-Reply-To: <20060416205147.6544228454@porsche.brendan.id.au> Message-ID: <20060417134147.Y84667@gothmog> References: <20060416205147.6544228454@porsche.brendan.id.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed X-Hellug-MailScanner: Found to be clean X-Hellug-MailScanner-SpamCheck: not spam, SpamAssassin (score=-3.484, required 5, autolearn=not spam, ALL_TRUSTED -1.80, AWL 0.92, BAYES_00 -2.60) X-Hellug-MailScanner-From: keramida@freebsd.org X-Spam-Status: No Cc: freebsd-questions@freebsd.org Subject: RE: /boot at beginning of drive X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Apr 2006 10:44:43 -0000 On 2006-04-17 06:21, Brendan Grossman wrote: >Beech Rintoul [mailto:beech@mangohealth.org] wrote: >> On Sunday 16 April 2006 12:38, Brendan Grossman wrote: >>>> It's not a good idea to put everything on the / filesystem. >>>> At a minimum I would have: >>>> / >>>> swap >>>> /var >>>> /usr >>>> >>>> Your users will not fill up /var unless you allow them unlimited >>>> mail, databases or access to root. >>> >>> They will have unlimited access up until their quota has >> been reached. >>> Where they use that quota is anyone's guess. >>> >>>> User's tempfiles will go to /usr/tmp. >>> >>> How does that work? I just checked /tmp, and it's not a symlink. >> >> Copy the contents of /tmp to /usr/tmp then remove /tmp and >> symlink /usr/tmp to /tmp. > > Yes, may I ask what the point is though? > > Here is my reason for separating /tmp and mounting it noexec,nosuid: > > http://www.sagonet.com/forums/showthread.php?t=2852 You should also take a look at the following rc.conf options then: tmpmfs="AUTO" # Set to YES to always create an mfs /tmp, NO to never tmpsize="20m" # Size of mfs /tmp if created tmpmfs_flags="-S -M" # Extra mdmfs options for the mfs /tmp If you have enough swap space, there's no need to worry too much about making a separate /tmp partition. Just set: tmpmfs="YES" tmpsize="100m" tmpmfs_flags="-S -M -o noexec,nosuid" Note the -o option in `tmpmfs_flags'.