[gentoo-user] How many GB for / partition?

[gentoo-user] How many GB for / partition?

[Izar Ilun]

[-- Attachment #1: Type: text/plain, Size: 272 bytes --]

I'm installing Gentoo and I'd like you to suggest me how much disc space I
should use for /.

My machine is Pentium4, 1GB RAM, 200 GB HD ATA

It's a desktop machine with Gentoo as the only and exclusive OS.

Will run KDE. Amarok, OpenOffice, firefox....

Thanx!

[-- Attachment #2: Type: text/html, Size: 347 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Daniel da Veiga]

IMHO you could just use the rest of the disk (after the /boot [hda1]
and swap [hda2]), but if you intend to get a /home (or anything), I
usually use 10GB for / just in case (still at 50%, but you never
know). I got two 40GB disks however, if I were you (and I'm not, so,
you can just disconsider what I'll say), I would put 20GB for the
system, so you'll probably never run out of space...

On 2/16/06, Izar Ilun <izarilun@gmail.com> wrote:
> I'm installing Gentoo and I'd like you to suggest me how much disc space I
> should use for /.
>
> My machine is Pentium4, 1GB RAM, 200 GB HD ATA
>
> It's a desktop machine with Gentoo as the only and exclusive OS.
>
> Will run KDE. Amarok, OpenOffice, firefox....
>
> Thanx!
>


--
Daniel da Veiga
Computer Operator - RS - Brazil
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCM/IT/P/O d-? s:- a? C++$ UBLA++ P+ L++ E--- W+++$ N o+ K- w O M- V-
PS PE Y PGP- t+ 5 X+++ R+* tv b+ DI+++ D+ G+ e h+ r+ y++
------END GEEK CODE BLOCK------

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 622 bytes --]

On Thu, 16 Feb 2006 13:19:21 +0100, Izar Ilun wrote:

> I'm installing Gentoo and I'd like you to suggest me how much disc
> space I should use for /.

That depends on what you are going to put on it. Will /usr or /var be on
it? They use most of the space. 10GB will be plenty. I have / or a 300MB
partition and /usr and /var on an 8GB partition, with plenty of free
space. 

The place you need lots for free space are for portage's $DISTDIR and
$PORTAGE_TMPDIR, on /usr and /var by default but you can put them
anywhere.

 
-- 
Neil Bothwick

Windows to 486/50 mhz cpu: Don't rush me, don't rush me...

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Izar Ilun]

[-- Attachment #1: Type: text/plain, Size: 975 bytes --]

I say that, It'll be just:
- /boot
- swap
- /home
- / (all the rest)

On 2/16/06, Ibai <ibaiperez@gmail.com> wrote:
>
> It'll be just:
> - /boot
> - swap
> - /home
> - / (all the rest)
>
> On 2/16/06, Neil Bothwick <neil@digimed.co.uk> wrote:
> >
> > On Thu, 16 Feb 2006 13:19:21 +0100, Izar Ilun wrote:
> >
> > > I'm installing Gentoo and I'd like you to suggest me how much disc
> > > space I should use for /.
> >
> > That depends on what you are going to put on it. Will /usr or /var be on
> >
> > it? They use most of the space. 10GB will be plenty. I have / or a 300MB
> > partition and /usr and /var on an 8GB partition, with plenty of free
> > space.
> >
> > The place you need lots for free space are for portage's $DISTDIR and
> > $PORTAGE_TMPDIR, on /usr and /var by default but you can put them
> > anywhere.
> >
> >
> > --
> > Neil Bothwick
> >
> > Windows to 486/50 mhz cpu: Don't rush me, don't rush me...
> >
> >
> >
>

[-- Attachment #2: Type: text/html, Size: 1641 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Izar Ilun wrote:
> I'm installing Gentoo and I'd like you to suggest me how much disc space
> I should use for /.

512 MB.

The rest should go to filesystems for /var, /usr,
/opt and /home. And maybe also additional filesystems
for /usr/src and all that Gentoo stuff.

Alexander Skwar
-- 
BOFH Excuse #126:

it has Intel Inside
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Izar Ilun wrote:
> I say that, It'll be just:
> - /boot
> - swap
> - /home
> - / (all the rest)

That's not advisable. I'd strongly suggest to create
filesystems for /boot, swap, /home, /opt, /usr, /var
and / (of course). This way you're more flexible
and also a bit safer (not such a high risk of running
out of space on /).

Further, I'd alsostrongly suggest to use LVM.

Alexander Skwar
-- 
BOFH Excuse #126:

it has Intel Inside
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Emanuele Morozzi]

40 GB is enough, these are my stats with / partition of 35GB / 200GB

 Filesystem        blocchi di   1K   Usati Disponib. Uso% Montato su
*********************************************************************
 /dev/sdb1             34185192  18272204  15912988  54% /
*********************************************************************
 udev                    518108       396    517712   1% /dev
 /dev/sdb3             14658812   4822604   9836208  33% /home
 /dev/sdb4            148283404  64675480  83607924  44% /mnt/storage
 shm                     518108         0    518108   0% /dev/shm


Izar Ilun wrote:
> I'm installing Gentoo and I'd like you to suggest me how much disc space
> I should use for /.
> 
> My machine is Pentium4, 1GB RAM, 200 GB HD ATA
> 
> It's a desktop machine with Gentoo as the only and exclusive OS.
> 
> Will run KDE. Amarok, OpenOffice, firefox....
> 
> Thanx!


	

	
		
___________________________________ 
Yahoo! Mail: gratis 1GB per i messaggi e allegati da 10MB 
http://mail.yahoo.it

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 757 bytes --]

On Thu, 16 Feb 2006 14:06:12 +0100, Alexander Skwar wrote:

> That's not advisable. I'd strongly suggest to create
> filesystems for /boot, swap, /home, /opt, /usr, /var
> and / (of course). This way you're more flexible
> and also a bit safer (not such a high risk of running
> out of space on /).

But far more chance of running out of space on /usr, /var or /opt while
one of the others has plenty free. I prefer to have these three on the
same partition for a desktop, but separate from /. I use the bind option
to mount /var and /opt on /usr/var and /usr/opt

$ grep bind /etc/fstab
/usr/var   /var   auto   bind   0 0
/usr/opt   /opt   auto   bind   0 0


-- 
Neil Bothwick

After two weeks of dieting, all I lost was two weeks.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[apn]

> > I'm installing Gentoo and I'd like you to suggest me how much disc space
> > I should use for /.
> 
> 512 MB.
> 
> The rest should go to filesystems for /var, /usr,
> /opt and /home. And maybe also additional filesystems
> fo

This is (part) what i have mount
i`ve instales stuff for workstation (no kde, no gnome - only libs from them) + loot of dev. tools 

$ df
System plików         rozm. użyte dost. %uż. zamont. na
/dev/hda8              14G  9,8G  3,4G  75% /
udev                  252M  180K  252M   1% /dev
/dev/hda5              31M  6,7M   23M  24% /boot
/dev/hda7             3,3G  1,3G  2,0G  40% /var
/dev/hda10             22G   19G  2,3G  89% /home
/dev/hda11            2,5G  242M  2,2G  10% /tmp
/dev/hda9             1,5G  1,4G   26M  99% /mnt/ftp

_____________________


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> Izar Ilun wrote:
> > I say that, It'll be just:
> > - /boot
> > - swap
> > - /home
> > - / (all the rest)
>
> That's not advisable. I'd strongly suggest to create
> filesystems for /boot, swap, /home, /opt, /usr, /var
> and / (of course). This way you're more flexible
> and also a bit safer (not such a high risk of running
> out of space on /).

and he wastes a lot of space, makes boot a lot longer and increases head 
movement.

One big / (like 40 or 80GB) will be enough (plus 15mb /boot, 2GB swap, the 
rest /home).

With that sizes, it is nearly impossible to fill / completly up. But a too 
small /tmp or /var can make a boot impossible.

To put everything on its own partition was good, when harddisks were 2gb-10gb 
big. But today it is just a waste of space and time.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 13:19, Izar Ilun wrote:
> I'm installing Gentoo and I'd like you to suggest me how much disc space I
> should use for /.
>
> My machine is Pentium4, 1GB RAM, 200 GB HD ATA
>
> It's a desktop machine with Gentoo as the only and exclusive OS.
>
> Will run KDE. Amarok, OpenOffice, firefox....
>
> Thanx!

40-60gb for /
2GB swap
15MB /boot
rest /home

you'll never fill up root, so making a lot of partitions is just wasted space.
Plus, when /tmp or /var are full you are f* anyway, so no reason to put them 
on their own partition. Additionally, the more partitions, the more useless 
head movement, the slower data transfer the earlier the harddisk dies.

And yes, I once put all and everything on its own partition.
I learnt the hard way, that this does not solve problems, it creates them.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Neil Bothwick wrote:
> On Thu, 16 Feb 2006 14:06:12 +0100, Alexander Skwar wrote:
> 
>> That's not advisable. I'd strongly suggest to create
>> filesystems for /boot, swap, /home, /opt, /usr, /var
>> and / (of course). This way you're more flexible
>> and also a bit safer (not such a high risk of running
>> out of space on /).
> 
> But far more chance of running out of space on /usr, /var or /opt while

Not really. And even if so - who cares? Make the
fs larger, and you're set. Also, if those fs
run out of space, it's not a DoS.

> one of the others has plenty free.

Well, no, since it's also bad advice to have one with
plenty free :)

> I prefer to have these three on the
> same partition for a desktop,

I don't. Everything on its own filesystem. I mean,
why not? Resizing, and especially extending, is
so very easy.


Alexander Skwar
-- 
BOFH Excuse #126:

it has Intel Inside
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Hemmann, Volker Armin wrote:
> On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
>> Izar Ilun wrote:
>> > I say that, It'll be just:
>> > - /boot
>> > - swap
>> > - /home
>> > - / (all the rest)
>>
>> That's not advisable. I'd strongly suggest to create
>> filesystems for /boot, swap, /home, /opt, /usr, /var
>> and / (of course). This way you're more flexible
>> and also a bit safer (not such a high risk of running
>> out of space on /).
> 
> and he wastes a lot of space,

No, he doesn't. Where does he waste space? Also, to use
your argument - we're no longer in the age where 10gb
harddrives are high end.

> makes boot a lot longer

Not really.

> and increases head 
> movement.
> 
> One big / (like 40 or 80GB) will be enough

Yes, and it's obviously the worst solution. How do
you mount /tmp noexec? How do you mount /usr read-only?

> With that sizes, it is nearly impossible to fill / completly up.

And it's impossible to have some flexibility.

> To put everything on its own partition was good, when harddisks were 2gb-10gb 
> big.

And it's still good today.

> But today it is just a waste of space and time.

No, it's absolutely not.

Alexander Skwar
-- 
BOFH Excuse #126:
it has Intel Inside
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[jarry]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="us-ascii", Size: 810 bytes --]

Alexander Skwar <listen@alexander.skwar.name> wrote:

> > I say that, It'll be just:
> > - /boot
> > - swap
> > - /home
> > - / (all the rest)
> 
> That's not advisable. I'd strongly suggest to create
> filesystems for /boot, swap, /home, /opt, /usr, /var
> and / (of course).

Moreover I have created separate partitions for /tmp
(with nodev, noexec and qouta) and /chroot ...

> Further, I'd alsostrongly suggest to use LVM.

True, though I did not put put /, /boot and swap on lvm.
Just security precaution, so that system would be still
somehow usable even in case something goes wrong with lmv...

Jarry

-- 
DSL-Aktion wegen großer Nachfrage bis 28.2.2006 verlängert:
GMX DSL-Flatrate 1 Jahr kostenlos* http://www.gmx.net/de/go/dsl
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

apn@o2.pl wrote:
>> > I'm installing Gentoo and I'd like you to suggest me how much disc space
>> > I should use for /.
>> 
>> 512 MB.
>> 
>> The rest should go to filesystems for /var, /usr,
>> /opt and /home. And maybe also additional filesystems
>> fo
> 
> This is (part) what i have mount
> i`ve instales stuff for workstation (no kde, no gnome - only libs from them) + loot of dev. tools 
> 
> $ df
> System plików         rozm. użyte dost. %uż. zamont. na
> /dev/hda8              14G  9,8G  3,4G  75% /
> udev                  252M  180K  252M   1% /dev
> /dev/hda5              31M  6,7M   23M  24% /boot
> /dev/hda7             3,3G  1,3G  2,0G  40% /var
> /dev/hda10             22G   19G  2,3G  89% /home
> /dev/hda11            2,5G  242M  2,2G  10% /tmp
> /dev/hda9             1,5G  1,4G   26M  99% /mnt/ftp

Hm, as I said before - have a look at LVM. It makes
life *SO* much easier. I don't quite get, why people
still do the old style partitioning.

For example, in your setup, how do you make /var larger, if need
be?

With LVM, it would just be a matter of "lvresize -L+512m /dev/Volume00/Var".
You also wouldn't waste so much space.

Alexander Skwar
-- 
BOFH Excuse #126:

it has Intel Inside

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[jarry]

"Hemmann, Volker Armin" <volker.armin.hemmann@tu-clausthal.de> wrote:

> To put everything on its own partition was good, when harddisks were
> 2gb-10gb big. But today it is just a waste of space and time.

IMHO there still might be advantages to using more partitions,
for example security (you can mount /boot /tmp /home with nodev,
noexec, nosuid, /usr with read-only, etc.), or different quota
settings. But it would be probably more usable for server, less
for workstation...

Jarry

-- 
Telefonieren Sie schon oder sparen Sie noch?
NEU: GMX Phone_Flat http://www.gmx.net/de/go/telefonie
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Richard Fish]

On 2/16/06, Hemmann, Volker Armin <volker.armin.hemmann@tu-clausthal.de> wrote:
> on their own partition. Additionally, the more partitions, the more useless
> head movement, the slower data transfer the earlier the harddisk dies.

I disagree.  Sensible partitioning can _reduce_ head movement and
improve performance.  For example, take the case of /usr/portage. 
*Many* people have reported improvements in portages speed by moving
this to a separate, small partition.  This is because when you are
running portage, it doesn't have to seek all over the disk to collect
files...it only has to look at a few cylinders that are close
together.

Having / on its own partition can result in a similar improvement,
because the drive doesn't have to seek over your files in /home or
/opt to get to something in /lib.

I also disagree with Alexander about /usr, in that I prefer to merge
that with / since it keeps all of the programs and files needed to
boot the system and start X/KDE/etc close together.  But that is what
works best _for me_ on my laptop.

So I have:

/boot 100M
/ 6G
/tmp 2G
/var 5G
/home 66G (the rest of the disk)
/usr/portage 1G
/usr/portage/packages 6G (also contains distfiles)
/usr/src 2G

I have not run out of space on anything or had to resize a partition
for more than a year.  Ok, I do run out of room on /usr/src
occasionally because I forget to prune old kernel sources...but that
is harmless.

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Martin Eisenhardt]

[-- Attachment #1: Type: text/plain, Size: 1468 bytes --]

Alexander Skwar wrote:
> Hm, as I said before - have a look at LVM. It makes
> life *SO* much easier. I don't quite get, why people
> still do the old style partitioning.
>
> For example, in your setup, how do you make /var larger, if need
> be?
>
> With LVM, it would just be a matter of "lvresize -L+512m
> /dev/Volume00/Var". You also wouldn't waste so much space.
>
> Alexander Skwar
> --
> BOFH Excuse #126:
>
> it has Intel Inside

I do agree with almost all you said (like - for instance - having separate 
filesystems for the different top-level directories). Indeed, this (using 
several small filesystems mounted together instead of one large filesystem 
for /) is a technique that can be applied to speed things up (have a look at 
http://gentoo-wiki.com/TIP_Speeding_up_portage to see how Portage may profit 
from the use of small filesystems).

Having said that, I would like to suggest that instead of using LVM, the 
top-poster might be better off by using EVMS (http://evms.sourceforge.net) 
since EVMS sports different UIs for all kinds of users (CLI, ncurses, X) and 
automates many tasks like resizing etc.

Kind regards
Martin Eisenhardt
-- 
Dipl. Wirtsch.Inf.(Univ.) Martin Eisenhardt

Otto-Friedrich-Universität Bamberg
Fakultät Wirtschaftinformatik und Angewandte Informatik
Lehrstuhl für Medieninformatik

D-96045 Bamberg

fon: +49 (951) 863-2856
fax: +49 (951) 863-2852

www: http://www.mneisen.org

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] How many GB for / partition?

[jarry]

Alexander Skwar <listen@alexander.skwar.name> wrote:

> Hm, as I said before - have a look at LVM. It makes
> life *SO* much easier. I don't quite get, why people
> still do the old style partitioning.

Correct me if I am wrong, but with lvm you do not have
control over physical placement of your partitions. Right?
So if you use lvm even for swap, lvm might place it anywhere
on disk, on the beginning (first cylinders, highest speed,
i.e. ~50 MB/s) or at the end (in my case ~30 MB/s).

Utilities like hdtach (win-world, I do not know something
equivalent for linux) show, that read/write speed is not
constant over the whole disk (number of sectors on outside
cylinders is much higher, than on the inside cylinders).

In some cases it might matter to partition disk wisely,
for example when someone is doing tv/video grabbing, he
needs maximum transfer speed to avoid frame-dropping, so
it might be worth putting /home or /tmp somewhere near
beginning of disk (outside cylinders).  Similar for swap,
plus optimising of head-movement, etc...

Just my 2 cents, but personally I'm using lvm too...

Jarry

-- 
Telefonieren Sie schon oder sparen Sie noch?
NEU: GMX Phone_Flat http://www.gmx.net/de/go/telefonie
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Robert Crawford]

The main reason for putting /var,  /tmp, and portage on their own partitions 
is to minimize fragmentation on /, especially with a source distro like 
Gentoo. And yes, Linux does fragment and does require attention, especially 
with reiserfs, where the only solution is to dump/format/restore.

On Thursday 16 February 2006 09:58, jarry@gmx.net wrote:
> "Hemmann, Volker Armin" <volker.armin.hemmann@tu-clausthal.de> wrote:
> > To put everything on its own partition was good, when harddisks were
> > 2gb-10gb big. But today it is just a waste of space and time.
>
> IMHO there still might be advantages to using more partitions,
> for example security (you can mount /boot /tmp /home with nodev,
> noexec, nosuid, /usr with read-only, etc.), or different quota
> settings. But it would be probably more usable for server, less
> for workstation...
>
> Jarry
>
> --
> Telefonieren Sie schon oder sparen Sie noch?
> NEU: GMX Phone_Flat http://www.gmx.net/de/go/telefonie
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[John Jolet]

On 2/16/06 9:04 AM, "Martin Eisenhardt"
<martin.eisenhardt@wiai.uni-bamberg.de> wrote:

> Alexander Skwar wrote:
>> Hm, as I said before - have a look at LVM. It makes
>> life *SO* much easier. I don't quite get, why people
>> still do the old style partitioning.
>> 
>> For example, in your setup, how do you make /var larger, if need
>> be?
>> 
>> With LVM, it would just be a matter of "lvresize -L+512m
>> /dev/Volume00/Var". You also wouldn't waste so much space.
>> 
>> Alexander Skwar
>> --
>> BOFH Excuse #126:
>> 
>> it has Intel Inside
> 
> I do agree with almost all you said (like - for instance - having separate
> filesystems for the different top-level directories). Indeed, this (using
> several small filesystems mounted together instead of one large filesystem
> for /) is a technique that can be applied to speed things up (have a look at
> http://gentoo-wiki.com/TIP_Speeding_up_portage to see how Portage may profit
> from the use of small filesystems).
> 
> Having said that, I would like to suggest that instead of using LVM, the
> top-poster might be better off by using EVMS (http://evms.sourceforge.net)
> since EVMS sports different UIs for all kinds of users (CLI, ncurses, X) and
> automates many tasks like resizing etc.
I have a question here....I was under the impression that evms sat below
lvm...is it a one or the other thing?  I've always been confused by the
whole "partition" question, having come up through the AIX ranks, where such
questions are nonexistent.  Personally, for linux boxes, if it's my personal
"workstation", I just go with /boot swap and /.  For servers, I separate out
/boot swap /usr /var /tmp using lvm (using the aix maxim that you make them
as small as possible and resize at threshold).
> 
> Kind regards
> Martin Eisenhardt


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Martin Eisenhardt]

[-- Attachment #1: Type: text/plain, Size: 1241 bytes --]

On Thursday February 16 2006 16:15, John Jolet wrote:
> >
> > Having said that, I would like to suggest that instead of using LVM, the
> > top-poster might be better off by using EVMS
> > (http://evms.sourceforge.net) since EVMS sports different UIs for all
> > kinds of users (CLI, ncurses, X) and automates many tasks like resizing
> > etc.
>
> I have a question here....I was under the impression that evms sat below
> lvm...is it a one or the other thing?  I've always been confused by the
> whole "partition" question, having come up through the AIX ranks, where
> such questions are nonexistent.  Personally, for linux boxes, if it's my
> personal "workstation", I just go with /boot swap and /.  For servers, I
> separate out /boot swap /usr /var /tmp using lvm (using the aix maxim that
> you make them as small as possible and resize at threshold).

EVMS has a LVM plugin so that it can manage LVM volume groups etc.

Regards
Martin
-- 
Dipl. Wirtsch.Inf.(Univ.) Martin Eisenhardt

Otto-Friedrich-Universität Bamberg
Fakultät Wirtschaftinformatik und Angewandte Informatik
Lehrstuhl für Medieninformatik

D-96045 Bamberg

fon: +49 (951) 863-2856
fax: +49 (951) 863-2852

www: http://www.mneisen.org

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

jarry@gmx.net wrote:
> Alexander Skwar <listen@alexander.skwar.name> wrote:
> 
>> Hm, as I said before - have a look at LVM. It makes
>> life *SO* much easier. I don't quite get, why people
>> still do the old style partitioning.
> 
> Correct me if I am wrong, but with lvm you do not have
> control over physical placement of your partitions. Right?

Right.

> So if you use lvm even for swap, lvm might place it anywhere
> on disk, on the beginning (first cylinders, highest speed,
> i.e. ~50 MB/s) or at the end (in my case ~30 MB/s).

Well, it might, yes. However, if you create it as the
first Logical Volume, then I'd suppose that it would
be at the beginning of the Volume Group.

I don't know that though.

But as swap is a "static" partition (meaning that
it'll most likely close to never need to be resized),
I don't put swap in LVM. No gain.

If I need more swap, it's most of the time just a
temporary thing. And then I don't care that much about
performance.

> In some cases it might matter to partition disk wisely,
> for example when someone is doing tv/video grabbing, he
> needs maximum transfer speed to avoid frame-dropping, so
> it might be worth putting /home or /tmp somewhere near
> beginning of disk (outside cylinders).  Similar for swap,
> plus optimising of head-movement, etc...

Yes, for special cases, special solutions might
be needed.

I wasn't under the impression that the OP had
such a special case, though :)

Alexander Skwar
-- 
BOFH Excuse #126:

it has Intel Inside
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Martin Eisenhardt]

[-- Attachment #1: Type: text/plain, Size: 1942 bytes --]

On Thursday February 16 2006 16:10, jarry@gmx.net wrote:
> Alexander Skwar <listen@alexander.skwar.name> wrote:
> > Hm, as I said before - have a look at LVM. It makes
> > life *SO* much easier. I don't quite get, why people
> > still do the old style partitioning.
>
> Correct me if I am wrong, but with lvm you do not have
> control over physical placement of your partitions. Right?

No, wrong, I am sorry :-D

You might let LVM choose where to put the extends for a newly created logical 
volume, but you might also tell LVM where to put it.

> So if you use lvm even for swap, lvm might place it anywhere
> on disk, on the beginning (first cylinders, highest speed,
> i.e. ~50 MB/s) or at the end (in my case ~30 MB/s).

You can tell LVM to put it wherever you want, see above.

> Utilities like hdtach (win-world, I do not know something
> equivalent for linux) show, that read/write speed is not
> constant over the whole disk (number of sectors on outside
> cylinders is much higher, than on the inside cylinders).

Correct, but then - does the performance of your system really depend on the 
speed of your swap device? If so, consider upgrading RAM. You will *never* 
get swap devices so fast that it is really pleasurable to work with them.

> In some cases it might matter to partition disk wisely,
> for example when someone is doing tv/video grabbing, he
> needs maximum transfer speed to avoid frame-dropping, so
> it might be worth putting /home or /tmp somewhere near
> beginning of disk (outside cylinders).  Similar for swap,
> plus optimising of head-movement, etc...

Again, see above.

Regards
Martin
-- 
Dipl. Wirtsch.Inf.(Univ.) Martin Eisenhardt

Otto-Friedrich-Universität Bamberg
Fakultät Wirtschaftinformatik und Angewandte Informatik
Lehrstuhl für Medieninformatik

D-96045 Bamberg

fon: +49 (951) 863-2856
fax: +49 (951) 863-2852

www: http://www.mneisen.org

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Hemmann, Volker Armin wrote:

> you'll never fill up root, so making a lot of partitions is just wasted space.

No, it's not wasted space. Well, okay, not much wasted space.

> And yes, I once put all and everything on its own partition.
> I learnt the hard way, that this does not solve problems, it creates them.

Yes, you're right - everything on own *PARTITIONS*
creates problems. I'm advocating LVM, though.

Alexander Skwar
-- 
BOFH Excuse #126:

it has Intel Inside
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> Hemmann, Volker Armin wrote:
> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> >> Izar Ilun wrote:
> >> > I say that, It'll be just:
> >> > - /boot
> >> > - swap
> >> > - /home
> >> > - / (all the rest)
> >>
> >> That's not advisable. I'd strongly suggest to create
> >> filesystems for /boot, swap, /home, /opt, /usr, /var
> >> and / (of course). This way you're more flexible
> >> and also a bit safer (not such a high risk of running
> >> out of space on /).
> >
> > and he wastes a lot of space,
>
> No, he doesn't. Where does he waste space? 

because you shall not fill up any partition more than 85% or fragmentation 
will go up insanly and performance go down to the bottom.


>
> > makes boot a lot longer
>
> Not really.

yes, really.

>
> > and increases head
> > movement.
> >
> > One big / (like 40 or 80GB) will be enough
>
> Yes, and it's obviously the worst solution. How do
> you mount /tmp noexec? How do you mount /usr read-only?

why should you mount /usr readonly, if you do your emerging always everyday?
Why should he make /tmp noexec, if he is the only user?

>
> > With that sizes, it is nearly impossible to fill / completly up.
>
> And it's impossible to have some flexibility.

no, it is absolutly flexible - less partitions, more space available, that can 
be used. And less risk, that any of the partitions fills up.

>
> > To put everything on its own partition was good, when harddisks were
> > 2gb-10gb big.
>
> And it's still good today.
>
no it is not

> > But today it is just a waste of space and time.
>
> No, it's absolutely not.

yes it is. It wastes space, makes boot much longer. More partitions = more 
haead movement = higher risk of damage. More partitions = more risk that one 
of the partitions dies = more risk of fatal data loss.
More partitions = less space available = more money wasted.

You see, there are a lot of good reasons to keep the number of patitions low.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 16:14, Robert Crawford wrote:
> The main reason for putting /var,  /tmp, and portage on their own
> partitions is to minimize fragmentation on /, especially with a source
> distro like Gentoo. And yes, Linux does fragment and does require
> attention, especially with reiserfs, where the only solution is to
> dump/format/restore.

dump/restore does not work anymore. for years.
tar/mkfs/tar is the right way to do backups/restores.

Plus, you can keep fragmentation down, if you let enough space free.

With lots of small partitions, the partitions will always almost filled up, 
which leads to more fragmentation.

Also, the more partitions, the more the heads have to move around.

And we all know, that this decreases total lifetime.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 16:02, Richard Fish wrote:

> Having / on its own partition can result in a similar improvement,
> because the drive doesn't have to seek over your files in /home or
> /opt to get to something in /lib.
it still has to move at the beginning of the partition, look up, where the 
files are, and move. And maybbe it has to skip several partitions. And when 
at the same moment something else want something from /opt, it has to move to 
the next partition that may lay somewhere on the disk, which is much slower, 
than a full stroke to the beginning of the disk.


> So I have:
>
> /boot 100M
thait is total overkill... 15 is way enough. Even 10...

> / 6G
> /tmp 2G
> /var 5G

you dson't use ccache, do you?

> /home 66G (the rest of the disk)
> /usr/portage 1G
> /usr/portage/packages 6G (also contains distfiles)

On my machine du -h /usr/portage  = 4,4GB...  pretty close to your 7 GB 
combined.. and your /usr/portage should never fill up more than 85%, so you 
are wasting some mbs there, and some more on your 'packages' partition...

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Richard Fish]

On 2/16/06, jarry@gmx.net <jarry@gmx.net> wrote:
> Correct me if I am wrong, but with lvm you do not have
> control over physical placement of your partitions. Right?

While true in theory, in practice the first LV you create is created
at the lowest numbered PV extents, which correspond to low numbered
sectors.

My swap LV (which was created first) averages 44M/sec throughput
(laptop drive, still slow...)

My packages LV (for portage distfiles, created last) averages 28M/sec.

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Martin Eisenhardt]

[-- Attachment #1: Type: text/plain, Size: 908 bytes --]

On Thursday February 16 2006 16:30, Alexander Skwar wrote:
> jarry@gmx.net wrote:
> > Alexander Skwar <listen@alexander.skwar.name> wrote:
> >> Hm, as I said before - have a look at LVM. It makes
> >> life *SO* much easier. I don't quite get, why people
> >> still do the old style partitioning.
> >
> > Correct me if I am wrong, but with lvm you do not have
> > control over physical placement of your partitions. Right?
>
> Right.
>

No, wrong, please see my other message.

You *can* tell LVM where to put LVs but you do not *have* to. In the latter 
case, LVM chooses where to put the LV.

Regards
Martin
-- 
Dipl. Wirtsch.Inf.(Univ.) Martin Eisenhardt

Otto-Friedrich-Universität Bamberg
Fakultät Wirtschaftinformatik und Angewandte Informatik
Lehrstuhl für Medieninformatik

D-96045 Bamberg

fon: +49 (951) 863-2856
fax: +49 (951) 863-2852

www: http://www.mneisen.org

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 1378 bytes --]

On Thu, 16 Feb 2006 15:39:02 +0100, Alexander Skwar wrote:

> > But far more chance of running out of space on /usr, /var or /opt
> > while
> 
> Not really. And even if so - who cares? Make the
> fs larger, and you're set. Also, if those fs
> run out of space, it's not a DoS.

No, but it means you have to stop what you are doing to re-organise and
resize your partitions.

> > one of the others has plenty free.
> 
> Well, no, since it's also bad advice to have one with
> plenty free :)

Could you point me in the direction of the program that magically tells
you how much space you'll need for each directory in a year's time :)

> > I prefer to have these three on the
> > same partition for a desktop,
> 
> I don't. Everything on its own filesystem. I mean,
> why not? Resizing, and especially extending, is
> so very easy.

Extending is easy, but shrinking is not so easy or quick. If partition A
runs out of space while partition B has plenty, you have to shrink B's
filesystem before you can add space to A. That's time consuming,
especially if B uses XFS.

Just because a directory existing in /, it doesn't have to be on a
separate filesystem. Use whatever works for your needs, but be sensible,
too many partitions is almost as bad as too few, and creates extra work.


-- 
Neil Bothwick

In the begining, there was nothing.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Hemmann, Volker Armin wrote:
> On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
>> Hemmann, Volker Armin wrote:
>> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
>> >> Izar Ilun wrote:
>> >> > I say that, It'll be just:
>> >> > - /boot
>> >> > - swap
>> >> > - /home
>> >> > - / (all the rest)
>> >>
>> >> That's not advisable. I'd strongly suggest to create
>> >> filesystems for /boot, swap, /home, /opt, /usr, /var
>> >> and / (of course). This way you're more flexible
>> >> and also a bit safer (not such a high risk of running
>> >> out of space on /).
>> >
>> > and he wastes a lot of space,
>>
>> No, he doesn't. Where does he waste space? 
> 
> because you shall not fill up any partition more than 85% or fragmentation 
> will go up insanly and performance go down to the bottom.

Yes, but we're no longer in the age, where 10GB hard
drives are high end. I do agree, that you might waste
a little bit of space. But that's it. And that's only
a theoretical value. Nothing to worry about in real
life.

>> > makes boot a lot longer
>>
>> Not really.
> 
> yes, really.

jaja.

>> > and increases head
>> > movement.
>> >
>> > One big / (like 40 or 80GB) will be enough
>>
>> Yes, and it's obviously the worst solution. How do
>> you mount /tmp noexec? How do you mount /usr read-only?
> 
> why should you mount /usr readonly,

Because you normally don't need write access to
/usr, unless:

> if you do your emerging always everyday?

...unless, you're writing.

> Why should he make /tmp noexec,

Security precaution.

>> > With that sizes, it is nearly impossible to fill / completly up.
>>
>> And it's impossible to have some flexibility.
> 
> no, it is absolutly flexible

Ah. Please explain how you mount /tmp noexec and /usr
readonly.

Please also explain, how you seperate data areas (like
/var and /usr).

>> > To put everything on its own partition was good, when harddisks were
>> > 2gb-10gb big.
>>
>> And it's still good today.
>>
> no it is not

I see. Strange thing is, that about every server and workstation
I've seen more or less contradicts what you say.

>> > But today it is just a waste of space and time.
>>
>> No, it's absolutely not.
> 
> yes it is. It wastes space,

Not really. Some. But not really.

> makes boot much longer.

No, it doesn't. Not noticeably, at least.

> More partitions = more 
> haead movement = higher risk of damage. More partitions = more risk that one 
> of the partitions dies = more risk of fatal data loss.

There's always backup.

> More partitions = less space available

Not really. Some. But not really.

If you're *SO* low on hard disk space, I'd advice to buy
more harddisks.

> You see, there are a lot of good reasons to keep the number of patitions low.

Actually, as *you* see, there aren't many reasons and no good
reasons to do what you say.

Alexander Skwar
-- 
It is common sense to take a method and try it.  If it fails,
admit it frankly and try another.  But above all, try something.
		-- Franklin D. Roosevelt
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Martin Eisenhardt wrote:
> On Thursday February 16 2006 16:30, Alexander Skwar wrote:
>> jarry@gmx.net wrote:

>> > Correct me if I am wrong, but with lvm you do not have
>> > control over physical placement of your partitions. Right?
>>
>> Right.
>>
> 
> No, wrong, please see my other message.

Okay.

> You *can* tell LVM where to put LVs but you do not *have* to. 

But how do you actually do that? Or are you talking about
the "allocation policy"? Like "--contiguous y"?

Alexander Skwar
-- 
It is common sense to take a method and try it.  If it fails,
admit it frankly and try another.  But above all, try something.
		-- Franklin D. Roosevelt
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Jarry]

Martin Eisenhardt wrote:

>>Correct me if I am wrong, but with lvm you do not have
>>control over physical placement of your partitions. Right?
> 
> No, wrong, I am sorry :-D
> 
> You might let LVM choose where to put the extends for a newly created logical 
> volume, but you might also tell LVM where to put it.

Frankly, that is new to me. How can I control *where* the newly
created partition (in lvm) will be? Or is it somehow "default" that
if I create only one big partition on my disk, and assign it to
lvm, than 1st partition I create within lvm will be at the beginning
of the disk???

But even if it is so, if you resize partition by lvm, this advantage
could be lost. And if it even is possible to keep some partition
continuous, than resizing partition in lvm would be very long process:
if I resize 1st partition (the fastest, on the most outer cylinders)
and want to keep it continuous, lvm would have to move all other
partitions...

Jarry

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Neil Bothwick wrote:
> On Thu, 16 Feb 2006 15:39:02 +0100, Alexander Skwar wrote:
> 
>> > But far more chance of running out of space on /usr, /var or /opt
>> > while
>> 
>> Not really. And even if so - who cares? Make the
>> fs larger, and you're set. Also, if those fs
>> run out of space, it's not a DoS.
> 
> No, but it means you have to stop what you are doing to re-organise and
> resize your partitions.

Well, okay, but how often does that happen? And it's
not as if resizing would be hard or time consuming.

> 
>> > one of the others has plenty free.
>> 
>> Well, no, since it's also bad advice to have one with
>> plenty free :)
> 
> Could you point me in the direction of the program that magically tells
> you how much space you'll need for each directory in a year's time :)

I can't. But that's just not needed. Make the filesystems
as large as they *now* need to be. If more space is required,
extending is a matter of a few seconds.

> 
>> > I prefer to have these three on the
>> > same partition for a desktop,
>> 
>> I don't. Everything on its own filesystem. I mean,
>> why not? Resizing, and especially extending, is
>> so very easy.
> 
> Extending is easy, but shrinking is not so easy or quick.

That's correct. If it is possible at all.

> If partition A
> runs out of space while partition B has plenty, 

Then you made B too large, which is the main cause of the problem.

> you have to shrink B's
> filesystem before you can add space to A. That's time consuming,
> especially if B uses XFS.

What's so special about XFS? The fact that there's no shrinker?

> Just because a directory existing in /, it doesn't have to be on a
> separate filesystem.

Of course not. It would be bad advice to put sbin, lib, bin
or especially etc on seperate filesystems. :)

For everything else, it makes sense to use seperate filesystems.

> Use whatever works for your needs,

Yes, of course.

> but be sensible,
> too many partitions

Well. If we're talking just about usr, var, home, tmp, Gentoo,
sources, then that's not "too many" in most cases.

> is almost as bad as too few, and creates extra work.

Well, it is not much extra work if it is extra work at all.
Actually I rather think, that it's less work - in the long
run

Alexander Skwar
-- 
	"Wrong," said Renner.
	"The tactful way," Rod said quietly, "the polite way to disagree with
the Senator would be to say, `That turns out not to be the case.'"
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[kashani]

Alexander Skwar wrote:
> I can't. But that's just not needed. Make the filesystems
> as large as they *now* need to be. If more space is required,
> extending is a matter of a few seconds.

I agree with that.

80GB drive, lvm up 50GB of it, and then you can grow whatever as needed. 
It's not like you need all that space to begin with. Maybe you end up 
needing more in /var? Add another 10GB. Maybe /home? Add another 10GB.

kashani
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Jarry wrote:

> But even if it is so, if you resize partition by lvm, this advantage
> could be lost. And if it even is possible to keep some partition
> continuous, than resizing partition in lvm would be very long process:
> if I resize 1st partition (the fastest, on the most outer cylinders)
> and want to keep it continuous, lvm would have to move all other
> partitions...

But LVM is so useful, that even THAT would be possible with *NO*
downtime AT ALL!

This is possible, if you've got multiple "physical volumes".
In text books, a pv is a complete harddrive (eg. /dev/sda).
But that's not necessary. Instead, you could also use
a partition (/dev/sda1) and there's also nothing stopping
one from having multiple PVs on one drive.

Now, if there are multiple PVs in one VG, it's easy to
do a "pvmove", which will move logical volumes to another
phyisical volume. And all that's /possible/ while the
filesystem is still in use!

Granted, I'd not do this at prime time... :)

But how do you do that with the legacy style of partitioning?
And also, how do you *control* exactly which data is at the
beginning (or wherever) of a drive, if you're going to have
only one grossly oversized partition on a drive?

Alexander Skwar
-- 
  As famous as the unknown soldier.
Ö\x01
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Richard Fish]

On 2/16/06, Hemmann, Volker Armin <volker.armin.hemmann@tu-clausthal.de> wrote:
> On Thursday 16 February 2006 16:02, Richard Fish wrote:
>
> > Having / on its own partition can result in a similar improvement,
> > because the drive doesn't have to seek over your files in /home or
> > /opt to get to something in /lib.
> it still has to move at the beginning of the partition, look up, where the
> files are, and move. And maybbe it has to skip several partitions. And when
> at the same moment something else want something from /opt, it has to move to
> the next partition that may lay somewhere on the disk, which is much slower,
> than a full stroke to the beginning of the disk.

Except that directory entry tables are agressively cached by the
system.  Once getdents() has been called once for a directory, calling
it again on the same directory almost never requires any disk IO.

And again, for my _single user_ system, it is very unlikely that
'something else' is going to require a file from /opt (which, BTW, is
also merged with /) at the same time.  Even opening an openoffice
document has to first read a bunch of files from /usr, /usr/lib,
/usr/share, et al, before touching anything in /home.

> > So I have:
> >
> > /boot 100M

> thait is total overkill... 15 is way enough. Even 10...

Wrong.  I integrate fbsplash images as well as some emergency recovery
tools with an initramfs in my kernel images, making each kernel image
7-10M.  And since I keep 1-2 backup kernel images, that means I would
need at least 30MB for /boot.

Please don't tell me how much space is required for my various
filesystems.  I assure you I know better! :-)

> you dson't use ccache, do you?

No.  Never saw any significant boost from it...at least not enough to
justify the amount of space it consumed.

Anyway there is more than one way to partition a system, and there are
benefits and risks to the different methods.  People should really
consider what is best for them, and not try to impose "their way" as
the only correct way.

My main point was simply that for many cases, a partitioned system
will have fewer and more predicatable head movements than an
unpartitioned system.

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> Hemmann, Volker Armin wrote:
> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> >> Hemmann, Volker Armin wrote:
> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> >> >> Izar Ilun wrote:
> >> >> > I say that, It'll be just:
> >> >> > - /boot
> >> >> > - swap
> >> >> > - /home
> >> >> > - / (all the rest)
> >> >>
> >> >> That's not advisable. I'd strongly suggest to create
> >> >> filesystems for /boot, swap, /home, /opt, /usr, /var
> >> >> and / (of course). This way you're more flexible
> >> >> and also a bit safer (not such a high risk of running
> >> >> out of space on /).
> >> >
> >> > and he wastes a lot of space,
> >>
> >> No, he doesn't. Where does he waste space?
> >
> > because you shall not fill up any partition more than 85% or
> > fragmentation will go up insanly and performance go down to the bottom.
>
> Yes, but we're no longer in the age, where 10GB hard
> drives are high end. I do agree, that you might waste
> a little bit of space. But that's it. And that's only
> a theoretical value. Nothing to worry about in real
> life.
>
> >> > makes boot a lot longer
> >>
> >> Not really.
> >
> > yes, really.
>
> jaja.


>
> > Why should he make /tmp noexec,
>
> Security precaution.
if you have 10+ users with access to the box. But a workstation, without even 
sshd running, it is not needed.

And hey, why should /tmp noexec save you from anything?
If someone is  able to break into your box, he can build his tools in /home 
or /var/tmp or somewhere else. No need for /tmp.

>
> >> > With that sizes, it is nearly impossible to fill / completly up.
> >>
> >> And it's impossible to have some flexibility.
> >
> > no, it is absolutly flexible
>
> Ah. Please explain how you mount /tmp noexec and /usr
> readonly.

I don't because it is wasted effort.
If someone has the right to write to a rw /usr/ partition, he has the rights 
to remount a ro /usr as rw and can go on.. It just makes maintance harder.

>
> Please also explain, how you seperate data areas (like
> /var and /usr).

I have /var and /usr?
Why shuld I seperate them any further?

>
> >> > To put everything on its own partition was good, when harddisks were
> >> > 2gb-10gb big.
> >>
> >> And it's still good today.
> >
> > no it is not
>
> I see. Strange thing is, that about every server and workstation
> I've seen more or less contradicts what you say.

if you have 20+ users on each of them, and every single one is a little 
cracker in disguisse, it may make sense, but for a single user box?
No.

>
> >> > But today it is just a waste of space and time.
> >>
> >> No, it's absolutely not.
> >
> > yes it is. It wastes space,
>
> Not really. Some. But not really.

15% of the space on each partition. That sums up.

>
> > makes boot much longer.
>
> No, it doesn't. Not noticeably, at least.

oh really? Have a look at the forums 'my *fs takes this and that long to 
mount'

If every partition takes a second, it will be very noticable.

>
> > More partitions = more
> > haead movement = higher risk of damage. More partitions = more risk that
> > one of the partitions dies = more risk of fatal data loss.
>
> There's always backup.
>
> > More partitions = less space available
>
> Not really. Some. But not really.
>
> If you're *SO* low on hard disk space, I'd advice to buy
> more harddisks.

more harddisks = higher chance that one of them dies.

I had 4 simultaniously running harddisk once. I went down to one big one. 
Because every couple of month one disk died.

It is simple math. The more disks, the higher the risk.

>
> Actually, as *you* see, there aren't many reasons and no good
> reasons to do what you say.

I haven't seen any good reason for a bazillion small partitions, that only 
increase your work and have to be monitored constantly (f* /var is full, 
f* /tmp is full f* I have to remount /usr).
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Hemmann, Volker Armin wrote:
> On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
>> Hemmann, Volker Armin wrote:
>> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
>> >> Hemmann, Volker Armin wrote:
>> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
>> >> >> Izar Ilun wrote:

>> > Why should he make /tmp noexec,
>>
>> Security precaution.
> if you have 10+ users with access to the box. But a workstation, without even 
> sshd running, it is not needed.

"needed" - What's "needed", anyway?

> And hey, why should /tmp noexec save you from anything?

Because it does.

> If someone is  able to break into your box, he can build his tools in /home 
> or /var/tmp or somewhere else. No need for /tmp.

Wrong again. If tmp is the only place somebody can write, then
it might save you (and it DID save my ass more than once now).

>> >> > With that sizes, it is nearly impossible to fill / completly up.
>> >>
>> >> And it's impossible to have some flexibility.
>> >
>> > no, it is absolutly flexible
>>
>> Ah. Please explain how you mount /tmp noexec and /usr
>> readonly.
> 
> I don't because it is wasted effort.

Of course it's not.

So, how do you do that?

> If someone has the right to write to a rw /usr/ partition,

Why should he have that right?

> he has the rights 
> to remount a ro /usr as rw

That's of couse wrong again.

> and can go on.. It just makes maintance harder.

Not really.

>> Please also explain, how you seperate data areas (like
>> /var and /usr).
> 
> I have /var and /usr?

That's not the question.

Please answer it. *YOU* are the one saying that a grossly
oversized filesystem offers more flexibility.

>> I see. Strange thing is, that about every server and workstation
>> I've seen more or less contradicts what you say.
> 
> if you have 20+ users on each of them, and every single one is a little 
> cracker in disguisse, it may make sense, but for a single user box?

Why are you asking?

>> > yes it is. It wastes space,
>>
>> Not really. Some. But not really.
> 
> 15% of the space on each partition. That sums up.

Yep. And your 15% are of course less then my 15%, correct?

> If every partition takes a second, it will be very noticable.

Hardly. (Notice that I'm not saying "No".)

While what you're saying is true in theory, you're
exaggerating enourmously. And because of that, you're
wrong.

>> If you're *SO* low on hard disk space, I'd advice to buy
>> more harddisks.
> 
> more harddisks = higher chance that one of them dies.

Yep. Time to stop those bad backups. You're funny.
More of this, please! 8=)

> It is simple math.

*LOL* _You_ should not talk about maths :)

> I haven't seen any good reason for a bazillion small partitions,

That's of course not what I wrote. BTW: What's a "bazillion"?
More than you can count? More than 5? :) And *YOU* are talking
about maths?

*G* You are really making me laugh - thanks!

> that only 
> increase your work

Not really.

> and have to be monitored constantly (f* /var is full, 
> f* /tmp is full f* I have to remount /usr).

What are you talking about? "constantly"?

Well, you know, if "df" is too hard for you - sorry, pal,
tough luck. But you just cannot expect to be taken seriously.

Alexander Skwar
-- 
So what is the best way to protect yourself against the ILOVEYOU virus? Install
Linux. If that's not an option, try uninstalling Windows.
   -- Geoff Johnson
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 908 bytes --]

On Thu, 16 Feb 2006 18:46:57 +0100, Alexander Skwar wrote:

> > If partition A
> > runs out of space while partition B has plenty, 
> 
> Then you made B too large, which is the main cause of the problem.

Of course, but if your needs change, that's the situation you find
yourself in, as I did recently.
> 
> > you have to shrink B's
> > filesystem before you can add space to A. That's time consuming,
> > especially if B uses XFS.
> 
> What's so special about XFS? The fact that there's no shrinker?

Yes, so a matter of seconds turns into the time it takes to backup,
repartition and restore, which can take a while if the partition is tens
of GB and you have no space elsewhere for the backup.

I've used complex partition layouts in the past and have found that, as
with most things, KISS is the best approach.


-- 
Neil Bothwick

Top Oxymorons Number 10: Computer security

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 218 bytes --]

On Thu, 16 Feb 2006 20:40:49 +0100, Alexander Skwar wrote:

> "needed" - What's "needed", anyway?

/  and swap, nothing else :)


-- 
Neil Bothwick

Crayons can take you more places than starships. * Guinan

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
> Hemmann, Volker Armin wrote:
> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> >> Hemmann, Volker Armin wrote:
> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> >> >> Hemmann, Volker Armin wrote:
> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> >> >> >> Izar Ilun wrote:
> >> >
> >> > Why should he make /tmp noexec,
> >>
> >> Security precaution.
> >
> > if you have 10+ users with access to the box. But a workstation, without
> > even sshd running, it is not needed.
>
> "needed" - What's "needed", anyway?
>
> > And hey, why should /tmp noexec save you from anything?
>
> Because it does.

so? how?
how does it save you from anything? Please tell me. With examples.

> > If someone is  able to break into your box, he can build his tools in
> > /home or /var/tmp or somewhere else. No need for /tmp.
>
> Wrong again. If tmp is the only place somebody can write, then
> it might save you (and it DID save my ass more than once now).

since /tmp is not the only place where someone can write (/var/tmp anyone?) it 
won't help you much.


> >> Ah. Please explain how you mount /tmp noexec and /usr
> >> readonly.
> >
> > I don't because it is wasted effort.
>
> Of course it's not.

yes it is.

> So, how do you do that?

I don't want to, because it is pointless.

>
> > If someone has the right to write to a rw /usr/ partition,
>
> Why should he have that right?

if he has enough rights, that you have to worry about rw /usr, he has enough 
rights, to circumvent ro mounting by remounting.

>
> > he has the rights
> > to remount a ro /usr as rw
>
> That's of couse wrong again.

no, that is correct.

>
> > and can go on.. It just makes maintance harder.
>
> Not really.

yes really, you have to remount /usr everytime you update something.

>
> >> Please also explain, how you seperate data areas (like
> >> /var and /usr).
> >
> > I have /var and /usr?
>
> That's not the question.

yes it is.

>
> Please answer it. *YOU* are the one saying that a grossly
> oversized filesystem offers more flexibility.

I do, because they never fill up.

But, hey, what are YOU doing, when your box does not boot anymore, 
because /tmp or /var/tmp are 100% full?

>
> >> I see. Strange thing is, that about every server and workstation
> >> I've seen more or less contradicts what you say.
> >
> > if you have 20+ users on each of them, and every single one is a little
> > cracker in disguisse, it may make sense, but for a single user box?
>
> Why are you asking?

because you are the one starting with 'server' and 'workstations' and the OP 
never talked about one or the other.

>
>
> > If every partition takes a second, it will be very noticable.
>
> Hardly. (Notice that I'm not saying "No".)

if mounting becomes the major 'hold up' in your booting process, it becomes 
VERY noticable.

>
> While what you're saying is true in theory, you're
> exaggerating enourmously. And because of that, you're
> wrong.

no, I am right.
I have been there, I have done lots of partitions for all and everything and I 
did it for a long time.
It is just a waste of effort.

> >> If you're *SO* low on hard disk space, I'd advice to buy
> >> more harddisks.
> >
> > more harddisks = higher chance that one of them dies.
>
> Yep. Time to stop those bad backups. You're funny.
> More of this, please! 8=)

no, it is pure math. More harddisks=bigger chance that one of them dies.
And it does not matter how often you are doing backups, there will always be 
something that gets lost. Plus it takes time to restore.

>
> > It is simple math.
>
> *LOL* _You_ should not talk about maths :)

you obviously don't understand simple statistics.
Sad.
Again: if every harddrive has a chance to die in 1:100 000 hours, every disk 
you add increases the chance that ONE of them dies.
That is very simple. Ask your teacher.

>
> > I haven't seen any good reason for a bazillion small partitions,
>
> That's of course not what I wrote. BTW: What's a "bazillion"?
> More than you can count? More than 5? :) And *YOU* are talking
> about maths?

a bazillion is just more than needed. And more than needed on a single home 
computer is anything above 4 for the system (boot, /, /home, swap).

>
> *G* You are really making me laugh - thanks!
>

you too.

> > that only
> > increase your work
>
> Not really.

yes, really, remount this, remount that, check that there is enough space 
in /var, check that there is enough space in /usr, check this, check that
=
more work.

>
> > and have to be monitored constantly (f* /var is full,
> > f* /tmp is full f* I have to remount /usr).
>
> What are you talking about? "constantly"?

almost everyday, if you want to be sure, that none of your partitions does not 
get full.

> Well, you know, if "df" is too hard for you - sorry, pal,
> tough luck. But you just cannot expect to be taken seriously.

you forgot 'cp', 'mv' and, in the worst case 'tar everything up and change 
partition layout, because /usr became to small'

You are the one, who does not understand simple math, I am laughing about you 
all evening now.

And as I said, I know what I am talking about. I did the 'put everything on a 
dedicated partition', I even put them on different disks (/usr on 
one, /usr/lib on another for speeding up starting processes), and it hurts 
more than it gives you in the long run.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Thursday 16 February 2006 21:11, Neil Bothwick wrote:
> On Thu, 16 Feb 2006 18:46:57 +0100, Alexander Skwar wrote:
> > > If partition A
> > > runs out of space while partition B has plenty,
> >
> > Then you made B too large, which is the main cause of the problem.
>
> Of course, but if your needs change, that's the situation you find
> yourself in, as I did recently.
>
> > > you have to shrink B's
> > > filesystem before you can add space to A. That's time consuming,
> > > especially if B uses XFS.
> >
> > What's so special about XFS? The fact that there's no shrinker?
>
> Yes, so a matter of seconds turns into the time it takes to backup,
> repartition and restore, which can take a while if the partition is tens
> of GB and you have no space elsewhere for the backup.
>
> I've used complex partition layouts in the past and have found that, as
> with most things, KISS is the best approach.

at least one who went to the same hell...
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Martin Eisenhardt]

[-- Attachment #1: Type: text/plain, Size: 1319 bytes --]

On Thursday 16 February 2006 17:21, Alexander Skwar wrote:
>
> > You *can* tell LVM where to put LVs but you do not *have* to.
>
> But how do you actually do that? Or are you talking about
> the "allocation policy"? Like "--contiguous y"?
>

Well, first of all, you can pass lvcreate a list of physical volumes that are 
then used to allocate extends for the newly created logical volume. By the 
order of LV creation, you determine the sequence of LVs on the PVs (or ore 
correctly, the sequence, in which the extends of one or more PVs are 
allocated to one or more LVs).

Then, you may use lvmove to move a LV to another PV. You may use lvsplit to 
split a LV into two or more parts and then use lvmove to move these part-LVs 
around.

Thirdly, you can (either by hand or by using a more sophisticated tool like 
EVMS) alter the mapping of LV extends to PV extends.

There are surely even more ways to tell LVM where to store LVs, but these are 
the ones that come immediately to my mind.

Kind regads
Martin
-- 
Dipl. Wirtsch.Inf. (Univ.) Martin Eisenhardt

Otto-Friedrich-University Bamberg
Department Business Informatics and Applied Computer Science
Media Informatics Group

D - 96045 Bamberg

fon: +49 (951) 863 2856
fax: +49 (951) 863 2852

www: http://www.mneisen.org


[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Richard Fish]

On 2/16/06, Neil Bothwick <neil@digimed.co.uk> wrote:
> /  and swap, nothing else :)

Well if we are going to be silly, you actually only need /

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 278 bytes --]

On Thu, 16 Feb 2006 14:07:37 -0700, Richard Fish wrote:

> > /  and swap, nothing else :)
> 
> Well if we are going to be silly, you actually only need /

Which shows that I wasn't being silly ;-)


-- 
Neil Bothwick

"Bother," said Pooh, as Smurfette got dressed.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Zac Slade]

On Thursday 16 February 2006 07:47, Neil Bothwick wrote:
> On Thu, 16 Feb 2006 14:06:12 +0100, Alexander Skwar wrote:
> > That's not advisable. I'd strongly suggest to create
> > filesystems for /boot, swap, /home, /opt, /usr, /var
> > and / (of course). This way you're more flexible
> > and also a bit safer (not such a high risk of running
> > out of space on /).
AMEN!  Running out of space on / is not what you want......

> But far more chance of running out of space on /usr, /var or /opt while
> one of the others has plenty free. I prefer to have these three on the
> same partition for a desktop, but separate from /. I use the bind option
> to mount /var and /opt on /usr/var and /usr/opt
Good god man!  This is about as kludgy as they come.  Sure it gets the job 
done, but this is EXACTLY what LVM was invented for.

Partitions are hard (relatively) to resize.  However, logical volumes are not.  
You can increase them when they are full, or reduce their size when you need 
to distribute disk space to other places.

Also consider the case where you completely fill up your 200GB drive.  What 
then?  Buy a new drive and migrate data from /home or /usr to the new disk 
and mount that, then reclaim the partition for some other fs etc.  You have 
the migration of data and the inflexibility of partitions to resize.  If you 
use LVM in the same case you just add the new disk to your volume group 
increase any logical volumes that are in need of more space and resize the 
filesystem.

One thing never changes.  You will run out of space.  You will buy larger 
drives.  You will have more data than you do today.  When that day comes, 
using a volume management software and filesystems that support growing and 
shrinking (reiser is excellent in this regard) will be invaluable.
-- 
Zac Slade
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Neil Bothwick wrote:
> On Thu, 16 Feb 2006 20:40:49 +0100, Alexander Skwar wrote:
> 
>> "needed" - What's "needed", anyway?
> 
> /  and swap, nothing else :)

Nah. / - that's it. swap *can* be a file :)

Alexander Skwar
-- 
"Here comes Mr. Bill's dog."
-- Narrator, Saturday Night Live
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Hemmann, Volker Armin wrote:
> On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
>> Hemmann, Volker Armin wrote:
>> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
>> >> Hemmann, Volker Armin wrote:
>> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
>> >> >> Hemmann, Volker Armin wrote:
>> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
>> >> >> >> Izar Ilun wrote:
>> >> >
>> >> > Why should he make /tmp noexec,
>> >>
>> >> Security precaution.
>> >
>> > if you have 10+ users with access to the box. But a workstation, without
>> > even sshd running, it is not needed.
>>
>> "needed" - What's "needed", anyway?
>>
>> > And hey, why should /tmp noexec save you from anything?
>>
>> Because it does.
> 
> so? how?

Think, you might find out. What does noexec do, hm?

Even *you* might find out...

Well... If I think about it... No, you're too clueless
to find out.

Hint 1: "noexec" nowadays makes it impossible to execute
programs stored on that filesystem.
Hint 2: /tmp (and /var/tmp) are (hopefully) the only places
where everybody can write.

>> > If someone is  able to break into your box, he can build his tools in
>> > /home or /var/tmp or somewhere else. No need for /tmp.
>>
>> Wrong again. If tmp is the only place somebody can write, then
>> it might save you (and it DID save my ass more than once now).
> 
> since /tmp is not the only place where someone can write (/var/tmp anyone?)

True. /var/tmp is a link to /tmp on my system. And if not, /var/tmp
could also easily be a seperate fs.

> it 
> won't help you much.

That's of course wrong again.

>> >> Ah. Please explain how you mount /tmp noexec and /usr
>> >> readonly.
>> >
>> > I don't because it is wasted effort.
>>
>> Of course it's not.
> 
> yes it is.

Jaja. Just because you've got problems, it doesn't mean
that there ARE problems.

>> So, how do you do that?
> 
> I don't want to,

That's not the point.

So, how do you do that?

> because it is pointless.

Of course not.

> if he has enough rights, that you have to worry about rw /usr, he has enough 
> rights, to circumvent ro mounting by remounting.

No, not necessarily.

>> > he has the rights
>> > to remount a ro /usr as rw
>>
>> That's of couse wrong again.
> 
> no, that is correct.

No, it's not. Write permissions don't mean, that somebody is root.

Well - maybe on your systems. But not on well maintained systems.

>> > and can go on.. It just makes maintance harder.
>>
>> Not really.
> 
> yes really, you have to remount /usr everytime you update something.

Jaja. You know, your exaggerations become boring...

>> >> Please also explain, how you seperate data areas (like
>> >> /var and /usr).
>> >
>> > I have /var and /usr?
>>
>> That's not the question.
> 
> yes it is.

No, it's not. Please answer the question.

>> Please answer it. *YOU* are the one saying that a grossly
>> oversized filesystem offers more flexibility.
> 
> I do, because they never fill up.

That's not the point. The question was, how do you optimize
so that the most often needed files are at the beginning of
the hd?

> But, hey, what are YOU doing, when your box does not boot anymore, 
> because /tmp or /var/tmp are 100% full?

a) /tmp is cleaned during boot - so this won't happen anyway.
b) Don't let it happen in the first place.
c) Boot a rescue system like Knoppix and clean /tmp.

d) In reality, I NEVER had it happen that /tmp or /var/tmp
ran out of space. What happened "more often" is that /var
ran out of space, because of the logs in /var/log.

>> >> I see. Strange thing is, that about every server and workstation
>> >> I've seen more or less contradicts what you say.
>> >
>> > if you have 20+ users on each of them, and every single one is a little
>> > cracker in disguisse, it may make sense, but for a single user box?
>>
>> Why are you asking?
> 
> because you are the one starting with 'server' and 'workstations'

Correct. So what? Why are you asking?

> and the OP 
> never talked about one or the other.

His system MUST be the one or the other.

>> > If every partition takes a second, it will be very noticable.
>>
>> Hardly. (Notice that I'm not saying "No".)
> 
> if mounting becomes the major 'hold up' in your booting process, it becomes 
> VERY noticable.

Jaja. Do you actually expect to be taken seriously?

>> While what you're saying is true in theory, you're
>> exaggerating enourmously. And because of that, you're
>> wrong.
> 
> no, I am right.

<stampf>!

No, you are not right in reality. Only in theory you are right.

> I have been there,

I doubt that.

> I have done lots of partitions for all and everything and I 
> did it for a long time.
> It is just a waste of effort.

Jaja.

>> >> If you're *SO* low on hard disk space, I'd advice to buy
>> >> more harddisks.
>> >
>> > more harddisks = higher chance that one of them dies.
>>
>> Yep. Time to stop those bad backups. You're funny.
>> More of this, please! 8=)
> 
> no, it is pure math.

Told ya - don't talk about maths, please!

> More harddisks=bigger chance that one of them dies.

True. So? What does this have to do with the fact, that the
available hd's are too small? Just as a reminder - that's
the scenario YOU are talking about.

>> > It is simple math.
>>
>> *LOL* _You_ should not talk about maths :)
> 
> you obviously don't understand simple statistics.

Seems like. But maybe it's just, that I've got problems
following your nonsense, hm?

> Sad.

Thanks. I feel fine, though.

> Again: if every harddrive has a chance to die in 1:100 000 hours, every disk 
> you add increases the chance that ONE of them dies.

True. So? You're the one with too small harddrives. If you need
more space, you'll either have to buy a bigger one or additional
drives.

If I'm bad in statistics, than you're very week in the area
of "logics".

>> > I haven't seen any good reason for a bazillion small partitions,
>>
>> That's of course not what I wrote. BTW: What's a "bazillion"?
>> More than you can count? More than 5? :) And *YOU* are talking
>> about maths?
> 
> a bazillion is just more than needed. And more than needed on a single home 
> computer is anything above 4 for the system

That's of course not true. Its good practice to put the "major"
directories on seperate filesystems, even if you're too dumb
to understand that, as you keep on demonstrating.

> yes, really, remount this, remount that, check that there is enough space 
> in /var, check that there is enough space in /usr, check this, check that
> =

not much work, if any additional work at all

> more work.

Not really. Again, you're completely exaggerating - as usual.

>> > and have to be monitored constantly (f* /var is full,
>> > f* /tmp is full f* I have to remount /usr).
>>
>> What are you talking about? "constantly"?
> 
> almost everyday,

True. A "df" is really hard. Yes, sure. And "almost everyday"
sounds VERY MUCH differently than "constantly". The latter
implies, that something is done very often. As you just said
now, you're rather thinking about doing something rather seldom.
Like "almost everyday", so maybe even just every other day.

Make up your mind please.

>> Well, you know, if "df" is too hard for you - sorry, pal,
>> tough luck. But you just cannot expect to be taken seriously.
> 
> you forgot 'cp', 'mv' and, in the worst case 'tar everything up and change 
> partition layout, because /usr became to small'

What do you mean? Why "cp", "mv" and "tar"?

> You are the one, who does not understand simple math,

Like "15% > 15%"? That kind of math?

If so, then yes, you're right, I don't understand your kind of simple
math.

> And as I said, I know what I am talking about.

You most certainly don't.

> I did the 'put everything on a 
> dedicated partition', I even put them on different disks (/usr on 
> one, /usr/lib on another for speeding up starting processes), and it hurts 
> more than it gives you in the long run.

Of course not. It eases system administration very much, if not
completely overdone. /usr & /usr/lib would be a case, where I'd
say that this is overdone. Just another case of your exaggerations.

Alexander Skwar
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Uwe Thiem]

On 16 February 2006 22:12, Neil Bothwick wrote:
> On Thu, 16 Feb 2006 20:40:49 +0100, Alexander Skwar wrote:
> > "needed" - What's "needed", anyway?
>
> /  and swap, nothing else :)

Actually, not even swap. ;-)

Amazing how passionate people turn over how to partition the system.

Uwe

-- 
Why do consumers keep buying products they will live to curse?
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Neil Bothwick wrote:
> On Thu, 16 Feb 2006 18:46:57 +0100, Alexander Skwar wrote:
> 
>> > If partition A
>> > runs out of space while partition B has plenty, 
>> 
>> Then you made B too large, which is the main cause of the problem.
> 
> Of course, but if your needs change, that's the situation you find
> yourself in, as I did recently.

Yes, this might happen. How often does it, though?

>> > you have to shrink B's
>> > filesystem before you can add space to A. That's time consuming,
>> > especially if B uses XFS.
>> 
>> What's so special about XFS? The fact that there's no shrinker?
> 
> Yes, so a matter of seconds turns into the time it takes to backup,

Shrinking is never a matter of seconds :) Not with reiserfs and
especially not with ext2/ext3. But with those filesystems,
shrinking is at least possible.

> I've used complex partition layouts in the past and have found that, as
> with most things, KISS is the best approach.

Yep.

Alexander Skwar
-- 
It is common sense to take a method and try it.  If it fails,
admit it frankly and try another.  But above all, try something.
		-- Franklin D. Roosevelt
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 1866 bytes --]

On Thu, 16 Feb 2006 19:59:44 -0600, Zac Slade wrote:

> > But far more chance of running out of space on /usr, /var or /opt
> > while one of the others has plenty free. I prefer to have these three
> > on the same partition for a desktop, but separate from /. I use the
> > bind option to mount /var and /opt on /usr/var and /usr/opt
> Good god man!  This is about as kludgy as they come.  Sure it gets the
> job done, but this is EXACTLY what LVM was invented for.

This is not about partitions but filesystems.

> Partitions are hard (relatively) to resize.  However, logical volumes
> are not. You can increase them when they are full, or reduce their size
> when you need to distribute disk space to other places.

LVs are dead easy to resize, reducing the size of a filesystem is not
always that easy, or even possible.

> Also consider the case where you completely fill up your 200GB drive.
> What then?  Buy a new drive and migrate data from /home or /usr to the
> new disk and mount that, then reclaim the partition for some other fs
> etc.  You have the migration of data and the inflexibility of
> partitions to resize.  If you use LVM in the same case you just add the
> new disk to your volume group increase any logical volumes that are in
> need of more space and resize the filesystem.

I am using LVM, where did I say I wasn't?

If I run out of space and add a new disk, I can easily add a new physical
volume to the volume group and resize the partitions. How many
directories I keep on each partition has absolutely nothing to do with
this.

I want to have / on a small partition, so everything else can go on RAID
and LVM, but why should that force me to have separate filesystems
for /usr, /var and /opt if I don't want them?


-- 
Neil Bothwick

I'm out of my mind, but feel free to leave a message...

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 762 bytes --]

On Fri, 17 Feb 2006 08:52:17 +0100, Alexander Skwar wrote:

> >> Then you made B too large, which is the main cause of the problem.
> > 
> > Of course, but if your needs change, that's the situation you find
> > yourself in, as I did recently.
> 
> Yes, this might happen. How often does it, though?

Twice last year, how many times is acceptable?

> >> What's so special about XFS? The fact that there's no shrinker?
> > 
> > Yes, so a matter of seconds turns into the time it takes to backup,
> 
> Shrinking is never a matter of seconds :) Not with reiserfs and
> especially not with ext2/ext3. But with those filesystems,
> shrinking is at least possible.

OK, quite a few seconds :)


-- 
Neil Bothwick

Strike any user to continue

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Friday 17 February 2006 07:33, Alexander Skwar wrote:
> Hemmann, Volker Armin wrote:
> > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
> >> Hemmann, Volker Armin wrote:
> >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> >> >> Hemmann, Volker Armin wrote:
> >> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> >> >> >> Hemmann, Volker Armin wrote:
> >> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> >> >> >> >> Izar Ilun wrote:
> >> >> >
> >> >> > Why should he make /tmp noexec,
> >> >>
> >> >> Security precaution.
> >> >
> >> > if you have 10+ users with access to the box. But a workstation,
> >> > without even sshd running, it is not needed.
> >>
> >> "needed" - What's "needed", anyway?
> >>
> >> > And hey, why should /tmp noexec save you from anything?
> >>
> >> Because it does.
> >
> > so? how?
>
> Think, you might find out. What does noexec do, hm?
>
> Even *you* might find out...
>
> Well... If I think about it... No, you're too clueless
> to find out.
>
> Hint 1: "noexec" nowadays makes it impossible to execute
> programs stored on that filesystem.

I know, but it won't save you from anything.
After a user got in, he is a user. And every user has a place with write 
permission (if he is user apache/httpd he has lots of places, where he can 
store code).  Outside of /tmp.
You see - it doesn't help you anything.

> Hint 2: /tmp (and /var/tmp) are (hopefully) the only places
> where everybody can write.

an attacker does not need a place, where everybody can write. He just needs 
SOME place, where he can write - like the home-directory of the user he just 
corrumpted.
Also, he can disrupt your system, by just filling up /tmp. No code needed for 
that.

>
> >> > If someone is  able to break into your box, he can build his tools in
> >> > /home or /var/tmp or somewhere else. No need for /tmp.
> >>
> >> Wrong again. If tmp is the only place somebody can write, then
> >> it might save you (and it DID save my ass more than once now).
> >
> > since /tmp is not the only place where someone can write (/var/tmp
> > anyone?)
>
> True. /var/tmp is a link to /tmp on my system. And if not, /var/tmp
> could also easily be a seperate fs.
and another partition ..,.

>
> > it
> > won't help you much.
>
> That's of course wrong again.
>
> >> >> Ah. Please explain how you mount /tmp noexec and /usr
> >> >> readonly.
> >> >
> >> > I don't because it is wasted effort.
> >>
> >> Of course it's not.
> >
> > yes it is.
>
> Jaja. Just because you've got problems, it doesn't mean
> that there ARE problems.

it is wasted: if he has so many rights, that he could write to /usr, he has 
enough rights to remount it.
and /tmp is not needed, as soon  as you have breaken into the box.
Plus, a full /tmp and /var will disrupt services and make reboot (almost) 
impossible.

So, noexec and ro /usr will save you from nothing.

> No, it's not. Write permissions don't mean, that somebody is root.

in my /usr, yes it does.
;)


> >
> > yes really, you have to remount /usr everytime you update something.
>
> Jaja. You know, your exaggerations become boring...

because it is true?
show me, how do you update something residing in /usr without remounting.

>

>
> a) /tmp is cleaned during boot - so this won't happen anyway.

/tmp ios cleaned so late, that it is too late, is both are totally full.

> b) Don't let it happen in the first place.
you can not tell an attacker what not to do.

> c) Boot a rescue system like Knoppix and clean /tmp.

yeah! but why boot from a boot-cd, if you don't have to? (hint: /tmp not on 
its own, small partition)

>
> d) In reality, I NEVER had it happen that /tmp or /var/tmp
> ran out of space. What happened "more often" is that /var
> ran out of space, because of the logs in /var/log.

you have never used gimp, did you?
I have seen gimp filling up a 5GB /tmp.

>
> >> >> I see. Strange thing is, that about every server and workstation
> >> >> I've seen more or less contradicts what you say.
> >> >
> >> > if you have 20+ users on each of them, and every single one is a
> >> > little cracker in disguisse, it may make sense, but for a single user
> >> > box?
> >>
> >> Why are you asking?
> >
> > because you are the one starting with 'server' and 'workstations'
>
> Correct. So what? Why are you asking?
>
> > and the OP
> > never talked about one or the other.
>
> His system MUST be the one or the other.

nope, there is a third category: personal computer (also called home 
computer).

>
> >> > If every partition takes a second, it will be very noticable.
> >>
> >> Hardly. (Notice that I'm not saying "No".)
> >
> > if mounting becomes the major 'hold up' in your booting process, it
> > becomes VERY noticable.
>
> Jaja. Do you actually expect to be taken seriously?

not from you. From thois mailing list I learnt, that if someone is not on your 
side, the person is wrong.

>
> > I have been there,
>
> I doubt that.

Why should I lie?
I had 3 ibm harddisks 1x10Gb,2x40gb one seagate 20gb and all and everything on 
its own partition.
And it was hell after a while.

> > More harddisks=bigger chance that one of them dies.
>
> True. So? What does this have to do with the fact, that the
> available hd's are too small? Just as a reminder - that's
> the scenario YOU are talking about.

becuase you started with 'buy more harddisks'

> >> > It is simple math.
> >>
> >> *LOL* _You_ should not talk about maths :)
> >
> > you obviously don't understand simple statistics.
>
> Seems like. But maybe it's just, that I've got problems
> following your nonsense, hm?

you mean your nonesense?
Yep, it is hard to deal with you.

I snipped the rest: TL:DR
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Richard Fish]

On 2/17/06, Hemmann, Volker Armin <volker.armin.hemmann@tu-clausthal.de> wrote:
> On Friday 17 February 2006 07:33, Alexander Skwar wrote:
> > Hemmann, Volker Armin wrote:
> > > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
> > >> Hemmann, Volker Armin wrote:
> > >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> > >> >> Hemmann, Volker Armin wrote:
> > >> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> > >> >> >> Hemmann, Volker Armin wrote:
> > >> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:

Are you two done with your pissing match yet?  You've both made your
points already, you are obviously not going to convince the other of
anything, and this whole "I'm right; no I'M RIGHT, NO YOUR WRONG AND
I'M RIGHT" thread is getting really boring.

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Hemmann, Volker Armin wrote:
> On Friday 17 February 2006 07:33, Alexander Skwar wrote:
>> Hemmann, Volker Armin wrote:
>> > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
>> >> Hemmann, Volker Armin wrote:
>> >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
>> >> >> Hemmann, Volker Armin wrote:
>> >> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
>> >> >> >> Hemmann, Volker Armin wrote:
>> >> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
>> >> >> >> >> Izar Ilun wrote:
>> >> >> >
>> >> >> > Why should he make /tmp noexec,
>> >> >>
>> >> >> Security precaution.
>> >> >
>> >> > if you have 10+ users with access to the box. But a workstation,
>> >> > without even sshd running, it is not needed.
>> >>
>> >> "needed" - What's "needed", anyway?
>> >>
>> >> > And hey, why should /tmp noexec save you from anything?
>> >>
>> >> Because it does.
>> >
>> > so? how?
>>
>> Think, you might find out. What does noexec do, hm?
>>
>> Even *you* might find out...
>>
>> Well... If I think about it... No, you're too clueless
>> to find out.
>>
>> Hint 1: "noexec" nowadays makes it impossible to execute
>> programs stored on that filesystem.
> 
> I know,

Obviously not.

> but it won't save you from anything.

It does. Like I said.

> After a user got in,

Then it is too late. noexec can save you exactly here.

> he is a user. And every user has a place with write 
> permission (if he is user apache/httpd he has lots of places, where he can 
> store code).

No, he doesn't.

>  Outside of /tmp.

Wrong.

> You see - it doesn't help you anything.

I see that you don't know what you're talking about.

>> Hint 2: /tmp (and /var/tmp) are (hopefully) the only places
>> where everybody can write.
> 
> an attacker does not need a place, where everybody can write. He just needs 
> SOME place, where he can write - like the home-directory of the user he just 
> corrumpted.

But to gain access, most attacks need a place to write.

> Also, he can disrupt your system, by just filling up /tmp. No code needed for 
> that.

True. /var/log might be even easier.

>> True. /var/tmp is a link to /tmp on my system. And if not, /var/tmp
>> could also easily be a seperate fs.
> and another partition ..,.

Hint: A link is not a partition. And even if it were another
filesystem - who cares?

>> >> >> Ah. Please explain how you mount /tmp noexec and /usr
>> >> >> readonly.
>> >> >
>> >> > I don't because it is wasted effort.
>> >>
>> >> Of course it's not.
>> >
>> > yes it is.
>>
>> Jaja. Just because you've got problems, it doesn't mean
>> that there ARE problems.
> 
> it is wasted: if he has so many rights, that he could write to /usr, he has 
> enough rights to remount it.

Of course not. Having write permissions doesn't mean that
somebody is root.

Answer the question.

> and /tmp is not needed, as soon  as you have breaken into the box.

Exactly - *as* *soon*.

> So, noexec and ro /usr will save you from nothing.

Wrong.

>> No, it's not. Write permissions don't mean, that somebody is root.
> 
> in my /usr, yes it does.

Fine - who cares?

>> > yes really, you have to remount /usr everytime you update something.
>>
>> Jaja. You know, your exaggerations become boring...
> 
> because it is true?

No, it's not.

> show me, how do you update something residing in /usr without remounting.

I don't.

>> c) Boot a rescue system like Knoppix and clean /tmp.
> 
> yeah! but why boot from a boot-cd, if you don't have to? (hint:

Don't let it happen in the first place.

 /tmp not on
> its own, small partition)

Bad advice.

>> >> >> I see. Strange thing is, that about every server and workstation
>> >> >> I've seen more or less contradicts what you say.
>> >> >
>> >> > if you have 20+ users on each of them, and every single one is a
>> >> > little cracker in disguisse, it may make sense, but for a single user
>> >> > box?
>> >>
>> >> Why are you asking?
>> >
>> > because you are the one starting with 'server' and 'workstations'
>>
>> Correct. So what? Why are you asking?
>>
>> > and the OP
>> > never talked about one or the other.
>>
>> His system MUST be the one or the other.
> 
> nope,

Wrong.


> there is a third category: personal computer (also called home 
> computer).

Which is the WS class.

>> >> > If every partition takes a second, it will be very noticable.
>> >>
>> >> Hardly. (Notice that I'm not saying "No".)
>> >
>> > if mounting becomes the major 'hold up' in your booting process, it
>> > becomes VERY noticable.
>>
>> Jaja. Do you actually expect to be taken seriously?
> 
> not from you.

Fine.

> From thois mailing list I learnt, that if someone is not on your 
> side, the person is wrong.

If you say so.

>> > I have been there,
>>
>> I doubt that.
> 
> Why should I lie?

I've got no idea. But you obviously do.

> I had 3 ibm harddisks 1x10Gb,2x40gb one seagate 20gb and all and everything on 
> its own partition.
> And it was hell after a while.

Because you overdid it: "all and everything on its own partition".

>> > More harddisks=bigger chance that one of them dies.
>>
>> True. So? What does this have to do with the fact, that the
>> available hd's are too small? Just as a reminder - that's
>> the scenario YOU are talking about.
> 
> becuase you started with 'buy more harddisks'

As you started with "not enough space".

In your world, how do you get more space?

> 
>> >> > It is simple math.
>> >>
>> >> *LOL* _You_ should not talk about maths :)
>> >
>> > you obviously don't understand simple statistics.
>>
>> Seems like. But maybe it's just, that I've got problems
>> following your nonsense, hm?
> 
> you mean your nonesense?

No. I meant the nonesense that you write. Learn to read.

> Yep, it is hard to deal with you.

I'm just as anal as you are.

Alexander Skwar
-- 
Your happiness is intertwined with your outlook on life.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Richard Fish wrote:
> On 2/17/06, Hemmann, Volker Armin <volker.armin.hemmann@tu-clausthal.de> wrote:
>> On Friday 17 February 2006 07:33, Alexander Skwar wrote:
>> > Hemmann, Volker Armin wrote:
>> > > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
>> > >> Hemmann, Volker Armin wrote:
>> > >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
>> > >> >> Hemmann, Volker Armin wrote:
>> > >> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
>> > >> >> >> Hemmann, Volker Armin wrote:
>> > >> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> 
> Are you two done with your pissing match yet?

Sure. As soon as that moron stops pissing at me, I'll
also stop.

>  You've both made your
> points already, you are obviously not going to convince the other of
> anything,

Exactly.

> thread is getting really boring.

Yes, it is.

Alexander Skwar
-- 
All laws are simulations of reality.
\x01		-- John C. Lilly
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Benno Schulenberg]

Alexander Skwar wrote:
> Richard Fish wrote:
> > Are you two done with your pissing match yet?
>
> Sure. As soon as that moron stops pissing at me, I'll
> also stop.

You lost.  If you're so clever, you should stop first.

Benno
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Daniel da Veiga]

Take it to an IRC chat or whatever where the both of you can keep
going with this pointless and obviously selfish discussion that is not
even close to the OP question and had been discussed a lot over the
net, being one of those things where you think you're right and use
it, and somebody else don't and use something else, but both of you
are SURE that the other is wrong.

Do that please so my mail checker won't come with warnings every 10
minutes and save me the time of reading just to see you both keep
chatting (yes, it looks exactly as a private chat).

Don't get me wrong, you both surely are good pros and probably have
helped a lot of people (including me, maybe), but this thread has gone
too far and now there's no point in going on, if you want, please
don't post to the list, private reply each other ok.

--
Daniel da Veiga
Computer Operator - RS - Brazil
-----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GCM/IT/P/O d-? s:- a? C++$ UBLA++ P+ L++ E--- W+++$ N o+ K- w O M- V-
PS PE Y PGP- t+ 5 X+++ R+* tv b+ DI+++ D+ G+ e h+ r+ y++
------END GEEK CODE BLOCK------

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Maarten]

Okay, can we stop with the flamefest, already ?
Comments below...

Alexander Skwar wrote:
> Hemmann, Volker Armin wrote:
>>On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
>>>Hemmann, Volker Armin wrote:
>>>>On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
>>>>>Hemmann, Volker Armin wrote:
>>>>>>On Thursday 16 February 2006 15:45, Alexander Skwar wrote:


>>>Wrong again. If tmp is the only place somebody can write, then
>>>it might save you (and it DID save my ass more than once now).
>>
>>since /tmp is not the only place where someone can write (/var/tmp anyone?)

Several more indeed.  Find comes to the rescue:

12087    0 drwxrwxrwt   2 root     root           40 Jan 10 22:40 /dev/shm
252744    0 drwxrwxrwt   2 root     root           72 Apr 20  2005 /var/spool/samba

Yes, I CAN make files there, as a regular user.


>>if he has enough rights, that you have to worry about rw /usr, he has enough 
>>rights, to circumvent ro mounting by remounting.

No, that is also not true.  Just to satisfy everyone's curiosity, look at what
find comes up with:

1210021    0 drwxrwxr-x   2 lp       lp            416 Aug 26 16:44 /usr/share/foo2zjs/crd
128775   21 drwxrwsr-x   4 root     portage     21968 Feb  8 10:58 /usr/portage/distfiles

And I'm _only_ looking at directories now, not even files...

>>yes really, you have to remount /usr everytime you update something.
> 
> Jaja. You know, your exaggerations become boring...

Well, no.  It is correct. How do you expect to install something when /usr is mounted RO ?


<snipped the rest of the ''argument''...>

Maarten
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Maarten wrote:
> Okay, can we stop with the flamefest, already ?

Certainly.

> Alexander Skwar wrote:
>> Hemmann, Volker Armin wrote:
>>>On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
>>>>Hemmann, Volker Armin wrote:
>>>>>On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
>>>>>>Hemmann, Volker Armin wrote:
>>>>>>>On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> 
> 
>>>>Wrong again. If tmp is the only place somebody can write, then
>>>>it might save you (and it DID save my ass more than once now).
>>>
>>>since /tmp is not the only place where someone can write (/var/tmp anyone?)
> 
> Several more indeed.  Find comes to the rescue:
> 
> 12087    0 drwxrwxrwt   2 root     root           40 Jan 10 22:40 /dev/shm
> 252744    0 drwxrwxrwt   2 root     root           72 Apr 20  2005 /var/spool/samba
> 
> Yes, I CAN make files there, as a regular user.

Yep, but you have to find those places. If you cannot execute
programs, that will be hard. With /tmp, an attacker knows
that he can write there.

Granted, /dev/shm is also a rather common place that allows
everyone to write to.

>>>yes really, you have to remount /usr everytime you update something.
>> 
>> Jaja. You know, your exaggerations become boring...
> 
> Well, no.  It is correct. How do you expect to install something when /usr is mounted RO ?

Well, you know, his arguments aren't /totally/ wrong. I already
said that they are true, in a sense - but I also said, that he's
exaggerating very much. Quite obviously, there's no way to write
to /usr if it is mounted read only.

What I disagree with, is that his notion that a "mount -o
remount,rw /usr" is a lot of work.

I also don't disagree that it IS extra work. I'm just saying
that it's not MUCH extra work.

Alexander Skwar
-- 
(German philosopher) Georg Wilhelm Hegel, on his deathbed, complained,
"Only one man ever understood me."  He fell silent for a while and then added,
"And he didn't understand me."
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Patrick Börjesson]

[-- Attachment #1: Type: text/plain, Size: 10723 bytes --]

First, I can't really understand why either one of you two won't fully
explain your reasonings when going against the other. It helps noone.

On 2006-02-17 19:04, Hemmann, Volker Armin uttered these thoughts:
> On Friday 17 February 2006 07:33, Alexander Skwar wrote:
> > Hemmann, Volker Armin wrote:
> > > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
> > >> Hemmann, Volker Armin wrote:
> > >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> > >> >> Hemmann, Volker Armin wrote:
> > >> >> >
> > >> >> > Why should he make /tmp noexec,
> > >> >>
> > >> >> Security precaution.
> > >> >
> > >> > if you have 10+ users with access to the box. But a workstation,
> > >> > without even sshd running, it is not needed.

Of course, if you have a system with _no_ services running (including
apache, sshd and so on), or a firewall that blocks every and all
incoming connection attempt, then for someone to access /tmp without
having physical access to the system (in which case you're pretty much
screwed anyhow) is, as far as I know, impossible. 

This doesn't take into account client-side exploits; because with these
the exploiting code has access to whatever resources the user running
the client has, including writing to whatever areas that the user has. 

> > >> "needed" - What's "needed", anyway?
> > >>
> > >> > And hey, why should /tmp noexec save you from anything?
> > >>
> > >> Because it does.
> > >
> > > so? how?
> >
> > Think, you might find out. What does noexec do, hm?
> >
> > Even *you* might find out...
> >
> > Well... If I think about it... No, you're too clueless
> > to find out.
> >
> > Hint 1: "noexec" nowadays makes it impossible to execute
> > programs stored on that filesystem.
> 
> I know, but it won't save you from anything.
> After a user got in, he is a user. And every user has a place with write 
> permission (if he is user apache/httpd he has lots of places, where he can 
> store code).  Outside of /tmp.

Where?
If you've locked down your system tight enough (with file permissions,
noexec and so on), I'd guess that the places where things can be stored
_and_ be executed from is pretty limited. 

> You see - it doesn't help you anything.

I disagre, but if you're under that impression you're not forced to go
that route... But I'd advice you from expressing this opinion to people
not knowing better. 

> > Hint 2: /tmp (and /var/tmp) are (hopefully) the only places
> > where everybody can write.
> 
> an attacker does not need a place, where everybody can write. He just needs 
> SOME place, where he can write - like the home-directory of the user he just 
> corrumpted.

What's to say that the only way to get access to a system is through
hacking a user account? 
Exploits have existed (and probably does, if not in older code) that
uses /tmp, and the ability to execute things from that location, to get
access to more privileges.
So having /tmp mounted as noexec is a good security measure from these
kind of exploits. 

> Also, he can disrupt your system, by just filling up /tmp. No code needed for 
> that.

And that is the exact reason for keeping "writable by all" locations on
separate filesystems, so that the damage can be limited and not make the
entire system unusable if someone decides to fill up a filesystem. 

> > >> > If someone is  able to break into your box, he can build his tools in
> > >> > /home or /var/tmp or somewhere else. No need for /tmp.
> > >>
> > >> Wrong again. If tmp is the only place somebody can write, then
> > >> it might save you (and it DID save my ass more than once now).
> > >
> > > since /tmp is not the only place where someone can write (/var/tmp
> > > anyone?)
> >
> > True. /var/tmp is a link to /tmp on my system. And if not, /var/tmp
> > could also easily be a seperate fs.
> and another partition ..,.

Not necessarily a partition (by using LVM), but ok. 

I really don't get why this is a problem if you can easily extend the
size of these filesystems, which it is when using LVM or an eqvivalent
system. 

> > > it
> > > won't help you much.
> >
> > That's of course wrong again.
> >
> > >> >> Ah. Please explain how you mount /tmp noexec and /usr
> > >> >> readonly.
> > >> >
> > >> > I don't because it is wasted effort.
> > >>
> > >> Of course it's not.
> > >
> > > yes it is.
> >
> > Jaja. Just because you've got problems, it doesn't mean
> > that there ARE problems.
> 
> it is wasted: if he has so many rights, that he could write to /usr, he has 
> enough rights to remount it.
> and /tmp is not needed, as soon  as you have breaken into the box.
> Plus, a full /tmp and /var will disrupt services and make reboot (almost) 
> impossible.
> 
> So, noexec and ro /usr will save you from nothing.
> 
> > No, it's not. Write permissions don't mean, that somebody is root.
> 
> in my /usr, yes it does.
> ;)

That's I think your problem with this entire approach. You only see
your specific scenario. It's fully possible to have write privileges to
/usr without having to be root. 

> > > yes really, you have to remount /usr everytime you update something.
> >
> > Jaja. You know, your exaggerations become boring...
> 
> because it is true?
> show me, how do you update something residing in /usr without remounting.

You don't. But saying that remounting /usr when you do updates takes up
an unreasonable amount of time is pretty much moot if you take a couple
of minutes to script your update procedure.

> > a) /tmp is cleaned during boot - so this won't happen anyway.
> 
> /tmp ios cleaned so late, that it is too late, is both are totally full.
> 
> > b) Don't let it happen in the first place.
> you can not tell an attacker what not to do.
> 
> > c) Boot a rescue system like Knoppix and clean /tmp.
> 
> yeah! but why boot from a boot-cd, if you don't have to? (hint: /tmp not on 
> its own, small partition)

Oh yeah, it's much better to have /tmp on the same filesystem as /,
making the system unusable as soon as you fill up /tmp. Good suggestion
;)

> > d) In reality, I NEVER had it happen that /tmp or /var/tmp
> > ran out of space. What happened "more often" is that /var
> > ran out of space, because of the logs in /var/log.
> 
> you have never used gimp, did you?
> I have seen gimp filling up a 5GB /tmp.
> 
> >
> > >> >> I see. Strange thing is, that about every server and workstation
> > >> >> I've seen more or less contradicts what you say.
> > >> >
> > >> > if you have 20+ users on each of them, and every single one is a
> > >> > little cracker in disguisse, it may make sense, but for a single user
> > >> > box?
> > >>
> > >> Why are you asking?
> > >
> > > because you are the one starting with 'server' and 'workstations'
> >
> > Correct. So what? Why are you asking?
> >
> > > and the OP
> > > never talked about one or the other.
> >
> > His system MUST be the one or the other.
> 
> nope, there is a third category: personal computer (also called home 
> computer).

What's this got to do with anything at all?

> > >> > If every partition takes a second, it will be very noticable.
> > >>
> > >> Hardly. (Notice that I'm not saying "No".)
> > >
> > > if mounting becomes the major 'hold up' in your booting process, it
> > > becomes VERY noticable.
> >
> > Jaja. Do you actually expect to be taken seriously?
> 
> not from you. From thois mailing list I learnt, that if someone is not on your 
> side, the person is wrong.

Good philosophy. Good luck getting through life with that attitude. 

> > > I have been there,
> >
> > I doubt that.
> 
> Why should I lie?
> I had 3 ibm harddisks 1x10Gb,2x40gb one seagate 20gb and all and everything on 
> its own partition.
> And it was hell after a while.

I would imagine it could get pretty screwed up using ordinary
partitions which you can't resize easily. But from Alexander's point of
view this is pretty much moot since it seems that extending filesystems
using LVM is extremely easy and fast. 

> > > More harddisks=bigger chance that one of them dies.

So, instead of spreading your data out over several harddrives (reducing
the chance of loosing _all_ your data when a harddrive dies), you'd
rather have everything on one harddrive, thus loosing all your data when
that harddrive dies... Best suggestion I've heard in a long time ;)

> > True. So? What does this have to do with the fact, that the
> > available hd's are too small? Just as a reminder - that's
> > the scenario YOU are talking about.
> 
> becuase you started with 'buy more harddisks'
> 
> > >> > It is simple math.
> > >>
> > >> *LOL* _You_ should not talk about maths :)
> > >
> > > you obviously don't understand simple statistics.

The statistics in your reasoning really has no bearing in the argument,
since harddrives will fail no matter how many (or few) harddrives you
have. 
And even though having more harddrives increases the chance of one of
them failing, how does that impact your choice in what
partitioning-scheme you want to use (especially if you use LVM)?

> > Seems like. But maybe it's just, that I've got problems
> > following your nonsense, hm?
> 
> you mean your nonesense?
> Yep, it is hard to deal with you.
> 
> I snipped the rest: TL:DR

Wow, intelligent rebuttals here... Impressive.


At the end of the day, it's basically a choice of how secure/robust you
want your filesystem layout to be compared to how much tinkering you
want to do to keep everything rolling along nicely. 

Using alot of ordinary partitions seems to be pretty outdated when we
have access to LVM, and can bring alot of hassle if you have made your
partitions to small, or waste alot of space if made to big. 

Using one partition for basically everything under / is a bit less
secure if you're running a couple of services on your system, but if
you're just using the system as a workstation, I wouldn't be too worried
about it. 

Using LVM seems to be a lot more flexible since you can start small with
your filesystems, and extend them after time when need be. But this also
includes some supervision of how much space you have available on your
different filesystems. Could probably be considered a more convenient
alternative if you plan to extend your system later on with more
harddrives, or plan on separating your data areas to further
security/robustness.


Please end the flamefest now, k?

-- 
/  Patrick Börjesson
\ -------------------
/  ()  The ASCII Ribbon Campaign - against HTML Email
\  /\   and proprietary formats.

[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Friday 17 February 2006 19:38, Alexander Skwar wrote:
> Richard Fish wrote:
> > On 2/17/06, Hemmann, Volker Armin <volker.armin.hemmann@tu-clausthal.de> 
wrote:
> >> On Friday 17 February 2006 07:33, Alexander Skwar wrote:
> >> > Hemmann, Volker Armin wrote:
> >> > > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
> >> > >> Hemmann, Volker Armin wrote:
> >> > >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> >> > >> >> Hemmann, Volker Armin wrote:
> >> > >> >> > On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> >> > >> >> >> Hemmann, Volker Armin wrote:
> >> > >> >> >> > On Thursday 16 February 2006 14:06, Alexander Skwar wrote:
> >
> > Are you two done with your pissing match yet?
>
> Sure. As soon as that moron stops pissing at me, I'll
> also stop.


thank you, you just invalidated everything you ever wrote.

Have a nice day.
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[John Jolet]

the problem is they both have valid points.  in this,as in nearly all aspects of unix administration, there is not a single right answer.

-----Original Message-----
    From: "Patrick Börjesson"<psycho@rift.ath.cx>
    Sent: 2/17/06 4:15:08 PM
    To: "gentoo-user@lists.gentoo.org"<gentoo-user@lists.gentoo.org>
    Subject: Re: [gentoo-user] How many GB for / partition?
    
    First, I can't really understand why either one of you two won't fully
    explain your reasonings when going against the other. It helps noone.
    
    On 2006-02-17 19:04, Hemmann, Volker Armin uttered these thoughts:
    > On Friday 17 February 2006 07:33, Alexander Skwar wrote:
    > > Hemmann, Volker Armin wrote:
    > > > On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
    > > >> Hemmann, Volker Armin wrote:
    > > >> > On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
    > > >> >> Hemmann, Volker Armin wrote:
    > > >> >> >
    > > >> >> > Why should he make /tmp noexec,
    > > >> >>
    > > >> >> Security precaution.
    > > >> >
    > > >> > if you have 10+ users with access to the box. But a workstation,
    > > >> > without even sshd running, it is not needed.
    
    Of course, if you have a system with _no_ services running (including
    apache, sshd and so on), or a firewall that blocks every and all
    incoming connection attempt, then for someone to access /tmp without
    having physical access to the system (in which case you're pretty much
    screwed anyhow) is, as far as I know, impossible.=20
    
    This doesn't take into account client-side exploits; because with these
    the exploiting code has access to whatever resources the user running
    the client has, including writing to whatever areas that the user has.=20
    
    > > >> "needed" - What's "needed", anyway?
    > > >>
    > > >> > And hey, why should /tmp noexec save you from anything?
    > > >>
    > > >> Because it does.
    > > >
    > > > so? how?
    > >
    > > Think, you might find out. What does noexec do, hm?
    > >
    > > Even *you* might find out...
    > >
    > > Well... If I think about it... No, you're too clueless
    > > to find out.
    > >
    > > Hint 1: "noexec" nowadays makes it impossible to execute
    > > programs stored on that filesystem.
    >=20
    > I know, but it won't save you from anything.
    > After a user got in, he is a user. And every user has a place with write=
    =20
    > permission (if he is user apache/httpd he has lots of places, where he ca=
    n=20
    > store code).  Outside of /tmp.
    
    Where?    

[Message truncated. Tap Edit->Mark for Download to get remaining portion.]

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Rumen Yotov]

[-- Attachment #1: Type: text/plain, Size: 3035 bytes --]

On Fri, 2006-02-17 at 22:35 +0100, Alexander Skwar wrote:
> Maarten wrote:
> > Okay, can we stop with the flamefest, already ?
> 
> Certainly.
> 
> > Alexander Skwar wrote:
> >> Hemmann, Volker Armin wrote:
> >>>On Thursday 16 February 2006 20:40, Alexander Skwar wrote:
> >>>>Hemmann, Volker Armin wrote:
> >>>>>On Thursday 16 February 2006 17:18, Alexander Skwar wrote:
> >>>>>>Hemmann, Volker Armin wrote:
> >>>>>>>On Thursday 16 February 2006 15:45, Alexander Skwar wrote:
> > 
> > 
> >>>>Wrong again. If tmp is the only place somebody can write, then
> >>>>it might save you (and it DID save my ass more than once now).
> >>>
> >>>since /tmp is not the only place where someone can write (/var/tmp anyone?)
> > 
> > Several more indeed.  Find comes to the rescue:
> > 
> > 12087    0 drwxrwxrwt   2 root     root           40 Jan 10 22:40 /dev/shm
> > 252744    0 drwxrwxrwt   2 root     root           72 Apr 20  2005 /var/spool/samba
> > 
> > Yes, I CAN make files there, as a regular user.
> 
> Yep, but you have to find those places. If you cannot execute
> programs, that will be hard. With /tmp, an attacker knows
> that he can write there.
> 
> Granted, /dev/shm is also a rather common place that allows
> everyone to write to.
> 
> >>>yes really, you have to remount /usr everytime you update something.
> >> 
> >> Jaja. You know, your exaggerations become boring...
> > 
> > Well, no.  It is correct. How do you expect to install something when /usr is mounted RO ?
> 
> Well, you know, his arguments aren't /totally/ wrong. I already
> said that they are true, in a sense - but I also said, that he's
> exaggerating very much. Quite obviously, there's no way to write
> to /usr if it is mounted read only.
> 
> What I disagree with, is that his notion that a "mount -o
> remount,rw /usr" is a lot of work.
> 
> I also don't disagree that it IS extra work. I'm just saying
> that it's not MUCH extra work.
> 
> Alexander Skwar
> -- 
> (German philosopher) Georg Wilhelm Hegel, on his deathbed, complained,
> "Only one man ever understood me."  He fell silent for a while and then added,
> "And he didn't understand me."
Hi,
Please don't take this post as a signal for more battles.
IMHO there are many true facts from both of you.
Just a few point, as i have some (limited experience with hardened
systems).
1.For 2-3 years using portage-tree in /var/portage, no problems so far,
all it takes is a symlink in /usr & change in /etc/make.conf file.
So i can mount all /usr as 'noexec'.
2.For a really important system (from security point of view) people
could use some of Gentoo's hardened projects (grsec,SELinux,RSBAC).
i've used 'grsec & RSBAC'. Logically grsec is less powerful but easier
to manage, and RSBAC (as SELinux) is like a combat tank in a battle
during middle age wars (concerning security settings).
So there are tools quite for everything, if you wish and know how to use
them. No system is perfect but some are almost ;)
HTH.Rumen

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 3409 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 399 bytes --]

On Fri, 17 Feb 2006 22:35:48 +0100, Alexander Skwar wrote:

> > Okay, can we stop with the flamefest, already ?
> 
> Certainly.

[snip]

> Yep, but you have to find those places. If you cannot execute
> programs, that will be hard. With /tmp, an attacker knows
> that he can write there.

OK, a better question is "WILL you stop this"?


-- 
Neil Bothwick

Loose bits sink chips.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Eric Bliss]

On Friday 17 February 2006 14:36, Rumen Yotov wrote:
> Hi,
> Please don't take this post as a signal for more battles.
> IMHO there are many true facts from both of you.
> Just a few point, as i have some (limited experience with hardened
> systems).
> 1.For 2-3 years using portage-tree in /var/portage, no problems so far,
> all it takes is a symlink in /usr & change in /etc/make.conf file.
> So i can mount all /usr as 'noexec'.

Forgive me for asking, but how is this possible???  The last time I checked 
(which was 2 minutes ago...), /usr is where almost all the executables on my 
system are - /usr/bin, /usr/kde/3.x, /usr/libexec, /usr/sbin...

I kinda doubt that I'll ever take advantage of a setup like this (at least on 
this machine), but I am curious as to how that would work.

For my own machine (notebook with only a 60g hd), I only run 4 basic 
partitions...

/boot - 70 meg (big just in case I want extra kernels, splash screens, etc.)
swap - 1/2 gig - kinda useless, since I upgraded the RAM from 256m to 2g :-)
/ - 35 gig - everything else Linux
25~ gig or so - Windows partition so I can run games in their native 
environment without hassles.

Now, obviously, I haven't sub-partitioned my Linux stuff, mainly due to my 
concerns over a lack of space in general - I don't want to have to worry 
about ANY lost space to allow room on sub-partitions to not fill up to 100%. 
Now, if I had a 200 gig drive, I might not be so concerned with space, and it 
might make some sense for me to set up a few extra partitions.  But I don't, 
and this works for my situation.

As I said at the start, I'm simply curious how you would manage to mount the 
main executable storage area of your system as "noexec".

-- 
Eric Bliss
systems design and integration,
CreativeCow.Net
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Hemmann, Volker Armin]

On Friday 17 February 2006 23:15, Patrick Börjesson wrote:


> > an attacker does not need a place, where everybody can write. He just
> > needs SOME place, where he can write - like the home-directory of the
> > user he just corrumpted.
>
> What's to say that the only way to get access to a system is through
> hacking a user account?

if he hacks apache, he is the httpd user, if he hacks sendmail, he is 'mail'
If you are not a user, you are not logged in.
IOr in reverse, as soon, as you can do anything on a box, you are a user in 
one way or another.
> Exploits have existed (and probably does, if not in older code) that
> uses /tmp, and the ability to execute things from that location, to get
> access to more privileges.
> So having /tmp mounted as noexec is a good security measure from these
> kind of exploits.

and I bet same exploits would work from /var/spool.

>
> > Also, he can disrupt your system, by just filling up /tmp. No code needed
> > for that.
>
> And that is the exact reason for keeping "writable by all" locations on
> separate filesystems, so that the damage can be limited and not make the
> entire system unusable if someone decides to fill up a filesystem.

if / is huge, it is much harder to fill up /tmp
And if he can fill up /tmp completly, you are hosed anyway. So having it on 
its own partition does not save you from anything. It only makes it more 
likely, that at some point /tmp is too small and you need to make it bigger.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Maarten]

Eric Bliss wrote:
> On Friday 17 February 2006 14:36, Rumen Yotov wrote:
> 
>>Hi,
>>Please don't take this post as a signal for more battles.
>>IMHO there are many true facts from both of you.
>>Just a few point, as i have some (limited experience with hardened
>>systems).
>>1.For 2-3 years using portage-tree in /var/portage, no problems so far,
>>all it takes is a symlink in /usr & change in /etc/make.conf file.
>>So i can mount all /usr as 'noexec'.
> 
> 
> Forgive me for asking, but how is this possible???  The last time I checked 
> (which was 2 minutes ago...), /usr is where almost all the executables on my 
> system are - /usr/bin, /usr/kde/3.x, /usr/libexec, /usr/sbin...

It is, therefore, logically not possible.
I believe, in all the mess that this thread has developed into, that
Rumen simply confused 'noexec' with 'ro'.  Shit happens... :-)
This must be the explanation for sure. Or else, if /usr can be mounted
noexec without trouble, I'll donate 7500000000 bogomips to the FSF.

Maarten


P.S.:

The thread this derived from has to be the most lame discussion I have
witnessed in ages, and I've seen a few. First and foremost because
neither of you took the simple effort to run two trivial 'find' commands
to try and prove the other guy wrong.  It is a shame, because at first,
you both said some things that were 'insightful'[tm]...
Most people would try to strengthen their positions by coming up with
some proof, some good arguments, but that is SO totally absent here...
No proof, nor examples, nor whatsoever...  All you two did manage to say
was really just an endless loop of--

"Wrong"
"Not wrong, right."
"No, you're wrong"
"I'm right, you are wrong"
"You are a thousand times wrong"
"No, it is you who are infinitely wrong"
"You are wrong infinitely plus one"
"I am right, have always been right, and you suck"
"No YOU suck"
"I may suck but that is because you know I'm right"
"You suck AND you are wrong"
"I do not suck. YOU suck!"
"Do NOT!"
"Do TOO!"
"No you suck. And you are wrong..."

Now what age-group type conversation does that remind you of...?
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Ryan Tandy]

Maarten wrote:
> Or else, if /usr can be mounted
> noexec without trouble, I'll donate 7500000000 bogomips to the FSF.
>   
Can we get that in writing, with a signature, creative use of {sym,hard} 
links and nested mounts notwithstanding? ;)

Where "trouble" is defined as a system that won't run (relatively) 
smoothly, rather than the amount of effort required to get it in that 
state...
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Rumen Yotov]

[-- Attachment #1: Type: text/plain, Size: 5078 bytes --]

On Sat, 2006-02-18 at 01:23 +0100, Maarten wrote:
> Eric Bliss wrote:
> > On Friday 17 February 2006 14:36, Rumen Yotov wrote:
> > 
> >>Hi,
> >>Please don't take this post as a signal for more battles.
> >>IMHO there are many true facts from both of you.
> >>Just a few point, as i have some (limited experience with hardened
> >>systems).
> >>1.For 2-3 years using portage-tree in /var/portage, no problems so far,
> >>all it takes is a symlink in /usr & change in /etc/make.conf file.
> >>So i can mount all /usr as 'noexec'.
> > 
> > 
> > Forgive me for asking, but how is this possible???  The last time I checked 
> > (which was 2 minutes ago...), /usr is where almost all the executables on my 
> > system are - /usr/bin, /usr/kde/3.x, /usr/libexec, /usr/sbin...
> 
> It is, therefore, logically not possible.
> I believe, in all the mess that this thread has developed into, that
> Rumen simply confused 'noexec' with 'ro'.  Shit happens... :-)
> This must be the explanation for sure. Or else, if /usr can be mounted
> noexec without trouble, I'll donate 7500000000 bogomips to the FSF.
> 
> Maarten
> 
> 
> P.S.:
> 
> The thread this derived from has to be the most lame discussion I have
> witnessed in ages, and I've seen a few. First and foremost because
> neither of you took the simple effort to run two trivial 'find' commands
> to try and prove the other guy wrong.  It is a shame, because at first,
> you both said some things that were 'insightful'[tm]...
> Most people would try to strengthen their positions by coming up with
> some proof, some good arguments, but that is SO totally absent here...
> No proof, nor examples, nor whatsoever...  All you two did manage to say
> was really just an endless loop of--
> 
> "Wrong"
> "Not wrong, right."
> "No, you're wrong"
> "I'm right, you are wrong"
> "You are a thousand times wrong"
> "No, it is you who are infinitely wrong"
> "You are wrong infinitely plus one"
> "I am right, have always been right, and you suck"
> "No YOU suck"
> "I may suck but that is because you know I'm right"
> "You suck AND you are wrong"
> "I do not suck. YOU suck!"
> "Do NOT!"
> "Do TOO!"
> "No you suck. And you are wrong..."
> 
> Now what age-group type conversation does that remind you of...?
Hi,
In the beginning have to say it's *my* mistake - noexec != ro.
As soon as i posted this went to bed and just then remembered about this
HUGE mistake.
You need 'exec' on /usr just to do anything, but i was thinking about
'ro'- so that nobody could change anything there. Could be remounted
only during installation of new packages, then closed again.
But now i need to explain more (because of this silly mistake).
1.While reading about filling up a partition, remembered that i wanted
to write about 'quota' too (using this defense mechanism is easy).
Now back to 'hardened'
2.grsec generally said is using three main lines of additional defense:
2.1. PAX - protects memory space from various attacks + makes data pages
no-executable; Complemented by GCC with SSP,PIC,PIE code generation.
2.2. grsecurity kernel patch (which integrates PAX patch from #2.1)-
which adds some additional chroot protections, hides many things/info
visible in '/proc' could protect/limit networking access (IIRC) and some
other things;
2.3.Uses RBAC (MAC - Mandatory Access Control) model (through ACLs) to
protect file-system data, could be done easily with 'learning mode'.
3.RSBAC (my favorite ;)
3.1.Has PAX too (plus hardened GCC);
3.2 Main protection is from RSBAC (Rule Set Based Access Control).
Generally speaking it's as you have not one but two admin/root users:
the old classic 'root' user plus 'secoff' (Security Officer).
Secoff can limit *all* root privileges/access as he wants - on all type
of resources (root could look like a normal user, no problem to do it ;)
i have all /usr + subdirs (inherited property) as 'RO' even for 'root',
only on system update remove this then afterward apply again.
Same could be done on /etc (minus mtab and some individual files which
change during boot). Still impressed with the power of this system.
3.3. New feature (from some half an year) is the new 'user management'
code. All user account data is kept into kernel space (so
no /etc/passwd, /etc/shadow files).
One big drawback with this is the management issue, it's very difficult
to learn to manage such system (still learning, and a lot to go).
3.4.Very strong "chroot" protection & features.
Think this info explains at least part of the story.
4.SELinux - have no real experience here, just in theory.
4.1.This one is integrated into the kernel as LSM;
4.2.Offers a level of protection similar to RSBAC (IMHO);
4.3.Also have a very strong Type/Domain controlled Access Control;
4.4.Easier to implement (than RSBAC) because there're many ready to be
used 'policies' (also in portage);
4.5.But managing requires a deeper/enough understanding if it's working
model;
4.5.Developed by NSA.
This it. Again sorry for my mistake. Rumen

[-- Attachment #2: smime.p7s --]
[-- Type: application/x-pkcs7-signature, Size: 3409 bytes --]

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Neil Bothwick]

[-- Attachment #1: Type: text/plain, Size: 342 bytes --]

On Sat, 18 Feb 2006 01:23:51 +0100, Maarten wrote:

> "You suck AND you are wrong"
> "I do not suck. YOU suck!"
> "Do NOT!"
> "Do TOO!"
> "No you suck. And you are wrong..."
> 
> Now what age-group type conversation does that remind you of...?

The Internet Age :(


-- 
Neil Bothwick

Windows Error #01: No error... ...yet.

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Maarten]

Ryan Tandy wrote:
> Maarten wrote:
> 
>> Or else, if /usr can be mounted
>> noexec without trouble, I'll donate 7500000000 bogomips to the FSF.
>>   
> 
> Can we get that in writing, with a signature, creative use of {sym,hard}
> links and nested mounts notwithstanding? ;)

Certainly ;-)

Oh well, it only amounts to 23 days of my Athlons' undivided attention.
I'll live.  ;-)

> Where "trouble" is defined as a system that won't run (relatively)
> smoothly, rather than the amount of effort required to get it in that
> state...

Hehehe. Obviously, yes.
LOL

Maarten
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Uwe Thiem]

On 18 February 2006 15:05, Maarten wrote:
> Ryan Tandy wrote:
> > Maarten wrote:
> >> Or else, if /usr can be mounted
> >> noexec without trouble, I'll donate 7500000000 bogomips to the FSF.
> >
> > Can we get that in writing, with a signature, creative use of {sym,hard}
> > links and nested mounts notwithstanding? ;)
>
> Certainly ;-)
>
> Oh well, it only amounts to 23 days of my Athlons' undivided attention.
> I'll live.  ;-)

23 days conpressed into one second. That will be the hard part. ;-)

Uwe

-- 
Why do consumers keep buying products they will live to curse?
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Maarten]

Uwe Thiem wrote:
> On 18 February 2006 15:05, Maarten wrote:
> 
>>Ryan Tandy wrote:
>>
>>>Maarten wrote:

>>Oh well, it only amounts to 23 days of my Athlons' undivided attention.
>>I'll live.  ;-)
> 
> 
> 23 days conpressed into one second. That will be the hard part. ;-)

Well, maybe.  Depending on your definition of MIPS. :-)
And "Bogomi" sounded kinda weird, you know.  But anyway.

No, the real hard (or funny, depending on your viewpoint) part is
watching those engineers try to execute a single calculation, on their
7500 billion bogomips system-with-usr-mounted-noexec...  ;-)


Back to the thread... I started wondering about something. I thought a
100% full root filesystem was deadly, but never thought about /tmp.
So I'd like to ask, what is more deadly for a system, a full root FS, a
full /tmp or a full /var ?  Why ?
And as a bonus question: which one is worse during boot, and which one
is worse on a fully booted and running system ?

Maarten

> Uwe
> 

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Hans-Werner Hilse]

Hi,

On Sat, 18 Feb 2006 18:51:21 +0100
Maarten <gentoo@ultratux.org> wrote:

> Back to the thread... I started wondering about something. I thought a
> 100% full root filesystem was deadly, but never thought about /tmp.
> So I'd like to ask, what is more deadly for a system, a full root FS, a
> full /tmp or a full /var ?  Why ?
> And as a bonus question: which one is worse during boot, and which one
> is worse on a fully booted and running system ?

/tmp shouldn't matter. full/read-only /var will disturb the gentoo rc
scripts. When running, programs/daemons may act funny when they can't
cope with the situation of full disks (e.g., PHP can't create session
files anymore). You can't expect logging to work, too.

Full/unwritable /etc may disturb some maintenance scripts, mount can't
update /etc/mtab.

Generally, nothing will prevent the kernel from booting and running any
exec that's still readable. So even with full disks, e.g.
init=/bin/bash in kernel command line will give a root shell and let
you fix things (after remounting the relevant partitions read-write).

So on a running system, /var and /tmp are the important trees that are
expected to be writable. This should be the same for the gentoo rc
scripts, but not the kernel bootup.

-hwh
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[kashani]

Hans-Werner Hilse wrote:
> Hi,
> 
> On Sat, 18 Feb 2006 18:51:21 +0100
> Maarten <gentoo@ultratux.org> wrote:
> 
> 
>>Back to the thread... I started wondering about something. I thought a
>>100% full root filesystem was deadly, but never thought about /tmp.
>>So I'd like to ask, what is more deadly for a system, a full root FS, a
>>full /tmp or a full /var ?  Why ?
>>And as a bonus question: which one is worse during boot, and which one
>>is worse on a fully booted and running system ?
> 
> 
> /tmp shouldn't matter. full/read-only /var will disturb the gentoo rc
> scripts. When running, programs/daemons may act funny when they can't
> cope with the situation of full disks (e.g., PHP can't create session
> files anymore). You can't expect logging to work, too.

Assuming it's a database server a full /tmp will cause some issues.

kashani
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Alexander Skwar]

kashani wrote:

> Assuming it's a database server a full /tmp will cause some issues.

In how far? Neither Oracle nor MySQL write to /tmp. MySQL may create
a socket file, which by default resides in /tmp. But /tmp is a rather
bad place for such a file anyway...

Alexander Skwar
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[kashani]

Alexander Skwar wrote:
> kashani wrote:
> 
> 
>>Assuming it's a database server a full /tmp will cause some issues.
> 
> 
> In how far? Neither Oracle nor MySQL write to /tmp. MySQL may create
> a socket file, which by default resides in /tmp. But /tmp is a rather
> bad place for such a file anyway...

Never ran a Mysql query that returned more results than would fit in ram 
have you?

kashani@azul ~ $ grep tmp /etc/mysql/my.cnf
tmpdir                                          = /tmp/

Not sure about other db servers.

Also Apache writes session date to /tmp and PHP pear stuff uses /tmp as 
well.

kashani
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[Alexander Skwar]

kashani wrote:
> Alexander Skwar wrote:
>> kashani wrote:

>>>Assuming it's a database server a full /tmp will cause some issues.
>> 
>> In how far? Neither Oracle nor MySQL write to /tmp. MySQL may create
>> a socket file, which by default resides in /tmp. But /tmp is a rather
>> bad place for such a file anyway...
> 
> Never ran a Mysql query that returned more results than would fit in ram 
> have you?

Yes, I have.

> kashani@azul ~ $ grep tmp /etc/mysql/my.cnf
> tmpdir                                          = /tmp/

Okay, default value. Can be changed, though.

> Not sure about other db servers.
> 
> Also Apache writes session date to /tmp

Don't know where Apache writes session stuff to. It's
new to me, that Apache had a session handling at all...
I just know the PHP session hadnling. And yes, this,
by default, writes to /tmp as well.

> and PHP pear stuff uses /tmp as 
> well.

Possibly, yes.

Alexander Skwar
-- 
Hate the sin and love the sinner.
		-- Mahatma Gandhi
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] /usr as noexec? (was GB for / partition flamewar)

[kashani]

> Alexander Skwar

<snippage of pedantic nit picking and back peddling>

Yes Mysql writes to /tmp by default and yes you can change it in which 
case if that partition is full then you see the same behavior. So we can 
say that Mysql really wants its temp space to have enough room for it to 
write and sometimes it needs a few GB rather than a few hundred MB 
depending on what you're doing and how badly a programmer wrote the query.

Ain't no possible about the session data unless you've manually changed 
this. Apache writes it to /tmp/ because I go and look before I shoot my 
mount off.

kashani@azul ~ $ ls -l /tmp/
total 84

drwxr-xr-x  3 root   root    4096 Oct 28 11:11 pear
-rw-------  1 apache apache  5155 Nov 11 10:16 
sess_6c40c9326faf2c5ab4acf8cc28185962
-rw-------  1 apache apache  1783 Nov  2 11:33 
sess_97e700cd3b82b36a9e7fc44cd898df52
-rw-------  1 apache apache    30 Jan 13 14:41 
sess_c2f99d41593771d2c4ccee93ab6d3355
-rw-------  1 apache apache  1783 Nov  6 22:29 
sess_cea4c86ed58f11824519ee8d09205fbb
drwx------  2 kashani  users   4096 Feb 19 12:50 ssh-DGEYh15924

kashani
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[joaoemanuel1981]

[-- Attachment #1: Type: text/plain, Size: 1148 bytes --]

> IMHO you could just use the rest of the disk (after the /boot [hda1]
> and swap [hda2]), but if you intend to get a /home (or anything), I
> usually use 10GB for / just in case (still at 50%, but you never
> know). I got two 40GB disks however, if I were you (and I'm not, so,
> you can just disconsider what I'll say), I would put 20GB for the
> system, so you'll probably never run out of space...
>
> On 2/16/06, Izar Ilun wrote:
> > I'm installing Gentoo and I'd like you to suggest me how much disc space I
> > should use for /.
> >
> > My machine is Pentium4, 1GB RAM, 200 GB HD ATA
> >
> > It's a desktop machine with Gentoo as the only and exclusive OS.
> >
> > Will run KDE. Amarok, OpenOffice, firefox....
> >
> > Thanx!
> >
>
>
> --
> Daniel da Veiga
> Computer Operator - RS - Brazil
> -----BEGIN GEEK CODE BLOCK-----
> Version: 3.1
> GCM/IT/P/O d-? s:- a? C++$ UBLA++ P+ L++ E--- W+++$ N o+ K- w O M- V-
> PS PE Y PGP- t+ 5 X+++ R+* tv b+ DI+++ D+ G+ e h+ r+ y++
> ------END GEEK CODE BLOCK------
>
> --
> gentoo-user@gentoo.org mailing list

Do i not understand why needs swap, if have 1GB of RAM?

[-- Attachment #2: Type: text/html, Size: 1775 bytes --]

Re: [gentoo-user] How many GB for / partition?

[jarry]

[-- Warning: decoded text below may be mangled, UTF-8 assumed --]
[-- Attachment #1: Type: text/plain; charset="us-ascii", Size: 843 bytes --]

"joaoemanuel1981" <joaoemanuel1981@uol.com.br> wrote:

> Do i not understand why needs swap, if have 1GB of RAM?

1. because if you have 200GB disk, cutting 1 or 2GB for swap does not matter

2. because someone told me some apps want to allocate swap no matter how ram
you have (I think it was someone from hp-ux support, but I'm not sure
if this is true for linux)

3. because it is always better to have too much ram/swap then too little

4. because if you do not set up swap, but need it later, it will not be so
easy to create it, if you partition all disk and leave no space left

5. because it is a good *nix habit! :-)

Jarry

-- 
Lust, ein paar Euro nebenbei zu verdienen? Ohne Kosten, ohne Risiko!
Satte Provisionen für GMX Partner: http://www.gmx.net/de/go/partner
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Uwe Thiem]

On 23 February 2006 14:04, jarry@gmx.net wrote:
> "joaoemanuel1981" <joaoemanuel1981@uol.com.br> wrote:
> > Do i not understand why needs swap, if have 1GB of RAM?
>
> 1. because if you have 200GB disk, cutting 1 or 2GB for swap does not
> matter

True.

>
> 2. because someone told me some apps want to allocate swap no matter how
> ram you have (I think it was someone from hp-ux support, but I'm not sure
> if this is true for linux)

This is a myth. *No* application (under linux) can grab swap space directly. 
Applications ask the kernel for memory when they allocate it. The kernel, 
based on algorithms that balance free real ram, buffers and cache, returns 
either real ram as memory to the app or - if it is low on real ram - swap 
space. So what you do when adding swap space is extending your (fast) real 
ram with (slow) memory residing on your harddrive.

>
> 3. because it is always better to have too much ram/swap then too little
Nnnnot always. There are circumstances when you do not want swap at all. 
Consider a box that has certain real time response requirements which cannot 
be met if apps are swapped out (actually parts of their code and/or data 
paged out) to the harddrive. In these cases, you do not want swap but enough 
ram to accommodate your running processes at all times.

This and 2. also mean that it's quite pointless to add swap if your 
workstation has 16GB of ram and isn't used for image processing or other 
extremely memory-hungry tasks.
>
> 4. because if you do not set up swap, but need it later, it will not be so
> easy to create it, if you partition all disk and leave no space left

The times when we couldn't resize partitions under linux without holding our 
breath are over.
 
>
> 5. because it is a good *nix habit! :-)

What does or does not constitute good *nix habits is at least debateable. 

If I needed a box that was fast at all times and (logical AND) money was of no 
concern I'd put real ram in until the bugger stopped using swap space and 
forget about swap. Since I do have to take monetary issues into 
consideration, I rather configure some (cheap and slow) swap and have less 
(expensive, compared to harddrive space, and fast) ram. How much ram and how 
much swap is an economic question.

It all boils down to how and what for you use your box. If you need more 
memory than you have ram, are you willing to invest the money for more ram? 
No? Then you need swap.

There are too damn many myths about swap out there. Like this one: Always 
configure twice as much swap as you have ram. Why? Why would I need more swap 
if I increased my ram? You need at least a little bit of swap for peak memory 
usage. Let's look at real numbers. Say, I am a bit low of ram for today's 
computers. I have 256MB ram. For peak usage, I add 128MB swap. I open so many 
applications/documents that the box starts swapping out 20MB. Sure, without 
swap space, I wouldn't have been able to open the last document. But nothing 
makes me stop there. I can as well run out of swap.

If you have 2GB of ram and 2GB of swap your total available memory is 4GB. If 
you need more you have to add either ram or swap. What you add is your choice 
based on your needs for speed and the money you are willing to spend on 
memory. That's it.

End of rant.

Uwe

-- 
Why do consumers keep buying products they will live to curse?
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[John Jolet]

> 
> There are too damn many myths about swap out there. Like this one: Always
> configure twice as much swap as you have ram. Why? Why would I need more swap
> if I increased my ram? You need at least a little bit of swap for peak memory
> usage. Let's look at real numbers. Say, I am a bit low of ram for today's
> computers. I have 256MB ram. For peak usage, I add 128MB swap. I open so many
> applications/documents that the box starts swapping out 20MB. Sure, without
> swap space, I wouldn't have been able to open the last document. But nothing
> makes me stop there. I can as well run out of swap.
The rule I always used (and do use) is twice ram, up to one gig of ram.
Pretty much after that, I just do a gig of swap, and monitor it for growth.
If my swap goes up AT ALL, I examine the typical workload on the box and
consider adding ram.  Ram may be more expensive than disk, but at less than
$100 or so per gig, it's pretty cheap.  I use swap as a "safety net",
allowing me enough time to react if something goes nuts or leaks.
> 
> If you have 2GB of ram and 2GB of swap your total available memory is 4GB. If
> you need more you have to add either ram or swap. What you add is your choice
> based on your needs for speed and the money you are willing to spend on
> memory. That's it.
> 
> End of rant.
> 
> Uwe


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Dave Nebinger]

Uwe Thiem wrote:
>> 3. because it is always better to have too much ram/swap then too little
> Nnnnot always. There are circumstances when you do not want swap at all. 

This is never true.  Swap is *always* called for, and for a good reason.

Your example of having a real-time responsive app requiring memory 
residence is a determining factor of how much physical memory you'll 
need to keep the app resident.

But the truth of the matter is this will not be your only app running on 
the system.  Throw some big memory hogs into play, i.e. an active X 
session running locally and that remote X session you've started from 
work, and pretty soon you can find yourself eating up that 1gb that you 
thought would be fine.

Except that since you did not have any swap enabled, once you reach the 
1gb limit, processes start failing.  You find yourself unable to log 
into the box because there's not enough memory to spawn a new shell. 
You're forced to hard-boot the system and hope that the HD caches were 
flushed to the disk before you hit the reset button.

Having swap is just another manner of safe-guarding your system.  Once 
you breach the physical limit, there's always swap to fall back on. 
Sure all of your apps will suffer while swapping occurs, but at least 
you stand a chance of cleaning up the situation w/o facing the hard 
reboot option.

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Abhay Kedia]

[-- Attachment #1: Type: text/plain, Size: 1335 bytes --]

On Thursday 23 February 2006 19:25, Uwe Thiem wrote:
>
> End of rant.
>
I think you should read this article
http://rudd-o.com/archives/2006/01/11/why-swap-is-good-even-with-tons-of-ram/

I don't know about you but since I started using an archck kernel, I have 
always seen my system actually using swap. The swap prefetch patch seems to 
be working here and I don't mind at all. In fact it makes my system much more 
responsive.
Here is the current free -m report.
$ free -m
             total       used       free     shared    buffers     cached
Mem:           495        485          9          0         61        131
-/+ buffers/cache:        293        202
Swap:          768        241        526

Now imagine that if I didn't have any swap space, that 241MB would have either 
been eaten up from my RAM or those files would never have been cached. In 
first scenario, it would reduce the capability of my system to cache the 
important files in RAM b'cos it is already full with not-so-important files, 
while in the latter case the Disk IO on my system will increase whenever I 
needed those not-so-important files. What ever your choice might be, I 
personally choose free RAM for better caching of files + lesser Disk IO, even 
if that means spending 768MB of HDD space.

-- 
Regards,
Abhay

[-- Attachment #2: Type: application/pgp-signature, Size: 191 bytes --]

Re: [gentoo-user] How many GB for / partition?

[Richard Fish]

On 2/23/06, Dave Nebinger <dnebinger@joat.com> wrote:
> This is never true.  Swap is *always* called for, and for a good reason.

No, it isn't.  For my single-user laptop with 2G of RAM, I actually
prefer that the OOM kill any runaway process that is gobbling up RAM. 
My laptop disk (even at 7200rpm) is too damn slow for swap to be at
all useful.  The system _will_ be dead until swap is exhausted and the
OOM kicks in anyway.  The only reason I have a swap partition at all
is for suspend2 hibernation.

> Your example of having a real-time responsive app requiring memory
> residence is a determining factor of how much physical memory you'll
> need to keep the app resident.
>
> But the truth of the matter is this will not be your only app running on
> the system.  Throw some big memory hogs into play, i.e. an active X
> session running locally and that remote X session you've started from
> work, and pretty soon you can find yourself eating up that 1gb that you
> thought would be fine.

No one would ever place a real-time responsive app on a desktop system.

-Richard

-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Dave Nebinger]

Richard Fish wrote:
> On 2/23/06, Dave Nebinger <dnebinger@joat.com> wrote:
>> This is never true.  Swap is *always* called for, and for a good reason.
> 
> No, it isn't.  For my single-user laptop with 2G of RAM, I actually
> prefer that the OOM kill any runaway process that is gobbling up RAM. 
> My laptop disk (even at 7200rpm) is too damn slow for swap to be at
> all useful.  The system _will_ be dead until swap is exhausted and the
> OOM kicks in anyway.  The only reason I have a swap partition at all
> is for suspend2 hibernation.
> 

But again you have shown that swap is *always* called for.  You've got 
2gb ram, yet you still need swap for hibernation.

>> Your example of having a real-time responsive app requiring memory
>> residence is a determining factor of how much physical memory you'll
>> need to keep the app resident.
>>
>> But the truth of the matter is this will not be your only app running on
>> the system.  Throw some big memory hogs into play, i.e. an active X
>> session running locally and that remote X session you've started from
>> work, and pretty soon you can find yourself eating up that 1gb that you
>> thought would be fine.
> 
> No one would ever place a real-time responsive app on a desktop system.

So if your argument is that it would only go on a server, are you also 
arguing that it would only go on a dedicated server?  Or is it a 
multi-function server that's also running perhaps a web server, an app 
server, an email server, ftp server, etc.?

The addition of any sort of server which spawns threads in response to 
incoming network connection means that you've got a variable memory 
consumer which could, should incoming load require, a potential chance 
to overwhelm physical memory.

Same situation, just a different scenario.


-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Alexander Skwar]

Dave Nebinger wrote:

>  You've got 
> 2gb ram, yet you still need swap for hibernation.

No, he doesn't. suspend2 could also write the memory to a
file when hibernating.

That said, I'd find it rather useless to write to a plain
normal file, as you need to keep the space available anyway.
And with swap, you might at least make somewhat use of that
"wasted" space.

Alexander Skwar
-- 
I'd horsewhip you if I had a horse.
Ö\x01		-- Groucho Marx
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] How many GB for / partition?

[Uwe Thiem]

On 23 February 2006 18:12, Dave Nebinger wrote:
> Richard Fish wrote:
> > On 2/23/06, Dave Nebinger <dnebinger@joat.com> wrote:
> >> This is never true.  Swap is *always* called for, and for a good reason.
> >
> > No, it isn't.  For my single-user laptop with 2G of RAM, I actually
> > prefer that the OOM kill any runaway process that is gobbling up RAM.
> > My laptop disk (even at 7200rpm) is too damn slow for swap to be at
> > all useful.  The system _will_ be dead until swap is exhausted and the
> > OOM kicks in anyway.  The only reason I have a swap partition at all
> > is for suspend2 hibernation.
>
> But again you have shown that swap is *always* called for.  You've got
> 2gb ram, yet you still need swap for hibernation.

I don't use hibernation. ;-)

>
> >> Your example of having a real-time responsive app requiring memory
> >> residence is a determining factor of how much physical memory you'll
> >> need to keep the app resident.
> >>
> >> But the truth of the matter is this will not be your only app running on
> >> the system.  Throw some big memory hogs into play, i.e. an active X
> >> session running locally and that remote X session you've started from
> >> work, and pretty soon you can find yourself eating up that 1gb that you
> >> thought would be fine.
> >
> > No one would ever place a real-time responsive app on a desktop system.
>
> So if your argument is that it would only go on a server, are you also
> arguing that it would only go on a dedicated server?  Or is it a
> multi-function server that's also running perhaps a web server, an app
> server, an email server, ftp server, etc.?

You wouldn't run such an app on a server that offers services like FTP or 
such.

I was actually involved in a project once that did that kind of stuff on a 
desktop. It was a dedicated desktop, though. ;-)

Your main argument is that one needs swap as a safety net if one runs out of 
ram. So you have, say 1 GB of ram and 1 GB of swap. What if you run out of 
swap? Or: If that 1GB of swap on top of your 1GB of ram is enough for you to 
never run out of swap, what's wrong with replaces it with another 1GB of ram 
if you can afford it? Where is the bloody difference, except that you get a 
faster box?

Uwe

-- 
Why do consumers keep buying products they will live to curse?
-- 
gentoo-user@gentoo.org mailing list