1 |
In the beginning there were root (/bin) and /usr programs |
2 |
|
3 |
See UNIX Programmer's Manual (Thompson, Ritchie, November |
4 |
1971). [http://cm.bell-labs.com/cm/cs/who/dmr/manintro.pdf] |
5 |
|
6 |
/usr programs were "not considered part of the UNIX system" |
7 |
[bottom of page ii]. |
8 |
|
9 |
Root (/) contained all the system files and configuration; |
10 |
/usr all the user's files. |
11 |
|
12 |
In the UNIX V7 manuals hosted here: |
13 |
http://plan9.bell-labs.com/7thEdMan/bswv7.html |
14 |
Dennis Rtichie suggests moving binary files from root (/bin) |
15 |
to /usr/bin because it might speed up systems: |
16 |
See page 152 of UNIX Version 7, Volume 2B |
17 |
UNIX Programmers Manual. |
18 |
|
19 |
Hence, he suggests leaving only maintenance binary files in |
20 |
root (see para. 3 under Disk Layout, Pg. 152). |
21 |
|
22 |
The most important remark comes in paragraph 2 of the disk |
23 |
layout page: |
24 |
|
25 |
"There are two considerations in deciding how to adjust the |
26 |
arrangement of things on your disks: the most important is |
27 |
making sure there is adequate space for what is required; |
28 |
secondarily, throughput should be maximised." |
29 |
|
30 |
|
31 |
|
32 |
For me the argument is about what gets mounted in which way. |
33 |
I want to be able to ensure filesystems are mounted to prevent |
34 |
potential privilege escalation. |
35 |
Consequently, I have split my Gentoo system with the following |
36 |
settings. |
37 |
|
38 |
At boot /usr is present in / (on same partition) |
39 |
/tmp is mounted nosuid from a separate partition |
40 |
/var is mounted nosuid from a separate partition |
41 |
/home is mounted nosuid from a separate partition |
42 |
|
43 |
/bin and /sbin programs that do not require root authority |
44 |
are all marked nosuid. |
45 |
|
46 |
None of the executables/configuration files in / or /usr are |
47 |
user-writable. |
48 |
|
49 |
umasks are 077. |
50 |
|
51 |
On my backup server, /home is mounted noexec, nosuid. |
52 |
|
53 |
Personally I like the split between /bin and /usr/bin and /sbin |
54 |
and /usr/sbin - provided ports maintainers stick to an |
55 |
understanding that /bin is for maintenance files and /usr/bin |
56 |
is for user application files (i.e. applications used by users). |
57 |
|
58 |
/sbin and /usr/sbin should segregate root's/system maintenance |
59 |
executables and root's/system application executables. |
60 |
|
61 |
|
62 |
Although I am not sure at all that executables have been so |
63 |
split by recent developers/maintainers (a lot of time has passed)... |
64 |
|
65 |
It would be nice if a sensible structure could be proposed and |
66 |
agreed by ALL Linux distributions (coordinated with BSD). |
67 |
|
68 |
For me, it is a credit to Ken and Dennis' vision that they foresaw |
69 |
the benefit of file permissions, including suid and sgid and the |
70 |
EXCEPTIONALLY BRILLIANT idea of the sticky bit for /tmp. |
71 |
|
72 |
It is incredible that they came up with much of this structure in |
73 |
1969 - 1978. |
74 |
|
75 |
"Progress, far from consisting in change, depends on retentiveness. |
76 |
When change is absolute there remains no being to improve and |
77 |
no direction is set for possible improvement: and when experience |
78 |
is not retained, as among savages, infancy is perpetual. |
79 |
Those who cannot remember the past are condemned to repeat it." |
80 |
SATAYANA |
81 |
|
82 |
Those querying a separate /usr partition or otherwise might like to |
83 |
peruse UNIX Version 7 UNIX Programmers manual, Volume 2A: |
84 |
UNIX for Beginners (Brian W. Kernighan) |
85 |
Page 46 of this PDF: http://plan9.bell-labs.com/7thEdMan/v7vol2a.pdf |
86 |
|
87 |
I LIKE THE IDEA of a separate /usr partition - but that is from a |
88 |
mounting file-systems perspective rather than relying on the history |
89 |
of UNIX... |
90 |
|
91 |
Live free or die - UNIX. |
92 |
|
93 |
Mike |
94 |
|
95 |
|
96 |
|
97 |
|
98 |
On 18/07/12 18:35, Canek Peláez Valdés wrote: |
99 |
> As William pointed out, this is just another silly rationalization |
100 |
> done after the fact. But, just for argument's sake, lets suppose that |
101 |
> "usr" was named like that because it was the acronym for "UNIX System |
102 |
> Resources". |
103 |
> |
104 |
> *Who cares about that now?* It was 43 years ago. My cellphone is |
105 |
> thousands of times faster than the PDP-7 Unix was originally developed |
106 |
> for, and it has millions of times more storage. The length |
107 |
> restrictions imposed on system directories are completely superfluous |
108 |
> now. |
109 |
> |
110 |
> All the arguments for keeping /bin, /sbin, /usr/bin, and /usr/sbin |
111 |
> separated are really instances of the Chewbacca defense [1]. They just |
112 |
> don't make any sense. |