[sf-lug] What are the best practices for Linux partitioning & Mount points for Production systems

Rick Moen rick at linuxmafia.com
Fri Mar 2 16:00:25 PST 2012 

Quoting nk oorda (nk.oorda at gmail.com):

> i need some suggestion for defining the partition size for my production
> systems.

Your partitioning is logically dictated by what you're trying to
achieve, including what threat modes you're attempting to protect
against.

Some of the concerns that might drive partitioning design for a server
are laid out here:
http://linuxmafia.com/pipermail/conspire/2012-February/006925.html
http://linuxmafia.com/pipermail/conspire/2012-February/006970.html
http://linuxmafia.com/pipermail/conspire/2012-February/006921.html

Themes mentioned:
1.  Partitions carved out in order to use ext2 for high performance.
2.  Partitions carved out to enable use of custom mount options, 
    e.g., noatime, nodev, nosuid
3.  Partitions carved out to cluster most-accessed parts of the file
    tree around the swap partition for minimum average seek
    distince/time within a spindle (where spinning media is used).
4.  Partitions carved out to keep them normally read-only as a 
    protection against sysadmin error.

One might add: 
5.  Partitions made be NOT part of the root filesystem to better protect 
    the root FS from getting overfilled or damaged.
6.  Partitions kept separate because they're network-shared e.g., via NFS

Poster rgmoore on LWN posted (https://lwn.net/Articles/484332/)

  The idea is that you should be able to have a separate partition for
  each different kind of data. It should be possible to keep read-only
  data (or data that is only supposed to be written by a sysadmin) on a
  separate partition from data that's frequently written, data that's
  specific to a particular machine separate from data that can be shared
  across multiple machines, and data that is volatile across a reboot
  separate from data that needs to be preserved across reboots. So the
  idea is that standard partitions are supposed to be:

  / Machine specific, read-only
  /var Machine specific, read-write, stable across reboots
  /tmp Machine specific, read-write, volatile across reboots
  /usr Shared, read-only
  /home Shared, read-write 

Exactly so.

> What i am able to get from the google search is:

What you should be concentrating on finding is _why_ a particular
division was used, i.e., towards what purpose or benefit.

My URL #2 (above) includes a brief schema of filesystems on the 
server that runs this mailing list -- and some of the reasons.  If
anyone's interested, I'd be glad to elaborate more about that.

More information about the sf-lug mailing list