>Yes.
>
>> And we've long said you shouldn't be doign that :-)
>
>Show me the doc or white paper that says so and why.
Read my Usenet postings :-)
But the explanation is fairly simple: you cannot recover from a number
of failures (corrupt vfstab, bad /dev* links for boot device) without
having /usr mounted; you cannot mount /usr when those things happen.
>Okay, let's switch into religious mode. I have long since believe
>that my /usr filesystem is for all the bits that make the OS work and
>run. Pretty much everything that is the OS is in there and I like to
>look at it and say "this needs to be 2GB with Solaris 2.5.1 max." or
>maybe "this needs to be 6GB for Solaris 10" and once I allocate that
>space I can easily mount the filesystem read-only or for that matter
>get completely draconian and stuff /usr into a different disk and
>jumper it as read-only right on the hardware. That generally means
>that nothing will get modified, symlinked or messed with until I
>decide to make a system change.
Fair enough; we'd like to have "/" read-only too.
Separating "/" and "/usr" has a plethora of issues such as:
- you run out of space more quickly because you dividing line
will not be correct
- hard recoverability issues become impossible with net/cdrom boot
- the gain in stability is fairly minimal (a read-only /usr mount
mostly increases maintenance costs.
>The most ruthless reasons for this are a case where I setup a V880 for
>someone and they decided that the tools in /usr/bin and /usr/sbin were
>not nearly as snazzy as the tools from GNU fileutils and binutils etc
>etc. So they compiled up all this GNU goo and then stuffed them into
>/usr/bin and /usr/sbin simply overwriting anything that was there.
"Don't let idiots near your systems." Is my preferred approach to that; if
there are IT shops who do this *even to their Linux systems* then the state
of IT is *much* worse than I thought.
>I had a complete fit at the guy that did it and the IT director looked
>at me like I was a fish and simply said "...we do this with Linux
>systems all the time. Its called and upgrade."
>By the way, that V880 was an important production box for a major tier
>one car manufacturer in North America and it holds the development
>version of their web site. So think of all the cars and all the
>models and all the marketing media and 198 people that worked on those
>car sections and media etc etc. The sysadmin was a friend of the IT
>director and he simply did what ever he thought was the right thing to
>do on Linux. Pure hack and slash. I, on the other hand, try to stick
>to very draconian ways of ensuring system stability and reasonable
>performance. All of the Blastwave servers have separate /usr and /var
>and / and /export/home and /opt.
>
>If there is a doc that tells me to do otherwise, I really really want
>to see that.
If there isn't one, I'll write one :-).
But I'm certain our best practices now are something like:
/
/var - for servers only
/export - separate the users/data from the rest.
My laptops only have two partitions (except for swap and possible
liveupgrade stuff)
Casper
Casper
_______________________________________________
opensolaris-discuss mailing list
[email protected]
