/boot at beginning of drive

Tue Apr 18 03:24:16 UTC 2006

On Monday 17 April 2006 14:38, Brendan Grossman wrote:
> > > > > > Databases are stored in /var/db for security reasons
> > > > >
> > > > > Just curious... What are the security reasons? After
> >
> > some thought,
> >
> > > > > here's what I'm planning on doing...
> > > > >
> > > > > Disk is 73gb scsi...
> > > > >
> > > > > /	500mb
> > > > > swap	4gb
> > > > > /var	4gb
> > > > > /usr	4gb
> > > > > /home	remainder (about 60gb)
> > > > >
> > > > > then /var/db/mysql -> /home/mysql
> >
> > You can safely leave /home as part of the /usr filesystem
> > i.e. it will be /usr/home. That will gain you 4gb overall. I
> > usually only define /home if I'm using a separate drive or
> > network filesystem. If you're going to symlink mysql you
> > probibly don't need 4GB in var. My webserver is running
> > @500MB on /var with 10 databases. 1 or 2GB will be plenty.
>
> Hmm is there much point then in having /var separate?
>
> I have 300 users that need 200mb max space each. That's 60gb of user data
> if maxed out. The data will generally be in /var/db/mysql and /home
>
> Now if I was to have a 2gb /var, if it gets filled up by say half the
> users' databases, then there's half left whom will be unable to create
> databases since /var is full.
>
> That's why I want to put all if not most user data on one partition.
>
> If I put /home on /usr, I might as well just do the following and save any
> headaches...
>
> /	500mb
> swap	4gb
> /usr	remainder
>
> Then /home -> /usr/home
> And /var -> /usr/var

You could do that but, the main reason to separate /var is because it contains 
package databases, log files, password and group backup, etc... critical for 
a system restore. If you have to pull those files out of /usr it could make 
for a very long restore not to mention the headaches of securing it from your 
regular users.  Without mysql, var is not a big slice and well worth the 
diskspace and added security. Building a system without the basic /, /var 
and /usr is not an advantage unless you have a very diskspace limited 
situation, which you don't.

Beech
-- 

---------------------------------------------------------------------------------------
Beech Rintoul - Sys. Administrator - beech at mangohealth.org
/"\   ASCII Ribbon Campaign  | Mangohealth
\ / - NO HTML/RTF in e-mail  | 201 East 9Th Avenue Ste.310
 X  - NO Word docs in e-mail | Anchorage, AK 99501
/ \  - XanGo - http://www.mangohealth.org
---------------------------------------------------------------------------------------

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20060418/15339f97/attachment.pgp