Al Nikolov wrote:
I believe than approach with mounting a tmpfs (with max size you need and restricted only by your virtual memory size) to /tmp is more flexible and don't interferes with policy issues.
Depends on why you want /tmp as a symlink; on my laptop, I use loop-aes to encrypt anything that isn't part of the core system -- e.g., /tmp, /var, /home, and so on. That way, the only data a thief will get is my more-or-less stock Debian system, whereas all my personal files are protected by AES, and optionally, GPG.
Then again, my swap is also encrypted, so it's not such a bad idea -- I'll see if having a loop-encrypted swap will piss off tmpfs to any great degree.
-- Don Werve (Unix Sys Admin) | Email: donw AT agentsix DOT net "Whatever you think you can do or believe you can do, begin it. Action has magic, grace and power in it." -- Goethe