[sf-lug] filesystem for a 3TB external USB drive
Rick Moen
rick at linuxmafia.com
Tue Jan 3 18:56:36 PST 2012
Quoting Paul Ivanov (pi at berkeley.edu):
> Thanks for this, Rick - I learned something. Specifically your
> particular uses of 'ro' and 'noatime'. I'm inferring that
> the purpose of ro is for security, is this correct, or are there
> other reasons?
My use of 'ro' on most filesystems of type ext2 is so that (1) they're
always synced while mounted 'ro', and cannot have long fsck times and
possible filesystem corruption upon accidental reboots (the aspect that
removes the usual disadvantages of ext2, in that particular use case),
and (2) affected filesystems are that much more difficult for a clumsy
sysadmin (or a process run with system authority) to screw them up.
You will notice that the ones mounted normally read-only are the ones
that are normally static, such as /usr. That filesystem (except for the
/usr/local portion of it) doesn't change except when you
install/remove/update software. So, I leave it normally 'ro', and
include a dpkg hook to automatically remount 'rw' before package
operations and remount 'ro' after them.
Protecting the system against a clumsy sysadmin is arguably a sort of
security reason. (The administrative user is usually the largest single
threat to the system's integrity.) One might also hope that 'ro'
filesystems might be a bit more resistant to canned, automated attack
scripts, in the sense of limiting the damage they can easily do, the way
they are usually written by default. However, a well-written attack
tool that has managed to achieve root access can always remount 'ro'
filesystems as 'rw' before acting.
> The noatime performance trick also looks like a gem - I didn't know
> about it.
Beware of (rare) software that relies on the atime field being updated.
Some MTAs need their mail spool files to have that datum be accurate,
for example.
More information about the sf-lug
mailing list