Walter Dnes wrote:
On Fri, Nov 28, 2003 at 12:13:46AM -0800, Karsten M. Self wroteOr you could just give yourself One Big Partition and deal with the attendant problems.I'm trying to get as close as possible to One Big Partition, without the problems. The minimal needs seem to be... / swap /var userspace+miscellaneous
I hate multiple partitions. I always seem to run out of space on one even though I have tons left on others. It seems hard to make good partitioning choices that will survive years of abuse. It sounds like you're considering LVM though.
That being said, there are some other thoughts. I know you're well aware of security, but I will reiterate. Something I picked up from the recent discussions about the Debian server break-in is that /tmp on its own partition can be set to noexec and nosuid. I recommend making it far larger than in the Debian security doc though. On my servers I have /boot and /usr read-only, and I've been wondering recently if I should/can do the same with /etc. There's a brief discussion of the other benefits and considerations here:
<http://www.debian.org/doc/manuals/securing-debian-howto/ch3.en.html#s3.2> Malc