I have 3 partitions:
/boot - Because it can't be striped. It is mirrored across 4 drives on 2 controllers, just so the disk space isn't completely wasted. The partitions are there, so I'm using them. Each drive is also bootable as I used GRUB on each one.
swap - 1 partition on 4 drives on 2 controllers and I just let the OS handle the swap space anyway it wants to do and I don't use any software RAID options. All 4 partitions have `defaults,pri=1' in the /etc/fstab file.
/ - 1 partition on 4 drives on 2 controllers all striped together as one file system.
I've found over the years any more partitioning than that is just a waste of disk space. If I had more partitions, I usually ended up with one partition with a lot of excess space and others with not enough. It was just easier to have everything together. On the current system we have about 600GB of disk space available with only 5% of it used. I'm not worried about anything getting filled up any time soon. Users who fill up drives get shot and then chastised. :-)
On 5/23/07, Brent L. Bates blbates@vigyan.com wrote:
I've found over the years any more partitioning than that is just a waste of disk space. If I had more partitions, I usually ended up with one partition with a lot of excess space and others with not enough. It was just easier to have everything together.
Ditto from my experience. I have had problems with *lack* of space in a partition (not lack of physical drive space) way more often than I have had partitions filling up with evil, wasteful data. I have employed single partitions systems for awhile now, using a good NMS package to monitor, graph and alarm on disk space utilization.
The only partitions that I have been known to still break apart are the /var/mysql and sometimes /home, but only because they are often on their own RAID arrays for ease of expansion.
Thanks, Scott
Brent L. Bates wrote:
I've found over the years any more partitioning than that is just a wasteof disk space. If I had more partitions, I usually ended up with one partition with a lot of excess space and others with not enough. It was just easier to have everything together. On the current system we have about 600GB of disk space available with only 5% of it used. I'm not worried about anything getting filled up any time soon.
Agreed, i would though add a /tmp of 10G or so, mounted as noexec and nosuid for web servers (running maybe insecure php apps or similar).
Agreed, i would though add a /tmp of 10G or so, mounted as noexec and nosuid for web servers (running maybe insecure php apps or similar).
Dhawal,
Are you saying that in /etc/fstab that the entry should be changed from
LABEL=/tmp /tmp ext3 defaults 1 2
To
LABEL=/tmp /tmp ext3 noop,noexec,nosuid,rw 1 2
Or do you do something slightly different?
Any drawbacks you have noticed on an internet facing web and mail server?
- rh
-- Abba Communications Spokane, WA www.abbacomm.net
AbbaComm.Net wrote:
Agreed, i would though add a /tmp of 10G or so, mounted as noexec and nosuid for web servers (running maybe insecure php apps or similar).
Dhawal,
Are you saying that in /etc/fstab that the entry should be changed from
LABEL=/tmp /tmp ext3 defaults 1 2
To
LABEL=/tmp /tmp ext3 noop,noexec,nosuid,rw 1 2
minus the noop, which i'm not aware of.. LABEL=/tmp /tmp ext3 noexec,nosuid,rw 1 2
Or do you do something slightly different?
Any drawbacks you have noticed on an internet facing web and mail server?
One some servers, we've had buggy/older versions of software like phpbb, awstats being exploited to to run rootkits from /tmp (OR /var/tmp), where the web server has write access. Tuning off exec has helped in letting the rootkit not get executed. No drawbacks so far, i can possibly only think of some log-reporting utility using /tmp for temp access filling it up.. but 10G ought to be sufficient in most cases if not make it larger..
AbbaComm.Net wrote:
Agreed, i would though add a /tmp of 10G or so, mounted as noexec and nosuid for web servers (running maybe insecure php apps or similar).
Dhawal,
Are you saying that in /etc/fstab that the entry should be changed from
LABEL=/tmp /tmp ext3 defaults 1 2
To
LABEL=/tmp /tmp ext3 noop,noexec,nosuid,rw 1 2
minus the noop, which i'm not aware of.. LABEL=/tmp /tmp ext3 noexec,nosuid,rw 1 2
Or do you do something slightly different?
Any drawbacks you have noticed on an internet facing web and mail server?
One some servers, we've had buggy/older versions of software like phpbb, awstats being exploited to to run rootkits from /tmp (OR /var/tmp), where the web server has write access. Tuning off exec has helped in letting the rootkit not get executed. No drawbacks so far, i can possibly only think of some log-reporting utility using /tmp for temp access filling it up.. but 10G ought to be sufficient in most cases if not make it larger..
On Wed, 2007-05-23 at 11:56 -0400, Brent L. Bates wrote:
I've found over the years any more partitioning than that is just a wasteof disk space. If I had more partitions, I usually ended up with one partition with a lot of excess space and others with not enough. It was just easier to have everything together. On the current system we have about 600GB of disk space available with only 5% of it used. I'm not worried about anything getting filled up any time soon.
There are good reasons for having more filesystems on a multi-user system, e.g. for setting noexec, nodev, nosuid, or a combination thereof for filesystems that users have write access too.
A good reason for having /home, /tmp, and /var/tmp on a separate filesystem, is that it will not block users from creating hardlinks to system binaries. Leaving open that gap will allow them to keep vulnerable binaries around, even if you have upgraded their packages.
-- Daniel
Brent L. Bates wrote:
I've found over the years any more partitioning than that is just a wasteof disk space. If I had more partitions, I usually ended up with one partition with a lot of excess space and others with not enough. It was just easier to have everything together. On the current system we have about 600GB of disk space available with only 5% of it used. I'm not worried about anything getting filled up any time soon. Users who fill up drives get shot and then chastised. :-)
That's probably true for single user machine or special-purpose ones that handle a few big files, but if you are running services that have busy logfiles etc. you will end up making other things wait while the disk head keeps bouncing back and forth between the logfiles and the work you are trying to do. Putting /var on a separate drive (drive, not just partition...) to eliminate that head contention always seemed like a good idea to me. And separating /home from the head(s) handling /tmp and swap is good for the same reason if you have user activity.
Brent L. Bates spake the following on 5/23/2007 8:56 AM:
I have 3 partitions:/boot - Because it can't be striped. It is mirrored across 4 drives on 2 controllers, just so the disk space isn't completely wasted. The partitions are there, so I'm using them. Each drive is also bootable as I used GRUB on each one.
swap - 1 partition on 4 drives on 2 controllers and I just let the OS handle the swap space anyway it wants to do and I don't use any software RAID options. All 4 partitions have `defaults,pri=1' in the /etc/fstab file.
/ - 1 partition on 4 drives on 2 controllers all striped together as one file system.
I've found over the years any more partitioning than that is just a wasteof disk space. If I had more partitions, I usually ended up with one partition with a lot of excess space and others with not enough. It was just easier to have everything together. On the current system we have about 600GB of disk space available with only 5% of it used. I'm not worried about anything getting filled up any time soon. Users who fill up drives get shot and then chastised. :-)
Striping / is just asking for a chance to test how well your backups work if you have a drive failure.
-
AbbaComm.Net -
Brent L. Bates -
Daniel de Kok -
Dhawal Doshy -
Les Mikesell -
Scott Moseman -
Scott Silva