On Tue, 2002-07-02 at 09:45, Bob Proulx wrote: Hi! Agree with you on most points. Agree *strongly* with your suggestion to use cvs for all your content. [/var not in backup] yes and no. databases are in /var/lib. But then, databases should have their own backup procedures anyway. [...] > Close to the point. /usr/lib should be read only. But /usr/ in > general does not need to be. You can mount /usr/share and /usr/lib > readonly while having a locally writable /usr/local. Nothing does need to be mounted read only. But it should be possible to mount the whole of /usr ro (in theory, even /usr/local). Everything that will be modified during normal use of the system doesn't belong into /usr, but into /var. The big question is, of course, if modifying html pages or cgi scripts is the 'normal use of the system', or if you regard this as an administrative task. This depends mostly on local policy and whether machine admin == web admin or not. cheers -- vbi -- secure email with gpg http://fortytwo.ch/gpg
Attachment:
signature.asc
Description: This is a digitally signed message part