| 1 |
Am 24.04.2013 12:48, schrieb Tanstaafl: |
| 2 |
> On 2013-04-23 1:59 PM, Neil Bothwick <neil@××××××××××.uk> wrote: |
| 3 |
>> On Tue, 23 Apr 2013 18:34:38 +0200, Florian Philipp wrote: |
| 4 |
>> |
| 5 |
>>>> So - first, is 5G way too big for the two /tmp dirs? I have lots of |
| 6 |
>>>> space, but hate waste |
| 7 |
> |
| 8 |
>>> If you worry about waste consider bind-mounting both from the same |
| 9 |
>>> partition and install quotas to avoid one filling up the other. |
| 10 |
>> |
| 11 |
>> Or set PORTAGE_TMPDIR to use /tmp. Then /var/tmp will be so small you |
| 12 |
>> can leave it as a sub-directory of /var. |
| 13 |
>> |
| 14 |
>> If this is a server, 5G is fine for this, but for a desktop it may need |
| 15 |
>> to be bigger, to accommodate LibreOffice builds. |
| 16 |
> |
| 17 |
> One thing I'm trying to do is make the system as secure as possible at |
| 18 |
> the filesystem level, and I've read that making /tmp and /var/tmp |
| 19 |
> separate partitions so you can mount them /nodev/noexec/nosuid is one |
| 20 |
> way to make things a bit more secure... |
| 21 |
|
| 22 |
noexec won't work for portage so put PORTAGE_TMPDIR somewhere else. |
| 23 |
|
| 24 |
> |
| 25 |
> On that note, I realized I can't make two /tmp's in lvm, so, I guess I |
| 26 |
> can make a vtmp, and just bind that to /var/tmp in fstab like: |
| 27 |
> |
| 28 |
> /dev/vg/vtmp /var/tmp ext4 nodev,noexec,nosuid 0 0 |
| 29 |
> |
| 30 |
> Will that work? |
| 31 |
|
| 32 |
Sure why not but you should set the pass column to 2 instead of 0. |
| 33 |
|
| 34 |
Regards, |
| 35 |
Florian Philipp |
Archives