/boot at beginning of drive
Brendan Grossman
brendan at grossman.id.au
Tue Apr 18 03:33:08 UTC 2006
> On Monday 17 April 2006 14:38, Brendan Grossman wrote:
> > > > > > > Databases are stored in /var/db for security reasons
> > > > > >
> > > > > > Just curious... What are the security reasons? After
> > >
> > > some thought,
> > >
> > > > > > here's what I'm planning on doing...
> > > > > >
> > > > > > Disk is 73gb scsi...
> > > > > >
> > > > > > / 500mb
> > > > > > swap 4gb
> > > > > > /var 4gb
> > > > > > /usr 4gb
> > > > > > /home remainder (about 60gb)
> > > > > >
> > > > > > then /var/db/mysql -> /home/mysql
> > >
> > > You can safely leave /home as part of the /usr filesystem i.e. it
> > > will be /usr/home. That will gain you 4gb overall. I usually only
> > > define /home if I'm using a separate drive or network
> filesystem. If
> > > you're going to symlink mysql you probibly don't need 4GB
> in var. My
> > > webserver is running @500MB on /var with 10 databases. 1
> or 2GB will
> > > be plenty.
> >
> > Hmm is there much point then in having /var separate?
> >
> > I have 300 users that need 200mb max space each. That's
> 60gb of user
> > data if maxed out. The data will generally be in /var/db/mysql and
> > /home
> >
> > Now if I was to have a 2gb /var, if it gets filled up by
> say half the
> > users' databases, then there's half left whom will be
> unable to create
> > databases since /var is full.
> >
> > That's why I want to put all if not most user data on one partition.
> >
> > If I put /home on /usr, I might as well just do the
> following and save
> > any headaches...
> >
> > / 500mb
> > swap 4gb
> > /usr remainder
> >
> > Then /home -> /usr/home
> > And /var -> /usr/var
>
> You could do that but, the main reason to separate /var is
> because it contains package databases, log files, password
> and group backup, etc... critical for a system restore. If
> you have to pull those files out of /usr it could make for a
> very long restore not to mention the headaches of securing it
> from your regular users. Without mysql, var is not a big
> slice and well worth the diskspace and added security.
> Building a system without the basic /, /var and /usr is not
> an advantage unless you have a very diskspace limited
> situation, which you don't.
Hmm, I might as well go with my original plan then?
The only different to what you propose, is mysql being on /home, which with
my situation, I think is an advantage.
Or unless I do this...
/ 500mb
swap 4gb
/var 4gb
/usr remainder
/home -> /usr/home
/var/lib/mysql -> /usr/mysql
Something like this?
How is having /var on a separate partition more secure than having it in
/usr ?
More information about the freebsd-questions
mailing list