what are the recommended partitions one should use when installing linux. i usually use 1. /boot 2./ 3.swap
i notice some people create separate partitions for /usr, /home , etc. why do they do that? is it more secure ???

1. You should not have a /boot partition. The /boot partition was a nasty hack to get around problems caused by poor planning and stupidity. A /boot partition is gay. Don't do it.

2. You don't need a seperate swap partition. You can use swap files instead. This is a matter of individual preference.

3. You really should (I might even say must, but I'll leave it at "should" for the time being) have a seperate /var partition, or else your box is horribly insecure against debial of service attacks and can be taken down quickly by the bad guys.

4. A seperate /home is a good idea, but not required. It makes it easier to back up your stuff and segregate your data and user stuff from the system stuff.

5. A seperate /usr isn't needed unless you have a specific need for it, in which case you'll know.

6. Some people also use seperate /usr/locals. This is personal preference. There's no real need for it.

SO i guess if i dont have a /boot partition i would be forced to use a boot disk? i dont really want to do that. Also about swap file, how can i enable that in linux. i know what you are talking about b/c i have a swap file in win9x.

Having to boot from floppy would depend on the version of Lilo you are using and how your drive(s) are partitioned.

Post the pertinent info and we can probably advise you.

If you are interested, the NHF on Swap Files (http://www.linuxnewbie.org/nhf/intel/filesys/fly_swapping.html) should be enough to get you going.

Originally posted by killerasp:
<STRONG>SO i guess if i dont have a /boot partition i would be forced to use a boot disk?</STRONG>

That's completely unrelated. The concept of a /boot partition was an ugly hack developed by Redhat years ago that no longer applies in the modern world.

This is a debate that will never have a clear answer..

For simplicity, all you really need is / and a swap.

Put a /home one in there too in case you need to reinstall linux for some reason.

Mine is set up as

/ 5GB
/home 4GB
SWAP 256MB


I have never had any problems, and I recently had to reinstall linux and the /home partition saved all my user files and configurations so that after the install my system looked exactly the same as it did before.

Originally posted by eXtremist:
<STRONG>For simplicity, all you really need is / and a swap.</STRONG>

You don't even need a swap partition. Swap files are much more flexible because they can be created/deleted on the fly.

You really should have a seperate /var, though, or else your box is horribly unsecure.

and why is that mcpherson ??? why is it so unsecure not to have a /var partition ??

[ 10 September 2001: Message edited by: MaGneTTo ]

/var bombing.

It's not the worst thing in the world, but it can temporarily fubar your system pretty bad.

like flooding it ???

Woudn't the "var bombing" only work if you have a webserver or some other daemons running?

I mean, if you had a linux box with zero daemons running, how would someone gain access to your var partition?

I have one outside daemon running (by outside I mean available to internet addresses) and that is SSH.. Am I still insecure?

Keep it simple of this is a workstation. Just do a small /boot, throw everything on / and save some space for the swap space, about 150% of the RAM you have.

If you intend on running httpd or other web related things, and this box will be taxed, then you should partition a seperate /var, and perhaps use swap files instead of swap space.

Originally posted by eXtremist:
<STRONG>I mean, if you had a linux box with zero daemons running, how would someone gain access to your var partition?</STRONG>

They can just send you certain malformed packets that the Linux kernel will always log. You're never safe unless you have all logging turned off or some sort of continuously-running log monitor.

If you're just a home user, it's unlikely that you'll be targeted for such an attack, though. I've had my home system targeted twice, though. If you don't offend as many people as I do, you probably don't have much to worry about.

Only twice? ;)

If this var bombing is a known takedown tactic, why isn't something added to the kernel to prevent it?

I mean, isn't that how software developing works? Find a flaw, then fix it? (remember, we're not talking about microsoft here..fix a flaw, add 10 more)

It's not a "bug", it's a fact of reality. If a UNIX box's root filesystem fills up, you can't log in, you can't start any programs, and you can't really do a darn thing to fix it other than booting from a rescue disk and cleaning up the mess. If /var is on a seperate partition, it's impossible for logs, e-mail, and other stuff to fill up the root partition. At worst, the /var partition will fill up which will cause a number of problems (logging will stop, e-mails will bounce), but you'll still be able to log in and fix them. There's not really anything that could be patched to make it safe to have /var on your root filesystem -- that's just the way it is.

hmm.. I always avoided a separate var partition because I don't run a server.. Maybe I should have added one..

There should be some kinda config option to limit the size of the directory.. Kinda like a quota.

Anyway, what's a good size for a var partition..? My var dir has reached a max of about 8MB, so I'm thinking something small (like 50MB maybe?)

[ 11 September 2001: Message edited by: eXtremist ]

That depends on how you do e-mail, how much heavy logging you do, and how often you rotate your logs.

/var will be fairly small at first, but logs will probably take up the largest chunk of /var on a non-server system. On a home system, you might want to rotate active logs daily and less-active logs (like e-mail error logs) weekly or monthly, and only keep 3 rotaions of backlogs.

On server systems, I like to have logrotate do double duty: in addition to rotating the active logs once a week and inactive logs once a month (this logrotate script actually runs ever day, so different logs will have their weekly rotation on different days), I also have a seperate logrotate script that rotates certain logs if they reach a certain size, even if it's not time for their weekly/monthly rotation, to help cut back on out of control logging. I keep 7 backlogs.

With that system, unless the logs get rotated extra times because of size, I always have the last 8 weeks of logs, and 8 months of those that I only rotate once a month (mail error logs, a log of all messages of CRIT level or higher, etc).

With me so far?

Then there's e-mail. If you receive your mail directly by running a mail server, you should factor that in to your estimate. If you use fetchmail to download your mail, remember that it also puts the mail in your mailbox in /var/spool/mail (by passing it off to the a mailserver, actually), so if you think it might be possible for you to get 100MB of e-mail at one time, factor it in.

Debian users might want to factor a full GB because downloaded packets are stored temporarily in /var/cache/apt until they're installed. This can get pretty big, so unless that directory is symlinked onto another filesystem, /var will need a lot of space.

Another added bonus of having both /var and /usr on seperate partitions is that you can mount the root filesystem read-only, which is good for securit, and can prevent programs from screwing with your configuration without permission. You simply switch it to read-write when you need to make changes or upgrades, then switch the system back to read-only when done.