From owner-freebsd-questions@FreeBSD.ORG Tue Jul 29 15:49:07 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A40637B401 for ; Tue, 29 Jul 2003 15:49:07 -0700 (PDT) Received: from svaha.com (svaha.com [64.46.156.67]) by mx1.FreeBSD.org (Postfix) with ESMTP id 79D4143F3F for ; Tue, 29 Jul 2003 15:49:06 -0700 (PDT) (envelope-from meconlen@obfuscated.net) Received: from obfuscated.net (internal.neutelligent.com [64.156.25.4]) (AUTH: LOGIN meconlen, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by svaha.com with esmtp; Tue, 29 Jul 2003 18:49:05 -0400 Message-ID: <3F26F9DF.7010807@obfuscated.net> Date: Tue, 29 Jul 2003 18:49:03 -0400 From: Michael Conlen User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: en-us, en MIME-Version: 1.0 To: rtjohan@syspres.com References: <003801c35610$74775930$3d01a8c0@rjc800> In-Reply-To: <003801c35610$74775930$3d01a8c0@rjc800> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-questions@freebsd.org Subject: Re: Vinum Sub-disk & Directory Structure Mapping X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 29 Jul 2003 22:49:07 -0000 I normally use / /usr /usr/local /var /tmp /home # or /usr/home /usr/ports # either it's own space, or link to /usr/local/ports Here's the rational, / and /usr can be mounted read only, /root shouldn't really get used, since you shouldn't be using the root account. when you update the source and rebuild the system then you can remount read-write. /usr/ports points to /usr/local/ports so it can be read-write as needed. /var has logs that can get out of hand, and /tmp gets out of hand due to all sorts of user/programer tricks that you never count on. Those can be read-write at all times. I haven't sized these in a while since well, I've got disk space like it's going out of style, but 128 megs for /, and 512 for /var and /tmp are good sizes. /home is as needed. The only question is how much you really need in /usr which is probably somewhere around 1 GB, depending on if you need to build sources on that system or not. For the security concious, if /usr is read-only at all times (except when mounted from single user mode) you can be more at ease leaving suid programs there, and disable suid from /usr/local, not that you would never have a problem, but... Also, having /etc/ ro is nice, but none of that is a good substitue for tripwire or the like. -- Michael Conlen Richard Johannesson wrote: >Using the unlimited number of sub-disk that can be created using vinum, >what's a good way to separate the directory file structure to help limit >file system corruption? Or, what's the happy medium between limiting fs >corruption and complexity? > >Here's my guess of which part of directory structure should be on its own >sub-disks/filesystem: >/ Probably >/root Overkill? >/usr Probably >/usr/local >/var Probably >/var/backups ? >/tmp Probably - or should be on same as var? >/home Maybe - or should be under /usr? >/stand ? >/boot ? > >Any feedback is very much appreciated. If there is document that discusses >this basic topic while taking vinum into account, please let me know so I >can bugger off. :) > >Thanks again, >Richard > > >_______________________________________________ >freebsd-questions@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-questions >To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org" > >