Re: [gentoo-user] /boot and booting...
I agree that trying to size partitions optimally is an annoying chore, but I gather LVM should help with that problem - though I havn't tried it yet. However I disagree about the drive wear argument. Sensible partitioning can be used to reduce seek time by keeping related data together, and more importantly can significantly reduce the drive wear and tear associated with the nightly backups. If rarely changing filesystems are mounted read-only, they don't need to be scanned during the backups, and rebooting is much faster after a crash. For instance, here is a sample entry from my nightly backup script: if mount|grep /usr/local|grep -q read-only ;then echo /usr/local is read-only, no backup required else echo Backing up /usr/local /sbin/mount -u -o rw /backup/local /usr/local/bin/rsync -avH /usr/local/ /backup/local /sbin/mount -u -o ro,nosuid,nodev /backup/local /sbin/mount -u -o ro,nosuid,nodev /usr/local fi In addition, the tape dumps simply are not practical if the hard drive is not partitioned. I try to limit all my partitions to the size of a single tape, which now is 60GB but until recently was 10GB. Of course I can sympathise with with your view that it is always the wrong partition that gets corrupted, but having everything on one partition only makes that more certain. If the root partition is kept small and fairly static, then the chances of not having a runable base from which to repair the rest of the system is greatly reduced. I have also had problems on some modest machines (32MB memory) trying to run fsck on very large partitions when the system is not fully booted. Regards, DigbyT On Mon, Jun 06, 2005 at 06:52:49PM +0200, Volker Armin Hemmann wrote: Hi, when I go some years back, I alo had a bunch of partitions, but I went away from it for several reasons: it is a great waste of space at least one partition is always too small a lot moving head will reduce the lifetime of your hharddisk if a partition fails, it will always the wrong one. -- gentoo-user@gentoo.org mailing list -- Digby R. S. Tarvin [EMAIL PROTECTED] http://www.digbyt.com -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
Hi, since my whole system (except /home) fits on one tape, the backup argument is not too convincing for me. And it does not matter if /usr/lib is on its own part, or part of / - if it is gone, you have a problem ;) -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
Digby Tarvin wrote: Personally I only use RAID for non-static filesystems (root changes relatively rarely, and is small, so I just make a fresh backup after any change. In addition I have twice been involved in trying to recover filesystems (thankfully not my own) that have been lost *because* of faulty RAID technology that behaved badly when a disk failed, so I prefer to make regular incremental backups to a second off-site machine as a much safer option. Did I mention I am running RAID0...so yeah, I take the 'make frequent backups' strategy to heart!! ;- I rotate backups to a trio of USB hard disks, that are not stored at the same location, and the most recent one is never more than 48 hours out of date. And as far as cryptograpic filesystems go, I usually only consider it for user filesystems, as the system partitions are open source and can be downloaded freely from the net. If I were really paranoid I suppose I might want to encrypt the shadow password file, but the main threat is hacking while system system is online, and the root partition must be available unencrypted then. An encrypted root partition would also get in the way of automated server recovery if the system crashed while nobody was around. Well, if you have decent physical security of the machine (i.e., a server in a restricted access room, or even a typical desktop machine), then yes, your biggest concern would be over the network. But on my laptop, my biggest risk of data being compromised is if the laptop is stolen. How safe would you feel about an unencrypted /etc/shadow if you left one of those servers sitting outside on the street overnight! Richard's partitioning scheme looks reasonable, except that my understanding of the logic behind the Unix filesystem structure is that none of the files in /usr are needed for booting, so I prefer to keep /usr as a separate mounted partition. The only reason I know of for having both a /bin and a /usr/bin is to separate the basic necesseties needed for booting (/bin) from the ones that are not needed till you go into multi-user mode (/usr/bin). Similarly for /lib vs /usr/lib. As you say, /[s]bin and /usr/[s]bin have different uses...single user vs. multi-user. But I consider 'booting' to be everything that happens between hitting the power switch and getting a login prompt for KDE. Again, probably just a difference in perspective between a server and a desktop/laptop. Also, pretty much all of the stuff in /usr/[s]bin, /usr/kde/*/bin, and so on loads libraries from both /usr/lib and /lib, so it made sense to me that all of this should be on a single partition. P.S. One of the RAID snfau's went as follows: a. company installs card based RAID solution and hence decides it nolonger needs to make backups. b. one of the hard disks fails, system continues running... c. replacement drive is plugged in in place of failed drive, controller proceeds to overwrite the surviving drive with the contents of the new drive, destroying remaining copy of companies data. d. company throws away raid card and goes back to manual backups... FYI, the software RAID (when actually using the 'R' part of that acronym) driver in Linux is infinitely smarter than that! -Richard -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
On 6/5/05, Digby Tarvin [EMAIL PROTECTED] wrote: Following on from the recent discussions on grub and booting, is there a good reason for having a separate partition for /boot, other than perhaps to overcome BIOS addressing limitations for people with very large root partitions?? A separate /boot partition is more than likely for compatibility with older BIOSes. (You'll notice that other architectures, AFAIK, don't need it.) Some older BIOSes won't see past a certain limit (504 MB, 2.1 GB, 8.4 GB, 33.8 GB, 137 GB) and consequently, depending on your BIOS, if your boot partition extends past that limit or if your kernel image is stored past that limit (when using CHS instead of LBA), your system will be unbootable. Other OSes may observe the 1024-cylinder and/or the 2 GB boot boundaries. The BIOS 1024 cylinder limitation exists because the start and end cylinder values in the partition table, and some BIOSs, have a maximum value of 1024. Because some operating systems such as DOS 6.22 use the CHS (Cylinder, Head, and Sector) values to address sectors on the disk, they cannot access sectors beyond the 1024th cylinder. When you start your computer, the BIOS boots the operating system using the CHS values to locate the first sector of the bootable partition. If the partition starts past the 1024 cylinder, the BIOS may not be able to boot it because it cannot address a cylinder number higher than 1024. Defeat this limitation by using a BIOS with Int13h or LBA support, or by using Linux. :-) The 2 GB boot code boundary exists because, with some older OSes/BIOSes, the CHS value of the beginning boot code sector must be calculated in order to retrieve the sector's information and load and execute the next part of the boot process. Because of the way the boot code is written, the sector value, computed from the CHS value, must fit in a 16-bit register, thus the maximum value that can be kept is 64K. If the number is larger than 64K, the number is truncated, resulting in an incorrect value that skews the remaining calculations. The boot process fails to load and execute the needed sector, thus preventing the OS from booting. Most current hard disks have 63 sectors per track, creating a 64K boot code boundary at 2 GB. If a partition begins or extends beyond this boundary, the CHS value of the partition's boot code sector cannot be correctly calculated; therefore, the partition and its OS cannot boot. AFAIK, this only affects older OSes, like DOS and WinNT 4.0, and BIOSes that aren't set to LBA mode. Like not Linux. :-) (Paraphrased from the PowerQuest PartitionMagic help file. Please don't sue me.) Keeping /boot as a tiny partition at the front of the disk makes sure that your system can boot despite whatever curveball your old software can throw at it. If you're confident that these problems don't affect you, feel free to merge /boot and /. I usually don't do it, but I thought I'd try it out. Once the kernel kicks in, the kernel can do translation so that all of your disk is visible and usable. This is done by compiling in translation or passing hdx=stroke to genkernel kernels (LiveCD's included). Of course, drive overlay software is still an option if that's the way you like it, or if you dual-boot Windows. -- Colin -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
Hi, I guess that means that you either have smaller disks than me, or a larger tape drive... But assuming you do regular backups, how do you figure out which parts of the filesystem need to be scanned if the static stuff isn't confined to a separate filesystem? What do you use for your tape backpus? I prefer to use 'dump' for my tape backups which really requires backups to be done by filesystem, but I suppose if you use something else the partitioning might be less critical. But I like to use the ability to mount filesytems read-only to make sure that I know where changes have occured. As far as usr/lib is concerned, historically it was not too important except during software development. Putting shared libraries there is comparitively recent, and it does seem a bit questionable to put programs in /[s]bin that use shared libraries in /usr... Perhaps this is the real explanation for the emergence of this 'boot' partition. People that didn't understand that the root filesystem was designed to be a self contained environment for the boot process had introduced interdependencies, so a new 'minimal' filesystem for booting was required. My adherence to the traditional layout means my root partition is independent and under 2M, so I havn't needed a separate '/boot' partition. Regards, DigbyT On Mon, Jun 06, 2005 at 08:00:59PM +0200, Volker Armin Hemmann wrote: Hi, since my whole system (except /home) fits on one tape, the backup argument is not too convincing for me. And it does not matter if /usr/lib is on its own part, or part of / - if it is gone, you have a problem ;) -- gentoo-user@gentoo.org mailing list -- Digby R. S. Tarvin [EMAIL PROTECTED] http://www.digbyt.com -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
On Monday 06 of June 2005 3:02, Digby Tarvin wrote: Following on from the recent discussions on grub and booting, is there a good reason for having a separate partition for /boot, other than perhaps to overcome BIOS addressing limitations for people with very large root partitions?? A good reason may be security. On some boxes, I have a /boot on separate device, actually a flash disk (compact flash card on one and IDE flash disk on others), and since the flash can be physically locked against write with a jumper, without opening the box the kernel cannot be changed. That means my firewall is allways running only code I intended it to run, among others. Another good reasons are disaster recovery scenario, or a migration of the whole system to the biger disc, or booting several different linux distros or distro versions on the top of single custom kernel (good for developers for library compatibility tests). Petr Kocmid -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
Hi, well I have a 120GB drive, splitt into 56GB system, 47GB home, 2GB swap, 15MB /boot and a 'ply around partition' REST. The /-partition will fit fine on a single 35GB DLT, compression on or of does not matter, because / is never really full enough for needing more.. That is why, I just use tar and backup the whole mess on one tape and put it onto the shelves ;) This takes some time, but in cases of a restore, I need a maximum of two tapes (home and /), instead of searching for the inc-backup tapes that have to be somewhere ... -- gentoo-user@gentoo.org mailing list
[gentoo-user] /boot and booting...
Following on from the recent discussions on grub and booting, is there a good reason for having a separate partition for /boot, other than perhaps to overcome BIOS addressing limitations for people with very large root partitions?? The reason I ask is that I am quite particular about my partitioning scheme, and have lots of reasons for wanting a lot of separate partitions, but have never really felt the need for a separate /boot partition... For instance: 1. / obviosly has to exist and provide a self contained standalone system capable of repairing and mounting all the rest of the filesystems. It is also fairly static if /tmp is kept off it (I have /tmp as a sym link to /var/tmp, with /var/tmp being a writable directory on the root filesystem giving me temporary storage before the /var filesystem is mounted. 2. /var must be separate because I want some writeable storage for the system. 3. /usr has most of the system files that don't have to be on the root partition, and usually is pretty static and can be mounted read-only for security and faster booting after a crash. (there isn't much point in having /bin and /usr/bin if they are on the same partition..) 4. /home is separate because we need a read/write partition for users, and it can be mounted nodev and sometimes nosuid for security. It also simplifies upgrades to separate personal data from distribution files. 5. I need a partition for swap... 6. I like to make /usr/local a separate partition because it contains things that are not part of the OS distribution. 7. /opt is separate to keep the size of the root partition down. 8. /tmp is separate as previously mentioned. In addition, my making /var and /home the only partitions that are normally read/write, I avoid the need for regular backups on the remainder. I suppose I have an instinct to be miserly with partitions because of my previous experience of BSD based systems which have a limited number of them on a disk (8, but only 6 are really usable because one is the raw 'entire disk' partition, and one is usually needed for swap). But dedicating a partition to the boot process seems clumsy to me. I have seen mention of not mounting your boot partition as being seen as in some way improving security - but I certainly can't see it as being anywhere near the most sensitive data on a root filesystem.. Anyway, my preference is to have my boot files on my root partition, and to keep it small enough to be directly addressable by the BIOS in its entirety. (my current 2M root is only 69% full and hardly ever changes). But the concept of a separate boot partition seems so ingrained in the Gentoo docs it makes me wonder what need I am overlooking. Or is it just to keep the people that want to put an entire system all in one big partition out of trouble? Regards, DigbyT -- Digby R. S. Tarvin [EMAIL PROTECTED] http://www.digbyt.com -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
On Monday 06 June 2005 03:02, Digby Tarvin wrote: Following on from the recent discussions on grub and booting, is there a good reason for having a separate partition for /boot, other than perhaps to overcome BIOS addressing limitations for people with very large root partitions?? security. You will not accidentely overwrite vmlinuz, nor will it removed by a rampant script, when /boot is on a different partition. -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] /boot and booting...
Volker Armin Hemmann wrote: On Monday 06 June 2005 03:02, Digby Tarvin wrote: Following on from the recent discussions on grub and booting, is there a good reason for having a separate partition for /boot, other than perhaps to overcome BIOS addressing limitations for people with very large root partitions?? security. You will not accidentely overwrite vmlinuz, nor will it removed by a rampant script, when /boot is on a different partition. Hi, Agree with the two reasons pointed above (use separate /boot/), would like to add the possibility to have encrypted root-partition (/). Could also help for a easier rescue usage. Not recommended but sometimes is used. HTH. Rumen smime.p7s Description: S/MIME Cryptographic Signature
Re: [gentoo-user] /boot and booting...
Digby Tarvin wrote: Following on from the recent discussions on grub and booting, is there a good reason for having a separate partition for /boot, other than perhaps to overcome BIOS addressing limitations for people with very large root partitions?? Well, I do it for 2 reasons: 1. To make sure all boot files are addressable through the BIOS. 2. To use raid0+encryption on my root filesystem. If you want your root filesystem to use encryption, software raid, LVM, etc, you need /boot and an initrd. As long as you brought it up, I have 11 main system partitions! Beat that! / /boot /tmp /var /home /opt /usr/local /usr/portage /usr/share /usr/src /mnt/archives (distfiles and packages go here) My reasoning on the above is: 1. I want all files necessary for booting the system (/[s]bin, /lib, /usr/[s]bin, /usr/lib, /etc) to be on one relatively small partition so they are physically near each other to cut down on the boot time. Since little from /usr/share, /usr/src, /usr/local, /home or /opt is used for booting, having these as separate filesystems keeps their files out-of-the-way. 2. I want areas that have frequent changes (like /var and /usr/portage) to be separate to reduce the effects of fragmentation on the rest of the system. 3. Since the highest-numbered sectors of my disks are the worst performing, I want seldom used stuff like distfiles and ISO images to be there. Thus, /mnt/archives is at the end of my disks. -Richard -- gentoo-user@gentoo.org mailing list
