From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 59B6C1381F3 for ; Wed, 24 Apr 2013 12:48:54 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 5EB52E09D9; Wed, 24 Apr 2013 12:48:46 +0000 (UTC) Received: from out3-smtp.messagingengine.com (out3-smtp.messagingengine.com [66.111.4.27]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 321D2E092F for ; Wed, 24 Apr 2013 12:48:45 +0000 (UTC) Received: from compute1.internal (compute1.nyi.mail.srv.osa [10.202.2.41]) by gateway1.nyi.mail.srv.osa (Postfix) with ESMTP id BBA0021468 for ; Wed, 24 Apr 2013 08:48:44 -0400 (EDT) Received: from frontend1.nyi.mail.srv.osa ([10.202.2.160]) by compute1.internal (MEProxy); Wed, 24 Apr 2013 08:48:44 -0400 DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=binarywings.net; h=message-id:date:from:mime-version:to:subject:references :in-reply-to:content-type; s=mesmtp; bh=M4Je7PGX+Dwb/RlfqJf8XUuc Cxo=; b=a1/qZaZDPNjjeySWLFn26qbKNVbKrqpP+X2DPrBu0nQ8tmOvIpNUoZSt 051bEEQn6VZSfQ9MjninW7IWCa7B5L4rptoSshpKfE8nlHn65ySdHVhEr7ShnybV pOEYOYo/P75DwEFAzE2sY8/5MQDyHPiBovwvXnjAZFaCxCYXBbU= DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d= messagingengine.com; h=message-id:date:from:mime-version:to :subject:references:in-reply-to:content-type; s=smtpout; bh=M4Je 7PGX+Dwb/RlfqJf8XUucCxo=; b=CBt/DuthxiIsmImVlbjsd7dcK27NzuXne0WC wAA4FJlc0URPJCmXrhWiwNG8vPnLAcbGLp5MpY/7mRYXKvhVFAyesdgAEb70++0m uY0+HNZcZMx1hn9txia9XpyGvNxXTPdzg3Iwz3YksSTg//eHBwb2LozqBtYJ0I7a PZRdNq0= X-Sasl-enc: sKuBZrz9z62GP6EG4Py7zISlp4BUsj5lxLHOiHGngbxX 1366807723 Received: from [10.107.238.87] (unknown [46.115.103.238]) by mail.messagingengine.com (Postfix) with ESMTPA id AB9C4C80007 for ; Wed, 24 Apr 2013 08:48:43 -0400 (EDT) Message-ID: <5177D498.5080609@binarywings.net> Date: Wed, 24 Apr 2013 14:48:24 +0200 From: Florian Philipp User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130413 Thunderbird/17.0.5 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 To: gentoo-user@lists.gentoo.org Subject: Re: [gentoo-user] Partitions - last questions... References: <51769E54.2050609@libertytrek.org> <5176B81E.8000805@binarywings.net> <20130423185932.1779e970@digimed.co.uk> <5177B88D.8010908@libertytrek.org> In-Reply-To: <5177B88D.8010908@libertytrek.org> X-Enigmail-Version: 1.6a1pre Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="----enig2QRIIETJSPCTLLRBLJJBU" X-Archives-Salt: 0c936583-ed6b-4c95-8bd1-435e21b6db7e X-Archives-Hash: 1b7440a09843c8fbd6a08919d57a1e4f This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------enig2QRIIETJSPCTLLRBLJJBU Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Am 24.04.2013 12:48, schrieb Tanstaafl: > On 2013-04-23 1:59 PM, Neil Bothwick wrote: >> On Tue, 23 Apr 2013 18:34:38 +0200, Florian Philipp wrote: >> >>>> So - first, is 5G way too big for the two /tmp dirs? I have lots of >>>> space, but hate waste >=20 >>> If you worry about waste consider bind-mounting both from the same >>> partition and install quotas to avoid one filling up the other. >> >> Or set PORTAGE_TMPDIR to use /tmp. Then /var/tmp will be so small you >> can leave it as a sub-directory of /var. >> >> If this is a server, 5G is fine for this, but for a desktop it may nee= d >> to be bigger, to accommodate LibreOffice builds. >=20 > One thing I'm trying to do is make the system as secure as possible at > the filesystem level, and I've read that making /tmp and /var/tmp > separate partitions so you can mount them /nodev/noexec/nosuid is one > way to make things a bit more secure... noexec won't work for portage so put PORTAGE_TMPDIR somewhere else. >=20 > On that note, I realized I can't make two /tmp's in lvm, so, I guess I > can make a vtmp, and just bind that to /var/tmp in fstab like: >=20 > /dev/vg/vtmp /var/tmp ext4 nodev,noexec,nosuid 0 0 >=20 > Will that work? Sure why not but you should set the pass column to 2 instead of 0. Regards, Florian Philipp ------enig2QRIIETJSPCTLLRBLJJBU Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.19 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlF31JwACgkQqs4uOUlOuU/VVQCfbb6qrv3QnEcxbr3FihirJ8uT gyUAn2l4XOsts3559JvCqikutLQay7ZF =jnsv -----END PGP SIGNATURE----- ------enig2QRIIETJSPCTLLRBLJJBU--