From owner-freebsd-questions@freebsd.org Sat Feb 13 04:10:51 2021 Return-Path: Delivered-To: freebsd-questions@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id 0E2B453D75A for ; Sat, 13 Feb 2021 04:10:51 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from kicp.uchicago.edu (kicp.uchicago.edu [128.135.20.70]) by mx1.freebsd.org (Postfix) with ESMTP id 4Dcxk22WS1z4vHG for ; Sat, 13 Feb 2021 04:10:50 +0000 (UTC) (envelope-from galtsev@kicp.uchicago.edu) Received: from [192.168.43.231] (unknown [172.58.140.197]) (Authenticated sender: galtsev) by kicp.uchicago.edu (Postfix) with ESMTPSA id 2BD694E68D; Fri, 12 Feb 2021 22:10:44 -0600 (CST) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.120.23.2.4\)) Subject: Re: Partitioning From: Valeri Galtsev In-Reply-To: <20210213045614.71f2202b.freebsd@edvax.de> Date: Fri, 12 Feb 2021 22:10:42 -0600 Cc: Graham Perrin , freebsd-questions@freebsd.org Content-Transfer-Encoding: quoted-printable Message-Id: References: <055e547a-c57a-048e-5458-4cf60b31ca7a@gmail.com> <20210213045614.71f2202b.freebsd@edvax.de> To: Polytropon X-Mailer: Apple Mail (2.3608.120.23.2.4) X-Rspamd-Queue-Id: 4Dcxk22WS1z4vHG X-Spamd-Bar: -- Authentication-Results: mx1.freebsd.org; dkim=none; dmarc=fail reason="No valid SPF, No valid DKIM" header.from=uchicago.edu (policy=none); spf=none (mx1.freebsd.org: domain of galtsev@kicp.uchicago.edu has no SPF policy when checking 128.135.20.70) smtp.mailfrom=galtsev@kicp.uchicago.edu X-Spamd-Result: default: False [-2.15 / 15.00]; RCVD_VIA_SMTP_AUTH(0.00)[]; ARC_NA(0.00)[]; DMARC_POLICY_SOFTFAIL(0.10)[uchicago.edu : No valid SPF, No valid DKIM,none]; MID_RHS_MATCH_FROM(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; TO_DN_SOME(0.00)[]; MV_CASE(0.50)[]; FROM_HAS_DN(0.00)[]; MIME_GOOD(-0.10)[text/plain]; RBL_DBL_DONT_QUERY_IPS(0.00)[128.135.20.70:from]; SPAMHAUS_ZRD(0.00)[128.135.20.70:from:127.0.2.255]; RECEIVED_SPAMHAUS_PBL(0.00)[172.58.140.197:received]; TO_MATCH_ENVRCPT_SOME(0.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000]; NEURAL_HAM_SHORT(-0.75)[-0.750]; NEURAL_HAM_MEDIUM(-1.00)[-1.000]; R_SPF_NA(0.00)[no SPF record]; RCVD_NO_TLS_LAST(0.10)[]; FROM_EQ_ENVFROM(0.00)[]; R_DKIM_NA(0.00)[]; MIME_TRACE(0.00)[0:+]; ASN(0.00)[asn:160, ipnet:128.135.0.0/16, country:US]; FREEMAIL_CC(0.00)[gmail.com,freebsd.org]; MAILMAN_DEST(0.00)[freebsd-questions]; RCVD_COUNT_TWO(0.00)[2] X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 Feb 2021 04:10:51 -0000 > On Feb 12, 2021, at 9:56 PM, Polytropon wrote: >=20 > On Fri, 12 Feb 2021 19:19:33 +0000, Graham Perrin wrote: >> On 11/02/2021 20:32, david russell wrote: >>=20 >>> In my opinion an all in 1 partition is a disaster waiting to happen. >>=20 >> In what way? >=20 > If you have things like /tmp, /var/log, /home and so rooted in > the same partition, a "runaway process" could fill your whole > disk just writing to /tmp, and you wouldn't know, because a log > file can no longer be written. Also users might be affected and > cannot save their work files as /home runs out of space (simply > because / is full). True, and very clearly stated. > Especially on systems providing server functionalities, this kind > of problem is not desired. >=20 There is additional advantage: some of filesystems can be mounted read = only or with =E2=80=9Cnoexec=E2=80=9D option; which (especially on the = server) will stop bad guys who stole user password from executing = exploit. Of course, your server must be updated, but extra barrier = always helps. After all we just compete with bad guys, so buying extra = time helps. That one I learned long ago. I even watched unsuccessful = attempts in real lite on one of my servers ;-). Not mentioning nodev = which more knowledgeable person told me is not necessary on FreeBSD. But = I still I mentioned it ;-) as I=E2=80=99m Linux guy too; though these = days I do more FreeDSD-isms on Linux than Linuxisms on FreeBSD. > Another useful thing about partitioning is that you can backup > and restore partition-wise. You can also use different mount > options (such as noatime where you don't need it, and even > noexec when you want to prevent accidental executions). Oh, I'm poor reader, sorry about mentioning similar things above before = reading this. Valeri > You > can also "switch" between certain environments or even /home > subtrees if needed. For large-scale data recovery, it's also > easier to work with separated partitions, for example, if you > need to recover something from /home, you can leave /usr, /tmp, > and /var out of scope entirely, and those partitions won't be > subject to recovery attempts - you can concentrate on /home. > However, this partitioning approach is historically grown (as > it initially wasn't about partitions on the same disk, but about > different physical swappable disks with limited capacity as well > different speed) and doesn't fit all modern needs. Especially for > home system, having one / partition often is the best solution. > And UFS's fixed size partitioning (with previous planning!) > doesn't make it fit for changing purposes. >=20 >=20 >=20 >> Have you tried accepting the ZFS option? >=20 > The initial question probably was UFS-centered, as with using > ZFS, you can resize partitions any time you want, and it's a lot > easier to manage them. Everything mentioned above can easily be > done with ZFS, and more. >=20 >=20 >=20 > --=20 > Polytropon > Magdeburg, Germany > Happy FreeBSD user since 4.0 > Andra moi ennepe, Mousa, ... > _______________________________________________ > freebsd-questions@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to = "freebsd-questions-unsubscribe@freebsd.org"