# Best secure partitioning method

## Enigmatic

I'm setting up a server for a class at my school.  The goal is to have a fully operational server that will withstand several types of hacking attempts.  I choose gentoo since I fell in love with it at home, and I'm now looking for some advise.

We're going to partition and start the install tomorrow, and I'm trying to figure out the partitioning scheme currently.  I want to head off any drive filling and script kiddie style stuff.  I have a 40 gig hard drive to play with.

Here's the partiting I'm thinking of

/boot--------------------100 megs

swap--------------------400 megs

/-------------------------50 megs

/usr----------------------2 Gigs

/opt->/usr/local---------4 Gigs

/tmp----------------------100 megs

/var----------------------300 megs

|--/tmp - portage use---2 Gigs

/etc-----------------------300 megs

/root----------------------100 megs

/backup------------------2 Gigs (not usually mounted)

/home--------------------excess

----------

## kashani

That looks a little odd to me, but with out a little more info it's hard to say if it work or not.

swap and /tmp are the same thing

       The rule of thumb is 1.5-2.0x the amount of ram, I'd expect this to at least a 1GB with a server.

/ toss 500MB at it just in case

/ root at 100MB looked okay

/var is much too small. If you going to be running a server of any sorts this will fill up fast. 6GB or larger. I'd also blow off the /tmp-portage stuff and give the space to /var

/boot looked okay at 100MB

/opt... are you going to put anything special in it? 1GB

/usr at 2GB looks pretty good

/etc/ at 300MB looked okay

What's the purpose of the backup partition?

Personally I just give / 1GB and skip the /etc /opt/  and /root stuff.

kashani

----------

## Enigmatic

I didn't know swap and /tmp were the same.  Thanks for the info...

the backup partition is to toss all our config stuff and have it stored on a local space.  We'll also be holding backups offline, but this is just for our own ease.

as far as opt, I don't think there's anything magic going in there.  I was just trying to plan for anything that might show up.

I want a seperate /root partition to keep anyone from sending a e-mail bomb or something and filling up the /

----------

## puddpunk

You can make temp as big as you want. Just try and enable Quotas, and keep it seperate from "working" partitions (i.e. usr, var etc...) and you shouldn't have any trouble.

Check the Gentoo Security Guide, it's in the Docs section of the main website. IIRC, it had something about partitioning.

----------

## Allaa-Z

What do you mean by 'swap and /tmp is the same thing'? of course they are not! 

I suggest to have a swap partition of 4x your ram size. The current VM is doing very well swapping and it can (depending on your application) use 4x memory swapping with acceptable performance.

----------

## tukem

And when setting /usr size don't forget that /usr/portage can get quite big unless you're actively emptying /usr/portage/distfiles. In gentoo there are also a lot of library files that take up space.

On my P120 48MB "server" machine which have X installed (no KDE or Gnome though  :Wink: ) /usr takes 1.8GB. I recently emptied /usr/portage/distfiles so now it takes only 97MB.

----------

## splooge

IIRC /etc has to be off the root partition so the kernel can read configuration files on bootup.

I may be way wrong here though =)

----------

## tgoodaire

First of all, /tmp and swap aren't the same. I don't know where that idea came from, but it's wrong.

The old rule for swap is that it should be twice the amount of RAM you have. Now that it's common to have 256 or 512 or more, the rule doesn't make sense. Think about it. If you have 512MB or RAM, you probably won't even use all of it, let alone the recommended 1GB for swap. I usually allow 150MB or so for swap in any machine with more than 128MB of RAM.

300MB for /var should be plenty. Even with servers installed. The only server-related stuff that will take up any space is mail spool files. Even then, 300MB of mail is a lot. I usually make my /var 100MB, but I'm only delivering local email. It really depends on what you're going to be using the server for. If you'll be handling email for a bunch of email accounts, adjust your /var partition accordingly.

Likewise, 300MB for /etc is pretty massive. (It's just text files in there after all). This should be part of the / partition, as it needs to be accessed at boot time. (/etc/init.d/ /etc/fstab /etc/inittab...)

100MB for /boot is pretty big too. I know that in the portage install docs it recommends that, but even with two kernels in mine (stable and testing), I'm only taking up 12MB. I usually make my /boot partition 30MB, which is way more than you'll need.

Having seperate partitions for /usr and /usr/local is a great idea. I do this on my servers too. After you've installed everything, you can have /usr mounted as read-only at boot-time for security reasons. 

I also use a /var/tmp partition for portage to build in. Mine is 1GB.

Here's how I have my 40GB harddrive partitioned:

/		1GB		117MB used

/var		100MB	26MB used 

/tmp 		100MB	18K used

/var/tmp	1GB		166MB used

/usr		2GB		906MB used

/usr/local	1GB		Nothing there. Yet.

/home	the rest

This is with apache, mysql, php, qmail, proftp installed.

----------

## honold

if you're discussing partition/mount schemes for SECURITY purposes, look at mounting nosuid for openers.

use openbsd 3.3 for hints.

----------

## Chris W

The idea that /tmp and swap are the same thing come from the Solaris world where this is the case.  On Solaris /tmp is truly temporary, and does not survive reboot.  This is not the case with Gentoo or any other Linux I've dealt with.

----------

## antik

 *Allaa-Z wrote:*   

> What do you mean by 'swap and /tmp is the same thing'? of course they are not! 
> 
> I suggest to have a swap partition of 4x your ram size. The current VM is doing very well swapping and it can (depending on your application) use 4x memory swapping with acceptable performance.

 

I recommend /tmp 1-2GB and mount it for security reasons with noexec option.

----------

## dweigert

You are correct that Solaris defaults to using tmpfs (which builds in swap), but experienced admins NEVER use it.   What the heck happens if you fill up swap by using LARGE amounts of space in /tmp????

They were idiots for that.

Dan 

(Unix admin since 1984)

----------

## wallace1819

One really can not answer this question with out knowing what this server is going to be serving.  Secure partitioning schemes usually differ based on the purpose of the machine and its expected load. There are some secure partitioning basics though. 

IMHO...

/boot = noauto (100MB is usually more than adiquite)

swap = twice the amout of RAM with a 256MB max

/tmp = noexec nosuid

/var/tmp = (the portage temp work directories should not be on the same partition as your logs!)

/var = noexec nosuid (the size of this depends on the load and how often the logs are backed up.  A little family website obviously does not generate the same amount of logs as a major e-commerce site!) 

/

Depending on what the machine will be used for...

/home (if lots of other users)

/<root dir of web server> (if a web server)

/<root dir of ftp> (if ftp server)

/<mail dir> (if mail server)

/opt or /usr/local (if many users or if the machine is acting as a workstation and would have OO or java etc...)

It also depends on how secure you need to be.  Security is a balance between safety and accessability.  Partitioning for security and partitioning for administration are very different.  Some partitioning schemes are really secure but make backups and administration a major headache.  For example, you could mount your binary dirs ro exec and only mount them rw when you need to update the system. 

hope this helps,

wallace

----------

## kashani

 *Chris W wrote:*   

> The idea that /tmp and swap are the same thing come from the Solaris world where this is the case.  On Solaris /tmp is truly temporary, and does not survive reboot.  This is not the case with Gentoo or any other Linux I've dealt with.

 

Oh good. I kept trying to figure out where I got that idea and I hadn't had to do any real admin work on a Sun box is 2 years. Thanks for the correction.

kashani

----------

## kashani

 *tgoodaire wrote:*   

> 
> 
> 300MB for /var should be plenty. Even with servers installed. The only server-related stuff that will take up any space is mail spool files. Even then, 300MB of mail is a lot. I usually make my /var 100MB, but I'm only delivering local email. It really depends on what you're going to be using the server for. If you'll be handling email for a bunch of email accounts, adjust your /var partition accordingly.
> 
> 

 

I'm still a proponent for a larger /var partition, maybe not 6GB for the average user, but still much bigger than 300MB.

1. MTA. The queue is usually in /var so large mails, if you accept them, could cause problems.

2. MySQL and Postgres both have db files in /var

3. Logs, logs, and more logs. With my small apache site, 2 months of logs is 90MB. Granted I just noticed some wacky things in those logs that I should fix in my scripts and server, but a moderate site could chew though through quite a bit of your /var

4. squid caches in /var

Not that anyone will likely see anything near this, but it's my morning tribluation today and it's sort of amusing... at least I didn't run out of inodes again.

[root@laxlxmx01 root]# du -sh /var/qmail/queue/

5.2G    /var/qmail/queue

kashani

----------

## tgoodaire

You could always rotate your logs with logrotate. Then they wouldn't get to be that big. There's no need to have that much logging information hanging around. Rotate your logs regularly, and back them up somewhere if you really want them.

----------

## kashani

 *tgoodaire wrote:*   

> You could always rotate your logs with logrotate. Then they wouldn't get to be that big. There's no need to have that much logging information hanging around. Rotate your logs regularly, and back them up somewhere if you really want them.

 

	Sure, sure. I think it's more design philosophy at this point. I take the approach that someone, some program, whatever is going to screw up. Will a 300 MB /var partition protect me from Murphy's Law as well as a 2GB partition? If I fill /home what's the worse that happens? The users might not be happy, email blocks, and some other not so great things. If /var fills up the server becomes very unhappy, load shoots to 200 depending on what's running, I might not be able to log onto the box, etc.

kashani

----------

