[vox-tech] Need Partitioning Advice
Bill Broadley
bill at cse.ucdavis.edu
Thu Jun 18 03:33:30 PDT 2009
Rick Moen wrote:
> Quoting Tim Riley (timriley at appahost.com):
>
>> thereby making partitioning decisions a thing of the past.
>
> Ha-ha!
> http://linuxmafia.com/~karsten/Linux/FAQs/partition.html
Heh, yeah looks like the past to me, it was written in 2000 and shows it.
While this is a rather personal preference, many of the ideas that led to the
5-6 partitions as standard operating procedure are gone. Some of those ideas
that are no longer true:
* file systems that didn't scale to large sizes well
* lack of journals that lead to long fsck times
* Rare/expensive unix systems that ran tons of services and had
shells for users. Which required protecting services from users
and vice versa.
* Crude partition based backups
* The lack of online resizing and logical volumes
* Multiple swap partitions because of limitations on swap size partitions.
* Horrifyingly poor security defaults
* ram was so expensive you usually didn't have enough to reasonably buffer
* file systems that often resulted in poor locality, so partitions were
used to keep the head more local when processing a news spool or the like.
* Installing 2 or more OSs on a single machine was rare.
* the lack of device, pty, /proc, tmpfs and other related virtual or temporary
filesystems that help offload the duties and security privs required
of a filesystem.
In today's world I'd recommend:
* If you have a critical service don't run it on a machine with shell users
on it. For a mail server keep the account info in the mail system, don't
give users shell accounts on the same machine. Replace /var/spool/mail
with imap. Use a VM if you have to. Besides local users can DoS you even
with different partitions.
* Only make a /boot if your / is something that's hard to boot, exotic
file systems, RAID 5, LVM, etc. Otherwise skip it.
* Swap justifies a partition, I don't really track how much I use, when
a 1000GB costs $90 for 3 years I don't quibble over 1/2 ram vs same
as ram. BTW, lagging because of swap is more about the rate of
swapping than the amount you are using.
* While most distributions are pretty good at upgrades, if you have
directories that you want to survive the upgrade put them all in
a single partition. Popular candidates for this are /opt or /home.
* if the machine has a single dedicate purpose put that on a partition,
/mirror for a webserver serving as a mirror, /mail for a mail server
or related, and /share for a file server. Thus everything dedicated to that
single purpose is in a single place, and when you want to reinstall you
can just preserve that partition and resize as necessary.
* If at all possible avoid extended partitions, they can complicate things
as the names change when you change things.
For instance on a default ubuntu box:
tmpfs on /lib/init/rw type tmpfs (rw,nosuid,mode=0755)
varrun on /var/run type tmpfs (rw,nosuid,mode=0755)
varlock on /var/lock type tmpfs (rw,noexec,nosuid,nodev,mode=1777)
udev on /dev type tmpfs (rw,mode=0755)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
lrm on /lib/modules/2.6.28-11-generic/volatile type tmpfs (rw,mode=755)
proc on /proc type proc (rw,noexec,nosuid,nodev)
sysfs on /sys type sysfs (rw,noexec,nosuid,nodev)
devpts on /dev/pts type devpts (rw,noexec,nosuid,gid=5,mode=620)
fusectl on /sys/fs/fuse/connections type fusectl (rw)
securityfs on /sys/kernel/security type securityfs (rw)
rpc_pipefs on /var/lib/nfs/rpc_pipefs type rpc_pipefs (rw)
nfsd on /proc/fs/nfsd type nfsd (rw)
binfmt_misc on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,noexec,nosuid,nodev)
All without a single partition ;-).
Sure 6 partitions will work fine, it just tends to make more busy work,
complicated partition tables, fstabs, the risk of one of your 6 slices being
too small, god forbid you install a 2nd OS and need 6 more partitions.... or
need to rebuild your partition table from scratch. For that reason I
recommend nice big round numbers when creating partition tables. Like say
a 300GB disk with 2GB for swap, 10% for /, and the rest for /home.
Even combining /home with / isn't so bad, it does make a complete reinstall
either trickier or riskier.
Oh, btw, seems pretty common these days to wipe /tmp on boot, even if you
don't use tmpfs.
More information about the vox-tech
mailing list