[sf-lug] What are the best practices for Linux partitioning & Mount points for Production systems
jim at well.com
Fri Mar 2 12:11:24 PST 2012
>From your description it seems there are three considerations:
1 training (or maybe hiring policies): it's possible
for experienced and competent engineers to delete
all of /usr/ but rare. My guess is the person who
did so was not familiar with Unix-like systems.
2 sudo fine-tuning: despite widespread information
about best or good or other practices, systems are
often installed and configured the fastest way
possible. In this case, perhaps all sudoers have
root privileges. If so, consider setting up some
sudoers to have permissions for one or more groups
so that they don't have total destruction powers.
3 mounting: consider mounting most partitions in
read-only mode. This makes updating and upgrading
a bit more painful, but think of that as good:
the extra hurdle may remind upgraders to be
mindful of various considerations.
I like choices 1 and 2 a lot.
I don't see how the issue of partition sizing
relates to the problem you described. As to sizing,
seems to me the main consideration these days is
copying (mainly backups). Another is that you have
some requirement for different types of filesystems.
Most system files are just as well stored on
the partition that has the root filesystem. The
exception might be /var/ if there's a lot of
activity or the possibility of log file overflow.
If the host allows only a few users shell access,
it may or may not be smart to put /home/ on a
separate partition (if your developers are using
a version-control repo, maybe they have little or
no data to store on their /home/ directories on
The /opt/ and /srv/ directory names are used
for special (usually big) application software.
Consider making a /data/ directory or some such.
In the case that a top-level directory stores
"variable" data, it's probably good (or "best")
that it's on a separate partition.
On Fri, 2012-03-02 at 14:35 +0530, nk oorda wrote:
> i need some suggestion for defining the partition size for my
> production systems. we are going to use CentOS 6.2 (64 bit)
> - Partition size
> - Mount points
> What i am able to get from the google search is:
> / Root File System (/bin , /sbin , /dev , /root
> /usr program and source
> /var variable data
> /boot boot kernels
> /tmp temp file locations
> /work to do your work here "you can name it anything"
> * /home - Set option nosuid, and nodev with diskquota option
> * /usr - Set option nodev
> * /tmp - Set option nodev, nosuid, noexec option must be enabled
> * /var local,nodev,nosuid
> Most of the server will be running
> - Apache
> and few of them would be running MySQL as data base.
> what is concern is that one of the developer accidentally deleted
> the /usr files with sudo access. if somehow i can protect the core
> system from the developers mistake that would be really good.
> Thanks in advance for help.
> sf-lug mailing list
> sf-lug at linuxmafia.com
> Information about SF-LUG is at http://www.sf-lug.org/
More information about the sf-lug